Cryptographic systems are currently divided into two main areas of study: symmetric and asymmetric cryptography. Asymmetric encryption has two use cases: asymmetric encryption and digital signatures.

Therefore, we may represent these groups as follows:

  • Symmetric key encryption

    • Symmetric encryption

  • Asymmetric encryption (or public key encryption)

    • Asymmetric encryption (or public key encryption)

    • Digital signatures (may or may not include encryption)

This article will focus on symmetric and asymmetric encryption algorithms.


Symmetric encryption and asymmetric encryption

Encryption algorithms are often divided into two categories, namely symmetric and asymmetric encryption. The primary difference between these two methods of encryption is the fact that symmetric encryption algorithms use a single key while asymmetric encryption uses two different but related keys. Although this difference seems simple, it  explains the functional differences between the two forms of encryption techniques and the methods used.


Understanding encryption keys

Cryptographic algorithms create keys as a series of bits that are used to encrypt and decrypt a piece of information, and this is how these keys are used to account for the difference between symmetric and asymmetric encryption.

While symmetric encryption algorithms use the same key to perform both encryption and decryption functions, an asymmetric encryption algorithm in contrast uses one key to encrypt the data and another key to decrypt it. In asymmetric systems the key used for encryption is known as the public key and can be freely shared with others. On the other hand, the key used for decryption is the private key and should not be shared and kept secret.

For example if Alice sends a message to Bob that is protected by symmetric encryption  she would need to share the same key she used for encryption with Bob so that he can decrypt the message. This means that if a malicious third party gains access to the key  they will have access to the encrypted information.

But if Alice uses asymmetric encryption instead, she encrypts the message using Bob's public key, and Bob will be able to decrypt it using his private key. Thus, asymmetric encryption provides a higher level of security because even if someone intercepts his messages and finds Bob's public key, he won't be able to decrypt it. To decode the message or understand its content.


Key length

Another functional difference between symmetric and asymmetric encryption is related to the length of the keys, which is measured in bits and is directly related to the level of security provided by each encryption algorithm.

In symmetric encryption methods the keys are chosen randomly and their lengths are usually set to 128 or 256 bits  depending on the level of security required. In asymmetric cryptography  there must be a mathematical relationship between the public and private keys and this means that there is a mathematical pattern between the two. Due to the fact that attackers are likely to exploit this pattern to break the encryption, asymmetric keys must be much longer to provide an equivalent level of security. The difference appears in the key length such that a 128-bit symmetric key and a 2048-bit asymmetric key provide almost similar levels of security.


Advantages and disadvantages

Both types of encryption have advantages and disadvantages that are close to each other. Symmetric encryption algorithms are much faster and require less computational power, but their main weakness is key distribution. Since the same key is used to encrypt and decrypt information  this key must be distributed to anyone who will need to access the data which naturally opens up security risks (as described earlier).

Conversely, asymmetric encryption solves the key distribution problem by using public keys for encryption and private keys for decryption. However, asymmetric cryptosystems are very slow compared to symmetric systems and require much more computing power as a result of their extremely long key lengths.


Use cases

Symmetric encryption

Symmetric encryption is widely used to protect information in many modern computer systems due to its high speed. For example,   Advanced Encryption Standard (AES) is used by the US government to encrypt classified and sensitive information. AES replaces the former Data Encryption Standard (DES) which was developed in the 1970s as the standard for symmetric encryption.

Asymmetric encryption

Asymmetric encryption can be applied to systems where multiple users may need to encrypt and decrypt a message or set of data, especially when speed and computing power are not required. One example of such a system is encrypted email where a public key can be used to encrypt a message and another private key can be used to decrypt it.

Hybrid systems

Symmetric and asymmetric encryption are used together in many applications. Typical examples of these hybrid systems are the Security Sockets Layer (SSL) and Transport Layer Security (TLS) encryption protocols which are designed to provide secure communication on the Internet. SSL protocols are now considered insecure and should be discontinued. While TLS protocols are considered secure and have been widely used by all major web browsers.


Do digital currencies use encryption?

Cryptographic technologies are used in many cryptocurrency wallets as a way to provide higher levels of security to end users. For example, encryption algorithms are applied  when users set up a password for cryptocurrency wallets which means that the file used to access the wallet is encrypted.

However, due to the fact that Bitcoin and other cryptocurrencies use public and private key pairs there is a common misconception that blockchain systems use asymmetric encryption algorithms. Although asymmetric encryption and digital signatures are two major use cases for asymmetric encryption (public key encryption) as mentioned earlier.

Therefore, not all digital signature systems use cryptographic techniques even if they provide a public and private key. In fact, a message can be digitally signed without being encrypted. RSA is one example of an algorithm that can be used to sign encrypted messages. But the digital signature algorithm used by Bitcoin (called ECDSA) does not use encryption at all.


Concluding thoughts

Both symmetric and asymmetric encryption play important roles in keeping sensitive information and communications secure in today's digitally dependent world. Although both can be useful they have their own advantages and disadvantages and hence are put  to different applications and uses. As cryptography continues to evolve to protect against newer and more sophisticated threats, both symmetric and asymmetric encryption schemes will likely remain associated with computer security.