Symmetric and Asymmetric Key Encryption: Forming a Mental Model
Symmetric and Asymmetric Key Encryption: Forming a Mental Model
When being introduced to cryptography, an admittedly daunting subject, it’s best to start at the most common subjects first at a very high level and then go deeper once that view is understood; the nitty-gritty of the mathematics behind the crypto can wait. One of the best ways to learn anything new is by using mental models, which is to learn a thought process of how something works, and often how a process would work in the real world. I am often asked to explain the difference between symmetric and asymmetric encryption after people continually confuse the two. So, the purpose of this writing is to provide a very high-level, easy-to-understand mental model of symmetric encryption, asymmetric encryption, and digital signatures, which together make up some of the very basic basics of cryptography.
Starting off, we’ll create a scenario. Consider that two people, Alice and Bob, are very close friends (or perhaps more – who knows?) They also work in the same office and talk to each other via their work computers during the workday. A third office worker, Eve, is either annoyed or jealous at their relationship and tries to intercept and read messages sent between Alice and Bob. Both Alice and Bob know that Eve is tech-savvy and somewhat malicious towards their relationship.
Even though Alice and Bob have nothing to hide, the idea of Eve intercepting and reading their messages creeps them out, so they want to make themselves less vulnerable to such behavior. How would they go about this? The answer (or one of many answers) is encryption, and they want to use either symmetric or asymmetric encryption to protect their messages.
Symmetric Encryption: Shared Secret (Same Key)
In mapping the way encryption works to the way securing a message works in the real, physical world, symmetric encryption probably makes the most sense to most people. If Alice and Bob choose to go the symmetric encryption route, they both need to create one shared key that they both have and share with nobody else. Consider this scenario with a physical mailbox with a single lock that is unlocked by a single key, just like how locks work in the real world. They can make another copy of the single key so that only Alice and Bob have access to this mailbox. This duplicated key would be their shared secret, and Eve would be unable to open the messages locked in the box (encrypted) by either Alice or Bob because Eve does not have the key to unlock the box.
The term symmetric encryption comes from the fact that the same key is used to encrypt and decrypt (lock and unlock) the messages. Alice uses her copy of the key to unlock the box's lock, places the message inside, and then locks the box. Bob then uses his copy of the same key to unlock the box and retrieve the message. The same scenario played out in computer security terms is as follows: Alice encrypts the message using the shared key and then transmits the message over the network, and once Bob receives the message he decrypts it using the same shared key that he also has a copy of.
There is a flaw with symmetric encryption, though: how do both people get the shared key? In the physical world, it would be easy enough to make a copy of a physical key to a physical lock, and then give the other person that copy of the key. But in computer security, keys are not physical and participants are often very far away from each other. Bob could not simply send Alice a copy of the key over the network because then Eve could intercept that key and then can decrypt Bob and Alice’s messages, which would do nothing for the problem that they are trying to solve.
Asymmetric Encryption: Separate Public and Private Keys
Asymmetric encryption was created to solve the issue of both participants getting copies of the same key securely. However, the concept of asymmetric encryption does not map very well to the physical world, since similar concepts are not readily available on a daily basis for most people.
Consider mailboxes again, but two of them this time: Bob’s mailbox and Alice’s mailbox. Each mailbox has two locked doors, and thus the owners of the box need to deal with two keys. We’ll talk about Bob’s box alone since Alice’s box follows the same mechanisms.
Bob’s mailbox has a small upper door, with a key attached. The attached (public key) can be used by anyone to open the top door of Bob’s box, and behind this door is a slot that leads to a compartment behind that bottom door into which anyone can slip a message. However, nobody has access to the bottom door except for Bob, because Bob has another, a private key that only he has, which unlocks that bottom compartment. Once a message has been put into the slot of the top compartment, the public key cannot be used to retrieve a previously inserted message – ONLY Bob can open the box, and thus the message.
In computer security terms, Bob has a public key and a private key. Anyone can use his public key to encrypt a message. The public key is written in a way that a message encrypted with it cannot then be decrypted with the same key – in other words, this is a one-way function. What this means is, even though Bob’s public key is public, any message encrypted with it is specifically meant for Bob and can only be decrypted by Bob. So, Alice encrypts a message with Bob’s public key and transmits it over the network, where Bob receives the encrypted message. Now, Bob uses his private key to decrypt the message, and this key is the only key that can decrypt the message.
Since Alice has the same mechanism, Bob can use Alice’s public key to encrypt a message meant for Alice, and then Alice can decrypt the message with only her own private key, which nobody else has access to. In short, the sender encrypts with the intended recipient’s public key, and the recipient decrypts with their private key. This way, no key that can decrypt a message is sent over the network, so Eve cannot decrypt any message that is encrypted with either Alice or Bob’s public key because she does not have access to Alice or Bob’s private keys.
The term asymmetric encryption comes from the fact that different keys are used to encrypt and decrypt messages. Remember, same key = symmetric; different keys = asymmetric.
There is still an issue with this scenario, though. Since Bob’s public key is available to all who want to send him a secure message, Eve could conceivably write a mean message with Alice’s name on it, then encrypt the message with Bob’s public key and then transmit it to him. Bob may think that Alice was really the person who wrote the message and then believe that their friendship is over. How is Bob supposed to know that Alice did not really send this message? This issue is solved by digital signatures, which is something I will explain in a separate post.
Hopefully, this writing can provide a high-level understanding of symmetric and asymmetric encryption and the differences between the two encryption methods. Learning cryptography can get very messy, and it can seem like a very difficult subject to tackle (and in reality, it is quite difficult), but it is not impossible to learn. Start small and simple, and then work your way up to learning the various algorithms. There is a method to all this madness. Good luck with your cryptography-learning endeavors.