Symmetric ciphers are the oldest and most used **cryptographic ciphers**. In a symmetric cipher, the key that deciphers the ciphertext is the same as (or can be easily derived from) the key enciphers the clear text. This key is often referred to as the secret key. The most widely used symmetric ciphers are DES and AES.

Unlike a symmetric cipher, an asymmetric cipher uses two keys: one key that is kept secret and known to only one person (the private key) and another key that is public and available to everyone (the public key). The two keys are mathematically interrelated, but it's impossible to derive one key from the other. Well-known asymmetric ciphers are the Diffie-Hellman algorithm, RSA, and DSA.

What are the advantages and disadvantages of using an asymmetric cipher instead of a symmetric cipher?

- An important advantage of asymmetric ciphers over symmetric ciphers is that no secret channel is necessary for the exchange of the public key. The receiver needs only to be assured of the authenticity of the public key. Symmetric ciphers require a secret channel to send the secret key—generated at one side of the communication channel—to the other side.
- Asymmetric ciphers also create lesser key-management problems than symmetric ciphers. Only 2n keys are needed for n entities to communicate securely with one another. In a system based on symmetric ciphers, you would need n(n ? 1)/2 secret keys. In a 5000-employee organization, for example, the companywide deployment of a symmetric crypto-based security solution would require more than 12 million keys. The deployment of an asymmetric solution would require only 10,000 keys.
- A disadvantage of asymmetric ciphers over symmetric ciphers is that they tend to be about "1000 times slower." By that, I mean that it can take about 1000 times more CPU time to process an asymmetric encryption or decryption than a symmetric encryption or decryption.
- Another disadvantage is that symmetric ciphers can be cracked through a "brute-force" attack, in which all possible keys are attempted until the right key is found.

Because of these characteristics, asymmetric ciphers are typically used for data authentication (through digital signatures), for the distribution of a symmetric bulk encryption key (aka a digital envelope), for non-repudiation services, and for key agreement. Symmetric ciphers are used for bulk **encryption**.