Asymmetric Encryption
Sign in

Asymmetric encryption

Information Security Professiona
If you'll recall from my last post, symmetric encryption is quick, but has challenges that arise from the complexity of the key exchange system.

So we have asymmetric encryption. Asymmetric encryption uses very high-level math, involving prime numbers on the order of 100 to 200 digits, raised to powers and run through other mathematical blenders.  

What comes out of these calculations are two related numbers.  One of the numbers easily can be derived if you know the other.  But trying to reverse the calculation is for all intents and purposes mathematically impossible.

So what is the significance of these two numbers?  They are used to create a pair of keys: One public and one private.  I place my public key literally “out there,” for anyone and everyone to use to send me a message.  Actually, anyone who wishes to exchange confidential information puts their public key out there in a centrally-located place, called a certificate authority, or CA.  When someone uses my key to encrypt a message to me, it is dropping a water glass.  When I receive the message, I use my private key—a glass-restoring magic spell, if you will—to decrypt it.  If someone intercepts the message and does not have my private key, he must reassemble the glass with tweezers and glue.  

As you probably can extrapolate, this system is called public key cryptography.  In contrast, the use of a symmetric key sometimes is called private key cryptography.

So if asymmetric cryptography is so good, why would anyone use symmetric cryptography?  

As touched on earlier, longer keys lead to messages which are “better” encrypted, that is, harder to break.  With asymmetric encryption, because there exists a mathematical relation between the two numbers, they must be very large in order to result in a sufficiently strong key.  Longer keys require more time to encrypt and decrypt.  If you are sending an encrypted email to someone, a few extra seconds probably will not concern you.  But if you are using encryption to secure an ongoing communication—such as an online banking session or an online purchase—the latency period can become troublesome.  As such, a common trick is to use public key cryptography to agree on a symmetric key, and then use that symmetric key for all further conversation in that session.

start_blog_img