By MC

Symmetric vs. Asymmetric Encryption

Symmetric vs. Asymmetric Encryption
Photo by Wonderlane / Unsplash

The main purpose of encryption is to convert human-readable plaintext into ciphertext (human-unreadable text) using a key. The message is scrambled from malicious actors and it can only be read by people with access to the key. Data can be encrypted when it is stored or when it is in transit (i.e. sent over the wire).

There are two types of encryption:

  • Symmetric Encryption
  • Asymmetric Encryption

Symmetric Encryption

Symmetric Encryption uses a single key to encrypt and decrypt messages. Both the sender and receiver of the message must have access to the same key in order to encrypt and decrypt messages.

Let's see Symmetric Encryption in action:

  1. If Luke is to send John a message, he would first generate a key and share this with John
  2. The message "Hello John" is encrypted using the key
  3. In order for John to decrypt the message back to its original form he will use the same key

If John was to send a message back to Luke, the same process is repeated. While Symmetric Encryption is faster and easier to use, it is less secure. If the key is compromised then data can be easily decrypted by anyone. Asymmetric Encryption solves this problem.

Asymmetric Encryption

Asymmetric Encryption uses a public-private key pair. Data is encrypted using the public key while the private key is used to decrypt the data.

Let's see Asymmetric Encryption in action:

  1. Both Luke and John create a public-private key pair each. Luke shares his public key with John and John shares his public key with Luke. Luke keeps his private key to himself and the same applies for John.
  2. If Luke was to send a message to John, he would encrypt the message "Hello John" using John's public key
  3. In order for John to decrypt the message back to its original form he will use his private key

If John was to send a message back to Luke, he would encrypt the message "Hello Luke" using Luke's public key. In order for Luke to decrypt the message back to its original form he will use his own private key.

Although Asymmetric Encryption is more secure, it is complex, slow and not the best solution for encrypting large amounts of data. A hybrid encryption approach (Hybrid Cryptosystem) could be used to solve this problem which combines the benefits of both Symmetric and Asymmetric Encryption.

Previous

API Rate Limiting

 Next

Term Frequency-Inverse Document Frequency