What is Symmetric Key Cryptography?

Symmetric Key Cryptography (or symmetric encryption) is a type of encryption in which the same key is used to encrypt and decrypt messages. Such a method of encoding information has been widely used in recent decades to facilitate secret communication between governments and military bodies. Currently, symmetric key algorithms are widely applied in various types of computer systems to improve data security.

How does symmetric encryption work?A symmetric encryption scheme relies on a single key shared between two or more users. The same key is used to encrypt and decrypt the so-called plaintext (plain text, which represents the message or part of the data that is being encoded). The encryption process consists of running a plaintext (input) through an encryption algorithm called a cipher, which in turn generates a cipher/coded text called a ciphertext (output).
If the encryption scheme is strong enough, the only way a person can read or access the information contained in the coded text is to use the corresponding key to decrypt it. The decryption process is basically converting the encoded text back to plaintext format.
The security of symmetric encryption systems is based on the difficulty of randomly guessing the system's corresponding key. A 128-bit key, for example, would take billions of years to guess using a regular computer. The longer the encryption key, the more difficult it will be to decrypt it. Keys with a length of 256 bits are considered highly secure and theoretically resistant even to forced attacks by a quantum computer.
Dois dos esquemas de encriptação simétrica mais comuns atualmente são baseados em ciphers de bloco (block) e de fluxo (stream). Os block ciphers (cifras de bloco) agrupam dados de tamanho predeterminado em blocos. Cada bloco é encriptado usando a chave correspondente e o algoritmo de encriptação (por exemplo, o plaintext de 128 bits é encriptado em um ciphertext de 128 bits). Por outro lado, os stream ciphers (cifras de fluxo)  não fazem a encriptação de dados em blocos, e sim em incrementos 1 bit (1 bit do plaintext é encriptado em 1 bit do ciphertext por vez).



Symmetric vs. symmetric encryption asymmetricSymmetric encryption is one of the two main methods of encrypting data in modern computer systems. The other is asymmetric encryption, also known as public key encryption. The main difference between these methods is the fact that asymmetric systems use two keys, not just one as in the symmetric encryption system. One of the keys can be shared publicly (public key), while the other must be kept secret (private key).
Using two keys instead of one also produces a variety of functional differences between symmetric and asymmetric encryption. Asymmetric algorithms are more complex and slower than symmetric ones. Because the public and private keys employed in asymmetric encryption are mathematically related, the keys themselves must be considerably longer to provide a similar level of security offered by shorter symmetric keys.

Use in modern systemsSymmetric encryption algorithms are employed in many modern computer systems to improve data security and user privacy. The Advanced Encryption Standard (AES), which is widely used in secure messaging and cloud storage applications, is a prominent example of symmetric encryption.
In addition to software implementations, AES can also be implemented directly on computer hardware. Hardware-based symmetric encryption schemes typically use AES 256, a specific variant of AES that has a 256-bit key size.
It is worth mentioning that the Bitcoin blockchain does not use encryption, as many tend to believe. Instead, a specific digital signature algorithm (DSA) known as the Elliptic Curve Digital Signature Algorithm (ECDSA) is used, which generates digital signatures without using encryption.
Um ponto que geralmente gera confusão, é que o ECDSA é baseado na criptografia de curva elíptica (elliptic-curve cryptography - ECC), que por sua vez pode ser aplicada a múltiplas tarefas, incluindo encriptação, assinaturas digitais e geradores pseudo-aleatórios. Entretanto, o ECDSA propriamente dito não pode ser usado para encriptação.

 
Advantages and disadvantagesSymmetric algorithms provide a reasonably high level of security and, at the same time, allow messages to be encrypted and decrypted quickly. The relative simplicity of symmetric systems is also a logistical advantage, as they require less computing power than asymmetric systems. Furthermore, the security provided by symmetric encryption can be easily increased by simply increasing key lengths. For each bit added to the length of a symmetric key, the difficulty of cracking the encryption using a forcing attack increases exponentially.
Although symmetric encryption offers a wide range of benefits, it has a major associated disadvantage: the inherent problem of transmitting the keys used to encrypt and decrypt data. When these keys are shared over an unsecured connection, they are vulnerable to being intercepted by third parties or malicious users. If an unauthorized user gains access to a symmetric key, the security of any data encrypted using that key will be compromised. To solve this problem, many web protocols use a combination of symmetric and asymmetric encryption to establish secure connections. Among the most prominent examples of such a hybrid system is the Transport Layer Security (TLS) encryption protocol used to secure large portions of the modern Internet.
It is also worth noting that all types of computer encryption are subject to vulnerabilities due to improper implementation. While a sufficiently long key can make a forced attack mathematically impossible, errors in implementation by programmers often create weaknesses that open the way for cyberattacks.

Final considerationsThanks to its relative speed, simplicity and security, symmetric encryption is widely used in applications ranging from protecting Internet traffic to protecting data stored on cloud servers. Although it is often used in conjunction with asymmetric encryption in order to solve the problem of secure key transfer, symmetric encryption schemes remain a critical component of modern computer security.