Symmetric encryption and asymmetric encryption are two common
types of encryption used in cryptography.
Symmetric encryption uses the same key to encrypt and decrypt data.
This means that the sender and receiver both have access to the same key,
and both can encrypt and decrypt the data using that key.
Because of its simplicity and speed, symmetric encryption is often used
for encrypting large amounts of data, such as in file encryption or network
communication.
AES (Advanced Encryption Standard) is an example of symmetric
encryption algorithm:
Example:
const crypto = require('crypto');
// Generate a random key for encryption
const key = crypto.randomBytes(32);
// Define a message to be encrypted
const message = 'Hello, world!';
// Create a cipher object using the key
const cipher = crypto.createCipher('aes-256-cbc', key);
// Encrypt the message
let encrypted = cipher.update(message, 'utf8', 'hex');
encrypted += cipher.final('hex');
console.log(`Encrypted message: ${encrypted}`);
// Create a decipher object using the key
const decipher = crypto.createDecipher('aes-256-cbc', key);
// Decrypt the message
let decrypted = decipher.update(encrypted, 'hex', 'utf8');
decrypted += decipher.final('utf8');
console.log(`Decrypted message: ${decrypted}`);
Asymmetric Encryption
Asymmetric encryption, on the other hand, uses two different keys, known as
the public key and the private key.
The public key is used to encrypt data, while the private key is used to
decrypt it. This means that anyone can encrypt data using the public key,
but only the person with the private key can decrypt it.
Asymmetric encryption is often used for secure communication, such as email
encryption or website authentication.
One advantage of asymmetric encryption is that it provides stronger security
than symmetric encryption, because even if the public key is intercepted by
an attacker, they cannot useit to decrypt the data without the private key.
However, asymmetric encryption is generally slower and more computationally
intensive than symmetric encryption.
RSA (Rivest–Shamir–Adleman) is an asymmetric encryption algorithm,
Example:
const crypto = require('crypto');
// Generate a key pair for encryption
const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {
modulusLength: 2048,
publicKeyEncoding: {
type: 'spki',
format: 'pem',
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
},
});
// Define a message to be encrypted
const message = 'Hello, world!';
// Encrypt the message using the public key
const encrypted = crypto.publicEncrypt(publicKey, Buffer.from(message, 'utf8')).toString('base64');
console.log(`Encrypted message: ${encrypted}`);
// Decrypt the message using the private key
const decrypted = crypto.privateDecrypt(privateKey, Buffer.from(encrypted, 'base64')).toString('utf8');
console.log(`Decrypted message: ${decrypted}`);
One-way encryption algorithm:
MD5:
MD5 (Message Digest 5) is also a one-way cryptographic hash function, similar
to SHA256.
It takes an input message of arbitrary length and produces a fixed-length
128-bit output,
known as the message digest or hash value.
Like other hash functions, MD5 is used for data integrity checks and digital
signatures,
but it is considered less secure than SHA256 due to known vulnerabilities
that make it
susceptible to collisions and other attacks.
MD5 should not be used for password storage or other security-critical
applications.
Instead, it is often used for non-security related purposes such as
checksums,
fingerprinting, and generating unique identifiers.
SHA256:
SHA256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function,
which is a type of one-way encryption algorithm that produces a fixed-size
output (hash) from variable-size input data.
Hash functions like SHA256 are not symmetric or asymmetric encryption
algorithms.
Instead, they are used for ensuring data integrity and authenticity by
creating a
unique digital fingerprint (hash) of a piece of data. The same input data
will
always produce the same output hash, but it is impossible to recreate the
original
data from the hash.
SHA256 is commonly used for password storage, digital signatures, and file
integrity
checks. It is a widely adopted and secure hash function that is resistant
to cryptographic attacks such as collisions and preimage attacks.
No comments:
Post a Comment