Cryptographic systems are currently divided into two major fields of study: symmetric and asymmetric cryptography. While symmetric encryption is often used as a synonymous of symmetric cryptography, asymmetric cryptography embraces two primary use cases: asymmetric encryption and digital signatures.
Therefore, we may represent these groups as follows:
- Symmetric key cryptography
- Symmetric encryption
- Asymmetric cryptography (or public-key cryptography)
- Asymmetric encryption (or public-key encryption)
- Digital signatures (may or may not include encryption)
This article will focus on symmetric and asymmetric encryption algorithms.
Symmetric vs. asymmetric encryption
Encryption algorithms are often divided into two categories, known as symmetric and asymmetric encryption. The fundamental difference between these two methods of encryption relies on the fact that symmetric encryption algorithms make use of a single key, while asymmetric encryption makes use of two different but related keys. Such a distinction, though apparently simple, accounts for the functional differences between the two forms of encryption techniques and the ways they are used.
Understanding encryption keys
For example, if Alice sends Bob a message that is protected by symmetric encryption, she needs to share the same key she used for encryption with Bob so that he can decrypt the message. This means that if a malicious actor intercepts the key, they are able to access the encrypted information.
However, if Alice uses an asymmetric scheme instead, she encrypts the message with Bob’s public key, so Bob will be able to decrypt it with his private key. Thus, asymmetric encryption offers a higher level of security because even if someone intercepts their messages and finds Bob’s public key, they are not able to decrypt the message.
Another functional difference between symmetric and asymmetric encryption is related to the length of the keys, which are measured in bits and are directly related to the level of security provided by each cryptographic algorithm.
In symmetric schemes, the keys are randomly selected, and their lengths are usually set at 128 or 256 bits, depending on the required level of security. In asymmetric encryption, however, there must be a mathematical relationship between the public and private keys, meaning that there is a mathematical pattern between the two. Due to the fact that this pattern can potentially be exploited by attackers to crack the encryption, asymmetric keys need to be much longer to present an equivalent level of security. The difference in key length is so pronounced that a 128-bit symmetric key and a 2,048-bit asymmetric key offer roughly similar levels of security.
Advantages and disadvantages
Conversely, asymmetric encryption solves the problem of key distribution by using public keys for encryption and private keys for decryption. The tradeoff, however, is that asymmetric encryption systems are very slow by comparison to symmetric systems and require much more computing power as a result of their vastly longer key lengths.
Because of its greater speed, symmetric encryption is widely used to protect data in many modern computer systems. For example, the Advanced Encryption Standard (AES), is used by the United States government to encrypt classified and sensitive information. The AES replaced the previously Data Encryption Standard (DES), which was developed in the 1970s as a standard for symmetric encryption.
Asymmetric encryption can be applied to systems in which many users may need to encrypt and decrypt a message or set of data, especially when speed and computing power are not primary concerns. One example of such a system is encrypted email, in which a public key can be used to encrypt a message, and a private key can be used to decrypt it.
In many applications, symmetric and asymmetric encryption are used together. Typical examples of such hybrid systems are the Security Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols, which were designed to provide secure communication within the Internet. The SSL protocols are now considered insecure and its use should be discontinued. In contrast, the TLS protocols are deemed safe and have been extensively used by all major web browsers.
Do cryptocurrencies use encryption?
Therefore, not all digital signature systems make use of encryption techniques, even if they present a public and a private key. In fact, a message can be digitally signed without being encrypted. The RSA is one example of an algorithm that can be used for signing encrypted messages, but the digital signature algorithm used by Bitcoin (named ECDSA) does not use encryption at all.
Both symmetric and asymmetric encryption play important roles in keeping sensitive information and communications secure in today's digitally dependent world. Though both can be useful, they each have their own advantages and disadvantages and so are put to different applications. As the science of cryptography continues to evolve to defend against newer and more sophisticated threats, both symmetric and asymmetric cryptographic systems will likely remain relevant to computer security.