Asymmetric Encryption
Where encryption and decryption are handled by two different keys.
A user will generate a keypair when they want to use asymmetric encryption. One will be public, and the other will be private. The public key will be used to encrypt message being sent to the user, and only the private key can decrypt it. This is the magic of keypairs, they're simply two mathematically related numbers.
Compared to symmetric encryption, asymmetric encryption has a lot of computing overhead for handling the encryption of large amounts of data. When large amounts of data involved, the overhead issue can be solved by generating a symmetric key for the two users sharing the data using the public key cipher.
Algorithmic Implementations of Asymmetric Encryption
- Rivest-Shamir-Adleman (RSA)
- Elliptic Curve Cryptography (ECC)
- Diffie-Hellman
- Digital Signature Algorithm (DSA)
Hybrid Cryptosystems (Raw Lesson Content)
Hybrid cryptosystems combine the efficiency of symmetric encryption with the convenience of asymmetric encryption. A hybrid cryptosystem is used as follows:
- User1 uses their symmetric private key to encrypt some data.
- User1 then encrypts that symmetric private key using the recipient's public key and sends both to the recipient.
- User2, the recipient, uses their private key to decrypt User 1's private key, which is then used to decrypt the message.
- As long as User2's private key is kept secret, the data remains secure.
Hybrid cryptosystems are used with many secure communication methods today, such as TLS.TLS.
Ephemeral Keys (Raw Lesson Content)
In traditional encrypted communications, static keys are used. This means that the same key is used throughout an entire session. The problem with this is that the longer the keys are used, the more susceptible they become to an attack. Ephemeral keys can be used to resolve this issue.
Ephemeral keys are generated for each new session or message sent. For example, perfect forward secrecy (PFS) uses ephemeral keys.
Some popular instant messaging apps make use of ephemeral keys to encrypt messages. Each message sent uses a unique key to encrypt it. If a hacker intercepts one key, the rest of the messages are still safe.