SYMMETRIC AND

ASYMMETRIC
CRYPTOGRAPHY
LEC 7
ALGORITHMS

• An algorithm is simply a set of steps used to complete a specific task.

• They're the building blocks for programming, and they allow things like computers,
smartphones, and websites to function and make decisions.
• An algorithm is basically a procedure or a formula for solving a data snooping problem.
• An encryption algorithm is a set of mathematical procedure for performing
encryption on data.
ALGORITHMS…

• Through the use of such an algorithm, information is made in the cipher text and requires
the use of a key to transforming the data into its original form.
• This brings us to the concept of cryptography that has long been used in information
security in communication systems.
• “ Cryptography is the practice and study of techniques for securing communication and
data in the presence of adversaries”.
SYMMETRIC ENCRYPTION

• This is the simplest kind of encryption that involves only one secret key to cipher and
decipher information.
• Symmetric encryption is an old and best-known technique.
• It uses a secret key that can either be a number, a word or a string of random letters. It is a
blended with the plain text of a message to change the content in a particular way..
• The sender and the recipient should know the secret key that is used to encrypt and
decrypt all the messages.
• Blowfish, AES, RC4, DES, RC5, and RC6 are examples of symmetric encryption. The
most widely used symmetric algorithm is AES-128, AES-192, AES-256 and Data
Encryption Standard
DISADVANTAGE OF THE SYMMETRIC KEY
ENCRYPTION
• The main disadvantage of the symmetric key encryption is that all parties
involved have to exchange the key used to encrypt the data before they can
decrypt it.
SYMMETRIC ENCRYPTION WORKING

• Symmetric encryption works by using either a stream cipher or block cipher to encrypt
and decrypt data.
• A stream cipher converts plaintext into cipher text one byte at a time, and a block
cipher converts entire units, or blocks, of plaintext using a predetermined key
length, such as 128, 192, or 256 bits.
• Senders and recipients using symmetric encryption to transfer data to each other must
know the secret key to, in the case of senders, encrypt the data they intend to share with
recipients, and in the case of recipients, decrypt and read the encrypted data the senders
share with them, as well as encrypt any necessary responses.
• Here’s a simplified example of symmetric encryption: if Ali, the sender, wants to send
Usman, the recipient, a confidential document, Ali would use the secret key to encrypt the
file and send it to Usman, who would be unable to read its contents until he entered the
same key that Ali just used to encrypt the file. Conversely, if Usman makes changes to the
document and wishes to share them with Ali, he’d use the same key to re-encrypt the file
and send it back to Ali, who will use the same key to decrypt the file and access its
contents, and the process repeats itself.
• Symmetric encryption is not limited to the sharing of data between one sender and one
recipient, however. Symmetrically encrypted information can be accessed by anyone –
Ali, Usman, their co-worker Rehman, their boss, Umer , et al. – who knows the secret
key. Therein lies the reason why concealing the shared cryptographic key from
unauthorized parties is vital to the success of symmetric encryption and the integrity of
symmetrically encrypted data.
EXAMPLES OF SYMMETRIC ENCRYPTION:

• Popular examples of symmetric encryption include the:

• Data Encryption Standard (DES)
• Triple Data Encryption Standard (Triple DES)
• Advanced Encryption Standard (AES)
• International Data Encryption Algorithm (IDEA)
• TLS/SSL protocol
SOME ADVANTAGES OF SYMMETRIC
ENCRYPTION:
• Symmetric encryption is used today because it can encrypt and decrypt large amounts of
data quickly, and it's easy to implement. It’s simple to use, and its AES iteration is one of
the most secure forms of data encryption available.
• Security: symmetric encryption algorithms like AES take billions of years to crack using
brute-force attacks.
• Speed: symmetric encryption, because of its shorter key lengths and relative simplicity
compared to asymmetric encryption, is much faster to execute.
• Industry adoption and acceptance: symmetric encryption algorithms like AES have
become the gold standard of data encryption because of their security and speed benefits,
and as such, have enjoyed decades of industry adoption and acceptance.
SOME DISADVANTAGES OF SYMMETRIC
ENCRYPTION
• By far the biggest disadvantage of symmetric encryption is its use of a single, secret
cryptographic key to encrypt and decrypt information.

