Read time: 9 minutes

Asymmetric and symmetric encryptions are the types of encryptions used in cryptography. There is only one key involved in symmetric encryption, which is used for both encryption and decryption. The key has to be shared among the parties involved who wish to encrypt and decrypt data. In comparison, asymmetric encryption uses two separate keys which are related to each other mathematically. The keys are called Private keys and public keys. Generally, a certificate is associated with a public key, which holds the information about the public key owner. The certificate contains information such as name, organization name, algorithms used, etc. Even though symmetric and asymmetric encryption seems similar, symmetric encryption is comparably faster than asymmetric encryption; thus, performance-wise, asymmetric encryption is slower, which is why symmetric encryption is often used in conjunction with asymmetric encryption. We will explore more about this on the use cases discussed below.  

Symmetric Encryption

As discussed above, symmetric encryption uses the same key for encryption and decryption, so the sender would somehow send the key to the receiver to decrypt the encrypted data. The key involved has to be protected and transferred securely. If the key is lost, then the data cannot be decrypted, and if the key gets compromised, that will compromise the encryption. 

Thus, symmetric keys are transferred among parties using asymmetric encryption, ensuring that the symmetric key remains encrypted. Two different keys are now involved in encrypting and decrypting the data.  

Symmetric encryption is comparably much faster than asymmetric encryption, which is why it is still used massively today.  

Asymmetric Encryption

Asymmetric encryption uses two separate keys which are mathematically involved with each other. The first key is called the private key. The private key is the one that is heavily protected. Often this key remains in an HSM or an air-gapped computer to ensure the protection of the private key. The public key is derived from the private key and can be distributed. A certificate is often created with a public key containing information about the key’s owner and a few details about the key itself.  

The key pair relies on prime numbers of extended length. The public and private keys are computed simultaneously, using the same mathematical operation, namely trapdoor functions. The most characteristic of trapdoor functions is that they’re simple to calculate in one direction, nevertheless troublesome calculating in the reverse order. Using a private key, we can find the public key, but the private key cannot be obtained using the public key.  

Even though asymmetric encryption provides more protection to the keys, they are comparatively slower than symmetric encryption. For this reason, asymmetric encryption is often used to exchange the secret key, which can be used to establish symmetric encryption for faster data transfer and make encryption and decryption of the data faster. 

Use Cases

Symmetric Encryption
Symmetric Encryption uses one key for encryption and decryption, which is why it is best used to encrypt and decrypt local data. Some of the use cases involving symmetric encryption can be: 

  •  Data at rest: Data at rest refers to data stored in a physical drive and is not transferred among devices. This data can be stored in hard drives, SSD, flash drives, etc. Data at rest often involves data that can be valuable to attackers as it usually contains customer information, employee information, trade secrets, Intellectual Properties, etc. To be able to protect this data adequately, organizations use symmetric encryption.
    One effective way to encrypt all the data in a physical drive is to encrypt the drive itself. This is called whole disk or full disk encryption, which has fewer benefits than partial or folder encryption. Many files (such as Word files) create a temporary file while it is opened. This temporary file can remain unencrypted. Many Linux distribution does provide full disk encryption while installing the operating system, and Microsoft delivers BitLocker Drive Encryption for Windows. Full drive encryption does leave the boot volume unencrypted for the operating system to boot, but every other volume, including swap space and temporary files, remains encrypted.
  • Banking and Payment Industry: The banking and Payment Industry is one of the most secure industries, and there are many compliances involved in keeping it safe. Nevertheless, it is also one of the busiest industries, which requires them to be fast. Symmetric encryption provides fast encryption and decryption of a large amount of data, which includes the transaction. It can often contain Personal Identifiable Information (PII), which needs to be protected for being compliant with PCI DSS and preventing Identity Theft. They also need to ensure the identity of the user and the authenticity of the transactions fast. This is one of the reasons why the banking industry uses symmetric encryption.

Asymmetric Encryption 
Asymmetric Encryption is slower than symmetric encryption, so it is used for small amounts of data, such as exchanging secret keys or providing digital identities.

