Network security
Network security

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

4.6 Hybrid systems

As you have seen from earlier sections, a major advantage of asymmetric key systems over symmetric key systems is that no exchange of a secret key is required between communicating entities. However, in practice public key cryptography is rarely used for encrypting messages for the following reasons:

  • Security: it is vulnerable to chosen plaintext attacks.

  • Speed: encrypting data with public key algorithms generally takes about 1000 times longer than with symmetric key algorithms.

Instead, a combination of symmetric and asymmetric key systems is often used. This system is based on the use of a session key – a temporary key used only for a single transaction or for a limited number of transactions before being discarded. The following sequence between Alice and Bob demonstrates the use of a session key.

  1. Alice chooses a secret symmetric key that will be used as a session key.
  2. Alice uses the session key to encrypt her message to Bob.
  3. Alice uses Bob's public key to encrypt the session key.
  4. Alice sends the encrypted message and the encrypted session key to Bob.
  5. On receipt, Bob decrypts the session key using his own private key.
  6. Bob uses the session key to decrypt Alice's message.

Activity 7

Why might a session key be preferable to the use of a recipient's public key?


I can think of a couple of reasons:

  1. The more often a key is used and the more ciphertext produced by that key, the more likely it is to come under attack. A session key can simply be discarded after use.
  2. Encryption and decryption can be performed much faster using symmetric keys than asymmetric keys.

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371