Symmetric and asymmetric encryption are two types of encryption algorithms. Symmetric encryption uses a single secret key that is shared between parties to encrypt and decrypt data. It is faster than asymmetric encryption but key distribution is an issue. Asymmetric encryption uses a public/private key pair, where the public key encrypts data and the private key decrypts it. It does not require key exchange but is slower than symmetric encryption due to longer key lengths. Both algorithms have advantages and disadvantages around speed, security, and key management.

1. SYMMETRIC AND
ASYMMETRIC
CRYPTOGRAPHY
LEC 7

2. ALGORITHMS
• An algorithm is simply a set of steps used to complete a specific task.
• They're the building blocks for programming, and they allow things like
computers, smartphones, and websites to function and make decisions.
• An algorithm is basically a procedure or a formula for solving a data snooping
problem.
• An encryption algorithm is a set of mathematical procedure for
performing encryption on data.

3. ALGORITHMS…
• Through the use of such an algorithm, information is made in the cipher text and
requires the use of a key to transforming the data into its original form.
• This brings us to the concept of cryptography that has long been used in
information security in communication systems.
• “ Cryptography is the practice and study of techniques for securing
communication and data in the presence of adversaries”.

5. SYMMETRIC ENCRYPTION
• This is the simplest kind of encryption that involves only one secret key to cipher
and decipher information.

6. • Symmetric encryption is an old and best-known technique.
• It uses a secret key that can either be a number, a word or a string of random
letters. It is a blended with the plain text of a message to change the content in a
particular way..
• The sender and the recipient should know the secret key that is used to encrypt
and decrypt all the messages.
• Blowfish, AES, RC4, DES, RC5, and RC6 are examples of symmetric encryption. The
most widely used symmetric algorithm is AES-128, AES-192, AES-256 and Data
Encryption Standard

7. DISADVANTAGE OF THE SYMMETRIC KEY
ENCRYPTION
• The main disadvantage of the symmetric key encryption is that all
parties involved have to exchange the key used to encrypt the data
before they can decrypt it.

8. SYMMETRIC ENCRYPTION WORKING
• Symmetric encryption works by using either a stream cipher or block cipher to
encrypt and decrypt data.
• A stream cipher converts plaintext into cipher text one byte at a time, and a
block cipher converts entire units, or blocks, of plaintext using a
predetermined key length, such as 128, 192, or 256 bits.

9. • Senders and recipients using symmetric encryption to transfer data to each other
must know the secret key to, in the case of senders, encrypt the data they intend
to share with recipients, and in the case of recipients, decrypt and read the
encrypted data the senders share with them, as well as encrypt any necessary
responses.
• Here’s a simplified example of symmetric encryption: if Ali, the sender, wants to
send Usman, the recipient, a confidential document, Ali would use the secret key
to encrypt the file and send it to Usman, who would be unable to read its
contents until he entered the same key that Ali just used to encrypt the file.
Conversely, if Usman makes changes to the document and wishes to share them
with Ali, he’d use the same key to re-encrypt the file and send it back to Ali, who
will use the same key to decrypt the file and access its contents, and the process
repeats itself.

10. • Symmetric encryption is not limited to the sharing of data between one sender
and one recipient, however. Symmetrically encrypted information can be accessed
by anyone – Ali, Usman, their co-worker Rehman, their boss, Umer , et al. – who
knows the secret key. Therein lies the reason why concealing the shared
cryptographic key from unauthorized parties is vital to the success of symmetric
encryption and the integrity of symmetrically encrypted data.

11. EXAMPLES OF SYMMETRIC ENCRYPTION:
• Popular examples of symmetric encryption include the:
• Data Encryption Standard (DES)
• Triple Data Encryption Standard (Triple DES)
• Advanced Encryption Standard (AES)
• International Data Encryption Algorithm (IDEA)
• TLS/SSL protocol

12. SOME ADVANTAGES OF SYMMETRIC ENCRYPTION:
• Symmetric encryption is used today because it can encrypt and decrypt large
amounts of data quickly, and it's easy to implement. It’s simple to use, and its AES
iteration is one of the most secure forms of data encryption available.
• Security: symmetric encryption algorithms like AES take billions of years to crack
using brute-force attacks.
• Speed: symmetric encryption, because of its shorter key lengths and relative
simplicity compared to asymmetric encryption, is much faster to execute.
• Industry adoption and acceptance: symmetric encryption algorithms like AES
have become the gold standard of data encryption because of their security and
speed benefits, and as such, have enjoyed decades of industry adoption and
acceptance.

13. SOME DISADVANTAGES OF SYMMETRIC
ENCRYPTION
• By far the biggest disadvantage of symmetric encryption is its use of a single,
secret cryptographic key to encrypt and decrypt information.
Why?
• Well, if this secret key is stored in an insecure location on a computer, then
hackers could gain access to it using software-based attacks, allowing them to
decrypt the encrypted data and thereby defeating the entire purpose of
symmetric encryption.
• In addition, if one party or entity is encrypting at one location and a separate
party or entity decrypting at a second, then the key will need to be transmitted,
leaving it vulnerable to interception if the transmission channel is compromised.