As organizations move to the digital age, digital signatures become crucial to identifying authentic data and ensuring someone’s identity. Digital signatures provide that the data involved has not been modified and if the data (which can include PDF, applications, etc.) is authentic.  The recipient of signed data will use a digital signature to demonstrate to a 3rd party that the claimed individual generated the signature. This is often called non-repudiation since the individual cannot simply repudiate the signature at a later time.

The following steps explain how a digital signature is used to exchange information between a sender and a receiver:

  1. First, the data that would be transferred is hashed using some hashing algorithms such as SHA-256. Hashing is a one-way function and produces a unique value for unique input. The original data cannot be obtained using the hash value. This ensures data integrity, as if the data is modified, the corresponding hash value will also change.
  2. The hash is then encrypted using the sender’s private key. This creates a digital signature.
  3. The digital signature would now be attached and sent to the sender.
  4. After receiving the data and the digital signature, the signature is decrypted using the sender’s public key, which provides the hash value generated on the first step.
  5. The receiver then hashes the obtained data.
  6. If the hash obtained on step 5 is equal to the hash receiver got on step 4, it ensured data integrity. If, however, the hashes do not match, then the data has been modified.

Digital signatures are meant to be used in emails, transferring data, distributing software, and other applications, requiring data integrity and ensuring the authenticity of the data origin.

Use case of Asymmetric and Symmetric Encryption

Asymmetric and symmetric encryption is often used in combination with each other to maintain a balance of performance, secure transfer, identification, etc. A single one may not be able to achieve alone. 

Use case 1: Messaging Applications

Many messaging applications such as WhatsApp, telegram, Signal provide end-to-end encryption to provide confidentiality of the users involved and authenticate users to communicate with each other securely. 

In end-to-end encryption, the messages and calls are encrypted so anyone apart from the users would not obtain plaintext information. Only the data is encrypted, but the headers, trailers, and routing information of the messages remain unencrypted.

One of the best features is that even if the key is somehow compromised from the user’s physical device, that key cannot be used to decrypt any previously encrypted text.

To be able to achieve this, both symmetric and asymmetric encryptions are used. Asymmetric encryption is used to initiate the conversation among the users, which involves exchanging secret keys for symmetric encryption. After the communication is established and a secret key is exchanged, symmetric encryption is used for the whole duration of the communication.

First, when the application is installed on the user’s end, the key pair is created. The user’s public key is registered and stored in the application server, but the private key remains in the user’s device. The user who wants to initiate the conversation obtains the receiver’s public key from the application server. Using the public key, the sender sends an encrypted message to the receiver. The encrypted message contains parameters to establish a symmetric session among the parties involved. The receiver would use their private key to decrypt the message and develop symmetric encryption between the sender and the receiver. Once the session has been established, clients exchange messages protected with a Message Key using AES256 in CBC mode for encryption and HMAC-SHA256 for authentication. The encrypted session would be recreated only when the application is re-installed, or the device is changed.  

Use case 2: HTTPS

HTTPS (Hypertext Transfer Protocol Secure) is a secure version of the HTTP protocol that uses the SSL/TLS protocol for encryption and authentication.  HTTPS is specified by RFC 2818 (May 2000) and uses port 443 by default instead of HTTP’s port 80. 

The HTTPS protocol makes it possible for website users to transmit sensitive data such as credit card numbers, banking information, and login credentials securely over the internet. For this reason, HTTPS is essential for securing online activities such as shopping, banking, and remote work. HTTPS is now the standard protocol for all websites, whether they exchange sensitive data with users. 

An HTTPS connection between a client and a server uses both symmetric and asymmetric encryption. Like the previous one, asymmetric encryption is first used to establish communication and exchange secrets, and then symmetric encryption is used for the rest of the communication. The key used for symmetric encryption is called session keys. Session keys are randomly generated when a session is created and are used for that particular session only.  The steps involved in HTTPS are: 

  1. When the client tried to connect to the server, the server first sends a TLS certificate. The respective CA would verify the certificate to ensure the authenticity of the certificate and the server involved.
  2. The certificate also contains cipher suits and the maximum TLS version supported.
  3. After the certificate is verified and the algorithms and TLS versions are set to be the maximum among the client and the server, the client generates a session key. The session key is encrypted using the server’s public key and is sent to the server.
  4. The server decrypts the session key using its private key.
  5. The session key is then used for symmetric encryption, and data is exchanged among the server and the client using the session key.
  6. The session continues with only symmetric encryption.

