Public Key Encryption

What is public key encryption?

Public key encryption involves using separate keys for encryption and decryption. The sender and the recipient must have the same software. The recipient makes a pair of keys – public key and private key (both keys can be unlocked with a single password). Public key can be used by anyone with the same software to encrypt a message. Public keys can be freely distributed without worrying since it is only used to scramble (encrypt) the data.
The sender does not need the recipient’s password to use his or her public key to encrypt data. The recipient’s other key is a private key that only he or she can use when decrypting the message. Private key should never be distributed since the private key assures that only the intended recipient can unscramble (decrypt) data intended for him or her. The recipient can freely distribute the public key without worrying since it is only used to scramble the data.
Public key encryption algorithms:
– RSA
– DSA
– PGP 

Public key and private key encryption

Public key encryption algorithms encrypt and decrypt with different keys. Data is encrypted with a public key, and decrypted with a private key. Public key encryption algorithms are incredibly slow and it is impractical to use them to encrypt large amounts of data.
Private key encryption algorithms encrypt and decrypt with the same key. Their main advantages are security and high speed. Generally, private key encryption algorithms are much faster to execute on a computer than public key ones. In practice they could be used together, so that a public-key algorithm is used to encrypt a randomly generated encryption key, and the random key is used to encrypt the actual message using a private key algorithm.

Multiple Encryption

What is multiple encryption

Multiple encryption (also known as cascade encryption, cascade ciphering, multiple ciphering ) is the process of encrypting an already encrypted message one or more times, either using the same or a different algorithm.
Encryption and Decryption provides an easy possibility to use multiple encryption.
Top reasons to use multiple encryption
For more information security and to prevent Brute Force attacks you can encrypt the same text or file multiple times. Set how many time you want to encrypt you data.
Multiple encryption provides good protection from plaintext attacks making ciphering stronger. A good example of multiple encryption is Triple DES.

Types Of Attacks

Some Types Of Attacks On Cryptosystems

Algebraic attack
A method of cryptanalytic attack used against block ciphers that exhibit a significant amount of mathematical structure.
Algorithmic attack (Formulaic attack)
Algorithmic attacks are in some ways much more difficult to perform because they generally require an extremely high degree of knowledge in mathematics. Rather than going after the entire keyspace, the codebreaker will try and find flaws in the algorithm that causes it to be reduced to a problem of decreased complexity.
Birthday attack
A brute-force attack used to find collisions. It gets its name from the surprising result that the probability of two or more people in a group of 23 sharing the same birthday is greater than 1/2.
Brute Force Attack
Brute Force Attack is a form of attack in which each possibility is tried until success is obtained. Typically, a ciphertext is deciphered under different keys until plaintext is recognized.
Chosen ciphertext attack
An attack where the cryptanalyst may choose the ciphertext to be decrypted.
Chosen plaintext attack
A form of cryptanalysis where the cryptanalyst may choose the plaintext to be encrypted
Ciphertext-only attack
A form of cryptanalysis where the cryptanalyst has some ciphertext but nothing else. Modern cryptosystems are not weak against ciphertext-only attacks, however, in practice it is often possible to guess the plaintext, as many types of messages have fixed format headers. For example, many classical attacks use frequency analysis of the ciphertext, however, this does not work well against modern ciphers.
Dictionary attack
A brute force attack that tries passwords and or keys from a precompiled list of values. This is often done as a precomputation attack.
Differential cryptanalysis
A chosen plaintext attack relying on the analysis of the evolution of the differences between two plaintexts.
Known plaintext attack
A form of cryptanalysis where the cryptanalyst knows both the plaintext and the associated ciphertext.

 

Meet-in-the-middle attack
A known plaintext attack against double encryption with two separated keys where the attacker encrypts a plaintext with a key and “decrypts” the original ciphertext with another key and hopes to get the same value.

 

Middleperson attack
The idea of Middleperson attack is that when two parties, A and B, are exchanging keys for secure communication, an adversary intercepts the signals that A and B send to each other, and performs a key exchange with A and B separately. A and B will end up using a different key, each of which is known to the adversary. The adversary can then decrypt any communication from A with the key he shares with A, and then resends the communication to B by encrypting it again with the key he shares with B. Both A and B will think that they are communicating securely, but in fact the adversary is hearing everything. The best way to prevent the middleperson attack is to use a public-key cryptosystem capable of providing digital signatures. The parties must know each other’s public keys in advance. After the shared secret has been generated, the parties send digital signatures of it to each other.

