Siksha Sarovar

Siksha Sarovar (sikshasarovar.com) is a free educational web application that helps students in India learn programming and prepare for academic and competitive exams. The platform offers structured coding courses (C, C++, Python, Java, HTML, CSS, PHP, Power BI, AI, Machine Learning, Data Science), complete university curriculum notes for BCA/MCA students with previous year question papers, Class 10 and Class 12 CBSE/HBSE school notes, and dedicated preparation material for SSC, UPSC, Banking, Railway and other government exams. Browsing the site is completely free and requires no account. Users may optionally sign in with Google solely to save their learning progress, quiz scores and personal preferences across devices.

Privacy Policy | Terms of Service | Contact Siksha Sarovar | About Siksha Sarovar

v4.0.9 · PWA
Siksha Sarovar logo
Siksha Sarovar
Your Learning Universe

Siksha Sarovar is a free e-learning platform for coding courses, BCA university notes and competitive exam preparation. Optional Google sign-in saves your learning progress across devices.

Initializing knowledge base…
Compiling modules 0%

4.3 Encryption — Symmetric, Asymmetric, Digital Certificates & PKI

Lesson 20 of 21 in the free E-Commerce notes on Siksha Sarovar, written by Rohit Jangra.

4.3 Encryption — Symmetric, Asymmetric, Digital Certificates & PKI

What is Encryption?

Encryption is the process of converting plaintext (readable data) into ciphertext (unreadable data) using a mathematical algorithm and a key. Decryption reverses the process.

   Plaintext  ──[Encryption Algorithm + Key]──►  Ciphertext
   Ciphertext ──[Decryption Algorithm + Key]──►  Plaintext

Terminology

TermMeaning
PlaintextOriginal readable data
CiphertextEncrypted, unreadable data
KeySecret used to encrypt/decrypt
Algorithm / CipherThe mathematical process
CryptanalysisBreaking encryption without the key
CryptologyThe combined science

---

Goals of Encryption

GoalAchieved by
ConfidentialityEncryption (anyone without key can't read)
IntegrityHashing + signatures
AuthenticationDigital signatures + certificates
Non-repudiationDigital signatures with verified identity

---

Two Main Categories of Encryption

                  Encryption
                      │
        ┌─────────────┴──────────────┐
        │                            │
   Symmetric                  Asymmetric
   (Secret Key)              (Public Key)
        │                            │
   Same key for                 Two keys:
   encrypt + decrypt            public + private

---

1. Symmetric / Secret-Key Encryption

In symmetric encryption, the same key is used for both encryption and decryption. Both parties must share the key in advance.

Algorithms

AlgorithmKey SizeBlock SizeStatus
DES56 bits64 bitsObsolete (cracked 1998)
3DES (Triple DES)168 bits64 bitsDeprecated (2024)
AES128 / 192 / 256 bits128 bitsModern standard
Blowfish32–448 bits64 bitsLegacy
Twofish128 / 256 bits128 bitsAlternative to AES
RC4VariableStreamDeprecated
ChaCha20256 bitsStreamModern; used by Google

AES — the current standard

  • Advanced Encryption Standard
  • Adopted by NIST in 2001 (replaces DES)
  • Block cipher: 128-bit blocks
  • Key sizes: 128, 192, 256 bits (AES-128, AES-192, AES-256)
  • Used in: HTTPS, WPA2/3, disk encryption (BitLocker, FileVault), VPN

Advantages of symmetric encryption

  • Fast — orders of magnitude faster than asymmetric
  • Efficient for large data — bulk encryption
  • Mature — well-understood algorithms
  • Hardware acceleration — modern CPUs have AES-NI instructions

Disadvantages of symmetric encryption

  • Key distribution problem — how to share the key securely?
  • Scalability — N users need N(N-1)/2 key pairs
  • No non-repudiation — both parties have the same key; can't prove who encrypted
  • Key management — must be securely stored

---

2. Asymmetric / Public-Key Encryption

Asymmetric encryption uses a key pair:

  • Public key — shared with everyone
  • Private key — kept secret

Anything encrypted with the public key can only be decrypted with the private key, and vice versa.