Why?
• Well, if this secret key is stored in an insecure location on a computer, then hackers could
gain access to it using software-based attacks, allowing them to decrypt the encrypted
data and thereby defeating the entire purpose of symmetric encryption.
• In addition, if one party or entity is encrypting at one location and a separate party or
entity decrypting at a second, then the key will need to be transmitted, leaving it
vulnerable to interception if the transmission channel is compromised.
• That’s why it’s crucial to ensure the security of the encryption key at rest and in transit.
Otherwise, you’re just asking for a litany of independent and state-sponsored cyber
attackers to access your mission-critical, safety-critical, or legally protected data.
• The only other disadvantage to using symmetric encryption is its security efficacy when
compared to asymmetric encryption, which is generally considered to be more secure but
also slower to execute than symmetric encryption.
ASYMMETRIC ENCRYPTION:

• Asymmetric encryption is also known as public key cryptography, which is a relatively

new method, compared to symmetric encryption. Asymmetric encryption uses two keys
to encrypt a plain text.
• Secret keys are exchanged over the Internet or a large network. It ensures that malicious
persons do not misuse the keys.
• It is important to note that anyone with a secret key can decrypt the message and this is
why asymmetric encryption uses two related keys to boosting security.
• A public key is made freely available to anyone who might want to send you a message.
The second private key is kept a secret so that you can only know.
• A message that is encrypted using a public key can only be decrypted using a private key,
while also, a message encrypted using a private key can be decrypted using a public key.
Security of the public key is not required because it is publicly available and can be
passed over the internet. Asymmetric key has a far better power in ensuring the security
of information transmitted during communication.
• Asymmetric encryption is mostly used in day-to-day communication channels, especially
over the Internet. Popular asymmetric key encryption algorithm includes EIGamal,
RSA, DSA, Elliptic curve techniques, PKCS.
ASYMMETRIC ENCRYPTION WORK:

• Here’s a simplified example of asymmetric encryption: if Ali, the sender, and Usman, the
recipient, want to continually send a confidential file back and forth to each other, Ali and
Usman will give their unique and respective public keys to each other. Ali will then use
Usman’s public key to encrypt the file, since it’s intended for Usman only, and send the
file to Usman. Upon receipt of the file, Usman will use her private key – keyword,
“private,” meaning no one else other than Usman knows it - to decrypt the file and access
its contents. No one other than Usman, not even Ali, can decrypt this file, because no one
other than Usman knows Usman’s private key. The same process applies when Usman
wants to send the file back to Ali. Usman ties it to Ali’s public key, and Ali uses her
private key to decrypt the file.
• One reason asymmetric encryption is often regarded as more secure than symmetric
encryption is that asymmetric encryption, unlike its counterpart, does not require
the exchange of the same encrypt-decrypt key between two or more parties.
• Yes, public keys are exchanged, but users sharing data in an asymmetric cryptosystem
have unique public and private key pairs, and their public keys, because they’re used for
encryption only, pose no risk of unauthorized decryption by hackers should they become
known, because the hackers, assuming private keys are kept private, don’t know the
users’ private keys and thus cannot decrypt the encrypted data.
• Asymmetric encryption also allows for digital signature authentication, unlike symmetric
encryption. Basically, this involves using private keys to digitally sign messages or files,
and their corresponding public keys are used to confirm that these messages originated
from the correct, verified sender.
EXAMPLES OF ASYMMETRIC ENCRYPTION:

• Rivest Shamir Adleman (RSA)

• the Digital Signature Standard (DSS), which incorporates the Digital Signature Algorithm
(DSA)
• Elliptical Curve Cryptography (ECC)
• the Diffie-Hellman exchange method
• TLS/SSL protocol
ADVANTAGES OF ASYMMETRIC ENCRYPTION:

• Key distribution not necessary: securing key distribution channels has long been a headache in
cryptography. Asymmetric encryption eliminates key distribution entirely. The needed public keys
are exchanged through public-key servers, and the disclosure of public keys is not, at this time,
detrimental to the security of encrypted messages, because they cannot be used to derive private keys.
• Exchange of private keys not necessary: with asymmetric encryption, private keys should remain
stored in a secure location and thus private to the entities using them. Basically, the keys needed to
decrypt sensitive information are never, and should not ever be, exchanged over a potentially
compromised communication channel, and that’s a major plus for the security and integrity of
encrypted messages.
• Digital signature/message authentication: with asymmetric encryption, senders can use their
private keys to digitally sign and verify that a message or file originated from them and not an
untrusted third party.
• It may seem like there’s no going wrong with asymmetric encryption. I mean, why
would you ever choose symmetric encryption if asymmetric encryption is so secure?
• One word: speed.
DISADVANTAGES OF ASYMMETRIC ENCRYPTION

• The main disadvantage of asymmetric encryption is that it’s slower than symmetric
encryption because of its longer key lengths, not to mention that asymmetric encryption
calculations tend to be much more complex than their symmetric counterparts.
• Why? Because, in theory, public keys can be used to crack private keys – again, they’re
mathematically linked – but asymmetric encryption uses extraordinarily long key lengths
to make this virtually impossible, at least for now.
• So, in a nutshell, symmetric encryption is faster than asymmetric encryption. Asymmetric
encryption sacrifices speed for security, while symmetric encryption sacrifices security
for speed.