Conclusion

Symmetric encryption is indeed one of the fastest encryption techniques, but the secret key needs to be exchanged securely to be effective. Asymmetric encryption is thus used to exchange the key involved for symmetric encryption. In both use cases, asymmetric encryption is used briefly to exchange parameters and establish symmetric encryption used for the rest of the communication.  Being slow and resource exhaustive, asymmetric encryption is only used to cover the shortcomings of symmetric encryption. Thus, both of them are used together to achieve ideal secure communication, maintain privacy, achieve authenticity, data integrity, and proper authentication. 

About the Author

Anish Bhattacharya is a Consultant at Encryption Consulting, working with PKIs, HSMs, creating Google Cloud applications, and working as a consultant with high-profile clients.

Search any posts

A collection of Encryption related products and resources that every organization should have!

Cyber security experts conference 2022

Free Downloads

Datasheet of Encryption Consulting Services

Encryption Consulting is a customer focused cybersecurity firm that provides a multitude of services in all aspects of encryption for our clients.

Download

Read time: 5 minutes 2 seconds

Organizations nowadays are storing and performing computation of the data on the cloud instead of handling themselves. Cloud Service Providers (CSPs) provide these services at an affordable cost and low maintenance. But to ensure compliance and retain privacy, organizations need to transfer the data in an encrypted format, which does ensure the confidentiality of the data. However, once the data reaches the cloud, the CSP has to decrypt the data to perform operation or computation.

Decrypting the data to the CSP loses the data’s confidentiality, which may concern the organization for not being compliant to data privacy regulations such as GDPR, FIPS, PCI DSS,  CCPA, etc.

What is Homomorphic Encryption?

Homomorphic Encryption makes it possible to do computation while the data remains encrypted. This will ensure the data remains confidential while it is under process, which provides CSPs and other untrusted environments to accomplish their goals. At the same time, we retain the confidentiality of the data.

Like other asymmetric encryptions, homomorphic encryption is encrypted using a public key and can only be decrypted by the respective private key. But while the data is encrypted, operations can be performed on the data, which retains confidentiality, and helps organizations achieve compliance even when using untrusted environments.

Why do we need Homomorphic Encryption?

Data creation has been increased tremendously in recent times, sent/stored in multiple environments belonging to other parties such as CSPs or other third-party organizations. From startups to big organizations, everyone uses CSPs to store or process data, where tools such as Big Query are used for data processing.

CSPs do provide some control over the data customers store in their environments, but those controls depend on CSPs. While users can encrypt and store data on CSPs, conducting computation on the data would be limited. Thus, standard encryption is only limited to data storage alone and does not provide any meaningful analysis that can be used.

To be able to process data while ensuring data privacy, researchers are focusing on privacy-enabled computation. Homomorphic Encryption (HE) is one of the promising approaches in this direction.

Types of Homomorphic Encryption

Homomorphic Encryption allows computation on encrypted data without decrypting. Mathematical operations that can be performed on the ciphertext differentiates the types of Homomorphic Encryptions.
They are mainly of two types:

  1. Partial Homomorphic Encryption (PHE) (supports either addition/multiplication, but not both)
  2. Fully Homomorphic Encryption (FHE) (supports both addition and multiplication)

Partial Homomorphic Encryption such as RSA and Paillier cryptosystems does support additive and multiplicative homomorphism. In 2009, Craig Gentry proposed an FHE scheme based on lattices for the first time. An FHE scheme usually supports addition and multiplication ciphertexts as follows:

HE(a+b) = HE(a) + HE(b) and HE(a*b) = HE(a) * HE(b)

Addition/Multiplication of plaintext is equal to the addition/multiplication of two ciphertexts.