Algorithms

AlgorithmYearBased onCommon Use
RSA1977Integer factorisationTLS, SSL, signatures
Diffie-Hellman (DH)1976Discrete logarithmKey exchange
DSA1991Discrete logarithmDigital signatures
ECC (Elliptic Curve)1985Elliptic curvesModern, smaller keys
ECDSAECC variantBitcoin, modern TLS
EdDSA / Ed255192011ECCModern, fast

RSA — the classic

  • Rivest, Shamir, Adleman (1977)
  • Based on difficulty of factoring large primes
  • Typical key size: 2048 or 4096 bits
  • Used in: TLS handshake, email encryption (PGP), digital signatures

Advantages of asymmetric encryption

  • No prior key sharing — Bob can encrypt without ever meeting Alice
  • Scales — N users need only N key pairs (not N²)
  • Enables digital signatures and non-repudiation
  • Foundation for HTTPS and modern internet security

Disadvantages of asymmetric encryption

  • Slow — 100–1000× slower than symmetric
  • Not suitable for bulk encryption
  • Larger keys — RSA 2048-bit vs AES 128-bit
  • Computationally expensive

---

Symmetric vs Asymmetric — comparison

AspectSymmetricAsymmetric
KeysOne shared secretPublic + private pair
SpeedFastSlow
AlgorithmsAES, 3DESRSA, ECC, DH
Key sharingHard (must be secure)Easy (public is public)
UseBulk encryptionKey exchange, signatures
Non-repudiationNoYes
Key size128–256 bits2048+ bits (RSA)

---

Hybrid Encryption — best of both

Real-world systems (HTTPS, PGP, email) use both:

  1. Use asymmetric to securely exchange a symmetric session key
  2. Use symmetric to encrypt the actual data

This is how HTTPS / TLS works — explained in detail next lesson.

---

Hash Functions

A cryptographic hash function converts arbitrary-size input → fixed-size output (digest).

Properties

PropertyMeaning
One-wayCannot reverse output to find input
DeterministicSame input → same output every time
Fixed output sizeRegardless of input size
Avalanche effectSmall input change → big output change
Collision-resistantHard to find two inputs with same hash

Algorithms

AlgorithmOutput SizeStatus
MD5128 bitsBroken (don't use)
SHA-1160 bitsDeprecated
SHA-256256 bitsStandard
SHA-3VariableModern
bcrypt, scrypt, Argon2VariablePassword-specific (slow on purpose)

Uses

  • Password storage — store hash, not password
  • File integrity — verify download (checksum)
  • Blockchain — Bitcoin uses SHA-256
  • Digital signatures — sign hash, not data

---

Digital Signatures

A digital signature proves the integrity + authenticity + non-repudiation of a message.

How it works

What digital signatures provide

A correctly designed digital signature simultaneously delivers three properties. Integrity is guaranteed because the signature is computed over a hash of the message; if the message is changed even by one bit, the recomputed hash will not match and verification fails. Authentication is guaranteed because only the sender (the holder of the private key) could have produced a signature that decrypts correctly with the sender's published public key — anyone else's signature would not verify. Non-repudiation follows from the same property: since only the sender holds the private key, the sender cannot later deny having signed the message without admitting their private key was compromised — which has serious legal consequences on its own.

Indian legal status

  • IT Act 2000 recognises digital signatures as legally equivalent to handwritten
  • Digital Signature Certificates (DSC) issued by CCA-licensed CAs
  • Required for: GST filings, ROC (company filings), e-tenders, income-tax e-filing

---

Digital Certificates

A digital certificate is an electronic document that binds a public key to an identity (person, organisation, website).

Structure (X.509 standard)

FieldPurpose
SubjectOwner identity (e.g., CN=flipkart.com)
Public keyThe owner's public key
IssuerThe CA that issued it
Serial numberUnique within issuer
ValidityFrom / to dates
AlgorithmSignature algorithm used
ExtensionsSubject alternative names, key usage, etc.
CA's signatureIssued/signed by the CA

Certificate Authority (CA)

A Certificate Authority is a trusted third party that issues digital certificates.

