How Does Symmetric Encryption Work?

Symmetric Encryption Keys

• Symmetric encryption involves the use of a secret key that is held by the owner, and distributed to the other partners in the message exchange group. This introduces a risk of key disclosure, so the method of transportation or transmission of the secret key must be secure. Once each partner has the secret key, message exchanges can begin, and each party can decrypt messages encrypted using the secret key.

Encryption and Decryption

• Encryption is the process of scrambling the message using an encryption algorithm and a key. The longer the key, the more difficult it is for a cryptanalyst to break the encryption. However, the longer the key, the longer the encryption processes takes. An advantage of symmetric encryption over asymmetric encryption is that the former can achieve a given level of security with a shorter key, resulting in faster encryption and decryption times.

Key Lengths

• Symmetric encryption algorithms accept several standard key lengths, such as 40-bit, 56-bit, 128-bit and 256-bit. Modern computers are fast enough to perform a brute-force attack and crack a 40-bit key in just a few hours. As the key length increases, the time to crack the key increases exponentially. A 56-bit key would give most people adequate protection, and a 128-bit key would be widely acceptable for good security.

Security Risks

• The primary risk associated with symmetric encryption is the discovery of the secret key by an unauthorized person. If this occurs without the key owner’s knowledge, messages can be intercepted and decrypted by the attacker without detection. If the key owner discovers that the key has been disclosed or lost, he must generate a new key and distribute it to the other messaging partners.