DEV Community

Pp
Pp

Posted on

Symmetric/Asymmetric Encryption

Symmetric Encryption

Symmetric encryption
One key is used for both encryption and decryption.

Example: Person A encrypts a document with a shared secret key/passphrase. Person B needs the same key to decrypt it.

Problem: The challenge is how to share the secret key securely.

If A emails the passphrase to B, anyone intercepting that email can also decrypt the document.

This is called the key distribution problem.

Secure key sharing methods:
Use a secure channel (e.g., face-to-face, phone call, or secure messenger like Signal).

Or, better: use asymmetric encryption to send the key securely.

Asymmetric Encryption

Asymmetric Encryption

Two keys are used: a public key and a private key.

Keys come in pairs and are mathematically linked:

  • Public key: shared openly, used for encryption.
  • Private key: kept secret, used for decryption.

Person B shares their public key with Person A.
Person A encrypts the document with B’s public key.
Only B’s private key can decrypt it.

Advantage: No need to send secret keys via insecure channels. Even if someone intercepts the public key, they cannot figure out the private key.

How They Work Together

In practice:
Asymmetric encryption is often used to securely share a symmetric key.

Symmetric Key

Then, symmetric encryption (which is faster) is used to encrypt the actual large file or communication.

This is exactly how TLS/SSL (HTTPS) works:
Your browser and the server exchange public keys.
They use asymmetric encryption to safely share a symmetric session key.
That symmetric key is then used for fast, secure communication.

Top comments (0)