In the past few years, keeping your data safe and secure is challenging than ever before. Organizations and companies are getting hacked and their data is being dumped on hacking forums. Encryption is one way to secure your data.

## Introduction

Encryption is everywhere. From your WhatsApp chat to your Skype call, everything is encrypted nowadays. These big companies took this matter seriously as they should. Data is usually encrypted using Secret Key. Your data might be secure from hackers, but from the platform that you are using, not so much. This raises privacy concerns that we all should take seriously.

Now the question arises, how much you can do? If you are using a particular company's service, like WhatsApp, Facebook, Instagram, Snapchat, or any other application, then there is not much you can do for encryption as these applications already provide encryption for their data. But the biggest concern is from the privacy perspective. There is a high probability that your data is secure, but when it comes to privacy, this probability fades away.

Encryption of your data yourself is the only way to ensure both your data and your privacy. However, you cannot apply your own encryption on these applications. But you can apply encryption on data that you send or keep in your archives. Below is the process of encrypting your data using Asymmetric and Symmetric keys.

### How encryption and decryption work

When an encryption algorithm (AES, DSA, RSA, etc.) is applied to data, it converts that data into scrambled and unreadable form. This data is now encrypted and it's sent to receiving party. On receiving side, a decryption algorithm is applied. This decryption algorithm is designed to reverse the encryption process. Data is converted back into human-readable form. Algorithm for encryption and decryption using Symmetric key is the same. In the case of Asymmetric keys, different algorithms are used for encryption and decryption purposes.## What are Symmetric and Asymmetric Keys

Both Asymmetric and Symettrinc keys can be used for Encryption or Decryption. Below is the key difference between them:

### Asymmetric Keys

Asymmetric Keys use pair of keys known as public and private keys. The public key, also known as the encryption key, is made publicly available. Public key is used for encryption. Private key, on the other hand, is a secret key, which is kept secret by the user. Its sole purpose is to Decrypt the data. Data encrypted using public key can only the decrypted using that pair's private key.

However, the encryption and decryption process with Asymmetric keys is computationally more expensive than Symmetric key. There is also a limit on data size when using Asymmetric key for encryption. This limit depends upon the algorithm used for encryption and the length of the key. Asymmetric key is mainly used for messages and small-size data encryption. But there is a way to encrypt large-size data using Asymmetric keys that we will talk about later.

### Symmetric Keys

Symmetric Keys consist of only one key. It's the secret key that is *used both for encryption and decryption purposes*. This Symmetric key itself is actually secured, but the issue is with keeping it
secure in person. Since this single key is used for both purposes and if the key gets stolen, then
all that encryption does not matter. The most challenging part of Symmetric key is to keep it secure
and somewhere safe.

Generally speaking, there is no limit on data size for encryption using Symmetric keys. The process of encryption and decryption using Symmetric key is faster as compared to Asymmetric keys. But encryption of large sizes of data using a symmetric key alone can be of security risk. But there is a way to encrypt large sizes of data using symmetric key in a secure way, we'll talk about that later in the article.

## Generating Asymmetric Key pair

As I explained earlier, Asymmetric keys refer to a public/private key-pair system where encryption is done with a public key and decryption is done with a private key. We will generate private and public key:

**Generating Private Key:**Use the below command to generate private key:

openssl genrsa -out private_key.pem 4096

- 4096 is bit size or length of private key. The normal standard size is 2048 which is commonly used. The longer the bit size, the more secure the key. But longer bit sizes also uses more computer resources.
- private_key.pem is name of the private key file that will be generated.

**Generating Public Key:**Use the below command to generate public key:

openssl rsa -in private_key.pem -pubout -out public_key.pem

- public_key.pem is name of the public key file that will be generated.
- private_key.pem is private key that we generated in the previous step. Here this private key is used to generate a public key.

## Encryption and decryption using Asymmetric Keys:

Now that you have generated Asymmetric public and private key pairs, In this section we'll use them for encrypting and decrypting data.

### Encrypting data using public key

openssl pkeyutl -encrypt -pubin -inkey public_key.pem -in data_file -out enc_data

- public_key.pem is the public key that is being used for encryption.
- data_file is the file that we are encrypting.
- enc_data is the name of the output file and It'll be encrypted.

With this command succesfully executed, you will have enc_data file that is encrypted using the provided public_key.

### Decrypting data using private key

To decrypt the encrypted file, use the following command:openssl pkeyutl -decrypt -inkey private_key.pem -in enc_data -out dec_data

- private_key.pem is the private key that is being used for decryption.
- enc_data is input file name which is encrypted.
- dec_data is the output file name which will be generated in decrypted state after the process.

This way, you can encrypt and decrypt data using Asymmetric keys or public-private key pair. Data encrypted using a specific public key can only be decrypted by its paired private key, which is why It's important to keep private key secure and safe.

## Encryption and decryption using Symmetric Key

As I mentioned earlier, there is only one key in a symmetric system for both encryption and decryption called secret key whici is why it must be of highest priority to guard and keep this key safe.

### Generating Symmetric (secret) Key

openssl rand -out sec_key 256

- rand option is used for generating key with random bits.
- sec_key is the secret key name that is being generated.
- 256 is length of key in byte. So the key size will be 2048-bit

### Encryption using Symmetric Key

openssl enc -aes-256-cbc -salt -in data -out enc_data -pass file:sec_key

- data is input file that will be encrypted.
- enc_data is the output file that will be in encrypted form.
- aes-256-cbc is an encryption algorithm that is being used to encrypt the data.
- salt is value which will be generated and used to randomize the encryption process. This value will be saved within the encrypted output file.

### Decryption using Symmetric Key

openssl enc -aes-256-cbc -d -salt -in enc_data -out dec_data -pass file:sec_key

- aes-256-cbc is the algorithm used to decrypt the file. It's the same algorithm that we used during encryption process.
- d is used to specifies the decryption process.
- salt option specifies the usage of salt value. Value is already saved within the encrypted file during encryption. Using it to ensure that the decryption process is performed correctly.
- enc_data is input file name which is is encrypted form.
- dec_data is output file name which will be decrypted using
- file:sec_key is the secret key that will be used to decrypt the data.

With this process, you can encrypt and decrypt data using Symmetric key or secret key. This method only consist of one key, so handle your secret key with much care.

## Big data encryption using both Symmetric and Asymmetric keys

You can Encrypt large size data using both Asymmetric and Symmetric key together. To achieve this, use the below process.

**Sender:**Perform these steps on sender side:

- encrypt large data using Symmetric key or Secret Key.
- Encrypt your Symmetric key using the public key of receiving person. Now your Secret key is encrypted with Asymmetric key.
- Send the encrypted data and encrypted key to receiver.

**Receiver:**Perform these steps on receiver side:

- Decrypt the Symmetric key (secret key) using the private key.
- Now use that Symmetric key to decrypt the encrypted data.

This way you can utilize both Symmetric and Asymmetric Keys for data encryption and decryption. It is useful to overcome the encryption data size barrier in Asymmetric Keys.