6 Asymmetric encryption and hybrid encryption

This chapter covers

Asymmetric encryption to encrypt secrets to a public key
Hybrid encryption to encrypt data to a public key
The standards for asymmetric and hybrid encryption

In chapter 4, you learned about authenticated encryption, a cryptographic primitive used to encrypt data but limited by its symmetry (both sides of a connection had to share the same key). In this chapter, I’ll lift this restriction by introducing asymmetric encryption, a primitive to encrypt to someone else’s key without knowing the key. Without surprise, asymmetric encryption makes use of key pairs and encryption will use public keys instead of symmetric keys.

Halfway through this chapter, you will see that asymmetric encryption is limited by the size of the data it can encrypt and by the rate at which it can encrypt it. To remove this obstacle, I’ll show you how to mix asymmetric encryption with authenticated encryption to form what we call hybrid encryption. Let’s get started!

Note

For this chapter, you’ll need to have read chapter 4 on authenticated encryption and chapter 5 on key exchanges.

6.1 What is asymmetric encryption?

The first step in knowing how to encrypt a message is understanding asymmetric encryption (also called public key encryption). In this section, you will learn about this cryptographic primitive and its properties. Let’s take a look at the following real-world scenario: encrypted emails.

6 Asymmetric encryption and hybrid encryption

This chapter covers

Note

6.1 What is asymmetric encryption?

6.2 Asymmetric encryption in practice and hybrid encryption

6.2.1 Key exchanges and key encapsulation

6.2.2 Hybrid encryption

6.3 Asymmetric encryption with RSA: The bad and the less bad

6.3.1 Textbook RSA

6.3.2 Why not to use RSA PKCS#1 v1.5

6.3.3 Asymmetric encryption with RSA-OAEP

6.4 Hybrid encryption with ECIES

Summary