Methods of Cryptography

Symmetric and Asymmetric Encryption

There are two primary methods of cryptography. These are symmetric and asymmetric
encryption. They each have their advantages and disadvantages that make them better
suited for different use cases.

Symmetric Encryption

In symmetric encryption, a single key is used for both encrypting and decrypting data, and
this key is shared between the sender and receiver, who keep it secret to prevent
unauthorised access. Although this method is generally faster and simpler than asymmetric
encryption, it may not be as secure.

Symmetric encryption is faster and more efficient than asymmetric encryption, as it only
requires one key to encrypt and decrypt data. However, the same key must be shared
between the sender and receiver, which can be a challenge if they have never
communicated before.

Additionally, symmetric encryption does not provide authentication, meaning that the
receiver cannot verify the identity of the sender.

Asymmetric Encryption

Asymmetric encryption, also referred to as public-key encryption, employs two distinct keys
for encrypting and decrypting data. When using this method, the sender utilises the
recipient's public key to encrypt the data, which can only be decrypted by the recipient's
private key. Although this technique is often slower and more complicated than symmetric
encryption, it offers better security as the private key is kept confidential.

Asymmetric encryption, also known as public-key cryptography, overcomes these

limitations by using two separate keys for encryption and decryption. The public key is freely
available, while the private key is kept secret by the owner. This allows for authentication
and key exchange, but asymmetric encryption is slower and less efficient than symmetric
encryption.

By using both symmetric and asymmetric encryption together, we can take advantage of the
strengths of each method while minimising their weaknesses.

Also, using two distinct encryption techniques, we can customise our encryption methods
according to the particular requirements of a communication scenario, thereby offering a
more comprehensive approach to safeguarding confidential information.

© Tata Community Initiatives Trust, All Rights Reserved Page 1 of 3

 Shared Key Encryption

Symmetric Cryptography: Shared Key Encryption

To address the issue of key distribution, symmetric encryption employs various key
exchange and distribution techniques, such as secure key exchange protocols or key
agreement algorithms. Additionally, symmetric encryption can be used in combination with
other cryptographic methods, such as digital signatures, to further enhance its security.

The encryption algorithm operates on fixed-length blocks of plaintext, typically in multiples

of 64 bits. The key is also of a fixed length and must be kept secret from unauthorised
parties. Symmetric encryption algorithms can be divided into two types: block ciphers and
stream ciphers. Block ciphers encrypt data in fixed-size blocks, whereas stream ciphers
encrypt data as a continuous stream of bits.

Common symmetric encryption algorithms include Advanced Encryption Standard (AES),

Data Encryption Standard (DES), and Blowfish. Symmetric encryption is often used in
combination with other cryptographic techniques, such as message authentication codes
(MACs) and digital signatures, to enhance security.

Here are some examples of usages of Symmetric Keys.

•Symmetric encryption is often used to encrypt the data stored on hard

Disk
drives, solid-state drives, and other types of storage devices. This helps
encryption
protect sensitive data in case the device is lost or stolen.

•Symmetric encryption is used to secure data transmissions over

Network networks, such as the Internet. For example, the Transport Layer
encryption Security (TLS) protocol uses symmetric encryption to secure HTTPS
connections between web servers and clients.

•Symmetric encryption is used to store passwords in a secure way.

When a user creates a password, it is encrypted using a symmetric
Password
encryption algorithm and stored in a secure database. When the user
storage
enters the password, it is decrypted and compared to the stored value
to authenticate the user.

•Symmetric encryption is used in file compression software, such as

File WinZip or 7-Zip. When a file is compressed, it can be encrypted using a
compression symmetric encryption algorithm, so that only authorized users with the
key can access the compressed file.

© Tata Community Initiatives Trust, All Rights Reserved Page 2 of 3

 Asymmetric Cryptography: Public Key Encryption
Encryption
Common asymmetric encryption algorithms include RSA, Elliptic Curve Cryptography (ECC),
and Diffie-Hellman (DH). Asymmetric encryption is often used in conjunction with
symmetric encryption, such as in hybrid encryption schemes, to provide both speed and
strong security.

Here are some examples of usages of Asymmetric Keys.

•Asymmetric encryption is used to secure online shopping transactions. When a

Online customer enters their credit card information, the information is encrypted
shopping using the merchant's public key, and only the merchant's private key can be
used to decrypt the information.

•Asymmetric encryption is used in VPNs to secure data transmissions between

Virtual Private
remote users and corporate networks. VPNs use asymmetric encryption to
Networks
establish a secure tunnel between the user and the network, ensuring the
(VPNs)
confidentiality and integrity of the data transmitted.

•Asymmetric encryption is used to secure SSH connections, which are used for
Secure Shell
secure remote access to servers and other devices. SSH uses public-key
(SSH)
cryptography to authenticate the server and the client, and to establish a
connections
secure communication channel.

•Asymmetric encryption is used to secure digital currency transactions, such as

Digital Bitcoin. Each user has a public key and a private key, and the private key is
currencies used to sign transactions, ensuring their authenticity and preventing fraudulent
transactions.

•Asymmetric encryption is used to encrypt email messages and attachments,

providing confidentiality for email communication. The recipient's public key is
Secure email
used to encrypt the message, and only the recipient's private key can be used
to decrypt the message.

•Asymmetric encryption is used to issue and validate digital certificates, which

Digital are used to verify the authenticity of websites, organizations, and individuals. A
certificates certificate authority signs a certificate using its private key, and the certificate
can be verified using the certificate authority's public key.

© Tata Community Initiatives Trust, All Rights Reserved Page 3 of 3