Applications

HE makes it possible to achieve privacy-preserving computation in almost every scenario. Some of those include:

  1. Private Search

    Search Engines rely on ads to generate revenue. While serving searches to their users, search engines get a better view of the user’s preferences. This does help them provide customized ads for the user they serve. Homomorphic encryption does solve the problem. Search Engines can crawl the encrypted data, serve them as the algorithm is designed to, and serve the user with encrypted data. The user would get the desired result, while the search engines remain unaware of the data requested, which keeps preferences private and more challenging to serve ads.

  2. Encrypted Databases

    In any cyber-attacks, databases are often the most crucial infrastructure to protect. It may cost an organization a considerable fine in compliance and have a bad reputation to go along. Several security measures are kept in place, which includes Encrypting a database. In case of a breach, the database would remain encrypted and decrypted by a specific key, preventing unauthorized access to the database.
    If we employ the standard encryption, the encrypted database will not allow any operations on the records. We can use deterministic encryption, order-preserving encryption, and order-revealing encryption to support the encrypted database. But these would lead to leakages, such as memory access patterns and search patterns.
    With Homomorphic Encryption, it is possible to encrypt data in the database to obtain confidentiality, while we can also perform operations and computation on the data. Only authorized users with the key to decrypt the database can access the data in the database.

  3. Computation on Cloud

    Cloud Computing saves money and reduces maintenance that an organization needs to maintain its infrastructure for the services offered. Organizations can lease cloud infrastructure on a need basis to run their applications. CSPs also provides the ability to scale up according to the load on the infrastructure. Since the service providers typically manage clouds, organizations require the CSP to be compliant and get better privacy and security for their organization.
    If we choose to keep the data encrypted on the cloud and perform operations on those encrypted data, it will make CSP’s compliance and security measures less relevant. CSPs can maintain the infrastructure that store and process the encrypted data, while never accessing the plaintext.

Limitations and Drawbacks

Homomorphic Encryption computations are slow, and only a finite number of operations can be performed on the encrypted data. FHE based computation is at least 106 times slower than computation on the plaintext.

Homomorphic Encryption is also not feasible for multiple users. If we have a database, which we would need multiple users to access, we would need to create a separate database for every user, which is encrypted using the user’s public key. This would become impractical if the number of users increases or the size of the database increases.

Conclusion

Homomorphic Encryption in the current state is computationally expensive and practically inefficient. It can certainly be used to encrypt data, while we can perform different computations on the data. HE enables privacy-preserving computation, which helps us work with untrusted environments while maintaining the data’s confidentiality. Check out Format Preserving Encryption if interested in privacy-preserving computations.

About the Author

Anish Bhattacharya is a Consultant at Encryption Consulting, working with PKIs, HSMs, creating Google Cloud applications, and working as a consultant with high-profile clients.

Search any posts

A collection of Encryption related products and resources that every organization should have!

Cyber security experts conference 2022

Free Downloads

Datasheet of Encryption Consulting Services

Encryption Consulting is a customer focused cybersecurity firm that provides a multitude of services in all aspects of encryption for our clients.

Download

Keeping sensitive data, such as Personally Identifiable Information (PII), secure in every stage of its life is an important task for any organization. To simplify this process, standards, regulations, and best practices were created to better protect data. The Federal Information Protection Standard, or FIPS, is one of these standards. These standards were created by the National Institute of Science and Technology (NIST) to protect government data, and ensure those working with the government comply with certain safety standards before they have access to data. FIPS has a number of standards released, but this article discusses FIPS 140-2.

What is FIPS 140-2?

