Encryption

Encryption is one of the most important tools in cyber security. It protects data by converting readable information (plaintext) into an unreadable format (ciphertext) that can only be decoded with the correct key. This lesson covers symmetric and asymmetric encryption as required by the GCSE Computer Science specification.

---

Why Encryption Matters

Whenever data is stored or transmitted, there is a risk that it could be intercepted or accessed by unauthorised people. Encryption protects:

• Data in transit — emails, web traffic, online banking transactions
• Data at rest — files stored on hard drives, databases, cloud servers
• Authentication — verifying that a message genuinely came from the claimed sender

Without encryption:

• Anyone on the same Wi-Fi network could read your emails
• A stolen laptop would give the thief access to all your files
• Login credentials sent to a website could be captured by an attacker

---

Key Terminology

Term	Meaning
Plaintext	The original, readable data before encryption
Ciphertext	The encrypted, unreadable version of the data
Encryption	The process of converting plaintext to ciphertext
Decryption	The process of converting ciphertext back to plaintext
Key	A piece of data used by the encryption algorithm to encrypt or decrypt
Algorithm	The mathematical process used to perform encryption (e.g. AES, RSA)

---

Symmetric Encryption

In symmetric encryption, the same key is used for both encryption and decryption. Both the sender and the receiver must have a copy of this shared secret key.

How Symmetric Encryption Works

1. Alice wants to send a confidential message to Bob
2. Alice encrypts the message using a secret key
3. The encrypted ciphertext is sent to Bob over the network
4. Bob decrypts the message using the same secret key
5. Bob can now read the original plaintext

Advantages of Symmetric Encryption

• Fast — symmetric algorithms are computationally efficient, making them suitable for encrypting large amounts of data
• Simple — requires only one key

Disadvantages of Symmetric Encryption

• Key distribution problem — how do you securely share the key with the other party? If the key is intercepted during transmission, the encryption is useless
• Key management — in a network of many users, each pair needs a unique key. For n users, this requires n(n-1)/2 keys, which quickly becomes impractical
• No non-repudiation — because both parties share the same key, you cannot prove which party created a particular message

Example: AES (Advanced Encryption Standard)

AES is the most widely used symmetric encryption algorithm today. It is used to protect data in Wi-Fi connections (WPA2/WPA3), file encryption (BitLocker, FileVault) and VPNs.

---

Asymmetric Encryption

Asymmetric encryption uses a pair of keys: a public key and a private key. They are mathematically related but different. Data encrypted with the public key can only be decrypted with the corresponding private key, and vice versa.

How Asymmetric Encryption Works

1. Bob generates a key pair: a public key and a private key
2. Bob shares his public key with everyone (it can be published openly)
3. Bob keeps his private key secret
4. Alice wants to send a confidential message to Bob
5. Alice encrypts the message using Bob's public key
6. Only Bob's private key can decrypt it
7. Even Alice cannot decrypt the message once it is encrypted — only Bob can

Advantages of Asymmetric Encryption

• No key distribution problem — the public key can be shared openly; only the private key must be kept secret
• Digital signatures — the sender can "sign" a message with their private key, and anyone can verify the signature using the sender's public key (providing authentication and non-repudiation)
• Scalable — each user only needs one key pair, regardless of how many people they communicate with

Disadvantages of Asymmetric Encryption

• Slower — asymmetric algorithms are mathematically more complex and significantly slower than symmetric algorithms
• Not suitable for large data — typically used to encrypt small pieces of data (e.g. a symmetric key) rather than large files

Example: RSA

RSA is the most well-known asymmetric encryption algorithm. It is used in HTTPS, email encryption (PGP) and digital certificates.

---

Comparing Symmetric and Asymmetric Encryption

Feature	Symmetric	Asymmetric
Number of keys	One (shared secret)	Two (public + private)
Speed	Fast	Slow
Key distribution	Difficult (must share secretly)	Easy (public key shared openly)
Best for	Encrypting large amounts of data	Encrypting small data, key exchange, digital signatures
Examples	AES, DES, Blowfish	RSA, ECC, Diffie-Hellman
Non-repudiation	No	Yes (via digital signatures)

---

How HTTPS Uses Both

In practice, symmetric and asymmetric encryption are often used together. HTTPS (the protocol that secures web traffic) is a good example:

1. Your browser connects to a website using HTTPS
2. The server sends its public key (in a digital certificate)
3. Your browser generates a random symmetric session key
4. The browser encrypts the session key using the server's public key (asymmetric)
5. The encrypted session key is sent to the server
6. The server decrypts it with its private key
7. Both sides now have the same session key and use symmetric encryption for the rest of the session

This combines the security of asymmetric encryption (for key exchange) with the speed of symmetric encryption (for data transfer).

---

Hashing vs Encryption

Students sometimes confuse hashing with encryption. They are different:

Feature	Encryption	Hashing
Reversible?	Yes (with the correct key)	No (one-way function)
Purpose	Protect data confidentiality	Verify data integrity / store passwords
Output	Ciphertext (same size as input)	Fixed-length hash (e.g. 256 bits)
Example use	Encrypting an email	Storing a password hash in a database

Exam Tip: Encryption is reversible (you can get the plaintext back). Hashing is a one-way function — you cannot reverse a hash to get the original data. This distinction frequently appears in exam questions.

---

Key Terms Summary