Symmetric vs Asymmetric encryption: What’s the difference?

Symmetric vs asymmetric encryption

Estimated reading time: 7 minutes

In this blog post, we explain the main differences between symmetric vs asymmetric encryption. This article will also explain which encryption method you should use.

Symmetric  vs Asymmetric encryption image
Symmetric vs Asymmetric Encryption

Some words about different encryption methods

In today’s world, scammers and other cyber-criminals are becoming more and more present affecting millions of users. To prevent these individuals from stealing our data we have to encrypt everything. Luckily, there are three different encryption methods that you can use: Symmetric encryption, Asymmetric encryption, and Hash functions (Keyless).

Right now, we’ll focus on symmetric encryption vs asymmetric encryption and leave the third (hash functions) for a later time.

Mailfence uses Symmetric and Asymmetric encryption as each method has its pros and cons. You will learn more about that later. Both encryption methods use keys to encrypt and decrypt data. The main difference is that symmetric encryption uses the same key to encrypt and decrypt data, while asymmetric encryption uses a pair of keys – public key to encrypt data and a private key to decrypt information.

Symmetric EncryptionAsymmetric Encryption
Uses a single key to encrypt and decrypt dataUses a public key to encrypt data and a private key to decrypt data
Faster encryption processSlower encryption process
Keys are 128 or 256-bit longKeys are 2048-bit or longer
Doesn’t use a lot of resourcesUses more resources
Cipher text is smaller or the same size as the original plain textCipher text is larger or the same size as the original cipher text
Provides confidentialityProvides confidentiality, non-repudiation and authenticity
Uses AES, DES, 3DES, IDEA, RC4, RC5, RC6 and Blowfish algorithmsUses Diffie-Hellman, RSA, ECC, DSA and El Gamal algorithms
Better at handling and transferring large amounts of dataBetter at handling and transferring smaller amounts of data
Has the risk of someone stealing the key if it is not managed properlyHas the risk of losing the key (the key is irrevocable)
Symmetric vs Asymmetric encryption key differences

What is symmetric encryption?

Symmetric encryption aka symmetric key cryptography uses one single key to encrypt and decrypt data. You have to share this key with the recipient. Let’s say you want to say I love you Mom, you would write your email, then set a secret key to encrypt it. When mom receives the message she would enter the secret key to decrypt the email.

Symmetric encryption
Symmetric encryption

Pros and cons of symmetric encryption

Let’s take a look at some of the pros and cons of symmetric encryption:

Pros:

  • Easier to implement and use
  • Faster than asymmetric encryption
  • Less resource-intensive
  • Good for handling and transferring larger amounts of data

Cons:

  • Less secure than asymmetric encryption
  • Loos of a key will mean that data encrypted with it is compromised
  • Key has to be shared securely with the other party

How does Mailfence incorporate symmetric key cryptography?

Mailfence offers password-encrypted messages (PEM) based on symmetric encryption. Our solution allows you to set a password hint that helps the recipient decrypt the message. You can share your key via an SMS, a phone call or during a physical meeting.

Also with Mailfence’s PEM, you can set an expiration date for the email. After the expiration date, the email cannot be decrypted anymore. Furthermore, we store password-encrypted messages in a zero-knowledge environment and encrypt them with your password. That way only you and the intended recipient have access to the message.

In case you would like to know more visit our dedicated knowledge base.

Here are some good practices to follow for our PEM:

  1. Never use your OpenPGP passphrase
  2. Never use your Mailfence account password
  3. If you are sending an important message make sure unwanted readers cannot guess your password.

There are many symmetric encryption algorithms for instance: DES, 3DES, AES, IDEA, RC4, RC5,… For your info, Mailfence uses AES in combination with other ciphers.

What is Asymmetric encryption?

As stated, earlier public-key encryption requires two keys to work. Firstly, a public key must be made public to encrypt the data. Also, a private key is used to decrypt the data. It sounds complicated enough. Let me break it down.

Asymmetric encryption
Asymmetric encryption

The public key and the private key are not the same thing but they are related. Moreover, you create your message then encrypt it with the recipient’s public key. After that, if the recipient wants to decrypt your message he/she would have to do it with his/her private key. Keep the (private) key private at all times, the best practice would be to store it locally. One requires greater knowledge than the average person to make this happen.

The emailing software of the recipient will see if the private key corresponds with the public key and then it will prompt the user to type the passphrase to decrypt the message.

Some best practices for asymmetric encryption:

  1. Use 2048-bit and longer keys
  2. Store your private key locally so you don’t forget it
  3. Don’t share your private key with anyone

Creating strong keys is the foundation of Asymmetric encryption. A good encryption practice would be to use multiple encryption methods instead of just one. Not everyone knows how to use public-key encryption so there may be occasions you have to use different encryption methods.

Mailfence uses Asymmetric encryption based on the RSA-algorithm for OpenPGP-based keys. ECC (Curve 25519) algorithm for OpenPGP-based keys is also supported.

Pros and cons of Asymmetric encryption

Asymmetric encryption also has its advantages and disadvantages. Let’s take a look at what they are:

Pros:

  • It’s more secure than symmetric encryption
  • Data can only be decrypted using the private key held by the owner
  • If the public key is lost or stolen, data won’t be compromised
  • Provides authentication and non-repudiation in addition to confidentiality

Cons:

  • It’s slower than symmetric encryption
  • Uses more resources
  • If the private key is lost, there is no way to retrieve it

Thoughts on Symmetric vs Asymmetric encryption

Which encryption should you use? Use Symmetric encryption when you would like to send a quick encrypted message. Use Asymmetric encryption when you have the verified OpenPGP public key of your recipient. Combine public-key encryption with digital signatures if you don’t want to take any chances. Don’t know how to send encrypted emails? Find out more in our blog post.

Symmetric vs Asymmetric encryption was a very interesting article for us to write. We hope, we have clarified the concept of Symmetric vs Asymmetric encryption. Stay tuned because Mailfence is planning to release more of these educational articles soon.

FAQ section

What is the difference between symmetric and asymmetric encryption?

Symmetric encryption uses a private key to encrypt and decrypt an encrypted email.
Asymmetric encryption uses the public key of the recipient to encrypt the message. Then if the recipient wants to decrypt the message the recipient will have to use his/her private key to decrypt. If the keys correspond then the message is decrypted.

Which Encryption is more secure?

In our opinion, one encryption method is not better than the other. It’s just a different way of encrypting. The user has to be mindful if he/she follows best security practices at all times.

What is the biggest drawback of symmetric key cryptography?

The biggest disadvantage is that you have to share the secret key somehow. There are many ways to share it however if an attacker finds out what the secret key is. Then emails that were encrypted with that secret key are compromised.

Get your secure email

Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team

You may also like...