Symmetric vs. Asymmetric Encryption – CompTIA Security+ SY0-401: 6.1

Our encryption methods will generally use either symmetric encryption or asymmetric encryption, and sometimes both! In this video, you’ll learn the advantages and disadvantages when using symmetric or asymmetric encryption types.

<< Previous Video: Cryptography OverviewNext: Public Keys and Private Keys >>

In today’s computer network environments we’re using two major methods of encrypting data. We have symmetric encryption and asymmetric encryption.

Symmetric encryption is a method where we are using exactly the same key to encrypt information and decrypt the information. They’re both using exactly the same information. So we know that if we need to encrypt data, and somebody on the other side needs to decrypt it, we need to somehow get that key to them so that they will be able to decrypt that data.

And because it is exactly the same information on both sides, it’s the same key on both sides, you have to keep it secret. If somebody was to get that key somewhere in the middle, they would be able to look at all of the information that we had encrypted. They’d be able to see everything. And that means if the key gets out, or if it’s lost or if it’s stolen, you’re going to need to create another secret key and get that secret key to the person who will be receiving the information that we’re sending out in encrypted form.

So obviously this doesn’t scale very well. If you give a secret key to one person, you might think that that key’s going to be relatively safe. What if you give that secret key to 100 people? Is that key still going to remain safe? And since you have to have that key to be able to decrypt the information, anybody can get their hands on it and look at information. Now we’ve got a bit of a security challenge ahead of us.

Even so, we are still using symmetric encryption in many ways today, and that’s because symmetric encryption is so fast to use. It uses so few resources when you compare it to asymmetric encryption. Because of that, you’ll often see these combined. You’ll see asymmetric encryption combined with symmetric encryption, to be able to have not only a secure environment where data is protected, but also have one that works very, very quickly and very, very efficiently.

The other type of encryption that you’ll commonly see is asymmetric encryption. You’ll also hear this referred to as public key cryptography, and you’ll understand why in just a moment. This type of encryption method has really only been around since the 1970s. So in the world of encryption it’s a relatively new capability, and it has allowed us to do quite a number of things in our technologies.

There are two keys needed in asymmetric encryption. If you recall, in symmetric encryption you had exactly the same key. But in asymmetric encryption, as the name implies, you have two keys. You have a private key, and this private key is something as also this name implies you, want to keep private. Nobody gets their hands on the private key except for you. You would not share this private key with someone else. You would not give it to someone else. Nobody else needs this private key.

The key that you’re going to give to everyone else is one called a public key. Give it to everybody. Put it on a public server. Post it on your website. Stick it on your Facebook page. Everybody should have access to this public key. Nobody but you should have access to the private key, and that’s because the public key is one that allows people to send you information in an encrypted form, but the private key is the only key that can decrypt that data.

And that makes this a very interesting method of storing and encrypting information, because if somebody was to encrypt data with your public key, they would not be able to decrypt it. Nobody would be able to decrypt it. Even if somebody got their hands on it somewhere along the way, the only way to decrypt it is with that private key, and that’s why it is so important to keep that key private.

Not only is it private, we usually will put a pass phrase associated with it. We make sure that that key is very, very secure and nobody gets their hands on it. And in that way you can be relatively public with the information that you’re sending. You don’t have to worry about it so much because nobody could take that encrypted data and use your public key in some way to decrypt it. It doesn’t work that way. You have to have the private key to decrypt that information.

So you can see, using this asymmetric encryption really gives us some new ways of encrypting data, keeping that data safe, and making sure that nobody can get their hands on that information. And when you combine asymmetric encryption with the symmetric encryption, you really have a lot of flexibility with how you’re going to encrypt the data, send it to someone else, and be able to decrypt it on the other side.