How It Works
Symmetric encryption uses the same key for both encryption and decryption. It's fast and efficient, making it ideal for encrypting large amounts of data.
Symmetric Process
Plaintext + Key → [Encryption] → Ciphertext Ciphertext + Key → [Decryption] → Plaintext Same key used for both operations!
Common Algorithms
AES
Advanced Encryption Standard - gold standard
Block CipherChaCha20
Fast stream cipher, great for mobile
Stream Cipher3DES
Legacy, being phased out
LegacyBlowfish/Twofish
Schneier designs, still secure
AlternativeModes of Operation
GCMGalois/Counter Mode - authenticated encryption (recommended)
CBCCipher Block Chaining - common but needs careful implementation
ECBElectronic Codebook - NEVER use (patterns visible)
CTRCounter mode - parallelizable stream cipher mode
The Key Distribution Problem
Challenge: How do you securely share the key? If you could securely send the key, you could securely send the message! This is why asymmetric encryption is used for key exchange.
Best Practices
- Use AES-256-GCM or ChaCha20-Poly1305
- Never reuse nonces/IVs
- Use authenticated encryption (AEAD)
- Derive keys properly with KDFs
- Rotate keys periodically