Question

Please Answer!!!

1. Why is public-key cryptography be used to encrypt a symmetric key in a digital envelope instead of encrypting the message directly?
2. What types of data should be encrypted?
3. When should data be encrypted?

Answer 1

Why is public-key cryptography be used to encrypt a symmetric key in a digital envelope instead of encrypting the message directly?

Encryption is a process of converting electronic messages into other form(cipher text) so that only authorized party can view the data.

There are two types of encryptions - symmetric and asymmetric

Symmetric encryption is a type of encryption where data is encrypted and decrypted using only one key called secret key which is exchanged during data transmission. Whereas in asymmetric key we use a pair of keys to encrypt and decrypt the data. One is called private key(personal) and other is pubic key which is known to everyone.

Public key encryption is preferred for encrypting digital envelop because private key is never exchanged for transmission of data from sender to receiver which reduces the chances of revelation of private key during transmission and hence providing confidentiality and authenticity of data. Also it is a faster technique of encryption.

Examples of public key techniques - RSA, Diffie-Hellman

What types of data should be encrypted?

Following type of data can be encrypted using public key encryption:

Databases containing large amount of confidential data.

Payment applications to prevent frauds.

For digital signatures to authenticate the owner of data or message.

When should data be encrypted?

Data should be encrypted when you send sensitive data like emails, passwords over internet to prevent third part access to your data. Apart from this data should be encrypted when it is in use on some device because some virus or malware can still access decrypted data from your device and cause damage to important data.