Understanding Cryptography: The Basics

The Differences Between Asymmetric and Symmetric Encryption

2024-05-03
Military Model Enigma I, a cipher machine in use from 1930 to protect commercial, diplomatic, and military communication.
Cryptography has been around for millennia, and was invented probably as early as man started to write. But in modern times and with the rise of computers, it has led to a major shift in the ability to communicate securely. In our current digital landscape, there are two main forms of cryptography in use, symmetric and asymmetric (public key) encryption. The following is a brief introduction to the differences between these two forms of encoding data, what their use cases are, and how they can be used to protect your emails from prying eyes.
SIGN UP

Symmetric vs Asymmetric Encryption: What is the difference?

Cryptography is the study and practice of achieving secure communication that needs protection from an adversary. Cryptosystems can utilize complicated mathematics or be as simple as the language game "Pig Latin" which regularly appears on school playgrounds. The use of cryptography is to keep what you wish to say safe from nosy eavesdroppers. Of course, the different types of encryption that we use on a daily basis for online banking, when using ATM cards, and in our smartphones is built on a number of mathematical algorithms which are engineered to keep your digital data safe. Of these algorithms, there are two primary forms: symmetric encryption and asymmetric encryption. The common notion of what people think of when hearing about spies and secret codes is an example of symmetric encryption, but in truth there is much more complexity when it comes to securing your communications. So what are the differences between symmetric and asymmetric encryption? Let's find out.

Symmetric-Key Encryption

Symmetric Key Cryptography earns this name because it employs the same secret or key, in order to encrypt and decrypt data. There are different forms of symmetric ciphers, but if the encryption and decryption key are identical, then they fit into this group.

An basic example of symmetric encryption.

In this example we see Alice using the same key to encrypt the document as Bob uses to decrypt the document.

Not all encryption algorithms function the same way, and symmetric encryption comes in two major flavors that of the stream cipher and the block cipher. The main difference between the two comes down to how the bits of data are encrypted. A stream cipher will encrypt all the bytes of data one by one individually by combining them with a pseudorandom number generated by a keystream (hence the name) until the entirety of the data has been encrypted. Block ciphers on the other hand will group an unvarying number bytes together and encrypt the groups. Should the final group be of a smaller size than the other blocks, that group will be "padded" so that it reaches the corresponding block size. Stream ciphers tend to be faster than a block cipher and can also run on less powerful hardware, but they are more prone to security risks.

Well-known Examples of Symmetric-Key Cryptography

Probably the best known symmetric-key algorithm is Rijnael/AES. AES (Advanced Encryption Standard) is a block cipher which became the default symmetric encryption protocol as a replacement for DES. After winning NIST's competition for the DES successor AES quickly became an industry standard. Today, AES256 (AES with a 256-bit key) is considered to be quantum resistant by cryptographers and security experts.

A diagram depicting the round function of AES.

An example of the round function in AES.

When is symmetric encryption used?

Symmetric encryption is generally used for encrypting bulk amounts of data due to its speed. For example, in Tuta all user data is encrypted on the client-side using symmetric encryption with AES256. You likely use symmetric encryption around your house if you are using a WiFi connection as WPA builds upon symmetric cryptosystems. Symmetric encryption runs into difficulties when communicating with other parties because there must be a secured way of sharing the encryption key. That is where asymmetric-key encryption comes into play.

Asymmetric or Public Key Encryption

Asymmetric-key exchange first came into public view in 1976, following the publication of a ground-breaking paper by Whitfield Diffie and Martin Hellman. Also termed "public-key" cryptography asymmetric encryption used two keys instead of a single shared key. In the public-key encryption model, a public key can be used to encrypt a message and the recipient's private key will be used to decrypt it. Asymmetric-key encryption is particularly useful for communicating over the internet, as the public key is designed to be public and must not be protected in the same what that a symmetric encryption key should be.

Popular Examples of Asymmetric-Key Cryptography

Many of the more well known cryptographic algorithms reside in this category. The RSA cryptosystem, SSH and TLS/SSL protocols, and the program PGP are all popular examples of asymmetric cryptography. RSA has been an industry standard, but has recently fallen out of favor with the pursuit of creating quantum resistant encryption.

A visual depiction of asymmetric encryption both encrypting and decrypting data.

This graphic shows how Alice and Bob use private and public keypairs for encrypting and decrypting data.

When is asymmetric encryption used?

Asymmetric encryption is primarily used for sending encryption keys across the internet. If the content of your message has been encrypted using symmetric encryption, then you will need to securely share the secret with your message's recipient. This is done with asymmetric encryption. Public-key cryptography is slower than symmetric cryptography and for this reason also tends to require more resources to encrypt and decrypt data. There is a higher degree of security due to using different kinds of keys (public and private) in combination to meet a higher security requirement and because the size of the keys is typically not too large (in comparison to large documents, images, or video) it can be used to securely transmit the symmetric key for decrypting the larger body of data.

This hybrid cryptosystem is often used in messaging applications which will use a symmetric key to encrypt the body of data, and asymmetric encryption for sharing the secret required for decrypting and accessing the encrypted data.

Cryptography is the key to online privacy and security

Cryptography is a massive field, rich in mathematical depth and complexity. Proper deployment of cryptographic protocols is a cornerstone of protecting your data and online privacy. There is no requirement that you understand the intricacies of encryption in order to start taking back your privacy. Tuta makes using encryption fast and simple.

With a few easy clicks you can begin employing our strong post-quantum encryption to take back your right to privacy.

Signup for a secure Tuta account today!

Find out more about the encryption algorithms used in Tuta and check out our detailed encryption page.

SIGN UP
Author
Brandon fights for your right to privacy by spreading the word about privacy respecting products like Tuta. His expertise in US privacy law, encryption usage and policy, and American surveillance politics lets him explain complicated topics and privacy issues in an easy-to-grasp language. Privacy shouldn't be a luxury and by working at Tuta, Brandon helps bring privacy and security to everyone.
Top posts
Threat Modeling In 2024: Your Guide For Better Security
10 Best Private Email Services in 2024
Google Pays 1150 Times More for Its Search Monopoly Than for Lobbying in the EU & US
Why Use A Password Manager - And Our Top 3!
Anonymous email: Create an email address without a phone number.
The Illusion Of "Swiss Privacy" Being The Best
10 best free email accounts in 2024
Latest posts
Tuta Mail supports SPF, DMARC and DKIM for best security when using your custom domain.
How to stop email spam and block invasive marketing strategies.
Don't want Gmail to sift through your emails? Too late, their AI is going to do it.
Why are Google and Facebook free? The answer might be worse than you think.
Terminate subscription
Company
Community
Team
Jobs
Terms
Privacy
Legal notice
Development
Changelog
Roadmap
Security
Encryption
Open Source
GitHub
Features
Secure Email
Encrypted Calendar
Business
Support
Forum
Press
Support
Language
English
Translate