Photo by FlyD on Unsplash

Symmetric vs. Asymmetric Encryption

Amr Saeed

--

In the past, when two persons wanted to send messages to each other in a secure way, they resorted to something called Symmetric Encryption.

Symmetric encryption is a type of encryption that uses one secret key to encrypt and decrypt messages. Hence, the two parties must have this key to communicate.

Symmetric Encryption

The issue with this approach is that saving and protecting the keys is very difficult because these two persons have to know the key. So, if one of them has been hacked, the key could be stolen easily. Moreover, even if the two persons decided to send the key directly on the network and change it periodically, someone could be intercepting the network to get the key; this is commonly known as a Man-in-the-middle attack.

This type of encryption in its simple form has caused many problems until a new type of encryption arose, which is Asymmetric Encryption, also known as Public-key Cryptography.

In this type of encryption, each device generates a key pair, one is public, and the other is private. Both of the two keys are connected mathematically in a way that if you encrypt a message with a public key, it can only be decrypted by the private key and vice versa.

The main idea is that if you want to send me an encrypted message, I’ll have to generate a public and private key pair. After that, I’ll send you the public key then you can use it to encrypt your message and send it over the network. If anyone tried to intercept your message, they wouldn’t understand it because it’s encrypted. Also, if they tried to decrypt it, they wouldn’t be able to do so because they need the private key. Luckily in this approach, the private key only resides on my machine and is never sent over the network.

Asymmetric Encryption

The same idea would apply to me if I decided to reply to your message. You’ve to send me your public key to decrypt my response and send it.

Notice that there is no danger in sending the public key over the network or even uploading it to the internet as this is its main purpose. Additionally, the current machines’ limited capabilities make it difficult to derive the private key from the public key. This operation can take a huge amount of time.

--

--

Amr Saeed
Amr Saeed

Written by Amr Saeed

A software engineer with 5+ years working in back-end, front-end, and DevOps. Love building cool stuff that scales and making life easier for fellow developers.

No responses yet