Precomputation attack
An attack where the adversary precomputes a look-up table of values used to crack encryption or passwords. See also dictionary attack.

Secret Key Encryption

What is secret key encryption?

Secret key encryption (also known as symmetric-key encryption, single-key encryption, one-key encryption and private key encryption) is a type of encryption where the same secret key is used to encrypt and decrypt information or there is a simple transform between the two keys.The key must be kept secret so that unauthorised parties cannot, even with knowledge of the algorithm, complete the decryption process.
A secret key can be a number, a word, or just a string of random letters. Secret key is applied to the information to change the content in a particular way. This might be as simple as shifting each letter by a number of places in the alphabet. Symmetric algorithms require that both the sender and the receiver know the secret key, so they can encrypt and decrypt all information.

There are two types of secret key encryption algorithms: Stream algorithms (Stream ciphers) and Block algorithms (Block ciphers).

Secret key encryption algorithms:
– AES/Rijndael
– Blowfish
– CAST5
– DES
– IDEA
– RC2
– RC4
– RC6
– Serpent
– Triple DES
– Twofish

Secret key encryption disadvantages

Secret keys exchanging and storing
Secret key encryption algorithms require sharing the secret key – both the sender and the receiver need the same key to encrypt or decrypt data. Anyone who knows the secret key can decrypt the message. So it is essential that the sender and receiver have a way to exchange secret keys in a secure manner. The weakness of symmetric encryption algorithms is that if the secret key is discovered, all messages can be decrypted. So, secret key need to be changed on a regular basis and kept secure during distribution and while using.

Breaking symmetric encryption
There are two methods of breaking symmetric encryption – brute force and cryptanalysis.
Brute Force Attack is a form of attack in which each possibility is tried until success is obtained. Typically, a ciphertext is deciphered under different keys until plaintext is recognized. No encryption software that is entirely safe from the brute force method, but if the number of possible keys is high enough, it can make a program astronomically difficult to crack using brute force. But the more bits in a key, the more secure it is, so choose software with as many bits as possible.
Cryptanalysis is a form of attack that attacks the characteristics of the algorithm to deduce a specific plaintext or the key used.

Weak passwords
In every kind of encryption software, there is some kind of password that must be created so that the recipients of the information can read it. Creating a strong password that cannot be easily guessed is just as important as choosing a good algorithm or strong encryption software.

Remembering passwords
If you forget your password, you will not be able to decrypt data that you have encrypted. Be sure to make a backup copy of your password and store it in a safe place.

Asymmetric Encryption

Asymmetric Encryption (Public Key Encryption) definition

What is asymmetric encryption?

Asymmetric encryption uses different keys for encryption and decryption. The encryption key is public so that anyone can encrypt a message. However, the decryption key is private, so that only the receiver is able to decrypt the message. It is common to set up ‘key-pairs’ within a network so that each user has a public and private key. The public key is made available to everyone so that they can send messages, but the private key is only made available to the person it belongs to.
How Asymmetric Encryption (Public Key Encryption) works:
The process of asymmetric encryption involves two keys: one key for encryption and a second key for decryption. An asymmetric key encryption scheme involves six main parts:
Plaintext – this is the text message to which an algorithm is applied.
Encryption Algorithm – it performs mathematical operations to conduct substitutions and transformations to the plaintext.
Public and Private Keys – these are a pair of keys where one is used for encryption and the other for decryption.
Ciphertext – this is the encrypted or scrambled message produced by applying the algorithm to the plaintext message using key.
Decryption Algorithm – this algorithm generates the ciphertext and the matching key to produce the plaintext.The sender and the recipient must have the same software. The recipient makes a pair of keys – public key and private key (both keys can be unlocked with a single password). Public key can be used by anyone with the same software to encrypt a message. Public keys can be freely distributed without worrying since it is only used to scramble (encrypt) the data.The sender does not need the recipient’s password to use his or her public key to encrypt data. The recipient’s other key is a private key that only he or she can use when decrypting the message. Private key should never be distributed since the private key assures that only the intended recipient can unscramble (decrypt) data intended for him or her. The recipient can freely distribute the public key without worrying since it is only used to scramble the data.
To uderstand asymetric encryption better please read an example:
For example, Jack makes public key A and private key A, and Jill makes public key B and private key B. Jack and Jill exchange their public keys. Once they have exchanged keys, Jack can send an encrypted message to Jill by using Jill’s public key B to scramble the message. Jill uses her private key B to unscramble it. If Jill wants to send an encrypted message to Jack, she uses Jack’s public key A to scramble her message, which Jack can then unscramble with his private key A. Asymmetric cryptography is typically slower to execute electronically than symmetric cryptography.Some Asymmetric Algorithms (public key algorithms) such as RSA allow the process to work in the opposite direction as well: a message can be encrypted with a private key and decrypted with the corresponding public key. If the recipient wants to decrypt a message with Bob’s public key he/she must know that the message has come from Bob because no one else has sender’s private key. Digital signatures work this way.
Asymmetric Encryption algorithms:
– RSA
– DSA
– PGP

