Symmetric crypto as a personal alternative

Pedro Ruiz Hidalgo

2 minutes

There is a belief that symmetric crypto is weaker than the public key. Using a symmetric method, both the sender and the receiver must previously communicate the key used for the operations of encrypting and decrypting the messages. While this does not affect, at all, the strength of the encryption operation.

In other words, the two communicating parties have to agree on in advance about the key to useOnce both parties have access to this key, the sender encrypts a message using the key, the sender sends it to the recipient, who decrypts it using the password that both previously established. The strength of symmetry lies in the strength of the password, not the algorithm. Therefore it should not be of any help to an attacker to know the algorithm that is being used. Single if the attacker obtained the key, it would help to know the algorithm. The encryption algorithms used in GnuPG have these properties.

This means that the only deference that exists between symmetric and asymmetric (also called public key) methods is in the fortress of the «distribution channel» of the keys.

Encrypt for ourselves

When a pair of keys - public and private - is generated, the need arises to keep the private key safe so that even in the worst possible circumstances we can redo it, because its loss would literally mean the uselessness of the key, even the possibility that someone can easily, in the best of possible scenarios:

  • Go to a keyserver to read and copy our public key.
  • With our private key, generate a certificate of revocation of the keys.
  • Publish the revocation on our behalf
  • Totally nullify our identity

So the need arises for us encrypt for us. That is, we are, we become the sender and the receiver because our intention is to ensure our «public.key». That's where asymmetric encryption comes into play.

Encrypt the public key

$ gpg -o public.key.gpg --symmetric --cipher-algo AES256 public.key

What did we just do? Encrypt using gpg with the «–symmetric» modifier the public.key file with the AES256 algorithm obtaining as output the file «public.key.gpg». That is, the file is encrypted with sufficient strength. It can be decrypted if, and only if, whoever decrypts has the key.

Recover the encrypted key

gpg -o public.key -d public.key.gpg

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Reynold Alva said
    ago 7 years

    Snowden: v

    Reply to Reynaldo Alva