**Encryption** is the process of encoding information so that only certain people can see it. To encrypt data, you use an encryption *key*. Similar to how a key is used to lock something, you use the encryption key to encode or *lock* plain text into encrypted text or *ciphertext*.  

There are two main types of encryption:
- symmetric
- asymmetric

# Symmetric encryption

In **symmetric encryption**, you use the same key for both encryption and #key# decryption: Converting ciphertext back to plaintext -- the reverse of encryption. #key#. The security of symmetric encryption relies heavily on keeping the key secret. Otherwise, anyone with access to the key can decrypt the ciphertext and see the information, which would defeat the purpose of encryption. Securely distributing the key is one of the primary challenges of symmetric encryption.   

Symmetric encryption has the advantage of being fast and simple. Common applications include: 
- Payment applications to prevent fraudulent charges and identity theft.
- Random number generation or hashing.
- Data at rest or stored data that is rarely in transit.

AES, DES, IDEA, and Blowfish are some standard symmetric encryption algorithms.


# Asymmetric encryption

In **asymmetric encryption** (or Public-key cryptography), we use a key pair that consists of a public key and a private key. The public key is accessible to everyone, while the private key must be kept secret. There are two popular use cases:
- **Public key encryption**:  
The information is encrypted using the public key and sent over to the recipient who has the corresponding private key. Only the recipient can see the information. Public key encryption helps to ensure confidentiality over the internet.  
- **Digital signatures**:  
The information is signed and encrypted using the private key. Anyone receiving the information can decrypt using the public key. Since only the sender has access to the private key, the decrypted information must be authentic and not tampered with. Read more about digital signatures [here](https://www.educative.io/answers/what-is-a-digital-signature).  

Asymmetric encryption is more secure than symmetric encryption and is widely used in HTTPS, email communications, and encrypted messaging.  

Standard asymmetric encryption algorithms include RSA, DSA, Diffie-Hellman, and ECC.


# But, which is better?

| Symmetric                                     | Asymmetric                                               |
|-----------------------------------------------|----------------------------------------------------------|
| Less secure                                   | More secure                                              |
| Older technique                               | Newer technique                                          |
| Single key for both encryption and decryption | Two keys -- one for encryption and the other for decryption |
| Faster                                        | Slower                                                   |
| Simpler                                       | More complex                                             |

Although each choice has its own benefits, asymmetric encryption is recommended (from a security perspective).

Symmetric vs. asymmetric encryption

Symmetric encryption uses one key for speed but less security; asymmetric uses key pairs for higher security.

Symmetric	Asymmetric
Less secure	More secure
Older technique	Newer technique
Single key for both encryption and decryption	Two keys – one for encryption and the other for decryption
Faster	Slower
Simpler	More complex