After complething this video, the learner will understand the different between symmetric and asymmetric cryptography.
- View Offline
- [Voiceover] There are many different kinds of encryption algorithms and there are different ways that we can categorize them. Two of the major categories of encryption algorithms are symmetric and asymmetric algorithms. You're probably already familiar with the concept of symmetry meaning that two things are the same. Symmetric shapes have two sides that when divided along an axis are identical. The human face is an example of a symmetric object.
In cryptography, symmetry relates to keys rather than shapes. We have two categories of encryption algorithms. In symmetric encryption algorithms, also known as shared secret encryption algorithms, the encryption and decryption operations use the same key. If one user encrypts a message using the secret key, apple, the second user would then decrypt the message using that same key, apple. It's a shared secret.
Asymmetric encryption algorithms on the other hand use different keys for encryption and decryption. They're also known as public key encryption algorithms and they use the concept of a keypair that I'll discuss more in a moment. First, let's dive more into symmetric encryption. You can think of a shared secret key as the password to a message. Let's say that Alice and Bob want to communicate with each other. If they both know the same shared secret, they can use it to exchange encrypted messages with each other.
This works great when we only have two people involved. They can simply agree on an encryption key and then use it communicate it with each other. If we have three people involved, now we need to change things a little bit. Alice and Bob can still use their shared secret key to communicate with each other privately but now Charlie joins the picture and wants to be able to communicate with Alice or Bob. Each person in the group wants the ability to communicate privately with any other member of the group.
Alice already has a way to communicate privately with Bob but then we need to add a second key that allows her to communicate privately with Charlie and we still have a missing link here. Bob and Charlie don't have a way to communicate privately. We have to add a third key that allows those two to communicate with each other. So for these three people to communicate privately using symmetric cryptography, we need three keys. As groups get larger, we need more and more keys to facilitate this communication.
There's a formula that computes the number of keys required for symmetric cryptography where n is the number of people who wish to communicate. We multiply n by n minus one and then divide the result by two. As you can see, when we grow to larger groups, symmetric cryptography starts to require an unmanageable number of keys. For example, if we have an organization with 10 thousand employees, we'd need almost 50 million encryption keys.
If a new person joins the organization, we'd need to generate 10 thousand new keys for that one person to be able to communicate with the other employees in the organization and then we need to distribute those 10 thousand keys to every other employee in the organization. Asymmetric cryptography solves this problem for us by using the concept of keypairs. Each user gets two keys, a public key that can be freely distributed to anyone the user might wish to communicate with and a private key that they keep secret and don't disclose to anyone else.
In asymmetric cryptography, anything that is encrypted with one key form the pair can be decrypted with the other key from that pair. For normal communications, the center of the message would encrypt it with the recipient's public key which is publicly known. The recipient would then use his or her private key to decrypt the message. A quick exam tip. Remember that in asymmetric cryptography, the keys must be from the same pair.
If Bob encrypts a message for Alice, he uses Alice's public key and then Alice uses her own private key to decrypt the message because Alice's public and private key come from the same pair. People get this confused on those exam all the time so make sure you review it carefully before you take the test. Asymmetric cryptography is slower than symmetric cryptography but it solves our problem of creating keys for large organizations.
We only need two keys for each user. As you can see in this table, it results in much more manageable key counts for large organizations.
This course is part of a six-course series on the CompTIA Security+ exam, and is useful for IT professionals who wish to learn more about information security as well as students preparing to take the Security+ exam.
We are now a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Choosing encryption algorithms
- Applying symmetric and asymmetric cryptography standards
- Implementing key management, including key exchange and key stretching
- Working with public keys, trust models, and digital certificates
- Using transport encryption protocols
- Securing wireless networks