Symmetric vs Asymmetric

(OBJ 1.4)

Symmetric Encryption

• Uses a single key for both encryption and decryption

• Often referred to as private key encryption

• Requires both sender and receiver to share the same secret key

• Offers confidentiality but lacks non-repudiation

• Challenges with key distribution in large-scale usage

  • Distribution of shared secret keys: More people means more sharing of the keys
  • As you get more users, you need to share that secret among more people, this is a big distribution problem.
  • Though, most home Wireless LAN networks use a form of a shared secret key as a Wi-Fi password.
  • So eventually you need to figure out:
    1. How you are going to protect that shared secret
    2. How you are going to distribute that shared secret

• "You use the exact same key that your roommate would have to unlock and open your door"

  • Only the people that you give this key to are going to be able to open the door and get inside, this provides integrity.
  • But you cannot be assure of non-repudiation, you are not going to know who took your laptop, all you know is that that laptop is gone.
  • There is a challenge to see who actually used the key!

Asymmetric Encryption

• Uses two separate keys
• Public key for encryption
• Private key for decryption
• Often called “Public Key Cryptography”
• No need for shared secret keys
• Commonly used algorithms include Diffie-Hellman, RSA, and Elliptic Curve Cryptography (ECC)
• Slower compared to symmetric encryption but solves key distribution challenges
• Both symmetric and asymmetric encryption have their ups and downs and are used in different scenarios, no one is better than the other.

Hybrid Approach

• Combines both symmetric and asymmetric encryption for optimal benefits

• Asymmetric encryption used to encrypt and share a secret key

• Symmetric encryption used for bulk data transfer, leveraging the shared secret key

• Offers security and efficiency

• Gives you the best of both worlds!

• We can also categorize an algorithm as either a stream or a block cipher, based on the mathematical algorithm that they are using to do their encryption and decryption processes.

Stream Cipher

• Encrypts data bit-by-bit or byte-by-byte in a continuous stream
• Uses a keystream generator and exclusive XOR function for encryption
• Suitable for real-time communication data streams like audio and video
• Often used in symmetric algorithms
  • Used the same key for both encryption and decryption

Block Cipher

• Breaks input data into fixed-size blocks before encryption
  • Usually 64, 128, or 256 bits at a time
  • Example: A message that is 1 Kb in size has arrived
    • We could break that up into 16 blocks of 64 bytes each
    • Each of these 16 block could then be processed by the cipher, and then output out the other side of this algorithm, the block of ciphertext that we are expecting.
• Padding added to smaller data blocks to fit the fixed block size
• Advantages include ease of implementation and security
  • Less susceptible to security problems
• Can be implemented in software, whereas stream ciphers are often used in hardware solutions