General Blog

Symmetric Encryption vs Asymmetric Encryption


Symmetric Encryption

A single, shared key is used to both encrypt and decrypt the data. You’ll want to handle this key with caution and only share it to those that need access to that data.

Pros:

  • Works great if we only need to secure data for a single machine or a single user.
  • Very fast to use. Uses little resources.
  • Because of this, it is efficient for large data.

Cons:

  • Does not scale very well. Since users must have the key to encrypt/decrypt the information, this key needs to be shared around to everybody who uses it, making it a lot harder to manage and keep secure.
  • Since you don’t want to make this single key public, actually sharing the key so that people can encrypt their communication to you can be difficult and opens the door for the key to be stolen by an intruder.

What are some algorithms that use this type of encryption?

  • AES (Advanced Encryption Standard)
  • DES (Data Encryption Standard)
  • Twofish
  • Serpent

Great, so when would you actually use this type of encryption?

While symmetric encryption is an older method of encryption, it is faster and more efficient than asymmetric encryption, which takes a toll on networks due to performance issues with data size and heavy CPU use. Due to the better performance and faster speed of symmetric encryption (compared to asymmetric), symmetric cryptography is typically used for bulk encryption / encrypting large amounts of data, e.g. for database encryption. 

  • This is a great solution for data at rest. If the data is already present, you have no need to transfer it (and therefor transfer your encryption keys).
  • Payment applications where there are card transactions and PII needs to be protected.
  • Validations to confirms that the sender of the message is who they claim to be.
  • Random number generation or hashing for password storage.

Asymmetric Encryption

Oftentimes referred to public key cryptography. Unlike Symmetric Encryption, two keys are needed in Asymmetric Encryption. You have a private key that you never share with anybody else. Then, there is a public key that everybody can use. Anybody can see it, so you don’t need to worry about securing it. You can’t derive the private key from the public key.

The idea behind this is that anybody can encrypt data with your public key (since the key is readable by anybody), but the only key that can decrypt that data is the private key owned and secured by you. This means that only you should be able to decrypt the data because, in theory, nobody else would have the private key.

Pros:

  • Public key can be shared, resolving the problem of securely transporting keys.
  • Allows you to create secure encrypted channels across multiple devices and users a lot easier.

Cons:

  • Very resource intensive. Takes a lot of time to properly decrypt the message.
  • Because it’s slow, designed for small data. Inefficient for large data.

So what are some algorithms that use this type of encryption?

  • RSA
  • Diffie-Hellman
  • TLS

Great, so when would you actually use this type of encryption?

Asymmetric encryption is best useful in cases where data is in transit, or to create digital signatures that provide a layer of validation and security to messages sent through a non-secure channel.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s