Global CANotes
DigiCertAcquired Symantec, GeoTrust
Sectigo (Comodo)Volume leader
GlobalSignEnterprise
Let's EncryptFree, automated
GoDaddy SSLHosting-bundled

Indian CAs (under CCA — Controller of Certifying Authorities)

  • e-Mudhra
  • Sify Safescrypt
  • (n)Code Solutions
  • IDRBT (banking)
  • NIC (government)
  • Capricorn

---

PKI — Public Key Infrastructure

PKI is the entire system that supports public-key cryptography — CAs, certificates, revocation lists, policies, software, hardware.

PKI components

ComponentRole
CA (Certificate Authority)Issues certificates
RA (Registration Authority)Verifies identity before issuing
Certificate RepositoryStores and distributes certificates
CRL (Certificate Revocation List)List of revoked certs
OCSPOnline status checking (faster than CRL)
End entitiesUsers, servers, devices that use certs

Certificate lifecycle

  1. Identity verification — RA confirms applicant
  2. Key pair generation — applicant generates locally
  3. CSR (Certificate Signing Request) — submitted to CA
  4. Issuance — CA signs the cert
  5. Distribution & Use — installed on server
  6. Renewal / Revocation — at expiry or compromise

---

Certificate Trust Chain

   Root CA Certificate (self-signed, in OS / browser)
       │
       ▼ signs
   Intermediate CA Certificate
       │
       ▼ signs
   End-entity Certificate (e.g., flipkart.com)

When you visit https://flipkart.com:

  1. Server sends its cert + intermediate cert
  2. Browser verifies chain up to a trusted root
  3. If valid → secure connection; if not → warning

Why trust chains matter

  • Root CAs are pre-installed in OS/browser
  • A compromised intermediate can be revoked without revoking the root
  • Public CAs operate offline root signing for safety

---

Key Terms — Lesson 4.3

Encryption has its own dense vocabulary. Every term below appears in the prescribed textbooks (Stallings, Laudon) and at least once in most cryptography PYQs.

Encryption — The process of converting plaintext (readable data) into ciphertext (unreadable data) using a mathematical algorithm and a key, such that without the correct key the ciphertext is computationally infeasible to invert. Decryption is the reverse process. Encryption protects confidentiality — anyone intercepting the ciphertext learns nothing about the plaintext.

Plaintext / Ciphertext / Key — The three core terms. Plaintext is the original, readable message. Ciphertext is the encrypted form. Key is the secret value that parameterises the encryption — the algorithm is usually public, the key is the secret.

Symmetric Encryption (Secret-Key Encryption) — A cryptographic system where the same key is used for both encryption and decryption. Symmetric is fast (orders of magnitude faster than asymmetric), making it ideal for bulk data, but suffers from the key distribution problem — the two parties must somehow share the secret key without an eavesdropper learning it. Examples: AES, 3DES, ChaCha20.

AES (Advanced Encryption Standard) — A symmetric block cipher standardised by the US NIST in 2001 as the successor to DES. AES uses 128-bit blocks and key sizes of 128, 192, or 256 bits. AES is the dominant symmetric cipher in HTTPS, WPA2/3 Wi-Fi, disk encryption (BitLocker, FileVault), VPN, and Indian payments. Modern CPUs have AES-NI hardware acceleration that makes AES nearly free in performance terms.

DES / 3DES — The Data Encryption Standard (1977), now obsolete because its 56-bit key was brute-forced in 1998. Triple DES (3DES) applies DES three times with three different keys to extend its useful life; 3DES is deprecated as of 2024 in favour of AES.

Asymmetric Encryption (Public-Key Encryption) — A cryptographic system using a key pair — a public key that can be freely shared and a private key that must stay secret. Anything encrypted with one key in the pair can only be decrypted with the other. Asymmetric encryption is slow compared to symmetric but solves the key-distribution problem and enables digital signatures. Examples: RSA, ECC, Diffie-Hellman.

RSA (Rivest-Shamir-Adleman) — The classic asymmetric algorithm, published in 1977. Security rests on the difficulty of factoring large composite numbers into their prime factors. Typical key sizes are 2048 or 4096 bits. RSA is used in TLS handshakes, email encryption (PGP), digital signatures, and most legal e-signing workflows.