14. • That’s why it’s crucial to ensure the security of the encryption key at rest and in
transit. Otherwise, you’re just asking for a litany of independent and state-
sponsored cyber attackers to access your mission-critical, safety-critical, or legally
protected data.
• The only other disadvantage to using symmetric encryption is its security efficacy
when compared to asymmetric encryption, which is generally considered to be
more secure but also slower to execute than symmetric encryption.

15. ASYMMETRIC ENCRYPTION:
• Asymmetric encryption is also known as public key cryptography, which is a
relatively new method, compared to symmetric encryption. Asymmetric
encryption uses two keys to encrypt a plain text.

16. • Secret keys are exchanged over the Internet or a large network. It ensures that
malicious persons do not misuse the keys.
• It is important to note that anyone with a secret key can decrypt the message and
this is why asymmetric encryption uses two related keys to boosting security.
• A public key is made freely available to anyone who might want to send you a
message. The second private key is kept a secret so that you can only know.

17. • A message that is encrypted using a public key can only be decrypted using a
private key, while also, a message encrypted using a private key can be decrypted
using a public key. Security of the public key is not required because it is publicly
available and can be passed over the internet. Asymmetric key has a far better
power in ensuring the security of information transmitted during communication.
• Asymmetric encryption is mostly used in day-to-day communication channels,
especially over the Internet. Popular asymmetric key encryption algorithm
includes EIGamal, RSA, DSA, Elliptic curve techniques, PKCS.

19. ASYMMETRIC ENCRYPTION WORK:
• Here’s a simplified example of asymmetric encryption: if Ali, the sender, and
Usman, the recipient, want to continually send a confidential file back and forth
to each other, Ali and Usman will give their unique and respective public keys to
each other. Ali will then use Usman’s public key to encrypt the file, since it’s
intended for Usman only, and send the file to Usman. Upon receipt of the file,
Usman will use her private key – keyword, “private,” meaning no one else other
than Usman knows it - to decrypt the file and access its contents. No one other
than Usman, not even Ali, can decrypt this file, because no one other than Usman
knows Usman’s private key. The same process applies when Usman wants to send
the file back to Ali. Usman ties it to Ali’s public key, and Ali uses her private key to
decrypt the file.

20. • One reason asymmetric encryption is often regarded as more secure than
symmetric encryption is that asymmetric encryption, unlike its counterpart, does
not require the exchange of the same encrypt-decrypt key between two or more
parties.
• Yes, public keys are exchanged, but users sharing data in an asymmetric
cryptosystem have unique public and private key pairs, and their public keys,
because they’re used for encryption only, pose no risk of unauthorized decryption
by hackers should they become known, because the hackers, assuming private
keys are kept private, don’t know the users’ private keys and thus cannot decrypt
the encrypted data.

21. • Asymmetric encryption also allows for digital signature authentication, unlike
symmetric encryption. Basically, this involves using private keys to digitally sign
messages or files, and their corresponding public keys are used to confirm that
these messages originated from the correct, verified sender.

22. EXAMPLES OF ASYMMETRIC ENCRYPTION:
• Rivest Shamir Adleman (RSA)
• the Digital Signature Standard (DSS), which incorporates the Digital Signature
Algorithm (DSA)
• Elliptical Curve Cryptography (ECC)
• the Diffie-Hellman exchange method
• TLS/SSL protocol

23. ADVANTAGES OF ASYMMETRIC ENCRYPTION:
• Key distribution not necessary: securing key distribution channels has long
been a headache in cryptography. Asymmetric encryption eliminates key
distribution entirely. The needed public keys are exchanged through public-key
servers, and the disclosure of public keys is not, at this time, detrimental to the
security of encrypted messages, because they cannot be used to derive private
keys.
• Exchange of private keys not necessary: with asymmetric encryption, private
keys should remain stored in a secure location and thus private to the entities
using them. Basically, the keys needed to decrypt sensitive information are never,
and should not ever be, exchanged over a potentially compromised
communication channel, and that’s a major plus for the security and integrity of
encrypted messages.
• Digital signature/message authentication: with asymmetric encryption,

24. • It may seem like there’s no going wrong with asymmetric encryption. I mean, why
would you ever choose symmetric encryption if asymmetric encryption is so
secure?
• One word: speed.

25. DISADVANTAGES OF ASYMMETRIC ENCRYPTION
• The main disadvantage of asymmetric encryption is that it’s slower than
symmetric encryption because of its longer key lengths, not to mention that
asymmetric encryption calculations tend to be much more complex than their
symmetric counterparts.
• Why? Because, in theory, public keys can be used to crack private keys – again,
they’re mathematically linked – but asymmetric encryption uses extraordinarily
long key lengths to make this virtually impossible, at least for now.
• So, in a nutshell, symmetric encryption is faster than asymmetric encryption.
Asymmetric encryption sacrifices speed for security, while symmetric encryption
sacrifices security for speed.