RSA asymmetric encryption

RSA is the best known asymmetric (public key) algorithm, named after its inventors: Rivest, Shamir and Adleman. RSA uses public and private keys that are functions of a pair of large prime numbers. Its security is based on the difficulty of factoring large integers. The RSA algorithm can be used for both public key encryption and digital signatures. The keys used for encryption and decryption in RSA algorithm, are generated using random data. The key used for encryption is a public key and the key used for decryption is a private key. Public keys are stored anywhere publicly accessible. The sender of message encrypts the data using public key, and the receiver decrypts it using his/her own private key. That way, no one else can intercept the data except receiver.

DSA

The Digital Signature Algorithm (DSA) is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS).

PGP

PGP (Pretty Good Privacy) is a public-private key cryptography system which allows for users to more easily integrate the use of encryption in their daily tasks, such as electronic mail protection and authentication, and protecting files stored on a computer. PGP was originally designed by Phil Zimmerman. It uses IDEA, CAST or Triple DES for actual data encryption and RSA (with up to 2048-bit key) or DH/DSS (with 1024-bit signature key and 4096-bit encryption key) for key management and digital signatures. The RSA or DH public key is used to encrypt the IDEA secret key as part of the message.

Combination of Symmetric Encryption and Asymmetric Encryption

If we want the benefits of both types of encryption algorithms, the general idea is to create a random symmetric key to encrypt the data, and then encrypt that key asymmetrically. Once the key is asymmetrically encrypted, we add it to the encrypted message. The receiver gets the key, decrypts it with their private key, and uses it to decrypt the message.

Symmetric vs. Asymmetric encryption algorithms
Symmetric encryption algorithms encrypt and decrypt with the same key. Main advantages of symmetric algorithms are its security and high speed. Asymmetric encryption algorithms encrypt and decrypt with different keys. Data is encrypted with a public key, and decrypted with a private key. Asymmetric encryption algorithms are incredibly slow and it is impractical to use them to encrypt large amounts of data. Generally, symmetric encryption algorithms are much faster to execute on a computer than asymmetric ones. In practice they are often used together, so that a public-key algorithm is used to encrypt a randomly generated encryption key, and the random key is used to encrypt the actual message using a symmetric algorithm.

Difference between symmetric and asymmetric encryption

Symmetric encryption algorithms use the same key for Encryption and Decryption. Symmetric encryption algorithms require that both the sender and the receiver agree on a key before they can exchange messages securely. Asymmetric encryption algorithms use a different key for encryption and decryption, and the decryption key cannot be derived from the encryption key.

Stream Ciphers

Stream ciphers

Stream ciphers encrypt the bits of information one at a time – operate on 1 bit (or sometimes 1 byte) of data at a time (encrypt data bit-by-bit). Stream ciphers are faster and smaller to implement than block ciphers, however, they have an important security gap. If the same key stream is used, certain types of attacks may cause the information to be revealed.
Stream Ciphers vs Block ciphers
Stream ciphers are faster and smaller to implement than block ciphers, however, they have an important security gap. If the same key stream is used, certain types of attacks may cause the information to be revealed.
The difference between block ciphers and stream ciphers?
A stream cipher consists of a state machine that outputs at each state transition one bit of information. This stream of output bits is commonly called the running key. The state machine is nothing more than a pseudo-random number generator.
Block ciphers encrypt information by breaking it down into blocks and encrypting data in each block. A block cipher encrypts data in fixed sized blocks (commonly of 64 bits).

Block Ciphers

What is a block cipher?

Block cipher (method for encrypting data in blocks) is a symmetric cipher which encrypts a message by breaking it down into blocks and encrypting data in each block. A block cipher encrypts the text in fixed sized blocks. Block ciphers take a number of bits and encrypt them as a single unit – operate on blocks of bits at a time. Block cipher encrypts a message by breaking it down into blocks (commonly of 64 bits) and encrypting data in each block.
Block ciphers are cryptographic algorithms which operate on 64-bit blocks of plaintext. The encryption procedure usually consists of multiple and complex rounds of bit shifts, XORs, permutations and substitutions of plaintext and key bits. Decryption is similar to encryption except that some operations may be performed in the reverse order. Some algorithms use fix-length keys, for others the key length may vary. Block Cipher is opposite to encoding bit-by-bit like stream cipher.

Examples of block ciphers

Some examples of block ciphers:
– AES block cipher (Rijndael block cipher)
– Blowfish block cipher
– CAST5
– DES
– IDEA
– RC6
– Serpent
– Triple DES
– Twofish

AES block cipher (Rijndael block cipher)
Rijndael is a block cipher, designed by Joan Daemen and Vincent Rijmen as a candidate algorithm for the AES. AES stands for Advanced Encryption Standard. AES is a symmetric key encryption technique which will replace the commonly used Data Encryption Standard (DES). The Advanced Encryption Standard algorithm approved by NIST in December 2001 uses 128-bit blocks.
The block cipher currently supports key lengths of 128, 192, and 256 bits. Each encryption key size causes the algorithm to behave slightly differently, so the increasing key sizes not only offer a larger number of bits with which you can scramble the data, but also increase the complexity of the cipher algorithm.

Blowfish block cipher
Blowfish is a symmetric encryption algorithm designed in 1993 by Bruce Schneier as an alternative to existing encryption algorithms.
Blowfish has a 64-bit block size and a variable key length – from 32 bits to 448 bits. It is a 16-round Feistel cipher and uses large key-dependent S-boxes.
Blowfish is similar in structure to CAST-128, which uses fixed S-boxes.

CAST block cipher
CAST stands for Carlisle Adams and Stafford Tavares, the inventors of CAST. CAST is a popular 64-bit block cipher which belongs to the class of encryption algorithms known as Feistel ciphers.
CAST-128 is a DES-like Substitution-Permutation Network (SPN) cryptosystem. It has the Feistel structure and utilizes eight fixed S-boxes. CAST-128 supports variable key lenghts between 40 and 128 bits.
CAST-128 is resistant to both linear and differential cryptanalysis. Currently, there is no known way of breaking CAST short of brute force. CAST is now the default cipher in PGP.

Data Encryption Standard (DES) block cipher
Digital Encryption Standard (DES) is a symmetric block cipher with 64-bit block size that uses using a 56-bit key.

In 1977 the Data Encryption Standard (DES), a symmetric encryption algorithm, was adopted in the United States as a federal standard.

DES encrypts and decrypts data in 64-bit blocks, using a 56-bit key. It takes a 64-bit block of plaintext as input and outputs a 64-bit block of ciphertext. Since it always operates on blocks of equal size and it uses both permutations and substitutions in the algorithm. DES has 16 rounds, meaning the main algorithm is repeated 16 times to produce the ciphertext. It has been found that the number of rounds is exponentially proportional to the amount of time required to find a key using a brute-force attack. So as the number of rounds increases, the security of the algorithm increases exponentially.

RC6
RC6 is a symmetric block cipher derived from RC5. It was designed by Ron Rivest, Matt Robshaw, Ray Sidney, and Yiqun Lisa Yin to meet the requirements of the Advanced Encryption Standard (AES) competition. RC6 encryption algorithm was selected among the other finalists to become the new federal Advanced Encryption Standard (AES).

SEED
SEED is a block cipher developed by the Korea Information Security Agency since 1998. Both the block and key size of SEED are 128 bits and it has a Feistel Network structure which is iterated 16 times. It has been designed to resist differential and linear cryptanalysis as well as related key attacks. SEED uses two 8×8 S-boxes and mixes the XOR operation with modular addition. SEED has been adopted as an ISO/IEC standard (ISO/IEC 18033-3), an IETF RFC, RFC 4269 as well as an industrial association standard of Korea (TTAS.KO-12.0004/0025).

Serpent
Serpent is a very fast and reasonably secure block cipher developed by Ross Anderson, Eli Biham and Lars Knudsen. Serpent can work with different combinations of key lengths. Serpent was also selected among other five finalists to become the new federal Advanced Encryption Standard (AES).

Triple DES
Triple DES is a variation of Data Encryption Standard (DES). It uses a 64-bit key consisting of 56 effective key bits and 8 parity bits. The size of the block for Triple-DES is 8 bytes. Triple-DES encrypts the data in 8-byte chunks. The idea behind Triple DES is to improve the security of DES by applying DES encryption three times using three different keys. Triple DES algorithm is very secure (major banks use it to protect valuable transactions), but it is also very slow.

