Plaintext
What is Plaintext?
PlaintextReadable, unencrypted form of data that is the input to encryption and the output of correct decryption.
Plaintext is the original, human- or machine-readable representation of information before encryption is applied or after it has been correctly decrypted. In cryptographic protocols the term is used to distinguish data inside the trust boundary from ciphertext that may safely traverse hostile channels. Plaintext also commonly refers to passwords or secrets stored without hashing or encryption, which is a major security failing. Defensive practices include encrypting plaintext at rest with strong AEAD ciphers, encrypting in transit with TLS, redacting plaintext from logs and error messages, and never sending sensitive plaintext in URLs or referrer headers.
● Examples
- 01
A password value passed in JSON before TLS encrypts the request.
- 02
Logs that accidentally print a credit card number in plaintext.
● Frequently asked questions
What is Plaintext?
Readable, unencrypted form of data that is the input to encryption and the output of correct decryption. It belongs to the Cryptography category of cybersecurity.
What does Plaintext mean?
Readable, unencrypted form of data that is the input to encryption and the output of correct decryption.
How does Plaintext work?
Plaintext is the original, human- or machine-readable representation of information before encryption is applied or after it has been correctly decrypted. In cryptographic protocols the term is used to distinguish data inside the trust boundary from ciphertext that may safely traverse hostile channels. Plaintext also commonly refers to passwords or secrets stored without hashing or encryption, which is a major security failing. Defensive practices include encrypting plaintext at rest with strong AEAD ciphers, encrypting in transit with TLS, redacting plaintext from logs and error messages, and never sending sensitive plaintext in URLs or referrer headers.
How do you defend against Plaintext?
Defences for Plaintext typically combine technical controls and operational practices, as detailed in the full definition above.
● Related terms
- cryptography№ 173
Ciphertext
Output of an encryption algorithm: data that should be unintelligible to anyone without the correct key.
- cryptography№ 379
Encryption
The cryptographic transformation of plaintext into ciphertext using an algorithm and key so that only authorized parties can recover the original data.
- cryptography№ 294
Decryption
The reverse cryptographic operation that converts ciphertext back into its original plaintext using the appropriate algorithm and key.
- cryptography№ 171
Cipher
Algorithm that transforms plaintext into ciphertext (encryption) and back (decryption), parameterized by one or more cryptographic keys.
- cryptography№ 1121
Symmetric Encryption
An encryption scheme in which the same secret key is used for both encryption and decryption, offering high speed and strong confidentiality when the key is shared securely.