Cryptography

# Introduction to Asymmetric Cryptography

November 23, 2020 by
Nitesh Malviya

Cryptography uses symmetric and asymmetric encryption for encryption and decryption of data. In this post, we will be focusing on and discussing asymmetric encryption in detail.

Asymmetric encryption is when the sender and the recipient of the data use different keys to encrypt and decrypt the data. Asymmetric encryption makes use of two keys: one for encryption and other for decryption. Key use for encrypting the data is called a public key and the other key for decrypting the data is called a private key.

The public key is distributed publicly to the involved parties for encryption and the private key is stored on the server for decrypting the encrypted data. Private Key must be stored securely on the server and should not be accessible to anyone. Anyone having access to the key can decrypt encrypted data and read the data in plain text.

Learn Applied Cryptography

Build your applied cryptography and cryptanalysis skills with 13 courses covering hashing, PKI, SSL/TLS, full disk encryption and more.

Since asymmetric encryption uses two keys, it is more complex and time-consuming and requires more computational power than symmetric encryption. Asymmetric encryption ensures authentication and non-repudiation along with encryption. The usual key size involved in asymmetric encryption is 1024-4096 bit in length. Asymmetric encryption is ideal for applications where a small amount of data needs to be encrypted.

## Asymmetric encryption algorithms

The following algorithms use asymmetric encryption for encrypting the data:

1. RSA (Ron Rivest, Adi Shamir, and Leonard Adleman)
2. DSA (Digital Signature Algorithm)
3. ECC (Elliptic Curve Cryptography)
4. Diffie-Hellman
5. El Gamal

## Asymmetric encryption applications

1. Confidentiality of data
2. Authenticity using digital signatures
3. Integrity of information exchange
4. Non-repudiation

### Sources

Nitesh Malviya

Nitesh Malviya is a Security Consultant. He has prior experience in Web Appsec, Mobile Appsec and VAPT. At present he works on IoT, Radio and Cloud Security and open to explore various domains of CyberSecurity. He can be reached on his personal blog - https://nitmalviya03.wordpress.com/ and Linkedin - https://www.linkedin.com/in/nitmalviya03/.