What Are the Principles of Symmetric and Asymmetric Encryption Systems?

Symmetric Encryption

• Symmetric encryption, also known as secret key encryption, is the more traditional form of encryption in which the sender and recipient share a common secret password, pass-phrase or key. The sender uses the key to encrypt plaintext and sends ciphertext to the recipient, who, in turn, uses the same key to recover the plaintext. Symmetric encryption is typically faster than asymmetric encryption, but it can't be used unless the sender and recipient have already exchanged keys. Indeed, the main limitation of symmetric encryption is the need to distribute large numbers of keys securely.

Examples

• Common examples of symmetric encryption include the Data Encryption Standard, Triple Data Encryption Standard and the Advanced Encryption Standard. DES uses a 56-bit encryption key, while Triple DES applies the same mathematical formula, or algorithm, three times to produce a 128-bit key. However, while Triple DES is considered acceptably secure for most applications, the National Institute for Standards officially adopted AES -- which uses a 128-bit, 192-bit or 256-bit encryption keys -- as the successor to DES in 2001.

Asymmetric Encryption

• Asymmetric encryption, also known as public key encryption, uses two mathematically related encryption keys. One, known as the public key, is freely distributed, while the other, known as the private key, is kept secret. One key is used to encrypt data and the other to decrypt data. It doesn’t matter which key is applied first, but both keys are required for the process to work. Asymmetric encryption relies on one-way mathematical functions, which are easy to compute in one direction but relatively difficult to compute in the opposite, or inverse, direction.

Examples

• Modern asymmetric encryption was first described by Whitfield Diffie and Martin Hellman of Stanford University in 1976. Their discovery, known as the Diffie-Hellman algorithm, is still used in many secure connectivity protocols on the Internet. The most common implementation of asymmetric encryption is known as RSA, after the mathematicians Rivest, Shamir and Adleman, who developed it. RSA derives its public and private keys by multiplying two prime numbers, which may be 100 digits or more in length.