Introduction to Symmetric and Asymmetric Encryption
suggest changeYou can improve the security for data transit or storing by implementing encrypting techniques. Basically there are two approaches when using System.Security.Cryptography: symmetric and asymmetric.
Symmetric Encryption
This method uses a private key in order to perform the data transformation.
Pros:
- Symmetric algorithms consume less resources and are faster than asymmetric ones.
- The amount of data you can encrypt is unlimited.
Cons:
- Encryption and decryption use the same key. Someone will be able to decrypt your data if the key is compromised.
- You could end up with many different secret keys to manage if you choose to use a different secret key for different data.
Under System.Security.Cryptography you have different classes that perform symmetric encryption, they are known as block ciphers:
- AesManaged (AES algorithm).
- AesCryptoServiceProvider (AES algorithm FIPS 140-2 complaint).
- DESCryptoServiceProvider (DES algorithm).
- RC2CryptoServiceProvider (Rivest Cipher 2 algorithm).
- RijndaelManaged (AES algorithm). Note: RijndaelManaged is not FIPS-197 complaint.
- TripleDES (TripleDES algorithm).
Asymmetric Encryption
This method uses a combination of public and private keys in order to perform the data transformation.
Pros:
- It uses larger keys than symmetric algorithms, thus they are less susceptible to being cracked by using brute force.
- It is easier to guarantee who is able to encrypt and decrypt the data because it relies on two keys (public and private).
Cons:
- There is a limit on the amount of data that you can encrypt. The limit is different for each algorithm and is typically proportional with the key size of the algorithm. For example, an RSACryptoServiceProvider object with a key length of 1,024 bits can only encrypt a message that is smaller than 128 bytes.
- Asymmetric algorithms are very slow in comparison to symmetric algorithms.
Under System.Security.Cryptography you have access to different classes that perform asymmetric encryption:
- DSACryptoServiceProvider (Digital Signature Algorithm algorithm)
- RSACryptoServiceProvider (RSA Algorithm algorithm)
Found a mistake? Have a question or improvement idea?
Let me know.
Table Of Contents