Symmetric vs. asymmetric algorithms
Every encryption/decryption algorithm needs a key for encryption and a key for decryption.
When these two keys are same, the algorithm is called symmetric.
When these two are different, the algorithm is called asymmetric.
Symmetric algorithms are lightweight i.e. they do not consume too much computation power but they have the disadvantage that the single key needs to be kept very secure. If the key leaks to a third party, anybody can encrypt/decrypt and hence easily become man-in-the-middle.
A few well-known examples of symmetric algorithms are: DES, Triple-DES (3DES), BLOWFISH, IDEA etc.
Asymmetric algorithms use two keys.
One of the keys is kept secret while the other is made public.
When signing a message before giving to the general public, the encryption key is kept secret. Decryption key is public so that a successful decryption proves the authenticity of the sender.
When receiving messages securely from the public, the decryption key is kept secret. So anyone can encrypt messages but only the owner of decryption key can read them. Some well-known asymmetric algorithms are RSA, DSA and ELGAMAL.
Clearly with symmetric keys, every pair of users would need to have their own shared secret key whereas in asymmetric keys, only one user needs to have one key secret to establish his own identity, rest all can use the corresponding public key to establish that the message is from a particular individual.
Since asymmetric algorithms are much slower than symmetric ones, a combination of both is used usually. After successful authentication using asymmetric keys, one or more symmetric keys are generated and exchanged using the asymmetric encryption.
|Email:||(Your email is not shared with anybody)|