Symmetric Key Cryptography

Symmetric Key Cryptography, also called Symmetric Encryption, uses a key – which is a string of
characters in particular order – for both encrypting and decrypting data. When data is
unencrypted, which called plaintext, a key is used for scrambling data using an encryption
algorithm, and the unencrypted data will come out as random-looking data, or ciphertext, allow
everyone with the right key can decrypt the data back to plaintext form. Symmetric Key
Cryptography, while requires less processing power, is actually quicker than asymmetric keys,
so it is one of the most widely use types of encryption, and it is often used by messaging apps.
The issue with Symmetric Key Cryptography is its security, as it only uses a single key between
sender and recipient, malicious parties can also obtain and use the key to decrypt the message.
Public Key Cryptography

Different from Symmetric Key Cryptography, which only uses one key, Public Key Cryptography,
or also called Asymmetric Cryptography, uses two different types of keys to encrypt data: the
public key, which is available for everyone to use; and the private key, which is only used by the
owner. The Public Key Cryptography allows sending the public key through open, insecure
intermediaries before sending the encoded data. In such way, Public Key Cryptography is safer
than Symmetric Key Cryptography because even though the public key allows anyone who own
it to encrypt a message, only the owner of the private key can decrypt the message. As a result,
anyone with the public key can send data securely to the owner of the private key, and because
only the owner has the private key, they can verify that the data they received is actually from
that owner.
Digital Certificates

Digital Certificates, also called Public Key Certificates or Identity Certificates, are electronic
credentials that is used to prove the ownership of a public key and is designed to work with
Public Key Cryptography. The certificates contain information about the key such as its owner’s
name and identity (the subject), digital signatures that verifies the certificate’ contents and
expiration date. In other words, Digital Certificates are electronic “passwords” for parties to
securely exchange data over the internet. Without Digital Certificates, as public key is shared
through open and insecure channels, anyone who has access to public key would be able to
view the data. Therefore, the main purpose of Digital Certificates is to ensure that the public
key belongs to the correct and intended entity as stated in the certificates.