Network security
Network security

This free course is available to start right now. Review the full course description and key learning outcomes and create an account and enrol if you want a free statement of participation.

Free course

Network security

4.6 Hybrid systems

As you have seen from earlier sections, a major advantage of asymmetric key systems over symmetric key systems is that no exchange of a secret key is required between communicating entities. However, in practice public key cryptography is rarely used for encrypting messages for the following reasons:

  • Security: it is vulnerable to chosen plaintext attacks.

  • Speed: encrypting data with public key algorithms generally takes about 1000 times longer than with symmetric key algorithms.

Instead, a combination of symmetric and asymmetric key systems is often used. This system is based on the use of a session key – a temporary key used only for a single transaction or for a limited number of transactions before being discarded. The following sequence between Alice and Bob demonstrates the use of a session key.

  1. Alice chooses a secret symmetric key that will be used as a session key.

  2. Alice uses the session key to encrypt her message to Bob.

  3. Alice uses Bob's public key to encrypt the session key.

  4. Alice sends the encrypted message and the encrypted session key to Bob.

  5. On receipt, Bob decrypts the session key using his own private key.

  6. Bob uses the session key to decrypt Alice's message.

Activity 7

Why might a session key be preferable to the use of a recipient's public key?

Answer

I can think of a couple of reasons:

  1. The more often a key is used and the more ciphertext produced by that key, the more likely it is to come under attack. A session key can simply be discarded after use.

  2. Encryption and decryption can be performed much faster using symmetric keys than asymmetric keys.

T823_1

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has over 40 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to university level study, find out more about the types of qualifications we offer, including our entry level Access courses and Certificates.

Not ready for University study then browse over 900 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus