What is the performance difference of pki to symmetric encryption?

stevemac picture stevemac · Sep 23, 2008 · Viewed 16.6k times · Source

We are looking to do some heavy security requirements on our project, and we need to do a lot of encryption that is highly performant.

I think that I know that PKI is much slower and more complex than symmetric encryption, but I can't find the numbers to back up my feelings.

Answer

Thilo picture Thilo · Sep 23, 2008

Yes, purely asymmetric encryption is much slower than symmetric cyphers (like DES or AES), which is why real applications use hybrid cryptography: the expensive public-key operations are performed only to encrypt (and exchange) an encryption key for the symmetric algorithm that is going to be used for encrypting the real message.

The problem that public-key cryptography solves is that there is no shared secret. With a symmetric encryption you have to trust all involved parties to keep the key secret. This issue should be a much bigger concern than performance (which can be mitigated with a hybrid approach)