• Home  / 
  • Internet
  •  /  Symmetrical vs. Asymmetrical encryption

Symmetrical vs. Asymmetrical encryption

Symmetrical vs. Asymmetrical encryption

Have you ever wondered about symmetric and asymmetric encryption? Some of you probably have never heard these terms before, and that would not surprise me a bit.

However, recently, people have questioned the security of personal information and data on the Internet. Debates are ongoing, but it’s crystal clear that both hackers and legitimate companies can find loopholes to squeeze through and misuse a user’s correspondence.

In this situation, it’s natural to wonder how you can prevent someone from snooping through your emails or documents.

So, today we’re going to talk about symmetric and asymmetric encryptions and what the difference between them is. Keep on reading if you’re interested in learning something new!

Why do we need encryption?

In a perfect world, we wouldn’t need to worry about someone stealing our personal data, opening our emails, or hacking our bank accounts. Unfortunately, we don’t live in this imaginary world, and we need measures to protect any valuable information. That’s why we need encryption.

Encryption is a very old method for protecting data going back to ancient times. For example, Caesar used a shift cipher to encrypt his correspondence. During wartime, codes and ciphers were also widely employed to prevent the enemy from gaining an advantage.

In modern times, we talk about cryptography – encrypting data using complicated and advanced mathematical principals. However, the purpose is the same – prevent sensitive information from falling into the wrong hands.   

Sadly, any unencrypted data you send over the Net is vulnerable and readable, which means that hackers will have no problem stealing confidential information or learning some juicy gossips.

That’s where encryption comes into play. It scrambles the data in such a way that it’s unreadable to outsiders – e.g., people it’s not intended for.

Instead of access to your data, the hackers or anyone scooping will get a bunch of random words, letters, numbers, or a combination of those. And without the right key or cipher, they won’t be able to make sense of the data.

What is symmetric encryption?

Symmetric encryption is one of the easiest encryption methods and as a consequence, not very reliable. Let’s say that you want to send your friend a file, containing some company’s secrets that no one else should know. What would you do?

You’ll use an encryption program to lock the file with a password and then send the file to your friend. However, the said friend can’t open the file because he doesn’t know the password. You have to send it to him. And here comes the question of how to send the passkey without other parties stealing it.

That’s the major weakness of symmetric encryption. Both parties have to exchange the same key (password) if they want to be able to decipher the messages. And that’s risky because it will be easy for a hacker to obtain the key.

If that happens, the hacker will be able to decipher all messages you send and receive. You’ll be none the wiser until the damage is done.

So, to summarize symmetric encryption requires one key to cipher and decipher the content, which both parties have to exchange.

What is asymmetric encryption?

As you start to understand, symmetric encryption is not sufficient to protect your data from malevolent intentions. That’s where asymmetric encryption enters the picture. It’s a relatively new conception if we compare it to traditional encryption methods, but it’s far more efficient.

Unlike symmetric, asymmetric encryption requires two keys – public and private. They are derived using an algorithm, for example:

  • RSA
  • DSA
  • ECC

The public and private key are linked together mathematically. This link means that a document encrypted with a public key can only be opened with the corresponding private key.

I’ll illustrate it with an example. You probably have a mailbox in front of your house. Well, everyone knows that mailbox, and they can leave you a letter if they wish. However, they can’t open it because only you have the key for it.

Now think about your mailbox as your private key. It’s available to all people who would be interested in sending you a document or a file. However, hackers can’t get into it because they don’t have the private key.

So, let’s say that you still have to send your friend sensitive files, but this time you’re going to use asymmetric encryption. First, you have to exchange your public keys. In other words, you will have your friend’s public key, and he will keep yours. It’s similar to giving people your address and receiving theirs in return.

After you’ve exchanged the keys, you encrypt the document using your friend’s public key. You do not use your public key to protect the document because your public key is linked to your private one, not your friend’s. So, if he receives a file encrypted with your key, he won’t be unable to unlock it.

By using asymmetric encryption, you ensure that the only person capable of unlocking the document is the owner of the private key corresponding to the public one. Even you – the person who has encrypted the document - can’t decipher it because you don’t have the private key.

I know what you’re thinking. If the keys are mathematically linked can’t someone derive your private key from the public one? Well, that’s impossible because you deal with large random numbers. You can easily generate a private key using a public one, but you can’t do it in reverse, at least for now.

One more thing worth mentioning as an advantage of asymmetric encryption is that if someone hacks your private key, he can’t read what you’ve sent other people. The hacker will be able to access all messages send to you and encrypted with your public key, but not the ones intended for other people.

Where is asymmetric encryption used?

Until now we talked about asymmetric encryption as a way of protecting personal correspondence. However, that’s far from the only use it has, and it’s widely employed in places where security is of primary importance.

For example, we have Bitcoin, which relies heavily on asymmetric encryption to ensure that transactions won’t be hacked or falsified. Bitcoin wallets generate public keys, which you give to people, while you keep your private key hidden. Other examples include:

  • HTTPS – when you see a website, whose address starts with HTTPS, it means that it’s encrypted and protected.
  • SSH – a cryptographic protocol, which allows you to operate network services when the network is not secure
  • PGP/GPG

You can watch this video for more information:

As you can see, asymmetric encryption is difficult to crack and offers more security than symmetric encryption. However, that might change in the future because hackers also keep security experts on their toes.

What do you think on the matter? Which encryption do you trust more – symmetric or asymmetric? Share your thoughts in the comments.

About the author

    WhaleSumo