Symmetric key encryption is all over the place. Many of the things you do every day use this encryption method to keep your information safe. But did you know, when done right, symmetric key encryption can in fact be completely unhackable? Some clever cyber security experts have found out a way to take this relatively old encryption technique and redevelop it for our new hyper-connected world.
Keep reading to find out more about symmetric key encryption and the people who have given it a new lease of life.
What Is Symmetric Key Encryption?
Symmetric encryption is a type of encryption where a single ‘secret’ key is used to both encrypt and decrypt data transferred across devices. To make the technique work, the devices involved in the process have to exchange the key as well as the data they are transferring so that it can be used to decrypt the data at the end. The ‘key’ is held by both the sender and the recipient of the data, and can either be a specific password/code, or a random string of letters or numbers. Either way, it is usually automatically generated by one of the devices involved in the process.
The alternative method, asymmetric encryption, is a method where a pair of keys (one public and one private) is used to encrypt and decrypt the data involved in the process. This is generally slower and less secure, as cyber criminals can more easily get hold of the keys required to decrypt and read the data.
The symmetric encryption process works by utilising algorithms to encrypt and decrypt the data at either end of the transfer. First, as the information leaves the original device from which it has been sent, the algorithm encrypts it, rendering it unreadable. Then, once it has reached its intended recipient, the algorithm reverses its action so that the message can be read.
There are two types of algorithms used in symmetric encryption: block and stream.
Block algorithms work by encrypting set lengths of bits with one secret key. As the data is being encrypted, the system holds it until a ‘block’ (or length of bits) is complete, then it transfers that block of data all at once.
Stream algorithms work by encrypting the data in streams and releasing it straight away. Instead of receiving the communication in blocks, the recipient receives it in a steady stream (as the name suggests!)
Where Is It Used?
Symmetric encryption is a relatively old method of encryption, so it is used in a wide variety of situations. Here are a couple of examples of some of the main uses of the encryption method that you might be familiar with:
- Banking and Finance: Symmetric encryption is used end-to-end by most banking applications to ensure that credit card information and/or other personally identifiable information (PII) is safe. For banking-grade encryption specifically, the symmetric keys used must be created using a random number generator (RNG) that is certified according to industry standards.
- Data storage: In order to keep it safe should it accidentally fall into the wrong hands, data is often encrypted before being stored on a device.
What Makes It ‘Unhackable’?
Symmetric keys are known for being secure against any and all forms of attack. This is because only the devices with the unique private key created for that transfer are capable of decrypting the data. The result: no alternative device (not even the dreaded quantum computer) can decipher the information transferred.
Who Is Behind It?
As we have just discovered, symmetric key encryption is an incredibly safe cyber security technique. However, the problem we have faced is that, until now, there was no secure and efficient way to distribute the keys required to make the process work. Arqit has found a way to do exactly this. The company’s product, QuantumCloud™, is capable of creating symmetric keys at any scale, on any device, at any time. It allows users to secure their devices and the information transferred to and from them by providing a strong device authentication capability over which the symmetric keys can be layered.
Find out more about QuantumCloud™ over on Arqit’s website.