Symmetric and asymmetric encryption: definition of a concept, application, examples

To exchange messages and hide content from third parties, encryption is used. It is used where an increased level of protection is needed. There are two encryption schemes: symmetric and asymmetric.

What is encryption?

Encryption will be useful when you need to hide some information from unauthorized persons and provide sensitive data to authorized users.

A feature of this type of data transfer is the use of a key.

There are three security states:

• hiding information from strangers;
• change prevention;
• maintaining the integrity of information;
• sender identification.

To read information, in addition to the key, a decoder is required. This is what makes it impossible for attackers to obtain data, since it is impossible to read data by intercepting data, but without a key.

There are two types of encryption: symmetric and asymmetric.

The main purpose of encryption is to store information. This allows you to work with some data from untrusted sources, send messages over insecure channels. Information is sent as follows:

• the sender encrypts the data;
• the receiver decrypts.

Each transformation is implemented using algorithms for the solution of which keys are used. Symmetric and asymmetric encryption methods are cryptographic.

Cryptographic strength

Symmetric and asymmetric encryption systems have such a characteristic that is responsible for the complexity of obtaining unauthorized access.

There are 2 main types of cryptographic strength of an encryption system.

1. An absolutely stable system cannot be disclosed, even if there are infinitely large computing resources. It is characterized by the fact that for each message its own separate key is generated. Its length is equal to or greater than the length of the message.
2. Rather strong systems are used in a cryptographic system for civilian purposes. Such an algorithm is difficult to decipher, but with the appropriate resources, this becomes possible.

Comparison of the cryptographic strength of some encryption systems

The maximum RSA key size is 4096 bits.

It is used for encryption and signing. Cryptographic strength can be described as 2.7 • 1028 for a 1300 Bit key. The scheme is used in many standards, the principle of RSA encryption is one of the first asymmetric algorithms.

The key size of the El Gamal circuit is RSA - 4096 Bit. It is used for both encryption and digital signature. The cryptographic strength of this system does not differ from RSA with the same key size.

The DSA method uses a significantly smaller key - 1024 bits. It is used exclusively for digital signature.

Symmetric and asymmetric encryption

These two types of encryption differ in the number of keys and the level of resistance to cracking.

If one key is used for encoding and decoding, then this encryption is symmetric. Asymmetric encryption implies the use of one key for each algorithm.

1. The public key encrypts some code, which is a specific message. The key is known to both parties, it is transmitted through an unprotected channel, and can be intercepted. The most important task of saving information is to protect the key from interception.
2. Closed is used for decryption. Known only to one side. It cannot be intercepted, as it is always with one interlocutor all the time.

The purpose of encryption determines the method of maintaining confidentiality. One of the first was symmetric, asymmetric encryption, invented later to provide greater security.

Symmetric Encryption Features

The symmetric protection system has the following advantages.

1. High speed and ease of implementation.
2. To ensure the strength of the cipher, a small key length is used.
   
   
   
   
   
   

The disadvantages include the following:

• complexity of key management in a large network;
• complexity of key exchange;
• the need to find a reliable channel for transmitting the key to the parties;
• the inability to use for digital signatures, certificates.

To compensate for the shortcomings, a combined scheme is used in which the key used for decryption is transmitted using asymmetric encryption. It is transmitted using symmetric encryption.

Asymmetric Encryption Features

Using a public-private key pair can be used as:

• independent means of information protection;
• key distribution tool;
• user authentication tools.

It has such advantages:

• saving the secret key in a safe place, instead of which the open channel is transmitted through the open channel;
• the decryption key is known only to one side;
• in a large asymmetric system, use fewer keys as opposed to symmetric.

In such algorithms, it is difficult to make any changes. A similar system has long keys. If the symmetric key is 128 Bit, then the RSA key is 2304 Bit. Because of this, the decryption speed suffers - it is 2-3 times slower. Decryption requires large computing resources.

There are so many examples of symmetric and asymmetric encryption systems.

Symmetric encryption - what does it look like?

Symmetric encryption example and implementation scheme below.

1. There are two interlocutors who plan to exchange confidential information.
2. The first interlocutor generates the key d, the encryption algorithms E and decryption D. Then he sends this information to the second interlocutor.
3. The message is decrypted with d.

The main disadvantage is the inability to establish the authenticity of the text. In the case of a key interception, an attacker will decrypt secret information.

There are classic methods.

1. Simple and double permutation.
2. The magic square.
3. Single permutation.

The first method is one of the simplest, in the scheme of which the key is not used. The sender and the recipient agree on a certain key, presented in the form of a table size. The transmitted message is recorded in the columns of the table, but is read in rows. Knowing the size of the table, the receiver decrypts the message.

Double rearrangement is used to provide more stealth. Thus, the encryption of previously encrypted text occurs. For this, the tables must differ in the number of rows and columns. They are filled vertically, horizontally, with a snake, in a spiral. This method does not strengthen encryption, but the hacking process becomes longer.

The “magic square” is a more complex structure, which is a matrix. Natural numbers fit into the cells so that the sum of the numbers for each column, row, diagonal is the same. Each number corresponds to the letter of the message. The resulting text is written in a string, matching numbers and characters.

Asymmetric Encryption Examples

In this case, the public key is sent over the open channel and theoretically can be intercepted by cybercriminals.

Unlike symmetric, asymmetric encryption keys are different. The public key is used for encryption, the private key is used to decrypt the message. The use of two keys solves the problem of the possibility of interception, which was in the symmetric method. It is implemented like this.

1. The first interlocutor selects encryption and decryption algorithms, a key pair. The public key is sent to the second interlocutor.
2. The second interlocutor encrypts the information using the received key. Sends information to the first person who decrypts the message using the private key.

There are such basic asynchronous encryption methods.

1. RSA
2. DSA
3. Cipher of El Gamal.

RSA

RSA is the first cryptographic algorithm used for both encryption and digital signature.

It is described as follows.

1. Two primes are chosen, for example, 3 and 7.
2. The module n is calculated - the product of two numbers. It turns out 21.
3. The Euler function is calculated φ=(p-1)×(q-1)=2×6=12
   
   
   
   .
4. Any prime e less than φ and prime with φ is calculated. Available options: 5, 7, 11.

The pair of numbers e, n (5, 21) is the public key. Now the numbers d and n of the private key are calculated. The number d satisfies the condition (d×) mod φ=1



and equals 17. As a result, the second pair of numbers 17 and 21 is the private key. Encryption is performed as follows: the message is raised to the power of e, the remainder of the division by n is taken, and the result should be less than the number n. It turns out 10 - this will be encoded data. For decoding, e is raised to the power of d, the remainder of dividing by n is calculated.

DSA

DSA (unlike RSA) is used only for digital signature, but not for encryption. The specified signature can be verified publicly. There are two algorithms for creating a signature and verification. It is the hash message that represents the text in digital form. Therefore, to avoid collisions, a complex hash function is selected. Building a digital signature consists of the following steps.

1. Choosing a cryptographic hash function H (x).
2. The bit size of the prime q must equal the value of the hash function H (x).
3. Choosing a prime p such that p-1 is divisible by q without a remainder.
4. Calculation of the number g = h (p-1)/q mod p
   
   
   
   . h must be an arbitrary number in the range from 1 to p-1.
5. Choose a random number k from 0 to q.
6. It computes r = (g k mod p) mod q
   
   
   
   .
7. Then s = k-1(H(m) + xr)) mod q
   
   
   
   .
8. If r = 0 or s = 0, another number k is chosen.

El Gamal Scheme

Al-Gamal encryption is used for digital signatures. It is a continuation of the Diffie-Hellman algorithm.

When working on this scheme, it is important to consider the following feature. Al-Gamal encryption is not a digital signature algorithm according to the scheme of the same name. During encryption, the text is converted to a cipher, which is 2 times longer than the original message.

Key generation is as follows.

1. A random prime number p is chosen.
2. The number g must be the primitive root of p.
3. The number x must be greater than 1 and less than p-1. This will be the private key.
4. Then, the public key y is calculated by the formula g^x mod p
   
   
   
   .

When encrypting the text M, the system key K is selected. It is greater than one and less than p-1. Then the numbers a and b, which are ciphertext, a = g^k mod p



and b = y^k M mod p



are calculated.