Advantages Between Asymmetric and Symmetric Keys
Asymmetric encryption and symmetric encryption are also called public key and private key encryption, and both are used extensively on the Internet and business networks. The basic difference is that the former uses two different keys for encryption and decryption, while the latter uses the same key for both functions. There are advantages and disadvantages with each of these systems, and which one you should use depends on the nature of what you want to accomplish.
Other People Are Reading
-
Symmetric and Asymmetric Keys
-
Symmetric encryption uses only one private key that is distributed to all partners in the information exchange group. The message is encrypted with the private key and is decrypted on the other end with a duplicate of the same key. Public key encryption, however, uses a public-private key pair. The private key is always kept secret by the owner, while the public key is available to anyone who needs it. Anyone may encrypt a message with the public key and send it to the owner, who decrypts it with his private key.
Risks
-
There are risks with either encryption method, the primary risk being disclosure of the private key. For symmetric cryptography this means the private key must be regenerated and distributed to all members of the information exchange group. When the private key is sent there is always the risk of disclosure to unauthorized parties. With asymmetric cryptography disclosure of the private key also means regeneration of the private and public keys, but there is no such risk involved, since the private key is never transmitted.
-
Key Length and Security
-
With either system, higher security can be achieved by using longer key lengths. While a 40-bit key is the shortest allowed, longer keys are recommended for greater levels of security. The difference between public and private key encryption is that the former requires longer keys to achieve a set level of security than does the latter. Shorter key lengths provide less security, but produce smaller messages and reduced transmission times.
Speed
-
Since longer keys produce longer encrypted messages, the transmission times for these messages are also longer. In practice, public keys cannot be used for long messages because of the length of the encrypted message. The actual encryption time is also longer for public key encryption because of key length and the encryption algorithms that must be used to achieve an acceptable level of security. Symmetric encryption algorithms are much faster in this respect. For this reason, public key systems are used for short messages, such as digital certificates, and ironically, for transmitting private keys securely.
-
References
- Photo Credit Thinkstock Images/Comstock/Getty Images
