Symmetric vs Asymmetric Encryption
Symmetric encryption uses a single "key" for both encryption and decryption. The most common form of symmetric encryption is AES, usually with a 256 bit key and referred to as AES-256. The advantage of this over asymmetric encryption is that it is quicker to encrypt/decrypt by using a smaller key for the same level of protection, and simple to understand. Modern processors tend to have built-in AES hardware acceleration. However, this is not very useful when a user wishes to share data with somebody else because they would need to find a method to securely share their key in some manner, and then trust that other user not to use the key for decrypting other data. This is where asymmetric encryption excels.
Asymmetric encryption relies on two keys. Each key can decrypt data that was encrypted by the other, but can't decrypt data used by itself. The most common form of Asymmetric encryption is RSA, used in websites (https/ssl). This encryption relies on users treating one of the keys as a "public" key that they can give published publicly on the internet, whilst keeping the "private" key safe and secret for decrypting received messages. Thus if a user wants to send you a message, they retrieve your publicly published public key, encrypt the message and send it. Another user (such as the NSA) will not be able to intercept this message and use the same public key to decrypt it.
It's worth mentioning that elliptical curve cryptography (ECC) is newer form of asymmetric encryption that offers the same level of protection as RSA, but with a much smaller key length. A 256 bit ECC key is said to be the equivalent to a 3072-bit RSA public key. This allows faster encryption with less storage/transmission requirements, ideal for smart cards and other small physical encryption devices, but adoption is currently lacking compared to RSA.
First published: 16th August 2018