After having talked about the first cryptography methods in history, it is time to delve into modern cryptographic methods such as symmetric, asymmetric, hybrid cryptography (obviously a mixture of the previous ones) and finally the summary or hash functions (which do not strictly comply with the confidentiality function for which the cryptography is intended, since it is an irreversible encryption).
Symmetric cryptography only uses a key to encrypt and decrypt the message, which the sender and receiver have to know beforehand and this is the weak point of the system, the communication of the keys between both subjects, since it is easier to intercept a key that has been transmitted without security (saying it out loud, sending it by email or ordinary or making a phone call).
Theoretically, it should be easier to know the key by intercepting it than by brute-force testing it one by one, bearing in mind that the security of an encrypted message should fall on the key and never on the algorithm (so it would be an eternal task to burst the key , as I mentioned in an example of a brute force attack).
To give an example the machine Enigma (which was an electromechanical encryption machine that generated alphabets according to the position of some rollers that could have different orders and positions) used a symmetric method with an algorithm that depended on a key (which more than a key looks like a ritual) that is formed by : the rotors or rollers used, their order and the position of each ring, this being the most basic.
Machine Enigma It also had a code book that contained the key of the day and it made it a little more difficult to find the key, but it is not a secure enough key that it could not be burst, especially when the English, thanks to the Poles, got the algorithm, for this reason most of the days they got the key.
And another drawback of this system is that if you want to have totally confidential content with 10 people, you have to learn or sign up (this being less secure) the 10 keys for each person.
Asymmetric cryptography is based on the use of two keys: the public (which can be disseminated without any problem to all the people who need to send you something encrypted) and the private (which should never be revealed).
Knowing the above, if we want three co-workers to send us an encrypted file, we must send them our public key (which is linked to the private one) and they can confidentially send us that file that only we can decrypt with the private key.
At first glance it may seem like a somewhat lame since we could think that knowing the public key we could deduce the private one, but this type of cryptographic systems uses quite complex algorithms that generate from the passphrase (the password) the private and public key that can perfectly have a size of 2048 bits (probably impossible to bust).
As you may have noticed, only one person encrypts (with the public key) and the other is limited to looking at the content, so the correct way to have a two-way communication would be to carry out this same process with two pairs of keys, or one per each communicator.
Another purpose of this system is also to be able to sign documents, certifying that the issuer is who he claims to be, signing with the private key and verifying the identity with the public one.
Note: All this may seem confusing (and it is) but I’ll talk about how to put this into practice with GnuPG (a widely used free encryption tool for this purpose) and will be easier to understand.
Differences between symmetric and asymmetric cryptography
To begin with, symmetric cryptography is more insecure since passing the key is a great vulnerability, but it can be encrypted and decrypted in less time than asymmetric cryptography takes, which is the main drawback and is the reason why there is hybrid cryptography.
This system is the union of the advantages of the previous two, we must assume that the problem with both cryptographic systems is that the symmetric one is insecure and the asymmetric one is slow.
The process to use a hybrid cryptographic system is as follows (to send a file):
- Generate a public key and a private key (at the receiver).
- Encrypt a file synchronously.
- The receiver sends us his public key.
- We encrypt the key that we have used to encrypt the file with the public key of the receiver.
- We send the encrypted file (synchronously) and the encrypted file key (asynchronously and can only be seen by the receiver).
These are the modern cryptographic methods that we commonly use, although applications abstract us from all this, but we can do it manually if it were the case that we need to send certain content and we want it to have adequate confidentiality.
In Genbeta Dev | Cryptography