Symmetric Key and Public Key Encryption

Показать описание

Download the PDF handout

Encryption Types
Encryption is the process of scrambling data so it cannot be read without a decryption key. Encryption prevents data being read by a 3rd party if it is intercepted by a 3rd party. The two encryption methods that are used today are symmetric and public key encryption.

Symmetric Key
Symmetric key encryption uses the same key to encrypt data as decrypt data. This is generally quite fast when compared with public key encryption. In order to protect the data, the key needs to be secured. If a 3rd party was able to gain access to the key, they could decrypt any data that was encrypt with that data. For this reason, a secure channel is required to transfer the key if you need to transfer data between two points. For example, if you encrypted data on a CD and mail it to another party, the key must also be transferred to the second party so that they can decrypt the data. This is often done using e-mail or the telephone. In a lot of cases, sending the data using one method and the key using another method is enough to protect the data as an attacker would need to get both in order to decrypt the data.

Public Key Encryption
This method of encryption uses two keys. One key is used to encrypt data and the other key is used to decrypt data. The advantage of this is that the public key can be downloaded by anyone. Anyone with the public key can encrypt data that can only be decrypted using a private key. This means the public key does not need to be secured. The private key does need to be keep in a safe place. The advantage of using such a system is the private key is not required by the other party to perform encryption. Since the private key does not need to be transferred to the second party there is no risk of the private key being intercepted by a 3rd party. Public Key encryption is slower when compared with symmetric key so it is not always suitable for every application. The math used is complex but to put it simply it uses the modulus or remainder operator. For example, if you wanted to solve X mod 5 = 2, the possible solutions would be 2, 7, 12 and so on. The private key provides additional information which allows the problem to be solved easily. The math is more complex and uses much larger numbers than this but basically public and private key encryption rely on the modulus operator to work.

Combing The Two
There are two reasons you want to combine the two. The first is that often communication will be broken into two steps. Key exchange and data exchange. For key exchange, to protect the key used in data exchange it is often encrypted using public key encryption. Although slower than symmetric key encryption, this method ensures the key cannot accessed by a 3rd party while being transferred. Since the key has been transferred using a secure channel, a symmetric key can be used for data exchange. In some cases, data exchange may be done using public key encryption. If this is the case, often the data exchange will be done using a small key size to reduce the processing time.

The second reason that both may be used is when a symmetric key is used and the key needs to be provided to multiple users. For example, if you are using encryption file system (EFS) this allows multiple users to access the same file, which includes recovery users. In order to make this possible, multiple copies of the same key are stored in the file and protected from being read by encrypting it with the public key of each user that requires access.

References

Рекомендации по теме

Комментарии

It does have some of the same material in it from a previous video. Some of the content may get duplicated as we move towards modular training. This video will be organised into a play list later on based on any course it is relevant to. This means that if you study for 2008 and then later 2012, it saves you watching a second video on the same material if the first video released covered it and it has not changed. It also helps if we want to update the video later on, or add linux videos.

itfreetraining

4) Since the server now has the pre-master key, it can generate a session key and use the pre-master key to encrypt this key and send it to the client. Now both sides have the same session key which is used for encryption.

You can see how even though encryption is supported only in one direction using private and public keys, it can be used to set up another encryption method which works in both directions which is what commonly happens.

itfreetraining

The way SSL gets around this is the following.For example you are accessing a web site.
1) Public key is obtain by the user.
2) For encryption to happen, both sides now need to agree on a symmetric key and this key needs to be exchanged to both sides. Public key and private key is used to make these exchange happen.Generally the client will generate a pre-master key that is sent to the server using the public key.
3) The server can then obtain this pre master key using the private key.

itfreetraining

Great to hear. It's good to know our videos are appreciated.

Thanks liptongtr

itfreetraining

Great example on how one type of encryption is used toset up another. Also I never knew how SSL sessions were set up, more great info.

liptongtr

Excellent, as usual. Thank you for your time towards the thorough videos.

jeylful

Nicely explained. Thanks, I finally got the basics of it.

rogergurman

This is still a great video to understand Symmetric and Asymmetric key encryption, Thankyou for this.

abhimanyusinghshekhawat

damn! I am so sorry I didn't say anything sooner to save you time. I watched the video again and got a handle on it. most people don't answer my question and I didn't think you would either. but thank you for taking the time to respond; it's more than I deserve. thanks again so much.

coineachpierce

Basically the way it works is that which every key is used to encrypt the data, the other key is need to decrypt the data. So for arguments shake, if you were to use the private key to encrypt data (generally you would not do this) the public key would be needed to decrypt the data. This is how PKI systems work, which ever key is used, the other key is required to decrypt. It make it simple one is called private and one is called public.

itfreetraining

Awesome job dude, i dont know how i didn't find this channel earlier :)

christosathanasiadiss

Very easy to understand. Thanks a lot!

MinhHoang-ikhf

What a wonderful explanation
Thank you so much

wiberydesign

very useful, thank you. Are certificates always used with keys? ( do you have to have a certificate store somewhere to use encyption?) Thanks !

martinyable

finally. someone finally explained the one part no one else could.

sendeth

thanks a lot ... it was very useful
جزاك الله خير

rawhaosman

You're an absolute genius, thank you for a fascinating video.
Could you tell me if it is possible to find the encryption key for an Android photo file
if the owner mistakenly wiped the encryption key from the phone?.
Yes it happened to me and so far nobody has been able to shed some light on this
commonly occurring problem with Android phones.
By default from Android 6 upwards all data is encrypted.

Gary-Seven-and-Isis-in-

This will allow data to be sent one way. If you wanted to send data the other way you would need another key pair so both sides had their own private key and a public key to give the other side.

itfreetraining

"every user, who wishes to participate in the discussion, must register with and be authenticated by the group leader to become a member of the group", how do I apply this to a cryptography protocol? I need help!

wheelchairslayer

thanks! this will help me pass my exam.. wish me luck🙏🏼

Snyoreetaaa

Symmetric Key and Public Key Encryption

Asymmetric Encryption - Simply explained

Symmetric Key and Public Key Encryption

Public Key Cryptography - Computerphile

Tech Talk: What is Public Key Infrastructure (PKI)?

Public and Private Keys - Signatures & Key Exchanges - Cryptography - Practical TLS

Lec-81: Symmetric Key Cryptography in Network Security with examples

Cryptography Explained: Public-Key vs Symmetric Cryptography

Encryption - Symmetric Encryption vs Asymmetric Encryption - Cryptography - Practical TLS

Cryptography and encryption techniques🧐😱 #computersecurity #cybersecurity #crypto #tech #shorts...

How asymmetric (public key) encryption works

Symmetric vs. Asymmetric Encryption - CompTIA Security+ SY0-401: 6.1

Symmetric Key Cryptography VS Asymmetric Key Cryptography | Private vs Public Key Cryptography

Encryption and public keys | Internet 101 | Computer Science | Khan Academy

Secret Key Exchange (Diffie-Hellman) - Computerphile

Private Key Encryption (Symmetric Key Encryption)

Symmetric Key Cryptography | Stream Cipher & Block Cipher Explained | Network Security | Simplil...

Key Exchange Problems - Computerphile

7 Cryptography Concepts EVERY Developer Should Know

Symmetric and Asymmetric Cryptography - SY0-601 CompTIA Security+ : 2.8

Public Key Encryption (Asymmetric Key Encryption)

Symmetric and Asymmetric Key Cryptography

What is Public and Private Key Encryption?

Symmetric vs Asymmetric Encryption – What is the Difference?

Session Keys