Asymmetric and Symmetric Encryption For Beginners— Part 1
Ensuring the confidentiality of data is a fundamental aspect of meeting regulatory standards. The goal is to keep data secure even in the event of a breach, preventing unauthorized access by threat actors. This is where encryption plays a crucial role.
At its core, encryption involves transforming plain text into an encrypted format that only individuals possessing the encryption key can decipher. But what exactly is an encryption key? Think of locking your door using your key as encryption, the key is your encryption key and to decrypt, you can also use the key. A simple encryption key could be as basic as shifting each letter of a text one position to the right (e.g., ABC as plaintext becomes BCD as encrypted text). Applying this concept to passwords stored in a database, even if a threat actor gains access during a data breach, they still do not know your password as they will be displayed a transformed representation.
A second example could involve trying to send a private message to a friend like your house address. If the message is not encrypted and the threat actor captures the message packet then they can read it easily because it is in plain text. However, if it was encrypted, it would be much harder for them to decipher the message without the encryption key. I hope you’re starting to understand why data encryption is important.
Now, let’s delve into the two primary types of encryption:
Asymmetric Encryption:
Asymmetric encryption employs two keys — a private key for decryption and a public key for encryption. Your public key is shared openly, allowing anyone to encrypt messages intended for you. However, only you, with your private key, can decrypt and access the original content. Visualize a two-way lock where one key can lock the box, but it requires a master key to unlock.
Consider two friends, A and B. A uses B’s public key to encrypt a message, making it unreadable to any third party intercepting it. B, using their private key, then unlocks and reads the message securely. An example of an algorithm that uses asymmetric encryption is the RSA algorithm which works by multiplying two large prime numbers together. In theory, it sounds easy to reverse engineer but practically finding the factor of two large prime numbers is quite hard to do even computationally.
Symmetric Encryption:
In contrast, symmetric encryption utilizes a single key for both encryption and decryption. While it simplifies the process, this key must be kept exceptionally secure.
Although asymmetric encryption is theoretically more secure, in situations prioritizing speed over security, symmetric encryption may be favoured due to its more streamlined process. An example of an algorithm that utilises symmetric encryption is AES(Advanced encryption system).
Ensuring better security with encryption involves additional considerations, which we’ll explore in a future blog. By simplifying these encryption concepts, we empower users to understand the importance of safeguarding data in an increasingly digital world.
I am Nelson Chukwuemeka-Awuja, a final-year Computer Science student at the University of Exeter, set to earn my degree in June 2024. My academic journey has been intrinsically intertwined with the ever-evolving field of cybersecurity, a domain where precision, vigilance, and adaptability are paramount. As a future cybersecurity professional, I am committed to knowledge dissemination. Join me on an insightful journey through the dynamic landscape of cybersecurity. Together, we will explore the latest cybersecurity trends, dissect real-world cyber threats, and delve into the realm of digital defence.
If the blog helped you, feel free to support me by clapping the blog and then connect with me on Linkedin — Click here!