Twofish block cipher
Twofish is a symmetric block cipher. Twofish has a block size of 128 bits and accepts keys of any length up to 256 bits. Twofish has key dependent S-boxes like Blowfish.
Twofish encryption algorithm was designed by Bruce Schneier, John Kelsey, Chris Hall, Niels Ferguson, David Wagner and Doug Whiting. The National Institute of Standards and Technology (NIST) investigated Twofish as one of the candidates for the replacement of the DES encryption algorithm.

Block ciphers vs stream ciphers

Block ciphers
Block ciphers transform a fixed-size block of data (usually 64 bits) into another fixed-size block (possibly 64 bits long again) using a function selected by the key. If the key, input block and output block all have n bits, a block cipher basically defines a one-to-one mapping from n-bit integers to permutations of n-bit integers.

Stream ciphers
A stream cipher consists of a state machine that outputs at each state transition one bit of information. This stream of output bits is commonly called the running key. The state machine is nothing more than a pseudo-random number generator. For example, we can build one from a block cipher by encrypting repeatedly its own output. Typically, more elaborate constructions are used for stream ciphers to obtain high-speed. The encryption can be implemented by just exclusively-oring the running key to the plaintext message.

Symmetric Encryption

What is symmetric encryption?

Symmetric Encryption (also known as symmetric-key encryption, single-key encryption, one-key encryption and private key encryption) is a type of encryption where the same secret key is used to encrypt and decrypt information or there is a simple transform between the two keys.
A secret key can be a number, a word, or just a string of random letters. Secret key is applied to the information to change the content in a particular way. This might be as simple as shifting each letter by a number of places in the alphabet. Symmetric algorithms require that both the sender and the receiver know the secret key, so they can encrypt and decrypt all information.There are two types of symmetric encryption algorithms: Stream algorithms (Stream ciphers) and Block algorithms (Block ciphers).

Types of Symmetric algorithms (Symmetric-key algorithms)

Symmetric encryption algorithms (Symmetric-key encryption algorithms) use the same key for encryption and decryption. Symmetric-key encryption algorithms can be divided into Stream algorithms (Stream ciphers) and Block algorithms (Block ciphers).

Stream Ciphers
Stream ciphers encrypt the bits of information one at a time – operate on 1 bit (or sometimes 1 byte) of data at a time (encrypt data bit-by-bit). Stream ciphers are faster and smaller to implement than block ciphers, however, they have an important security gap. If the same key stream is used, certain types of attacks may cause the information to be revealed.

Block Ciphers
Block cipher (method for encrypting data in blocks) is a symmetric cipher which encrypts information by breaking it down into blocks and encrypting data in each block. A block cipher encrypts data in fixed sized blocks (commonly of 64 bits). The most used block ciphers are Triple DES and AES.

Symmetric encryption algorithms:
– AES/Rijndael
– Blowfish
– CAST5
– DES
– IDEA
– RC2
– RC4
– RC6
– Serpent
– Triple DES
– Twofish

AES/Rijndael encryption

AES stands for Advanced Encryption Standard. AES is a symmetric key encryption technique which replaces the commonly used Data Encryption Standard (DES).
It was the result of a worldwide call for submissions of encryption algorithms issued by the US Government’s National Institute of Standards and Technology in 1997 and completed in 2000.
The winning algorithm, Rijndael, was developed by two Belgian cryptologists, Vincent Rijmen and Joan Daemen. AES provides strong encryption and was selected by NIST as a Federal Information Processing Standard in November 2001 (FIPS-197).
The AES algorithm usesthree key sizes: a 128-, 192-, or 256-bit encryption key. Each encryption key size causes the algorithm to behave slightly differently, so the increasing key sizes not only offer a larger number of bits with which you can scramble the data, but also increase the complexity of the cipher algorithm.

Blowfish
Blowfish is a symmetric encryption algorithm (64-bit cipher) designed in 1993 by Bruce Schneier as an alternative to existing encryption algorithms. Blowfish has a variable key length – from 32 bits to 448 bits. Since then Blowfish has been analyzed considerably, and is gaining acceptance as a strong encryption algorithm.

CAST
CAST stands for Carlisle Adams and Stafford Tavares, the inventors of CAST. CAST is a popular 64-bit block cipher allowing key sizes up to 128 bits.

