Symmetric-key encryption is defined by their use of secret or private keys which are shared among users to encrypt data by moving bits around and scrambling data based on the key. This method is considered very safe as a good algorithm can scramble data effectively enough that patterns and frequency are obfuscated enough that they would have to theoretically use brute force and try out all possible combinations of keys before finding the correct one. The attacker also runs the risk of finding a key that would produce an output that may seem correct but really isn't.
Asymmetric-key encryption is defined by the use of public and private keys to keep data secure by using both keys with a set algorithm such as AES. The Public key is just that, public where everyone can see it, which allows them to encrypt data and send it to another user. The user on the receiving end of the data will then decrypt the data using their private key, which theoretically they should keep private so that no one else can decrypt the message. The data is encrypted with the idea of one way functions such as modular arithmetic wherein there is no clear way to go backwards in the formula given just the result and the formula. However, if you know an extra bit of information (the private key), then going backward and decrypting the message becomes easy. The only way to compute for the key is through brute force, trying out all possible valid combinations. In this case though, the keys usually go to the square root of N amount of keys because of the nature of the key being the product of two large, usually prime, numbers.
Symmetric-key encryption confirms a user's ID by the fact that the user can encrypt and decrypt data sent between the two users. This is because it is assumed that if another user knows the secret key, then you probably gave it to them. Asymmetric-key encryption on the other hand uses a form of double encryption to confirm identities. One side encrypts the data using their private key then the receiver's public key, sends it off and the only one that can completely decrypt the data is the receiver who first uses his private key then the sender's public key.
Symmetric-key encryption is generally considered to be the safer encryption
standard because there are more keys to try out before you potentially guess the correct one. It is also faster to encrypt and decrypt symmetric-key encrypted data, which makes it ideal for transferring large files. However, it does have disadvantages though, such as the problem of distributing the key to other people, one time transactions, and the key being revealed to the public.
Asymmetric-key encryption on the other hand has one big advantage over symmetric-key encryption. It allows for a secure first contact anyone who has a public key, making key distribution not a problem. Other than that, it also gives way to other uses such as digital cash, anonymous business transactions, and digital signature.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment