A cipher is the algorithm that does the actual work of encryption. It defines how to convert readable plaintext into scrambled ciphertext, and how to reverse the process, with the transformation controlled by a key. The key is the secret; the cipher itself is just a procedure. Changing the key changes the output without changing the algorithm.
Classical ciphers fall into two families. Substitution ciphers replace each symbol with another, as in a simple shift of the alphabet, while transposition ciphers keep the symbols but rearrange their order. Both are easy to describe and were used for centuries, but on their own they leak statistical patterns that make them breakable. Shannon’s 1949 secrecy-systems paper analyzed exactly these mechanisms and showed mathematically how much information they reveal.
Modern ciphers are far stronger and come in two main types. Block ciphers, such as AES, encrypt fixed-size blocks of data at a time; stream ciphers encrypt data continuously, one bit or byte at a time. NIST specifies the approved block ciphers and modes of operation in its cryptographic standards, which is how a single well-studied algorithm becomes the basis for protecting data everywhere.
A good modern cipher combines substitution and transposition-like steps over many rounds, following Shannon’s principles of confusion and diffusion, so that the relationship between key, plaintext, and ciphertext is too tangled to unravel without the key. The security rests on the key remaining secret, not on the cipher being unknown.