Quiz Entry - updated: 2026.07.14
In the crypto puzzle, what is the difference between symmetric and asymmetric approaches for achieving confidentiality vs. data authenticity?
For confidentiality, symmetric uses shared-key encryption while asymmetric uses the recipient's public key. For authenticity, symmetric uses MACs while asymmetric uses digital signatures with the sender's private key.
| Goal | Symmetric Approach | Asymmetric Approach |
|---|---|---|
| Confidentiality | Encrypt with shared secret key (3DES, AES) | Encrypt with recipient's public key, decrypt with recipient's private key |
| Data Authenticity / Integrity | MAC (Message Authentication Code), e.g., HMAC with SHA-3 | Digital signature: sign with sender's private key, verify with sender's public key |
Key differences for authenticity:
| Property | Symmetric (MAC) | Asymmetric (Signature) |
|---|---|---|
| Non-repudiation | No — both parties share the key, so either could have created the MAC | Yes — only the signer has the private key |
| Key management | Need pre-shared secret | Advantage: only need authentic public keys |
| Speed | Fast | Slower |
Important: MAC provides integrity but not non-repudiation (either party could have generated it). Digital signatures provide both integrity and non-repudiation.
The asymmetric approach also includes: RSA, ECC, EdDSA, and newer schemes like those that won't be broken by quantum computers.