Problem solve Get help with specific problems with your technologies, process and projects.

# Which key is which?

## A look at the differences between symmetric and asymmetric keys.

Users new to the world of cryptography often find themselves confused about the appropriate cryptographic key to...

use for various applications. It's actually a relatively straightforward selection process that depends upon the algorithm you're using and the goal(s) you're trying to achieve.

Remember that there are two basic types of cryptographic algorithms – symmetric (private key) and asymmetric (public key) algorithms. Symmetric key algorithms use a single key to secure communications and achieve the goals of confidentiality, integrity and (sometimes) authentication. Asymmetric algorithms provide each user with a pair of keys – a public key and a private key. Users freely distribute their public key while keeping their private key secret. These keypairs are used to achieve all four cryptographic goals: confidentiality, integrity, authentication and non-repudiation. (If you need a refresher on these goals, see the tip Encryption and Electronic Mail).

An easy way to keep this straight is to remember that the symmetry in a symmetric algorithm results from the fact that both parties are using the same key. Asymmetric algorithms, on the other hand, do not achieve this symmetry – each participant in a communication uses a different key for their portion of the exchange.

Now the big question – which key should you use for a particular application? If you're using a symmetric algorithm, the answer is simple – you use the only key available to you, the secret key. If you're using a public key algorithm, it depends upon the application:

• To protect the confidentiality of a message, encrypt the message with the recipient's public key.
• To read an encrypted message sent to you, decrypt the message with your private key.
• To create a digital signature for a message, encrypt the message digest with your private key.
• To verify the digital signature for a message, decrypt the digital signature with the sender's public key and compare the result to the message digest you compute.

It's as simple as that! Take a few minutes to think through the scenarios and you'll be a master of cryptographic keys in no time!

Mike Chapple, CISSP, currently serves as Chief Information Officer of the Brand Institute, a Miami-based marketing consultancy. He previously worked as an information security researcher for the U.S. National Security Agency. His publishing credits include the TICSA Training Guide from Que Publishing, the CISSP Study Guide from Sybex and the upcoming SANS GSEC Prep Guide from John Wiley. He's also the About.com Guide to Databases.

This was last published in May 2003

## SearchCloudSecurity

• ### Unify on-premises and cloud access control with SDP

One security framework available to organizations struggling with on-premises and cloud access control issues is a ...

• ### 6 AIOps security use cases to safeguard the cloud

Explore six AIOps security use cases in cloud environments, such as threat intelligence analysis and malware detection, as well ...

## SearchNetworking

As workers grow comfortable enough to return to the office, network teams will need to plan in advance to make sure the network ...

• ### Aruba product integrations advance its SASE strategy

Aruba's latest SASE-related integrations involve the Silver Peak-based SD-WAN, Threat Defense and the ClearPass Policy Manager. ...

• ### Wi-Fi 6 rollout requires careful review of network devices

Wi-Fi 6 is just one part of the overall enterprise network. Organizations need to evaluate several network components to ensure a...

## SearchCIO

• ### CIO role post-pandemic is 'opportunity of a lifetime'

What is the CIO's role in 2021? Genpact's Sanjay Srivastava, a speaker at this year's MIT Sloan CIO Symposium, says CIOs are ...

• ### Hybrid care is healthcare's future

Hybrid care is neither digital nor physical, neither in-office nor at home. Instead, it's a little of everything, and one health ...

• ### Replacing vs. maintaining legacy systems

As CIOs embrace more digital technologies, it's important that they determine the current status of their legacy systems and ...

## SearchEnterpriseDesktop

• ### Apple takes its M1 chip to the iMac, iPad Pro

The proprietary Apple silicon allows for an iPad Pro and an ultra-thin iMac with faster processing and graphics than previous ...

• ### VMware launches Anywhere Workspace to secure remote workers

Anywhere Workspace is an integrated product bundle that includes Workspace ONE, the VMware secure access service edge ...

• ### Incorporating zero trust into endpoint security

Zero trust is a complex term, but organizations that take security seriously must know what it is and how it can support existing...

## SearchCloudComputing

• ### Elastic vs. AWS highlights open source monetization dilemma

The fight between AWS and Elastic over the commercial usage of Elasticsearch highlights how open source software vendors need to ...

• ### How to calculate cloud migration costs before you move

Here's a primer on how to calculate the total cost of a cloud migration and compare your on-premises expenses to what you'll ...

• ### Evaluate Azure CLI vs. PowerShell for resource management

Compare two popular resource management tools for Azure -- Azure CLI and PowerShell -- to determine if one, or a combination of ...

## ComputerWeekly.com

• ### SAP Q1 2021: Revenue nudges up 2% year-on-year, S/4 adoption up 2.5% on prior quarter

SAP has reported first quarter 2021 revenue of €6.35bn, up 2% on the same year-ago quarter. Cloud revenue has increased by 1% ...

• ### Mavenir gains new \$500m cash injection as it opens UK O-RAN development centre

Network software provider gains backing from specialist new economy investment firm to further accelerate its advancement of open...

• ### Met Office prepares for 1.5 million processor, 60 petaflop supercomputer

Azure, Cray supercomputers and Epyc core are the key ingredients inside weather forecasting service’s latest development to ...

Close