Symmetric cryptography uses the same secret (private) key to encrypt and decrypt its data whereas asymmetric uses both a public and private key. Symmetric requires that the secret key be known by the party encrypting the data and the party decrypting the data. Asymmetric allows for distribution of your public key to anyone with which they can encrypt the data they want to send securely and then it can only be decoded by the person having the private key.
Let us see which one is faster!
Let us compare their performance by comparing the time taken by each to encrypt files of size 100MB,200MB,300MB,400MB and 500MB.
We use following syntax to create a file of 100MB size
jothis@jothis:~/Openssl$ dd if=/dev/zero of=100mb bs=1MB count=100
100+0 records in
100+0 records out
100000000 bytes (100 MB) copied, 0.373584 s, 268 MB/s
100+0 records in
100+0 records out
100000000 bytes (100 MB) copied, 0.373584 s, 268 MB/s
similarly we can create a file of 200MB size.
jothis@jothis:~/Openssl$ dd if=/dev/zero of=200mb bs=1MB count=200
200+0 records in
200+0 records out
200000000 bytes (200 MB) copied, 2.06894 s, 96.7 MB/s
Time taken for Symmetric encryption
jothis@jothis:~/Openssl$ time openssl enc -aes-256-cbc -in 200mb -out 200mb.enc -pass pass:hello
real 0m2.282s
user 0m1.224s
sys 0m0.272s
For Asymmetric Encryption we need a public key and a private keyreal 0m2.282s
user 0m1.224s
sys 0m0.272s
jothis@jothis:~/Openssl$ openssl req -x509 -nodes -days 100000 -newkey rsa:2048 -keyout privatekey.pem -out publickey.pem
Time taken by Asymmetric Encryption
jothis@jothis:~/Openssl$ time openssl smime -encrypt -aes256 -in 200mb
-binary -outform DEM -out 200mbasym.enc publickey.pem
real 0m4.080s
user 0m1.496s
sys 0m0.588s
Similarly we can calculate the time taken by each algorithm for files of size 100MB,300MB..etc.
Let us plot the time taken by both algorithm.We use gnuplot to plot a graph in ubuntu.
To install gnuplot
sudo apt-get install gnuplot
To plot the graph we write the time taken by each to two separate file "symmetric.txt" and "asymmetric.txt"
We use the following the syntax to plot the graph
$ set xlabel "Time(ms)"
$ set ylabel "File size(mb)"
$ plot "symmetric" using 2:1 with lines title "Symmetric encryption" "asymmetric" using 2:1 with lines title "Asymmetric encryption"
$ plot "symmetric" using 2:1 with lines title "Symmetric encryption" "asymmetric" using 2:1 with lines title "Asymmetric encryption"
So we can conclude that Symmetric encryption is faster than Asymmetric encryption
Which of these encryption algorithm is a better option to use ? Which one offers more and advanced level of security. Its clear from the figure that symmetric encryption is faster than asymmetric scheme.
ReplyDeletewhat is a digital signature
Hai Jimmy..
DeleteWell...one of the disadvantage of symmetric encryption is that both sender and receiver use the same key..because of that, if the key is compromised then the attacker can decrypt the message..but this won't happen in asymmetric key cryptography..
Both of these algorithm has its own disadvantages..based on the key.If the key is less secure then the attacker could easily compromise the secret message..
Digital Signature
Consider this example..suppose person 'A' has public key which is known to everyone (assuming that you know what a public and private key)..Now 'A' needs to send a secret message to 'B'.But how 'B' knows that whether the message actually comes from 'A' ?..For that 'A' will create a message digest which is the hash of the message..and sign(encrypt) the digest with his private key(only 'A' knows this key)..this is called digital signature(just like signing a document of your's to prove your identity)..when 'B' receives secrete message..he decrypts the signature thus changing it back into a message digest. If this worked, then it proves that 'A' signed the document.Then 'B' constructs a message digest of the message which is then compared with the message digest that 'B' obtained from decrypting the signature..if they match then 'A' actually sends the message ..
hope this helps you
This comment has been removed by the author.
ReplyDelete