You are on page 1of 13

Symmetric vs. Asymmetric Encryption Which is best?

Asymmetric encryption
Asymmetric encryption, also known as public-key encryption, utilizes a pair of keys a
public key and a private key. If you encrypt data with the public key, only the holder of
the corresponding private key can decrypt the data, hence ensuring confidentiality.
An asymmetric encryption scheme AE = (K, E, D) consists of three algorithms, as
The randomized key generation algorithm
The encryption algorithm
The deterministic decryption algorithm
An asymmetric encryption algorithm typically involve exponential operations, they are
not lightweight in terms of performance. For that reason, asymmetric algorithms are often
used to secure key exchanges rather than used for bulk data encryption.
Symmetric encryption
Symmetric encryption, as the name suggests, means that the encryption and decryption
operations utilize the same key. For two communicating parties using symmetric
encryption for secure communication, the key represents a shared secret between the two.
There exist many symmetric encryption algorithms. A few of the well-known ones
include AES, DES, Blowfish, and Skipjack.
Symmetric encryption is typically more efficient than asymmetric encryption, and is
often used for bulk data encryption.
Attack a cryptosystem
Given enough computing resources, both symmetric and asymmetric encryption can be
broken. The most basic way to attack a symmetric cryptosystem is brute-force attacks,
where you essentially try every combination of a key. For a 128-bit key, there are 2^128
combinations to attempt, which requires extensive computing resources. Other

cryptanalysis attacks, including chosen-ciphertext and chosen-plaintext attacks, can be

more efficient than brute-force, but they require a priori knowledge to work.
To guard against brute-force attacks, the key length of a symmetric cryptosystem needs to
be sufficiently long. The Advanced Encryption Standard (AES) algorithm with 256-bit
key is considered secure enough for most purposes. And the implementation can be made
relatively efficient.The best way to attack a well-designed RSA implementation is
through factoring of RSAs public modulus, which is a large number. Factoring large
numbers, with todays best known factoring techniques, is a compute-intensive problem.
RSA (the company), ran a factoring challenge from 1991 to 2007, during which an RSA
768-bit modulus was factored successfully. In 2010, a 1024-bit RSA modulus was
factored with relatively low cost.Today, RSA implementations typically require a 2048bit key to be secure. For ultra sensitive operations, you would want 4096-bit keys. Of
course the longer the key length, the more expensive it is to run the encryption and
decryption operations.
Which Method Is Right For You?
How to choose symmetric vs. asymmetric cryptosystems? Here are a few tips:
The case for symmetric-key cryptography

Symmetric key cryptosystems have been shown to be more efficient and can

handle high rates of data throughput

Keys for symmetric-key cryptosystems are shorter, compared to public key


Symmetric key ciphers can be composed together to produce a stronger

The case for asymmetric-key cryptography

In a large network, asymmetric key cryptography yields a more efficient system

for key management, as you dont have to manage pair-wise keys for every
communicating pair.

Asymmetric key cryptosystems are good for digital signatures and key exchange

use cases

In many cases, the public and private key pairs in an asymmetric-key

cryptosystem can remain intact for many years without compromising the security of
the system. SSL certificates are one such example.
One of the most interesting facts about asymmetric key cryptosystems is that the security
of these systems is based on a small set of number-theory problems that are presumed
difficult but were never mathematically proven to be difficult. Factoring, for instance, is
one such problem. Advances in number theory could one day render factoring a much
easier problem hence diminishing security of many asymmetric key cryptosystems.
For CipherCloud, as we routinely protect customer data migrating to the cloud. We chose
AES, a symmetric cipher, with a strong 256-bit implementation. With this choice, not
only our implementation remains efficient, it also lends itself to a model where our
customers retain exclusive control of the key.
SHA-512 is the version of SHA with a 512-bit message digest. This version, like the
others in the SHA family of algorithms, is based on the Merkle-Damgard scheme.

Messages digest creation SHA-512

Message Preparation
SHA-512 insists that the length of the original message be less than 2128 bits.
SHA-512 creates a 512-bit message digest out of a message less than 2128.
Padding and length field in SHA-512:

What is the number of padding bits if the length of the original message is
2590 bits?

The padding consists of one 1 followed by 353 0s.

1 . Do we need padding if the length of the original message is already a multiple
of 1024 bits?
Yes we do, because we need to add the length field. So padding is needed to make
the new block a multiple of 1024 bits.

What is the minimum and maximum number of padding bits that can be added
to a message?
a. The minimum length of padding is 0 and it happens when
(M 128) mod 1024 is 0. This means that |M| = 128 mod 1024 = 896 mod
1024 bits. In other words, the last block in the original message is 896 bits. We
add a 128-bit length field to make the block complete.
b. The maximum length of padding is 1023 and it happens when (|M| 128) = 1023
mod 1024. This means that the length of the original message is |M| = (128
1023) mod 1024 or the length is |M| = 897 mod 1024. In this case, we cannot just
add the length field because the length of the last block exceeds one bit more than
1024. So we need to add 897 bits to complete this block and create a second block
of 896 bits. Now the length can be added to make this block complete.

A message block and the digest as words

Compression Function
Compression function in SHA-512

Whirlpool is an iterated cryptographic hash function, based on the Miyaguchi-Preneel
scheme, that uses a symmetric-key block cipher in place of the compression function.
The block cipher is a modified AES cipher that has been tailored for this purpose.
Whirlpool hash function

General idea of the Whirlpool cipher

Block and state in the Whirlpool cipher

Structure of Each Round

Each round uses four transformations.

SubBytes transformations in the Whirlpool cipher

SubBytes in the Whirlpool cipher

ShiftColumns transformation in the Whirlpool cipher

MixRows transformation in the Whirlpool cipher

AddRoundKey transformation in the Whirlpool cipher

Key expansion in the Whirlpool cipher

Diffie-Hellman Method For Key Agreement

The "Diffie-Hellman Method For Key Agreement" allows two hosts to create and share a
secret key.
1) First the hosts must get the "Diffie-Hellman parameters". A prime number, 'p' (larger
than 2) and "base", 'g', an integer that is smaller than 'p'. They can either be hard coded or
fetched from a server.
2) The hosts each secretly generate a private number called 'x', which is less than
"p 1".
3) The hosts next generate the public keys, 'y'. They are created with the function:
y = g^x % p
4) The two host now exchange the public keys ('y') and the exchanged numbers are
converted into a secret key, 'z'.
z = y^x % p
'z' can now be used as the key for whatever encryption method is used to transfer
information between the two hosts. Mathematically, the two hosts should have generated
the same value for 'z'.
z = (g^x % p)^x' % p = (g^x' % p)^x % p
All of these numbers are positve integers

means: x is raised to the y power

means: x is divided by y and the remainder is