Cryptography is defined as hiding the message to make it secret using scrambled codes. It allows the date to be changed into a code that is not legal for not permitted person and it needs to be converted back to its original message for it to become readable. Encryption and decryption are the process of cryptography. Encryption is when the readable text is converted into coded text while the decryption is where the coded text is converted into readable text. There are numerous types of cryptography but the symmetric and asymmetric key cryptography is the most used technique.
1. Symmetric-key Cryptography
Symmetric-key Cryptography is also known as the private key cryptography. It is the oldest and well-known technique of cryptography. This method is simple which only requires each computer that has a code that will be encrypted by an encryption software into packets of data before it is sent across the network to another and the same code it will use to decrypt the message for the receiving computers. As we could see in the above Figure, the process of encrypting and decrypting messages begins from the original sender. First, the sender’s message for example, “Tesla is the Best” is the original message will be encrypted by an encryption software and it is protected by a secret key and it will become cipher text which will convert all characters into a text of scrambled characters that is difficult to understand. Then the cipher text will be transmitted in a secure manner. As the ciphered text will be decrypted by a decryption software using the same key from the encryption’s secret key, the ciphered text will return to its original text. For the encryption and decryption software, there are blowfish, AES, DES and RC4-6 but the widely common symmetric algorithm is the AES.
One of the main reason why symmetric key cryptography is used because of its complex security features. The main reason of its complex security is that it could deduce the key via brute-force attack which means it made it difficult to make a guess the encrypted password. When it faces by an attacker, the symmetric key algorithms will be more difficult to crack. Another reason is the speed of symmetric key. Since they have the same key for the encryption and decryption, the process will be easier and faster. An additional strength factor of symmetric key cryptography is the availability. Since it is widely used, a lot of programs are using symmetric type of cryptography and it is accessible for commercial use as well.
The main disadvantage of symmetric key algorithm was its acknowledgment of key. For it to be decoded by the receiver, their keys must be the same of the sender. The key of the sender and receiver used must be kept secure. If anyone found the key and knows the algorithm sequence of the structure of the message, all messages using the hacked key would be readable. Another disadvantage of symmetric key is its vulnerability. Once the hacker gets into the communication of either sender and receiver, all messages can be compromised.
There are two types of symmetric ciphers mainly used in field of technologies: stream ciphers and block ciphers. Stream ciphers includes RC4, Helix, A5/1-2, ISAAC and FISH while the block ciphers are RC5, AES, blowfish and DES. The most commonly used symmetric cipher is the AES. In the field of IT, AES is widely used in doing file transfers like FTPS and HTTPS. They are using AES for faster file transfer.
2. Asymmetric-key Cryptography
The Asymmetrical cryptography is also known as the public key cryptography. This method is completely different from symmetric since symmetric is using the same key to encrypt and decrypt the message while asymmetric cryptography is using different key to decrypt the message. There will be two types of keys in asymmetric, public key and secret key. The process starts with the sender’s message will be encrypted using the public key. The encrypted message will be delivered to the receiver then the receiver will use the secret key to decrypt the message. The message will be secured because of its uniqueness even when the hacker intercepts the message with the public key, they cannot decrypt it with their own decryption since it is only the private key who can decrypt it. There will be no risk for the communication since it is invulnerable and difficult in interception.
The main strength of asymmetric key encryption was its increased security. It is highly secured and the secret keys will not be needed to be transmitted to the receiver or anyone who is receiving the message. Further, there is no need for the keys to be exchanged from one to another. Another strength is the use of digital signature. The digital signature is required to validate a secured connection over the internet. The encryption strength of asymmetric key encryption is huge and vast that makes asymmetric algorithm difficult to hack.
One of the main weakness of asymmetric key encryption is the speed of encryption. It is slower than symmetric method as both sender and receiver uses different types of keys for it to be secured enough from the hackers to crack the public and secret key. Another weakness of asymmetric key is the length of key. The asymmetric uses long keys in order to secure the data. Key management and validation are also makes the asymmetric encryption weak. Almost all the business implements the Public Key Infrastructure also known as PKI. PKI manages the keys for the companies handled by the Certificate Authorities also known as the CAs. These will lead to a costly negotiation for the companies. Key validation on the other hand will ensure the key before decrypting the message that will provide delay since there are a lot of public-key.
In the field of technologies, Riverst-Shanmis-Adleman commonly known as RSA is the most commonly used method of asymmetric algorithm. Numerous protocols namely SSH, SSL/TLS and OpenPGP depend on RSA algorithm. SSH is the easiest and simplest protocol for RSA. SSH is also called as the Secure Shell. SSH is used for network communication from one computer to another computer. SSH work when the client initiates the connectivity to the server and after that the server will send its public key. Then the channel will be opened for each communicating device. And last, the user will login to the host server. CISCO communication will get in network using SSH for telnet to login to the user then to its routers or switches.