ECC (Elliptic Curve Cryptography) — A modern family of asymmetric algorithms based on the mathematics of elliptic curves over finite fields. ECC achieves equivalent security to RSA with much smaller keys — 256-bit ECC ≈ 3072-bit RSA — making it faster and lighter on memory. ECDSA and Ed25519 are common ECC signature schemes; Bitcoin, modern TLS, and SSH keys increasingly use ECC.

Diffie-Hellman (DH) Key Exchange — A 1976 algorithm that lets two parties establish a shared secret over an insecure channel without ever transmitting the secret itself. DH is a key-exchange protocol, not an encryption algorithm; the established shared secret is then used as a symmetric key. ECDH (Elliptic Curve Diffie-Hellman) is the modern variant.

Hybrid Encryption — The real-world combination of symmetric and asymmetric encryption used by HTTPS, PGP, S/MIME, and most secure-messaging protocols. Asymmetric encryption is used to exchange a symmetric session key; the actual data is then encrypted with the faster symmetric cipher. You get the trust properties of asymmetric and the performance of symmetric.

Cryptographic Hash Function — A function that maps arbitrary-size input to fixed-size output (digest) and satisfies three properties: one-way (you cannot reverse the output to find the input), deterministic (same input always produces the same output), and collision-resistant (it is computationally infeasible to find two distinct inputs producing the same output). Hash functions are not encryption — they are not reversible.

SHA-256 — The 256-bit member of the SHA-2 family of hash functions, the current de-facto standard for digital signatures, file integrity, blockchain (Bitcoin), TLS certificates, and password hashing in legacy systems. SHA-1 (160 bits) is deprecated; MD5 is broken and must not be used for security.

Avalanche Effect — The desirable property of a hash function that a 1-bit change in input produces a 50% change in output bits. Avalanche makes hashes useful for integrity — any tampering produces a wildly different hash.

Salt — Random data added to a password before hashing, so the same password used by two different users produces two different hashes. Salts defeat rainbow table attacks. Every modern password-storage system (bcrypt, scrypt, Argon2) uses per-user salts.

Password Hashing Functions (bcrypt, scrypt, Argon2) — Specialised hash functions designed to be deliberately slow (and memory-hungry) so that attackers cannot brute-force passwords at billions per second. Argon2 won the Password Hashing Competition (2015) and is the current best-practice recommendation.

Digital Signature — A cryptographic construct that proves the integrity, authenticity, and non-repudiation of a message. To sign: compute SHA-256 of the message, then encrypt that hash with the sender's private key. To verify: recompute the hash, decrypt the signature with the sender's public key, compare. If the comparison matches, the signature is valid.

Digital Signature Certificate (DSC) — In Indian legal context, a smart-card or USB-token-based digital signature issued by a CCA-licensed Certifying Authority (e-Mudhra, Sify Safescrypt, (n)Code, Capricorn, IDRBT). Legally equivalent to a handwritten signature under IT Act 2000. Required for GST returns, RoC filings, e-tenders, and most corporate compliance.

Digital Certificate (X.509) — An electronic document that binds a public key to an identity (a person, an organisation, a server's domain name). The X.509 standard defines the format — subject, issuer, public key, validity, serial number, extensions, and the issuer's signature. Used in every HTTPS connection, code-signing, and email-signing workflow.

Certificate Authority (CA) — A trusted third party that issues digital certificates after verifying the identity of the requester. Global CAs include DigiCert, Sectigo, GlobalSign, and Let's Encrypt (which provides free, automated DV certs). Indian CAs licensed by CCA include e-Mudhra, Sify Safescrypt, (n)Code, IDRBT (for banking), NIC (for government), and Capricorn.

CCA (Controller of Certifying Authorities) — The Indian regulator (under MeitY) that licenses and oversees Certifying Authorities issuing Digital Signature Certificates in India under the IT Act 2000.

