The Disadvantages of Asymmetric Encryption

By Alan Hughes

Security is important in all aspects of life, and the Internet is no exception. Encryption is a technique used to scramble a message for secure transmission. Decryption is the process of unscrambling the message so the information is useful. The available encryption schemes on the Internet fall into two categories: symmetric and asymmetric. The former uses the same key to encrypt and decrypt a message. The latter uses a private key and a public key to perform encryption and decryption. Asymmetric encryption is generally more secure, but it does have some disadvantages.

Key Length

Asymmetric encryption uses longer keys than symmetric encryption in order to provide better security than symmetric key encryption. While the longer key length in itself is not so much a disadvantage, it contributes to slower encryption speed.

Encryption Speed

Asymmetric encryption is slower than symmetric encryption due to the former's longer key lengths and the complexity of the encryption algorithms used. Both of these requirements are due to the fact that one of the keys is public. In order to maintain security, asymmetric encryption must make it too difficult for a hacker to crack the public key and discover the private key.

Key Management

Due to the fact one of the keys in an asymmetric encryption infrastructure is public, most business must implement a full public key infrastructure (PKI) to properly manage the certificates. A full PKI manages issuance, revocation and validity, typically through trusted third-party certificate authorities (CAs). These CAs sell their services, adding to the expenses of those companies or individuals who buy their certificates.

Key Validation

It is important to remember that just because you have a public key you think belongs to your friend does not mean it really belongs to your friend. Key validation is a function of a PKI that ensures the certificate or key you are using actually belongs to the person it says it does, and ensuring it is still valid.