LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

How does hybrid encryption work, and why is it used?

A random symmetric session key is encrypted asymmetrically and sent alongside the symmetrically-encrypted data — combining the best of both worlds.

Hybrid encryption sequence

* A random symmetric session key encrypts the data; the public key wraps only that small key. *

Steps:

  1. Alice generates a random session key $K_S$ (symmetric)
  2. Alice encrypts the actual message with $K_S$: $c = E_{sym}(K_S, m)$
  3. Alice encrypts $K_S$ with Bob's public key: $K_S^{enc} = E_{asym}(K_{pub,B}, K_S)$
  4. Alice sends both $c$ and $K_S^{enc}$
  5. Bob decrypts $K_S$ with his private key: $K_S = D_{asym}(K_{priv,B}, K_S^{enc})$
  6. Bob decrypts the message: $m = D_{sym}(K_S, c)$

Why hybrid?

  • Asymmetric encryption is ~1000x slower — impractical for large data
  • Symmetric encryption is fast but requires a shared secret
  • Hybrid: Use slow asymmetric crypto only for the small session key, then fast symmetric crypto for the bulk data

Used everywhere: TLS/HTTPS, PGP/GPG, SSH, Signal Protocol — virtually all real-world encryption is hybrid.

Go deeper:

From Quiz: KRYPTOG / Fundamentals of Cryptography | Updated: Jul 14, 2026