Registration Authority (RA) — The entity that verifies the identity of an applicant before forwarding the certificate request to the CA. Sometimes a separate organisation, sometimes a function inside the CA. The RA does the in-person KYC; the CA does the cryptographic signing.

CSR (Certificate Signing Request) — A standardised file (PKCS#10) sent by an applicant to a CA, containing the applicant's public key and identity information. The CA verifies the applicant, signs the CSR, and returns it as a certificate.

PKI (Public Key Infrastructure) — The entire system that supports public-key cryptography in practice: Certificate Authorities, Registration Authorities, certificate repositories, revocation infrastructure (CRL, OCSP), end-entity certificates, software and hardware, and the policies/procedures around them. PKI is what lets you trust a TLS certificate on a website you have never visited before.

CRL (Certificate Revocation List) — A periodically-published list of certificates that have been revoked before their natural expiry — because of key compromise, ownership change, or CA error. Browsers download CRLs and refuse connections to revoked certificates. CRLs are heavy and increasingly being replaced by OCSP.

OCSP (Online Certificate Status Protocol) — A real-time alternative to CRL: instead of downloading a long list, the browser asks the CA "is this specific certificate valid?" and gets a signed yes/no response in milliseconds. OCSP stapling lets the server itself attach a fresh OCSP response to the TLS handshake, eliminating the browser-to-CA round trip.

Trust Chain / Certificate Chain — The verification chain from an end-entity certificate (say, flipkart.com) up through one or more intermediate CA certificates to a self-signed root CA certificate pre-installed in the browser/OS. If every link in the chain has a valid CA signature and none has expired or been revoked, the chain is trusted.

Self-Signed Certificate — A certificate that is signed by its own private key rather than by a CA. Self-signed certs are fine for internal/lab use but cause browser warnings on public sites. Root CAs are technically self-signed — they sit at the top of every trust chain.

Certificate Transparency (CT) — A 2013 Google initiative that requires CAs to publish every issued certificate to public append-only logs. CT lets domain owners detect mis-issued certificates (a CA mistakenly issuing a cert for your domain to someone else) — a key defence after the DigiNotar 2011 and Symantec 2017 CA compromises.

Post-Quantum Cryptography (PQC) — A family of cryptographic algorithms designed to resist attacks by future quantum computers, which (in theory) could break RSA and ECC. NIST has been standardising PQC algorithms since 2022 — CRYSTALS-Kyber (key encapsulation), CRYSTALS-Dilithium (signatures), FALCON, SPHINCS+. Industry migration is expected to begin around 2030.

---

Study deep

  1. Symmetric is for speed, asymmetric is for trust. The genius of HTTPS is hybrid encryption — use asymmetric to bootstrap, then switch to symmetric for the conversation.
  1. RSA vs ECC. ECC achieves equivalent security with much smaller keys — 256-bit ECC ≈ 3072-bit RSA. Modern systems prefer ECC for performance.
  1. Quantum threat. Future quantum computers may break RSA and ECC. NIST is standardising post-quantum cryptography (PQC) — algorithms safe against quantum (e.g., CRYSTALS-Kyber, Dilithium). Migration begins ~2030.
  1. The CA trust model is fragile. Any of 100+ root CAs can issue certs for any domain. A compromised CA (DigiNotar 2011, Symantec 2017) can break the system. Certificate Transparency (CT) logs were created in response.
  1. Indian CAs and the IT Act. India recognises specific CAs (e-Mudhra etc.) under CCA. DSCs issued by these are legally valid for filings, contracts, e-tenders. Foreign CAs (DigiCert) are valid for SSL/TLS but not always for legal signatures.
PYQ pattern (very common): "Differentiate symmetric and asymmetric encryption with examples." — Define both; table 6 differences (keys, speed, use, scalability, non-repudiation, algorithms); name examples (AES, RSA).
PYQ pattern: "What is a digital certificate? Explain PKI." — Define cert; X.509 fields; CA's role; list PKI components (CA, RA, repository, CRL, OCSP); diagram trust chain.
PYQ pattern: "What is digital signature? How is it generated and verified?" — Hash + encrypt-with-private-key; verification reverses; provides integrity + auth + non-repudiation; legal status under IT Act 2000.