SYMMETRIC ENCRYPTION IS OUTDATED: A COMMON MYTH
Dr. S.A.M Rizvi , Department of Computer Science, Jamia Millia Islamia,New Delhi
Neeta Wadhwa, Department of Computer Science, Jamia Millia Islamia,New Delhi
Abstract— Cryptography is one of the technological means to provide security to data being transmitted on information and communications systems. Cryptography is especially useful in the cases of financial and personal data, irrespective of the fact that the data is being transmitted over a medium or is stored on a storage device. Cryptanalysis is the science of recovering the plaintext of a message without access to the key.The present paper discusses some of the basic considerations about symmetric and asymmetric encryption. This paper compares the functionality, benefits and suitability of symmetric and asymmetric encryption methodology. It also discusses how to study and analyze the security of different algorithms from cryptanalyst point of view.
Keywords- Symmetric Encryption, Asymmetric Encryption, Cryptanalysis.
Cryptography is the art and science of secret writing. The term is derived from the Greek words: ‘kryptos’ means “ hidden” and ‘ logos’ means “ word “. Encryption is the actual process of applying cryptography. Much of cryptography is math oriented and uses patterns and algorithms to encrypt messages, text, words, signals and other forms of communication. It enables us to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. The emphasis of cryptography is on data confidentiality, data integrity, sender authentication, and non-repudiation of origin/data accountability.
II.Symmetric vs Asymmetric Encryption
Both the symmetric and asymmetric encryption are being used as a complimentary to each other in the world of cryptography. They are distinct in terms of handling the various keys involved in the encryption/ decryption process.
A. Symmetric encryption
It also called private-key encryption or secret-key encryption) involves using the same key for encryption and decryption. This encryption process is simple . Each trading partner can use the same publicly known encryption algorithm - no need to develop and exchange secret algorithms . Security is dependent on the length of the key. But a shared secret key must be agreed upon by both parties, if a user has n trading partners, then n secret keys must be maintained, one for each trading partner authenticity of origin or receipt cannot be proved because the secret key is shared ,thus management of the symmetric keys becomes problematic. • Problems with Management of Symmetric Keys
• trading partners must always use the exact same key to decrypt the encrypted message • key exchange is difficult because the exchange itself must be secure with no intervening compromise of the key • management of keys is difficult as numbers of trading partners increases, especially when multiple keys exist for each trading partner B. Asymmetric encryption
In an asymmetric cryptosystem (or public-key cryptosystem), keys exists in pairs: • A public key for encryption
• A secret key for decryption.
One is used for encryption and the other one for decryption. The decryption key is typically kept secretly, therefore called ``private key'' or ``secret key'', while the encryption key is spread to all who might want to send encrypted messages, therefor called ``public key'' Everybody having the public key is able to send encrypted messages to the owner of the secret key. The secret key can't be reconstructed from the public key. The idea of asymmetric algorithms was first published 1976 by Diffie and Hellmann. III. PEER RESEARCH
Many cryptographic systems have no (practical) known weakness and so the only way of “cracking” them is to use a...
References: . Delfs.Knebl , Introduction to Cryptography, Springer 2003.
 D. Kahn, The Codebreakers: The Story of Secret Writing, New York: Macmillan Publishing Co., 1967.
 Gutavus J. Simmons, “Symmetric and Asymmetric Encryption “, Computing Surveys, Vol 11, 4, December 1979.
 KetuWare, “a division of Midwest research corporation”, 2003-2004.
 Nathaniel Couture Kenneth B.K, “The Effectiveness of Brute Force Attacks on RC4”, Proceedings of the Second Annual Conference on Communication Networks and Services Research (CNRS,04), IEEE,2004.
 Susan Landue, “ Designing Cryptography For New Century”, Communications of The AMC May 2000/ vol.143, No.5 115.
Please join StudyMode to read the full document