+ 3

What's the Point of Symmetric Cryptography?

If symmetric Cryptography uses 1 key in order to encrypt and decrypt - it's not secure, because if a hacker sniffs your network, he'll get the key and will be able to read all the data... So what's good about it? (Besides of speed...)

3rd Sep 2021, 4:03 PM
Yahel
Yahel - avatar
7 odpowiedzi
0
Yahel, that’s a good question and it depends on the situation. In a scenario where you are working between different locations you could move the key on physical media. There are lots of cases where you might want to encrypt without sending the key, archiving for example.
3rd Sep 2021, 9:20 PM
DavX
DavX - avatar
+ 4
It all depends on the user case. Symmetric cryptography can be just as secure as asymmetric. If used with key rotation etc. You wouldn’t want to send your encryption key over the network at all. You can sniff as many packets of encrypted data as you like - as long as the algorithm used and key are secure/rotated, you won’t be able to retrieve the key. It’s all about how these things are implemented. Nothing is totally ‘secure’ (google cracking rsa with a microphone!). It’s how much effort, time and power would be required. Each have their pros/cons, sym is much faster. As mentioned in your other question, you can combine asym + sym, to get the best of both.
3rd Sep 2021, 4:21 PM
DavX
DavX - avatar
+ 2
Yahel You can compare them based on their use cases,asymmetric encryption is best for public channels,because although slower,it is better because third parties wont be able to easily access your data. Symmetric encryption on the other hand is best for non public /private channels. It is faster,efficient since you only need 1 key,hence easier encrypt and decrypt process. So its really based on what and where you will use it for. Also when you use smaller key sizes ex : 256 bit key,Symmetric is more secure. Asymmetric encryption that uses smaller keys makes the private keys easier to calculate.This is why larger keys are used in Asymmetric.
3rd Sep 2021, 4:36 PM
raynard
raynard - avatar
+ 1
Even it is not secure,using one shared key requires new key for each connection,but combined symmetric and asymmetric cryptography is widely used in modern technologies.Related to historical view, symmetric is the first known and used method.
3rd Sep 2021, 6:29 PM
HBhZ_C
HBhZ_C - avatar
+ 1
Using asymmetric cryptography first to secure connection between end points then when this is done they can transmit data using symmetric cryptography.example:read about ssl TLS and HTTPS mechanisms.
3rd Sep 2021, 8:30 PM
HBhZ_C
HBhZ_C - avatar
+ 1
DavX & HBhZ_C, thanks! Makes sense... have a good day :)
4th Sep 2021, 6:15 AM
Yahel
Yahel - avatar
0
DavX, you said that the encryption key shouldn't be sent over the network, so how will the other end of the connection will know how to decrypt the data if he doesn't have the key? HBhZ_C, how can you combine the 2 Cryptographic methods? How will the procedure go?
3rd Sep 2021, 7:33 PM
Yahel
Yahel - avatar