xatoxi logos
xatoxi logos

5. Symmetrical vs Asymmetrical

Asymmetric encryption is also known as public key cryptography, which is a relatively new method, compared to symmetric encryption. Asymmetric encryption uses two keys to encrypt a plain text. Secret keys are exchanged over the Internet or a large network. It ensures that malicious persons do not misuse the keys. It is important to note that anyone with a secret key can decrypt the message and this is why asymmetric encryption uses two related keys to boosting security. A public key is made freely available to anyone who might want to send you a message. The second private key is kept a secret so that you can only know.

A message that is encrypted using a public key can only be decrypted using a private key, while also, a message encrypted using a private key can be decrypted using a public key. Security of the public key is not required because it is publicly available and can be passed over the internet. Asymmetric key has a far better power in ensuring the security of information transmitted during communication.

Asymmetric encryption is mostly used in day-to-day communication channels, especially over the Internet. Popular asymmetric key encryption algorithm includes EIGamal, RSA, DSA, Elliptic curve techniques, PKCS. This means today’s public-key encryption protocols, like Secure Socket Layer (SSL) and Transport Layer Security (TLS), are sufficiently secure against most modern technology. But that won’t last. Quantum computers running Shor’s algorithm will be able to break those math-based encryption systems rapidly.

The safest method of encryption is called asymmetrical cryptography; this requires two cryptographic keys — pieces of information, usually very large numbers — to work properly, one public and one private. The mathematics here are complex, but in essence, you can use the public key to encrypt the data but need the private. Think of the public key as information about the location of a locked mailbox with a slot on the front, and the private key as the key that unlocks the mailbox. Anyone who knows where the mailbox is can put a message in it; but for anyone else to read it, they need the private key.

Because asymmetrical cryptography involves these difficult mathematical problems, it takes a lot of computing resources, so much so that if you used it to encrypt all the information in a communications session, your computer and connection would grind to a halt. TLS gets around this problem by only using asymmetrical cryptography at the very beginning of a communications session to encrypt the conversation the server and client have to agree on a single session key that they'll both use to encrypt their packets from that point forward. Encryption using a shared key is called symmetrical cryptography, and it's much less computationally intensive than asymmetric cryptography. Because that session key was established using asymmetrical cryptography, the communication session as a whole is much more secure than it otherwise would be.

Both the RSA and Elliptic Curve Diffie-Hellman asymmetric algorithms which set up the TLS exchange will succumb to Shor’s algorithm on a sufficiently large quantum computer. While a quantum computer of that size and stability may be 5 to 15 years off, cryptographers from around the world are already working to identify new, quantum-safe algorithms.

© Xatoxi LTD 2023, All Rights Reserved.