Currently, cryptographic systems are divided into two main areas of research: symmetric and asymmetric cryptography. Symmetric cryptography is often understood as symmetric encryption itself, while asymmetric cryptography encompasses two main uses: asymmetric encryption and digital signatures.

Therefore, we can define the following groups:

  • Symmetric key cryptography

    • Symmetric encryption

  • Asymmetric cryptography (or public key cryptography)

    • Asymmetric encryption (or public key encryption)

    • Digital signatures (can be created based on encryption or without it)

This article will discuss symmetric and asymmetric encryption algorithms.


Symmetric vs. asymmetric encryption

Encryption algorithms are often divided into two categories: symmetric and asymmetric encryption. The fundamental difference between these two encryption methods is that the symmetric encryption algorithm uses a single key, while the asymmetric encryption uses two different keys that are, however, related to each other. This explanation of the difference, while seemingly simple, explains the functional differences between the two forms of encryption methods and the ways in which they are used.


What are encryption keys

In cryptography, encryption algorithms generate keys as a series of bits that are used to encrypt and decrypt a piece of information. The way these keys are used explains the difference between symmetric and asymmetric encryption.

In symmetric encryption algorithms, the same key is used for encryption and decryption functions, while in asymmetric encryption algorithm, on the contrary, two different keys are used for encryption and decryption. In asymmetric systems, the key used for encryption is known as the public key and can be shared with others. And the key used for decryption is private and must be kept secret.

For example, if Katya sends Maxim a message protected by symmetric encryption, so that he can decrypt the message, Katya must share with him the same key she used to encrypt it. This means that if an attacker intercepts the key, they can gain access to the encrypted information.

However, if Katya uses an asymmetric scheme instead, she will encrypt the message with Maxim's public key, and Maxim will be able to decrypt it with his private key. Thus, asymmetric encryption provides a higher level of security because even if someone intercepts their messages and finds Maxim's public key, they will not be able to decrypt the messages.


The length of the keys

Another functional difference between symmetric and asymmetric encryption is related to key length. The length is measured in bits and is directly related to the level of security provided by each cryptographic algorithm.

In symmetric schemes, keys are chosen randomly and their length is usually set to 128 or 256 bits, depending on the level of security required. But in asymmetric encryption, there must be a mathematical relationship between public and private keys, that is, there is a mathematical regularity between them. Because attackers can potentially use this pattern to crack a cipher, to provide an equivalent level of security, asymmetric keys must be much longer than symmetric keys. The difference in key length is so pronounced that a 128-bit symmetric key and a 2048-bit asymmetric key will have approximately the same security levels.

 

Advantages and disadvantages

Both types of encryption have advantages and disadvantages. Symmetric encryption algorithms are much faster and require less computing power, but their main disadvantage is key distribution. Since the same key is used to encrypt and decrypt information, it must be shared with anyone who needs access to the data, which of course creates security risks (we already explained this in the example above).

Asymmetric encryption solves the problem of key distribution because different keys are used for encryption and decryption: public and private, respectively. However, asymmetric encryption systems are very slow compared to symmetric ones and require much more computing power due to the much larger key length.


Options for use

Symmetric encryption

Because of its higher speed, symmetric encryption is often used as a way to protect data in many modern computer systems. For example, the Advanced Encryption Standard (AES) is used by the United States government to encrypt classified and confidential information. Another data encryption standard previously used was DES, which was developed in the 1970s as a standard for symmetric encryption.


Asymmetric encryption

Asymmetric encryption can be used in systems where many users may need to encrypt and decrypt a message or set of data, especially when speed and computing power are not major concerns. One example of such a system is encrypted e-mail, in which a public key can be used to encrypt a message and a private key can be used to decrypt it.


Hybrid systems

In many cases, symmetric and asymmetric encryption are used together. Typical examples of such hybrid systems are the Secure Sockets Layer (SSL) cryptographic protocols and the Transport Layer Security (TLS) protocols, which were developed to provide secure interactions on the Internet. SSL protocols are no longer considered reliable and should be discontinued. But there is no doubt about the reliability of TLS protocols, and they are widely used in all major browsers.


Is encryption used in cryptocurrencies?

Encryption methods are used in many cryptocurrency wallets as a way to provide an increased level of security for end users. Encryption algorithms are used, for example, when users set a password for their cryptowallets, meaning the file used to access the software is encrypted.

However, because Bitcoin and other cryptocurrencies use public-private key pairs, there is a common misconception that blockchain systems use asymmetric encryption algorithms. However, as mentioned earlier, there are two main uses in asymmetric cryptography (public key cryptography): asymmetric encryption and digital signatures.

Therefore, not all digital signature systems use encryption methods, even if they provide for the use of public and private keys. The message can be signed with a digital signature and without encryption. RSA is one example of an algorithm that can be used to sign encrypted messages, but in the digital signature algorithm used in Bitcoin (called ECDSA), no encryption is used at all.


Results

Both symmetric and asymmetric encryption play an important role in ensuring the security of sensitive information and interactions in today's world that depends on digital services, tools and mechanisms. Both can be useful and each of them has its advantages and disadvantages, so in some areas one is used, in others - the other. As cryptography as a science continues to evolve due to the need to protect against new and more sophisticated threats, both cryptographic systems will likely remain relevant to computer security.