What are the differences between symmetric and public key cryptography. Also give an example of when you would use each one.
Symmetric key cryptography is also known as shared key cryptography. As the name suggests, it involves 2 people using the same private key to both encrypt and decrypt information. Public key cryptography, on the other hand, is where 2 different keys are used – a public key for encryption and a private key for decryption.
Advantages and Disadvantages of symmetric key cryptography
Because symmetric key cryptography uses the same key for both decryption and encryption, it is much faster than public key cryptography, is easier to implement, and generally requires less processing power. A disadvantage of symmetric key cryptography is that the 2 parties sending messages to each other must agree to use the same private key before they start transmitting secure information. This may be impossible depending on the circumstances – because the 2 parties who want to communicate with each other through a secure means may be on different sides of the world. And this means that they will need a secure way to tell each other what the private key will be – if there were a secure way to do this, then the cryptography would not have been necessary in the first place in order to create that secure channel.
The advantage of using public key cryptography is that the public key used for encryption does not need to remain secure (that is why it’s called “public” – because it does not matter if other people know about it). What often happens is that people use public key cryptography to create a shared session key and then they communicate through symmetric key cryptography using the shared session key. This way they can get the best of both worlds – the performance/speed of shared key cryptography along with the convenience of public key cryptography.
How are public and symmetric key cryptography used on the web?
Actually both forms of cryptography are used today to get secure information from the Web. Using public key cryptography, your browser will actually create a shared session key with the Web site. And then your browser will communicate with the web site through symmetric key cryptography in order to actually obtain the private information.