What is asymmetric encryption?
The process of asymmetric encryption involves two keys: one key for encryption and a second key for decryption. An asymmetric key encryption scheme involves six main parts:
Plaintext – this is the text message to which an algorithm is applied.
Encryption Algorithm – it performs mathematical operations to conduct substitutions and transformations to the plaintext.
Public and Private Keys – these are a pair of keys where one is used for encryption and the other for decryption.
Ciphertext – this is the encrypted or scrambled message produced by applying the algorithm to the plaintext message using key.
Decryption Algorithm – this algorithm generates the ciphertext and the matching key to produce the plaintext.The sender and the recipient must have the same software. The recipient makes a pair of keys – public key and private key (both keys can be unlocked with a single password). Public key can be used by anyone with the same software to encrypt a message. Public keys can be freely distributed without worrying since it is only used to scramble (encrypt) the data.The sender does not need the recipient’s password to use his or her public key to encrypt data. The recipient’s other key is a private key that only he or she can use when decrypting the message. Private key should never be distributed since the private key assures that only the intended recipient can unscramble (decrypt) data intended for him or her. The recipient can freely distribute the public key without worrying since it is only used to scramble the data.
To uderstand asymetric encryption better please read an example:
For example, Jack makes public key A and private key A, and Jill makes public key B and private key B. Jack and Jill exchange their public keys. Once they have exchanged keys, Jack can send an encrypted message to Jill by using Jill’s public key B to scramble the message. Jill uses her private key B to unscramble it. If Jill wants to send an encrypted message to Jack, she uses Jack’s public key A to scramble her message, which Jack can then unscramble with his private key A. Asymmetric cryptography is typically slower to execute electronically than symmetric cryptography.Some Asymmetric Algorithms (public key algorithms) such as RSA allow the process to work in the opposite direction as well: a message can be encrypted with a private key and decrypted with the corresponding public key. If the recipient wants to decrypt a message with Bob’s public key he/she must know that the message has come from Bob because no one else has sender’s private key. Digital signatures work this way.
RSA asymmetric encryption
RSA is the best known asymmetric (public key) algorithm, named after its inventors: Rivest, Shamir and Adleman. RSA uses public and private keys that are functions of a pair of large prime numbers. Its security is based on the difficulty of factoring large integers. The RSA algorithm can be used for both public key encryption and digital signatures. The keys used for encryption and decryption in RSA algorithm, are generated using random data. The key used for encryption is a public key and the key used for decryption is a private key. Public keys are stored anywhere publicly accessible. The sender of message encrypts the data using public key, and the receiver decrypts it using his/her own private key. That way, no one else can intercept the data except receiver.
The Digital Signature Algorithm (DSA) is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS).
PGP (Pretty Good Privacy) is a public-private key cryptography system which allows for users to more easily integrate the use of encryption in their daily tasks, such as electronic mail protection and authentication, and protecting files stored on a computer. PGP was originally designed by Phil Zimmerman. It uses IDEA, CAST or Triple DES for actual data encryption and RSA (with up to 2048-bit key) or DH/DSS (with 1024-bit signature key and 4096-bit encryption key) for key management and digital signatures. The RSA or DH public key is used to encrypt the IDEA secret key as part of the message.
Combination of Symmetric Encryption and Asymmetric Encryption
If we want the benefits of both types of encryption algorithms, the general idea is to create a random symmetric key to encrypt the data, and then encrypt that key asymmetrically. Once the key is asymmetrically encrypted, we add it to the encrypted message. The receiver gets the key, decrypts it with their private key, and uses it to decrypt the message.
Symmetric vs. Asymmetric encryption algorithms
Symmetric encryption algorithms encrypt and decrypt with the same key. Main advantages of symmetric algorithms are its security and high speed. Asymmetric encryption algorithms encrypt and decrypt with different keys. Data is encrypted with a public key, and decrypted with a private key. Asymmetric encryption algorithms are incredibly slow and it is impractical to use them to encrypt large amounts of data. Generally, symmetric encryption algorithms are much faster to execute on a computer than asymmetric ones. In practice they are often used together, so that a public-key algorithm is used to encrypt a randomly generated encryption key, and the random key is used to encrypt the actual message using a symmetric algorithm.
Difference between symmetric and asymmetric encryption
Symmetric encryption algorithms use the same key for Encryption and Decryption. Symmetric encryption algorithms require that both the sender and the receiver agree on a key before they can exchange messages securely. Asymmetric encryption algorithms use a different key for encryption and decryption, and the decryption key cannot be derived from the encryption key.