The two primary classifications of encryption schemes are public key encryption and symmetric key encryption. Public key encryption, also called asymmetric encryption, uses two keys: a public key and a private key; these keys are uniquely associated with a specific individual user. Symmetric key encryption, also called symmetric encryption, or secret key encryption, uses one key that you and the person you are communicating with (hereafter, referred to as your friend ) share as a secret. Public key algorithm keys typically have a length of 512 bits to 2,048 bits, whereas symmetric key algorithms use keys in the range of 64 bits to 512 bits.
When you are choosing an encryption scheme, realize that security comes at a price. There is usually a trade-off between resilience of the cryptosystem and ease of administration.
Hard to Break? Hard to Use!
The more difficult an algorithm is to crack, the more difficult it is to maintain and to get people to use properly. The paramount limitations of most respectable cryptosystems lie not in weak algorithms but rather in users' failure to transmit and store keys in a secure manner.
The practicality of a security solution is a far greater factor in encryption, and in security in general, than most people realize. With enough time and effort, nearly every algorithm can be broken. In fact, you can often unearth the mathematical instructions for a widely used algorithm by flipping through a cryptography book, reviewing a vendor's product specifications, or performing a quick search on the Internet. The challenge is to ensure that the effort required to follow the twists and turns taken by an encryption algorithm and its resulting encryption solution outweighs the worth of the information it is protecting.
How Much Time and Money Should You Spend on Encryption?
When the cost of obtaining the information exceeds the value realized by its possession, the solution is an effective one.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.