First of all, what is encryption? Encryption, otherwise known as cryptography in academic circles, is the process of taking a message and "scrambling it" in such a way that people who may be listening in or watching the connection can not see what is happening. In general, by encrypting the message, only the intended recipients can actually decrypt the message because only they will know the "key" that unlocks the encryption.
The key to unlock an encrypted message, which your encryption program may let you specify as a word or a pass-phrase, actually gets turned into a number. This number, like every thing on a computer, is stored in a series of ones or zeros. The number of ones and zeros or bits that make up the "key" determine the number of possible key combinations there are to unlock the encrypted message. If there are a small number of possible key combinations, then it's a lot easier to just use the "brute force" method and try every possible encryption key until you get an intellegible message. If the number of possible key combinations are large, then it becomes a time-consuming task to try every possible encryption key.
Currently, our government allows us to export 40-bit encryption beyond our borders without a special license. A 40-bit encryption key gives nearly 1.1 trillion possible combinations for the key. Sounds like a lot? As fast as computers are these days, it's pretty easy to take one computer or a bunch of computers and try all 1.1 trillion combinations until a legible result is found. And as computers get faster (currently, processor speed is doubling every other year or so), this can be broken much quicker as time progresses.
By adding a single bit to a 40-bit encryption key, you double the number of possible keys to nearly 2.2 trillion. The more bits, the more possible combinations and the harder it is to guess the key by brute force. A 1024-bit encryption key, often used in PGP Public Key crypto systems, has something on the order of 1.7 x 10^313 possible key combinations (or the numbers 1 and 7 followed by 312 zeros). In other words, using 1024-bit encryption keys, it's gonna take a long time to figure out messages encoded using those keys.
Many encryption methods use the same "key" to scramble the message as they use to "descramble" the message. This technique is often employed by what are referred to as "cipher transformations." They are very fast, but they rely on agreeing upon an encryption key beforehand, something that can be hard to do. So how do two people who have never met before talk in a secure, encrypted fashion? Public Key Cryptography is the answer.
Public Key Cryptography, used in the RSA encryption scheme and those implemented by the popular freeware encryption program called PGP (Pretty Good Privacy), does not rely on a single key to encrypt data. Instead, they use "public and private" keys. The names "public" and "private" are apt because they describe how the various encryption keys are used. The "public" key is known to everyone. The "private" key is only known by the person whose key it is. The public and private key have a special relationship that allows messages to be encrypted with one of these keys and be decrypted by the other. It is also impossible to determine the private key given only the public key.
Let's say I want to send an encrypted message to Scott. I go get Scott's public key either from Scott or some trusted third party. I take a message and encrypt it with his public key. Scott can then take his private key (which only he knows) and decrypt the message. If he wants to send an encrypted reply to me, he gets my public key, encrypts a message with it, and send it back to me. I take my private key, decode the message, and read the reply.
Public Key Cryptography also allows me to "sign" a message in such a way that anyone can verify only I could have signed it (a sort of "digitial signature.") If I encrypt a message with my private key, anyone can "decrypt" the message with my public key. Since only I know my private key and it is impossible to obtain my private key given my public key, you can be pretty sure this message came from me. Given how easy it is to spoof electronic documents, the ability to verify who did something is very important.
Cryptography is not, by any means, a foolproof means for protecting data since brute force methods can be used to break the encryption. It does, however, significantly decrease the likelihood that the data will be seen by people it should not be seen by. Key sizes will have to increase as computers get faster and faster to decrease the odds of breaking the code of an encrypted message by "brute force."