Symmetric Encryption Versus Asymmetric Encryption
In the earlier example, the same key is used to encrypt and decrypt. As I mentioned, this type of encryption is known as symmetric encryption . There is an inherent problem with this type of encryption: because the same key must be used to decrypt the data, the key must be made known to the recipient. The key, which is generally referred to as the secret key , has to be either known by the recipient before she receives the encrypted data (i.e., there needs to be a “knowledge-sharing agreement”) or the key has to be sent as a part of the data transmission. For data at rest (on disk), the key will have to be stored as a part of the database in order for an application to decrypt it. There are obvious risks in this situation. A key that is being transmitted may be intercepted by an intruder, and a key that is stored in the database may be stolen.
To address this problem, another type of encryption is often used, one in which the key used to encrypt is different from the one used to decrypt. Because the keys differ, this is known as asymmetric encryption . Because two keys are generated—a public key and a private key—it is also known as public-key encryption. The public key, which is required for the encryption, is made known to the sender and, in fact, can be freely shared. The other key, the private key, is used only to decrypt the data encrypted by the public key and must be kept secret.
Let’s see how public-key encryption might ...
Get Oracle PL/SQL for DBAs now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
