Cryptography

Symmetric and asymmetric encryption

Dawid Czagan
October 23, 2013 by
Dawid Czagan

This article explains how symmetric and asymmetric encryption work. It also describes how to build a secure mail system using these two types of encryption.

Learn Applied Cryptography

Learn Applied Cryptography

Build your applied cryptography and cryptanalysis skills with 13 courses covering hashing, PKI, SSL/TLS, full disk encryption and more.

Symmetric encryption

Let's assume that Alice wants to talk to Bob. She wants to keep the message secret. Bob is the only one who should be able to read the message. The message is confidential, so Alice uses a key to encrypt the message. The original message is called a plaintext while the encrypted message is called a ciphertext. The ciphertext is sent to Bob, who knows the key and uses the same symmetric cipher (e.g., AES or 3DES). Thus Bob is able to decrypt the message.

Alice and Bob share the key, which is called symmetric. They are the only ones who know the key and no one else is able to read the encrypted message. This way, confidentiality is achieved.

Key length vs. security

The key space doubles when one bit is added to the key. Longer keys are better, but don't necessarily increase security. Because people tend to use patterns for passwords, the attacker can build a dictionary of commonly used passwords and launch a dictionary attack. This way the attacker can save time, because he doesn't have to brute force the whole key space.

Symmetric vs. session key

The symmetric key can be changed every time Alice communicates with Bob. Then it is called a session key (randomly generated and valid only for one session). If an attacker grabs the session key, he can decrypt only the messages from one session. If Alice and Bob always used the same key, the attacker would be able to decrypt all messages encrypted with this key.

Scalability and secure key distribution

There are a few problems with symmetric ciphers. This system is not scalable. If there are 1,000 people who want to communicate with each other, everyone needs 999 different keys to establish separate and confidential communication channels. Secure key distribution is another problem. The security of the system is broken if a man-in-the-middle can grab the key while it is being transmitted from Alice to Bob.

Asymmetric encryption

Two keys are used in asymmetric cipher (e.g., RSA)—a public and a private one. The public one is available for everyone, but the private one is known only by the owner. When the message is encrypted with the public key, only the corresponding private key can decrypt it. Moreover, the private key can't be learned from the public one.

Asymmetric cipher solves the problem of secure key distribution. Alice takes Bob's public key and uses it to encrypt the session key. Only Bob can then decrypt the encrypted session key, because he is the only one who knows the corresponding private key. Asymmetric ciphers are quite slow when compared with the symmetric ones, which is why asymmetric ciphers are used only to securely distribute the key. Then, Alice and Bob can use symmetric cipher and the session key to make the communication confidential.

Use of an asymmetric cipher also solves the scalability problem. Everyone will need only one public key and one private key to communicate with other people.

Mail security

Let's analyze how symmetric and asymmetric encryption can be used to build secure mail system.

Achieving message confidentiality

Alice is going to send a mail to Bob. She wants to keep the message secret. Bob is the only one who should be able to read the message. Confidentiality can be achieved by using symmetric encryption. The key used for symmetric encryption (the session key) needs to be securely sent to Bob. Asymmetric encryption is used for the purpose of secure key distribution.

Let's analyze this process step by step. Alice generates a session key (SESSION_KEY) and encrypts it with Bob's public key (PUB_KEY_BOB). The result is PUB_KEY_BOB (SESSION_KEY), which is denoted by PART1. Then the message (MESSAGE) is encrypted with SESSION_KEY. The result is SESSION_KEY(MESSAGE), which is denoted by PART2. Finally PART1 and PART2 are sent to Bob. Only Bob can decrypt PART1, because he is the only one who knows the corresponding private key (PRIV_KEY_BOB). Bob decrypts PART1 and gets the SESSION_KEY. Then he uses SESSION_KEY to decrypt PART2 and get the MESSAGE.

Achieving message confidentiality, integrity, and authentication of the sender

Let's discuss a more complicated case. Alice is going to send a mail to Bob. Bob wants to verify the sender of the message and check whether its integrity is preserved. Moreover, the message should be kept secret. Bob is the only one who should be able to read the message.

Let's analyze this process step by step. Alice generates a session key (SESSION_KEY) and encrypts it with Bob's public key (PUB_KEY_BOB). The result is PUB_KEY_BOB (SESSION_KEY), which is denoted by PART1.

The message (MESSAGE) is hashed by Alice. The result is H(MESSAGE). The ideal hash function is irreversible (one can't get the message from the hash) and there are no two different messages MESSAGE1 and MESSAGE2 having the same hash. Then H(MESSAGE) is encrypted with the private key of Alice (PRIV_KEY_ALICE). The result is PRIV_KEY_ALICE(H(MESSAGE)), which is a digital signature of MESSAGE signed by Alice and is denoted by DIGITAL_SIGNATURE.

MESSAGE and DIGITAL_SIGNATURE are encrypted with SESSION_KEY. The result is SESSION_KEY(MESSAGE concatenated with DIGITAL SIGNATURE), which is denoted by PART2.

Finally PART1 and PART2 are sent to Bob. Only Bob can decrypt PART1, because he is the only one who knows the corresponding private key (PRIV_KEY_BOB). Bob decrypts PART1 and gets the SESSION_KEY. Then he uses SESSION_KEY to decrypt PART2 and gets MESSAGE concatenated with DIGITAL SIGNATURE.

Bob uses Alice's public key (PUB_KEY_ALICE) to decrypt DIGITAL_SIGNATURE. The result of decryption is H(MESSAGE). Then Bob calculates hash of MESSAGE and compares the result with decrypted DIGITAL_SIGNATURE. When they match, Bob knows that it was Alice who sent the message and exactly what message was sent by Alice.

Learn Applied Cryptography

Learn Applied Cryptography

Build your applied cryptography and cryptanalysis skills with 13 courses covering hashing, PKI, SSL/TLS, full disk encryption and more.

Conclusion

- Symmetric encryption is used to provide confidentiality of the message.

- Asymmetric encryption is used to securely distribute the session key.

- Asymmetric encryption solves the scalability problem related with symmetric encryption .

Dawid Czagan
Dawid Czagan

Dawid Czagan (@dawidczagan) has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, BlackBerry and other companies. Due to the severity of many bugs, he received numerous awards for his findings.

Dawid is founder and CEO at Silesia Security Lab, which delivers specialized security auditing services with a results-driven approach. He also works as Security Architect at Future Processing.

Dawid shares his bug hunting experience in his workshop entitled "Hacking web applications - case studies of award-winning bugs in Google, Yahoo, Mozilla and more". To find out about the latest in Dawid's work, you are invited to visit his blog (https://silesiasecuritylab.com/blog) and follow him on Twitter (@dawidczagan).