What is Encryption?

Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties.

Why Encryption?

The purpose of encryption is to protect the confidentiality of digital data stored on computer system or transmitted via the internet or other computer networks.

How Encryption works?

Encyption algorithms

There is 2 categories of encryption algorithms:

• Symmetric
• Asymmetric

Symmetric Encryption

Symmetric key ciphers use the same key, for encrypting and decrypting a message or file.

Symmetric key sizes typically 128 or 256 bits.

Symmetric key encryption is much faster than asymmetric encryption.

AES is the most widely used symmetric key.

Asymmetric Encryption

Asymmetric uses 2 different but mathematically linked keys, known as public key and private key.

The public key can be shared with everyone, whereas the private key must be kept secret.

Asymmetric keys typically 1024 or 2048 bits.

RSA is the most widely used asymmetric algorithm.

Asymmetric

Asymmetric encryption is more secure compared to symmetric encryption.

If you encrypt data with the public key, only the holder of the corresponding private key can decrypt the data.

SSL is a protocol that utilizes asymmetic encryption to provide communication security on the internet

Which better?

Symmetric

or

Asymmetric

Since asymmetric keys are bigger than symmetric keys, data that is encrypted asymmetrically is tougher to crack than data that is symmetrically encrypted.

However, this does not mean that asymmetric keys are better.

Rather than being compared by their size, these keys should compared by the following properties:

1. computational burden

2. ease of distribution.

Which better?

Symmetric keys are smaller than asymmetric, so they require less computational burden.

However, symmetric keys also have a major disadvantage if you use them for securing data transfers.

Because the same key is used for symmetric encryption and decryption, both you and the recipient need the key.

Which better?

Asymmetric encryption doesn’t have this problem. As long as you keep your private key secret, no one can decrypt your messages.

You can distribute the corresponding public key without worrying who gets it.

Anyone who has the public key can encrypt data, but only the person with the private key can decrypt it.

Which better?

What is SSL?

(Secure Sockets Layer)

SSL is a standard security technology for establishing an encrypted link between a server and a client

How SSL uses both Asymmetric and Symmetric Encryption?

1. Server send asymmetric public key

2. Browser creates a symmetric session key, encrypt using asymmetric public key

3. Server decrypts the encrypted session key using private key

4. Server and Browser encrypt and decrypt using symmetric session key