A quick note about the 2 types of encryption algorithms:

## 1. Symmetric encryption

– **Oldest, fastest and more common**

– **Key management** is critical

– Best encoding algorithms: the ones that are **public**

– **Public** algorithm, **private** key. “Good security systems rely on the private key for security, not on the algorithm itself”

Suppose you installed the biggest, strongest, most secure lock in the world on your front door, but you put the key under the front door mat. It wouldn’t really matter how strong the lock is, would it?

– 10 Immutable Laws of Security

## 2. Asymmetric encryption (Public key cryptography)

– uses both public and private keys

– the **key management** is part of the algorithm

– it’s **slower** than the symmetric encryption

– it can be used for both **encryption** and **digital signature** (digital signatures: hashing + asymmetric encryption)

– relies on digital certificates

**How they both come together:**

Asymmetric encryption can be used for the private key exchange in the beginning of a symmetric-encrypted conversation (ex: PGP)

– symmetric keys are used for encryption, because of speed and efficiency

– the symmetric keys are passed using asymmetric methods

This is known as electronic key exchange.

Description of Symmetric and Asymmetric Encryption

**Diffie-Hellman solution for key exchange**

D–H is one of the earliest practical examples of public key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communication channel:

– Alice and Bob agree on 2 numbers, P, G

– P and G are exchanged in clear

– Alice picks a secret number, a

– Bob picks a secret number, b

– Alice computes her public number: X = Ga mod P

– Bob computes his public number: Y = Gb mod P

– X and Y are exchanged in clear

– Alice computes Ka = Y^a mod P

– Bob computes Kb = X^b mod P

– Ka=Kb=K – now both Alice and Bob know the shared secret K

This secret key can then be used to encrypt subsequent communications using a symmetric key cipher.

However, it is **impractical** since it is **synchronous** and a new key exchange has to be done for every new pair of recipients.

D-H was followed shortly afterwards by **RSA**, a more practical and **asynchronous** implementation of public key cryptography using asymmetric algorithms.

Wikipedia

**A postal analogy**

– **Symmetric encryption**: Alice sends to Bob the secret message in a box locked with a secret key. Both Alice and Bob have a copy of the secret key

– **Asymmetric encryption (2 passes)**: Alice and Bob have separate, secret padlocks. Alice asks Bob to send his open lock by regular post. Then Alice puts her secret message in the box and locks it using Bob’s padlock. When Bob receives the box he can open the lock. The secret padlocks are not shared.

– **Asymmetric encryption (3 passes)**: Alice and Bob have separate, secret padlocks. Alice sends to Bob a box locked with her padlock. Bob receives the box and adds his own lock on the box. Then Alice receives the box with 2 locks, removes her lock and sends the box to Bob. Bob opens the box with his own secret padlock.

Wikipedia

*Written by*
**Dorin Moise**
(Published articles: 277)

- Likes (
*0*) -
Share
- Comments (0)