Asymmetric or Symmetric Encryption - Assignment Example

Asymmetric or Symmetric Encryption Thesis Statement Parties involved in data transfer must carefully examine their requirements and advantages and disadvantages of each technique to decide which one to use. Introduction This paper sheds light over the usage of two techniques, symmetric and asymmetric, of encryption. Aimed to formulate a possible solution for two organizations, ABC Institute of research and XYZ Inc, this paper examines the two encryption techniques. The organizations share very sensitive and private data in a research on genetic and want to keep the data secure and away from its rivals. The paper then discusses the advantages and disadvantages of each encryption technique and concludes on the fact that both have their good and bad points. It is eventually up to the parties involved to decide which technique suits their needs. Encryption Encryption is the term given to the practice of encoding date to keep unlawful and unauthorized individuals or groups from accessing it and, perhaps, altering it. This is usually done to protect private data such as company documents and e-mails safe. The higher and stronger the levels of encryption used, the more tedious and tough it is for the hackers to break the code. (Brandt & Krasne, 2000) The data to be encrypted is passed through an algorithm that, based on a key, encodes the data. The key is then again used to decode the data and convert it into meaningful form. There are two kinds of encryption namely symmetric encryption and asymmetric encryption. Symmetric Encryption In symmetric encryption, the data or document that is to be encoded is passed through the program and a key is created that jumbles up the file content. This rearranging of the data could be repeated more times. The final encrypted file is then mailed to the recipient along with the key that was used in the encryption process. To convert the file back into meaningful form, the recipient runs the file using the same application and the key (Brandt & Krasne, 2000). As you can see, this process is fast, but is relatively unsafe because the key could be easily hacked during transfer. However, because of its simplicity and speed, it is very commonly used in e-commerce transactions. (Brandt & Krasne, 2000) Asymmetric Encryption This technique is more secure. It makes use of two different keys in the process namely public key and private key. The public key is made public and anyone who wishes to transfer any type of data to you could use it. This key, however, can only be used to encode the data. For decoding, the private key is used. This key is not accessible by anyone except the recipient himself. The idea is that only a unique combination of public key and private key can be used in the encoding and decoding process and no other combination would work. (Brandt & Krasne, 2000) Solution for ABC Institute of Research and XYZ Inc Ideally, a company should use a combination of symmetric encryption and asymmetric encryption to maximize the benefits and minimize the drawbacks of each approach. However, as it is mentioned that ABC Institute has extremely sensitive information that must be protected from rivals no matter what the costs are, it is advisable to use the Asymmetric approach. Any transfer of sensitive data between the two organizations regarding the research on genetics must be encoded by the sender and decoded at the recipient’s end. ABC Institute and XYZ inc. should both have their private keys safe with them and the public keys given to each other. On transfer, the data should be encrypted using the public key and then decoded using the matching private key by the recipient. If the data is not being transferred, it is still desirable that ABC Institute stores the data in encrypted form so that unauthorized personnel in the company or illegal access through hacking can be prevented. This could be done by giving access of private key to only those personnel who are authorized to view or change the data. Symmetric versus Asymmetric Both approaches have their advantages and disadvantages. Obvious advantages of symmetric encryption are fast speed and simplicity. There is a much simpler algorithm for the process and the program is less complex also. This means that it takes less of CPU time to execute and proves to be the more viable option when very frequent transfers of data are being done with relatively lesser need for security. (Clercg, 2006) However, Symmetric encryption is less secure and less reliable compared to the Asymmetric encryption. Because the entire encoding and decoding is done through one key, it is prone to be easily cracked by “brute force” attack, in which all possible keys are tested until the one that works is determined (Clercg, 2006). Besides that, more managing is required to ensure safety in the transfer of the file and key e.g. a secret channel is set up to transfer the secret key (Clercg, 2006). Asymmetric encryption has many advantages over Symmetric encryption. Firstly, no secret channel is required to send the public key so less management is needed. Secondly, it offers a much higher level of security and privacy and it is much more difficult to crack. However, Asymmetric encryptions are estimated to be around 1000 times slower than Symmetric encryptions (Clercg, 2006). This makes frequent exchanges of data tedious and time consuming. Conclusion There is no one winner between symmetric encryption and asymmetric encryption. Both have their pros and cons. It is up to the parties involved in the transfer of data to decide which approach to use. Ideally, however, a combination of the two should be used to maximize gains and minimize drawbacks of both the approaches. This can be done by using Symmetric Encryption for the more frequent, relatively less secret data and Asymmetric Encryption for the data that involves high level of security and privacy. In the situation of ABC Institute and XYZ inc, it is advisable to use the Asymmetric Encryption because of the highly sensitive nature of the information involved in the research. References Brandt, A., & Krasne, A. (2000, February 14). How It Works: Encryption. Retrieved November 21, 2009, from PC World: http://www.pcworld.com/article/15230/how_it_works_encryption.html Clercg, J. D. (2006, October 16). Symmetric vs. Asymmetric Ciphers. Retrieved November 21, 2009, from Windows IT Pro: http://windowsitpro.com/articles/articleid/93787/Symmetric_vs_Asymmetric_Ciphers.html Read More