Explain how PGP uses both asymmetric and symmetric encryption to be both secure and efficient
Expert Answer
OpenPGP uses asymmetric encryption, usually RSA, for validating identity (signing) and ensuring that only the intended recipient can access the information sent (encryption). Because encrypting large amounts of data using asymmetric encryption is relatively slow and resource intensive compared to symmetric encryption — a particularly important consideration when encrypting data on mobile devices — OpenPGP uses a symmetric encryption algorithm, usually AES, to encrypt the actual file or message content in order to accelerate the encryption process. Symmetric encryption cannot be used for signing, which is why a combination of algorithms is used. So, for example, the sender of a message would use the recipient’s public key to encrypt a randomly generated session key — used to encrypt the content of the actual message. The recipient can use their private key to decrypt the session key and then use that to decrypt the main message.
The reason different key sizes are used in symmetric and asymmetric encryption is because a symmetric algorithm is based on a shared secret, which is not mathematically solvable, whereas asymmetric cryptography relies on the complexity of a math problem for security. Breaking a 128-bit AES key by brute force would currently take many times the age of the universe, and breaking a 256-bit key is even less possible. Increasing the length of the symmetric key from 256 bits would dramatically increase the processing work, while only negligibly increasing the level of security, a pointless tradeoff as the risk is already insignificant. So, for symmetric ciphers, a 256-bit key makes sense.
Asymmetric encryption keys have to be much larger than symmetric keys because they can only use pairs of prime numbers, and there are fewer possible keys for any given number of bits than there are for the same symmetric key size. There are also patterns within the keys themselves, and the more information that is transmitted with the asymmetric encryption key, the more likely it is to be broken. Hence OpenPGP uses 2,048-bit keys with RSA to provide a similar level of security as the 256-bit AES cipher.
OpenPGP encrypted data has never been successfully cryptanalyzed, that is retrieving the plaintext from the ciphertext without knowing the key and using solely cryptanalysis methods. Other methods such as keyloggers have been used successfully, and the main weakness of OpenPGP and any form of encryption is the security of the password or passphrase used to protect the private key. This is why PGP allows users to create a 100+ character passphrase, as the longer this passphrase is, the harder it is for anyone to crack it using brute force and dictionary attacks.