Data Encryption Standard (DES)
Data Encryption Standard (DES) is a block cipher with 64-bit block size that uses 56-bit keys. DES was invented over 20 years ago by IBM in response to a public request from the National Bureau of Standards. Due to recent advances in computer technology, some experts no longer consider DES secure against all attacks; since then Triple-DES (3DES) has emerged as a stronger method. Using standard DES encryption, Triple-DES encrypts data three times and uses a different key for at least one of the three passes giving it a cumulative key size of 112-168 bits.

IDEA
IDEA stands for International Data Encryption Algorithm. IDEA is a symmetric encryption algorithm that was developed by Dr. X. Lai and Prof. J. Massey to replace the DES standard. Unlike DES though it uses a 128 bit key. This key length makes it impossible to break by simply trying every key.

RC2
RC2 is a variable-key-length cipher. It was invented by Ron Rivest for RSA Data Security, Inc. Its details have not been published.

RC4
RC4 was developed by Ron Rivest in 1987. It is a variable-key-size stream cipher. It is a cipher with a key size of up to 2048 bits (256 bytes).

RC6
RC6 is a symmetric key block cipher derived from RC5. It was designed by Ron Rivest, Matt Robshaw, Ray Sidney, and Yiqun Lisa Yin to meet the requirements of the Advanced Encryption Standard (AES) competition. RC6 encryption algorithm was selected among the other finalists to become the new federal Advanced Encryption Standard (AES).

Serpent
Serpent is a block cipher developed by Ross Anderson, Eli Biham and Lars Knudsen. Serpent can work with different combinations of key lengths. Serpent was also selected among other five finalists to become the new federal Advanced Encryption Standard (AES).

Triple DES
Triple DES is a variation of Data Encryption Standard (DES). It uses a 64-bit key consisting of 56 effective key bits and 8 parity bits. The size of the block for Triple-DES is 8 bytes. Triple-DES encrypts the data in 8-byte chunks. The idea behind Triple DES is to improve the security of DES by applying DES encryption three times using three different keys.

Twofish
Twofish is a symmetric block cipher. Twofish has a block size of 128 bits and accepts keys of any length up to 256 bits.
Twofish encryption algorithm was designed by Bruce Schneier, John Kelsey, Chris Hall, Niels Ferguson, David Wagner and Doug Whiting. The National Institute of Standards and Technology (NIST) investigated Twofish as one of the candidates for the replacement of the DES encryption algorithm.

What are symmetric encryption vulnerabilities?

Breaking symmetric encryption
There are two methods of breaking symmetric encryption – brute force and cryptanalysis.
Brute Force Attack is a form of attack in which each possibility is tried until success is obtained. Typically, a ciphertext is deciphered under different keys until plaintext is recognized. No encryption software that is entirely safe from the brute force method, but if the number of possible keys is high enough, it can make a program astronomically difficult to crack using brute force. But the more bits in a key, the more secure it is, so choose software with as many bits as possible.
Cryptanalysis is a form of attack that attacks the characteristics of the algorithm to deduce a specific plaintext or the key used.

Weak passwords
In every kind of encryption software, there is some kind of password that must be created so that the recipients of the information can read it. Creating a strong password that cannot be easily guessed is just as important as choosing a good algorithm or strong encryption software.

Remembering passwords
If you forget your password, you will not be able to decrypt data that you have encrypted. Be sure to make a backup copy of your password and store it in a safe place.

Secret keys exchanging and storing
Symmetric key encryption algorithms require sharing the secret key – both the sender and the receiver need the same key to encrypt or decrypt data. Anyone who knows the secret key can decrypt the message. So it is essential that the sender and receiver have a way to exchange secret keys in a secure manner. The weakness of symmetric encryption algorithms is that if the secret key is discovered, all messages can be decrypted. So, secret key need to be changed on a regular basis and kept secure during distribution and while using.

Symmetric vs. Asymmetric encryption algorithms

Symmetric encryption algorithms encrypt and decrypt with the same key. Main advantages of symmetric algorithms are its security and high speed. Asymmetric encryption algorithms encrypt and decrypt with different keys. Data is encrypted with a public key, and decrypted with a private key. Asymmetric encryption algorithms are incredibly slow and it is impractical to use them to encrypt large amounts of data. Generally, symmetric encryption algorithms are much faster to execute on a computer than asymmetric ones. In practice they are often used together, so that a public-key algorithm is used to encrypt a randomly generated encryption key, and the random key is used to encrypt the actual message using a symmetric algorithm.

Symmetric encryption advantages
Main advantages of symmetric encryption algorithms are theit security and high speed.