What are Symmetric and Asymmetric Cryptographies?

Encryption emerged as a method of keeping confidential information safe from unauthorized access. However, with the advancement of cryptanalysis, it was necessary to increase security and this also happened in the telecommunications environment.

Currently cryptography is no longer a mere system for shuffling letters, today, complex mathematical accounts, equations, intervals, modules, and integral and derivation rules are used to generate cryptographies, according to their encryption algorithms (which are several), and several use the symmetric or asymmetric method.

Symmetric Encryption

Symmetric encryption is encryption where there is a single key to encrypt and decrypt a text, document, or even an image, video, or software.

A simple example of symmetric encryption is when we use file compression software and assign a password to it. If the wrong password is used, it cannot recover the internal files.

No other password or key can recover the existing encryption.

This is useful when you need to transmit a secure file as well, however you will need to pass the same password as you encrypt the content to the third person, and you risk that this person can distribute this password so that others can read and even write new ones. items.

One of the biggest criticisms regarding the electronic ballot boxes used in Brazil, is that they use symmetric keys to encrypt the election data, in which if any individual has the password, he could very well manipulate this data without trace.

Asymmetric Cryptography

This method creates encrypted text using two keys for encryption and decryption.

The keys are mathematically related, so it allows the text to be transmitted in two different directions, and each individual will remain with their key. They are generally called: Public Key and Private Key.

Unlike symmetric, asymmetric cryptography is more complex and requires more computational resources.

However, it offers more security as long as the two keys are not discovered, and for this reason it is used in SSL technology on the Internet when browsing sites using "HTTPS", the client user has a public encryption key, and the server only the key toilet.

When connecting to the SSL server, your computer uses the public key to read and encrypt the data. The server takes care of reading your data and sending the requested data using the private key.

The security flaw that occurred called Heartbleed in 2014, was a flaw where the server delivered parts of the contents of the memory and revealed parts of the private key, causing attackers to be able to intercept SSL data traffic and capture user data on connections , including confidential data, passwords, access to banks, credit cards, among others.

No comments