FIPS 140-2 is a standard which handles cryptographic modules and the ones that organizations use to encrypt data-at-rest and data-in-motion. FIPS 140-2 has 4 levels of security, with level 1 being the least secure, and level 4 being the most secure:

  • FIPS 140-2 Level 1- Level 1 has the simplest requirements. It requires production-grade equipment, and atleast one tested encryption algorithm. This must be a working encryption algorithm, not one that has not been authorized for use.
  • FIPS 140-2 Level 2- Level 2 raises the bar slightly, requiring all of level 1’s requirements along with role-based authentication and tamper evident physical devices to be used. It should also be run on an Operating System that has been approved by Common Criteria at EAL2.
  • FIPS 140-2 Level 3- FIPS 140-2 level 3 is the level the majority of organizations comply with, as it is secure, but not made difficult to use because of that security. This level takes all of level 2’s requirements and adds tamper-resistant devices, a separation of the logical and physical interfaces that have “critical security parameters” enter or leave the system, and identity-based authentication. Private keys leaving or entering the system must also be encrypted before they can be moved to or from the system.
  • FIPS 140-2 Level 4- The most secure level of FIPS 140-2 uses the same requirements of level 3 and desires that the compliant device be able to be tamper-active and that the contents of the device be able to be erased if certain environmental attacks are detected. Another focus of FIPS 140-2 level 4 is that the Operating Systems being used by the cryptographic module must be more secure than earlier levels. If multiple users are using a system, the OS is held to an even higher standard.

Why is being FIPS 140-2 compliant important?

One of the many reasons to become FIPS compliant is due to the government’s requirement that any organization working with them must be FIPS 140-2 compliant. This requirement ensures government data handled by third-party organizations is stored and encrypted securely and with the proper levels of confidentiality, integrity, and authenticity. Companies desiring to create cryptographic modules, such as nCipher or Thales, must become FIPS compliant if they want the vast majority of companies to use their device, especially the government. Many organizations have developed the policy of becoming FIPS 140-2 compliant, as it makes their organization and services seem more secure and trusted.

Another reason to be FIPS compliant is the rigorous testing that has gone into verifying the strength behind the requirements of FIPS 140-2. The requirements for each level of FIPS 140-2 have been selected after a variety of tests for confidentiality, integrity, non-repudiation, and authenticity. As the government has some of the most sensitive information in the nation, devices, services, and other products used by them must be at the highest level of security at all times. Using services or software without these tested methods in place could lead to a massive breach in security, causing problems for every person in the nation.

Who needs to be FIPS compliant?

The main organizations that are required to be FIPS 140-2 compliant are federal government organizations that either collect, store, share, transfer, or disseminate sensitive data, such as Personally Identifiable Information. All federal agencies, their contractors, and service providers must all be compliant with FIPS as well. Additionally, any systems deployed in a federal environment must also be FIPS 140-2 compliant. This includes the encryption systems utilized by Cloud Service Providers (CSPs), computer solutions, software, and other related systems. This means only those services, devices, and software that are FIPS compliant can even be considered for use by the federal government, which is one of the reasons so many technology companies want to ensure they are FIPS 140-2 compliant.

FIPS compliance is also recognized around the world as one of the best ways to ensure cryptographic modules are secure. Many organizations follow FIPS to ensure their own security is up to par with the government’s security. Many other organizations become FIPS 140-2 compliant to distribute their products and services in not only the United States, but also internationally. As FIPS is recognized around the world, any organization that possesses FIPS compliance will be seen as a trusted provider of services, products, and software. Some fields, such as manufacturing, healthcare, and financial sectors, along with local governments require FIPS 140-2 compliance as well.

About the Author

Search any posts

A collection of Encryption related products and resources that every organization should have!

Cyber security experts conference 2022

Free Downloads

Datasheet of Encryption Consulting Services

Encryption Consulting is a customer focused cybersecurity firm that provides a multitude of services in all aspects of encryption for our clients.

Download

Table of Contents

Today more than ever, organizations have a need for high level security of their data and the keys that protect that data. The lifecycle of cryptographic keys also requires a high degree of management, thus automation of key lifecycle management is ideal for the majority of companies. This is where Hardware Security Modules, or HSMs, come in. HSMs provide a dedicated, secure, tamper-resistant environment to protect cryptographic keys and data, and to automate the lifecycle of those same keys. But what is an HSM, and how does an HSM work?

What is an HSM?

