Message digests may ensure integrity of a message, but they can't be used to ensure the confidentiality of a message. For that, we need to use private key cryptography to exchange private messages.

Consider this scenario: Alice and Bob each have a shared key that only they know and they agree to use a common cryptographic algorithm, or cipher. In other words, they keep their key private. When Alice wants to send a message to Bob, she encrypts the original message, known as plaintext, to create ciphertext and then sends the ciphertext to Bob. Bob receives the ciphertext from Alice and decrypts the ciphertext with his private key to re-create the original plaintext message. If Eve the eavesdropper is listening in on the communication, she hears only the ciphertext, so the confidentiality of the message is preserved.

You can encrypt single bits or chunks of bits, called blocks. The blocks, called cipher blocks, are typically 64 bits in size. If the message is not a multiple of 64 bits, then the short block must be padded (more on padding at What is padding?). Single-bit encryption is more common in hardware implementations. Single-bit ciphers are called stream ciphers.

The strength of the private key encryption is determined by the cryptography algorithm and the length of the key. If the algorithm is sound, then the only way to attack it is with a brute-force approach of trying every possible key, which will take an average of (1/2)*2*n attempts, where n is the number of bits in the key.

When the U.S. export regulations were restrictive, only 40-bit keys were allowed for export. This key length is fairly weak. The official U.S. standard, the DES algorithm, used 56-bit keys and this is becoming progressively weaker as processor speeds accelerate. Generally, 128-bit keys are preferred today. With them, if one million keys could be tried every second, it would take an average of many times the age of the universe to find a key!