symmetric and asymmetric encryption/digital certificates

  1. What is the fundamental difference between symmetric and asymmetric encryption?
  2. What is the difference between digital signatures and digital certificates?

1 個回答

iT邦高手 2 級 ‧ 2010-01-09 18:58:35

其實你只要把你的問題用Google查一下就會找到答案了, 以下是比較清楚的解釋:



Symmetric cryptography uses the same secret (private) key to encrypt and decrypt its data whereas asymmetric uses both a public and private key. Symmetric requires that the secret key be known by the party encrypting the data and the party decrypting the data. Asymmetric allows for distribution of your public key to anyone with which they can encrypt the data they want to send securely and then it can only be decoded by the person having the private key. This eliminates the need of having to give someone the secret key (as with symmetric encryption) and risk having it compromised.

The issue with asymmetric is that it is about 1000 times slower than symmetric encryption which makes it impractical when trying to encrypt large amounts of data. Also to get the same security strength as symmetric, asymmetric must use strong a stronger key than symmetric.

If you do a quick search on the differences between symmetric and asymmetric you can find many more explanations. This just a quick overview.


A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.