A Hardware Security Module is a specialized, highly trusted physical device which performs all major cryptographic operations, including encryption, decryption, authentication, key management, key exchange, and more. HSMs are specialized security devices, with the sole objective of hiding and protecting cryptographic materials. They have a robust OS and restricted network access protected via a firewall. HSMs are also tamper-resistant and tamper-evident devices. One of the reasons HSMs are so secure is because they have strictly controlled access, and are virtually impossible to compromise.

For these reasons and more, HSMs are considered the Root of Trust in many organizations. The Root of Trust is a source in a cryptographic system that can be relied upon at all times. The strict security measures used within an HSM allow it to be the perfect Root of Trust in any organization’s security infrastructure. Hardware Security Modules can generate, rotate, and protect keys, and those keys generated by the HSM are always random. HSMs contain a piece of hardware that makes it possible for its computer to generate truly random keys, as opposed to a regular computer which cannot create a truly random key. HSMs are also generally kept off the organization’s computer network, to further defend against breach. This means an attacker would need physical access to the HSM to even view the protected data.

Types of HSMs

There are two main types of Hardware Security Module:

  1. General Purpose: General Purpose HSMs can utilize the most common encryption algorithms, such as PKCS#11, CAPI, CNG, and more, and are primarily used with Public Key Infrastructures, cryptowallets, and other basic sensitive data.
  2. Payment and Transaction: The other type of HSM is a payment and transaction HSM. These types of HSM are created with the protection of payment card information and other types of sensitive transaction information in mind. These types of Hardware Security Module are narrower in the types of organizations they can work within, but they are ideal to help comply with Payment Card Industry Data Security Standards (PCI DSS).

Compliance

As HSMs are used so often for security, many standards and regulations have been put in place to ensure Hardware Security Modules are properly protecting sensitive data. The first of these regulations is the Federal Information Processing Standard (FIPS) 140-2. This a standard that validates the effectiveness of hardware performing cryptographic operations. FIPS 140-2 is a federal standard in both the USA and Canada, is recognized around the world in both the public and private sectors, and has 4 different levels of compliance.

  • Level 1, the lowest level, focuses on ensuring the device has basic security methods, such as one cryptographic algorithm, and it allows the use of a general purpose model with any operating system. The requirements for FIPS 140-2 level 1 are extremely limited, just enough to provide some amount of security for sensitive data.

  • Level 2 builds off of level 1 by also requiring a tamper-evident device, role-based authentication, and an operating system that is Common Criteria EAL2 approved.

  • Level 3 requires everything that level 2 does along with tamper-resistance, tamper-response, and identity-based authentication. Private keys can only be imported or exported in their encrypted form, and a logical separation of interfaces where critical security parameters leave and enter the system. FIPS 140-2 level 3 is the most commonly sought compliance level, as it ensures the strength of the device, while not being as restrictive as FIPS 140-2 .

  • Level 4 is the most restrictive FIPS level, advanced intrusion protection hardware and is designed for products operating in physically unprotected environments.
    Another standard used to test the security of HSMs is Common Criteria (ISO/IEC 15408). Common Criteria is a certification standard for IT products and system security. It is recognized all around the world, and come in 7 levels. Like FIPS 140-2, level 1 is the lowest level, and level 7 is the highest level.

The final standard is the Payment Card Industry PTS HSM Security Requirements. This is a more in-depth standard, focusing on the management, shipment, creation, usage, and destruction of HSMs used with sensitive financial data and transactions.

Advantages to HSMs

Hardware Security Modules have a number of benefits including:

  • Meeting security standards and regulations
  • High levels of trust and authentication
  • Tamper-resistant, tamper-evident, and tamper-proof systems to provide extremely secure physical systems
  • Providing the highest level of security for sensitive data and cryptographic keys on the market
  • Quick and efficient automated lifecycle tasks for cryptographic keys
  • Storage of cryptokeys in one place, as opposed to several different locations

About the Author

Search any posts

A collection of Encryption related products and resources that every organization should have!

Cyber security experts conference 2022

Free Downloads

Datasheet of Encryption Consulting Services

Encryption Consulting is a customer focused cybersecurity firm that provides a multitude of services in all aspects of encryption for our clients.

Download

Let's talk