17.3.3     Asymmetric vs. Symmetric

This is NOT the latest copy of this book; click here for the latest version.

At the most basic level, each method of encryption can be categorised as being asymmetric or symmetric - either you need one key to encrypt and another to decrypt, or the same key works both ways. Each has their own advantages and disadvantages, as per usual.

Asymmetric encryption, also known as public key encryption, means that you have one key for encryption (a public key) and another key for decryption (a private key). The public key can be given away freely to whoever wants it - after all, with just the public key your data cannot be read, because people would need the private key to decrypt your data. For example, if you sent out your public key to everyone who emails you, they would all be able to send you encrypted emails that only you would be able to decrypt and read.

Symmetric encryption, also known as secret key encryption, means that you have one key for encryption that works also as the key for decryption. The easiest symmetric encryption method to understand is called ROT13, and legend would have us believe it was first used by Julius Caesar to encrypt orders going to Roman troops. ROT13 works by shifting all letters in the alphabet thirteen places to the right - A becomes N, B becomes O, Z becomes M, etc. Because there are twenty-six characters in the English alphabet, performing ROT13 a second time results in the original text again - N becomes A, O becomes O, and M becomes Z.

Symmetric encryption is very easy to use, and usually very fast too. On the other hand, symmetric encryption keys must be kept secure - you would need to make sure each person who needs the key gets it without any risk of it getting out.

Asymmetric encryption is generally slower than symmetric encryption, however the public keys they use are safe to be published anywhere (even on the Internet) because to get the private key from a public key could take hundreds of years of work.