1. Introduction
Cryptography is a branch of cryptology and it’s responsible for protecting information from unauthorized access and read. Nowadays, we use confidential data daily, e.g., by making online payments, booking appointments, or using social media.
Access to those data by unauthorized third parties could be dangerous. Therefore, protecting confidential data is a crucial task. In this article, we’ll describe the fundamentals of cryptography. Then we’ll elaborate on symmetric and asymmetric cryptography.
2. Cryptography
Cryptography aims to encrypt data in a way that only authorized parties could decrypt. In case of any exposure or attack, the third parties should not be able to easily read it. In general, the cryptographic process converts readable data (plaintext) into enciphered form (ciphertext). Subsequently, the cipher is a pair of algorithms that are used to encrypt and decrypt the data. Furthermore, alongside algorithms, special keys are used. Without those even if we had ciphertext and the algorithms we wouldn’t be able to read the data.
Data encryption and decryption are not the only concerns over cryptography. Besides them, there are a few important properties, such as integrity, authentication, and non-repudiation. We mentioned earlier that cryptography is often used in areas that heavily use confidential data, like e-commerce or online transactions.
However, the most important usage of cryptography is related to army and diplomacy features. They use the most secure and advanced cryptography mechanisms. Moreover, such solutions are often certified by appropriate government institutions, specific to the country.
3. Symmetric Cryptography
Symmetric cryptography relies on algorithms that use a single key to encrypt and decrypt information. In other words, the sender uses a secret key to encrypt the message. Then, the recipients use the same key to decrypt and read the data. So, the key needs to be shared across all parties that are authorized to decrypt the message.
Let’s see how the process looks like:
Depending on the algorithm, if it’s strong enough, decryption of the ciphertext without having the secret key shouldn’t be possible. The strength of the algorithm also depends on how complicated is the key.
For example, it’s estimated that breaking a 128bit long AES (Advanced Encryption Standard) key using modern hardware would take 500 billion years or more. Moreover, the 256 bits long keys are considered highly unbreakable.
As we can see, the secret keys are very secure in terms of cracking. On the other hand, we need to share it with all parties that should be able to decrypt the message. So, it results in some weak points. First of all, the way of providing the key to other parties should be secure to avoid any exposures.
Moreover, all recipients will be responsible for storing the key safely. Even if we provide maximum efforts to protect the key, we can’t be certain that others will do the same. Therefore, ensuring security while using symmetric cryptography is a serious concern.
3.1. Algorithms
Let’s briefly introduce common symmetric key algorithms.
There are two types of symmetric key algorithms:
- block ciphers
- stream ciphers.
Blocks ciphers split information into the same size blocks. Then, each block is being encrypted separately. The standard block sizes are 64, 128, 192, or 256 bits. Although, blocks shorter than 128 bits aren’t secure enough nowadays. The most popular block cipher is U.S. Government-designated Advanced Encryption Standard.
On the other hand, stream ciphers don’t split the data into blocks. They encrypt single characters one by one. Most often, the single unit is one byte or one bit. The biggest difference is that stream ciphers can encrypt each character using different keys and transformations. Examples of stream ciphers are RC4, Chacha20, and Salsa20.
4. Asymmetric Cryptography
Asymmetric cryptography relies on a pair of two separate but mathematically connected keys. The first of them is called a public key. It’s used to encrypt the message and it can be publicly shared.
The second one is the private key. Its job is to decrypt the data. The private key should be securely stored and shouldn’t be transferred at all. Calculating the private key based on the public one is theoretically possible but practically nearly unachievable.
Let’s see how asymmetric cryptography workflow looks like:
We can see that asymmetric cryptography eliminates two main weaknesses of the symmetric one. First of all, the private key that decrypts the data isn’t transferred anywhere. Therefore, only the recipient poses the private key and is the only person responsible for its security.
Those properties significantly reduce any possibilities of any exposures that could allow unauthorized parties to read the confidential message. Besides data encryption and decryption asymmetric cryptography is also widely used in digital signatures.
The asymmetric ciphers are very secure but much slower than the symmetric ones. Therefore, sometimes hybrid approaches are used to protect the data. For the message encryption itself a symmetric cipher is used and for the key, the asymmetric one. Therefore, the slower, asymmetric method is used only for the key. So, faster symmetric data encrypts and decrypts the data. Thus, the whole process is more efficient especially for large amounts of data.
4.1. RSA
The most popular asymmetric algorithm is RSA (Rivest–Shamir–Adleman algorithm). Three MIT professors from MIT namely Ron Rivest, Adi Shamir, and Leonard Adleman designed the algorithm in 1977. It uses a pair of public and private keys to encrypt and decrypt the data as we described before. The cipher consist of three main steps :
- Public and private keys are generated
- Participants receive the public key. Then, they can encrypt the message using the public key and send it as an RSA ciphertext. The message cannot be decrypted back using the public key
- After the message is sent, the recipient can decrypt it using the private key
The RSA is a very secure cipher. It’s nearly unbreakable while using long enough keys. In contrast, it’s very slow. So, often it’s used with the hybrid solution as we described earlier.
5. Comparison
Now we know the concepts of symmetric and asymmetric cryptography. Let’s compare their core properties.
Symmetric
Asymmetric
One key used to encrypt and decrypt the message
Different keys for encryption and decryption
Single key is shared among all participants decreasing security
Public key is shared only to message senders. Recipient stores private key secretly
Ciphertext size don’t differ much from the original plaintext
Ciphertext is bigger than the plaintext
Very fast
Complex and slower
Usually uses 128 or 256 bits keys
Uses key which are at least 1000 bits long
Isn’t used in digital signatures
It’s used in digital signatures
Scalability is an issue
Easily scalable
Lack of non-repudiation
Allows non-repudiation and authenticity
6. Summary
In this article, we’ve elaborated on cryptography both symmetric and asymmetric. Finally, we’ve compared both types. We can see, that cryptography is a crucial component in protecting data transferred over the Internet. We’re using cryptography daily but without knowing or noticing it. It’s hard to imagine features like online payments, email, password protection, or digital signatures without cryptography.