
Asymmetric Encryption
Asymmetric encryption is a technique that allows anyone to send encrypted messages to a receiver. It is based on cryptographic algorithms for generating matching pairs of public/private keys such that the private key can't be guessed from the public key.The public key is then published using techniques such as digital certificates. The private key is configured in encryption enabled software and kept secret.Symmetric Encryption
Symmetric encryption is based solely on private keys. For example, symmetric encryption may be used to encrypt data in storage. It is also used in communications by sharing private keys between endpoints. In many cases, asymmetric encryption is used to initialize a session and exchange private keys. Then communication is encrypted with symmetric encryption. This is done because symmetric encryption is faster than asymmetric encryption.Public Key vs Private Key | ||
Public Key | Private Key | |
Definition | A published key that can be used to send a secure message to a receiver. | A secret key that can be used to decrypt messages encrypted with the corresponding public or private key. |
Applies to | Asymmetric Encryption | Asymmetric EncryptionSymmetric Encryption |
Authentication Schemes
In order to secure data or messages you encrypt with a public key and decrypt with a private key. The opposite is sometimes done for the reasons of signing a message to prove that you're the source. In other words, encryption with a private key can be used to prove that you hold the private key. This is confirmed by decrypting with the corresponding public key. This technique is used in authentication schemes such as digital signatures. In practice, different private-public key pairs are used for signing messages and securing message communication. The following chart illustrates the various patterns of encryption with public and private keys.Scenario | Public Key | Private Key |
Asymmetric Encryption | Encrypt | Decrypt |
Authenticate the origin of a message | Decrypt | Encrypt |
Symmetric Encryption | N/A | EncryptDecrypt |