What Does Hybrid Encryption Mean?
Hybrid encryption is an approach to encoding and decoding data that blends the speed and convenience of a public asymmetric encryption scheme with the effectiveness of a private symmetric encryption scheme.
In this approach to cryptography, the sender generates a private key, encrypts the key by using a public key algorithm and then encrypts the entire message (including the already-encrypted private key) with the original symmetric key. The encoded cipher can only be decoded if the recipient knows the private key the sender originally generated.
If Bob wants to send an encypted message to Alice in a hybrid cryptosystem, for example, he might do the following:
- Request Alice's public key.
- Generate a new symmetric (private) key and use it to encrypt a message.
- Use Alice's public key to encrypt the new symmetric (private) key and the message.
- Send the entire cipher to Alice.
Alice will then be able to use her own private key to decrypt the sender's private key and decode the rest of the message.
Security researchers are looking at ways hybrid encryption can be used as an alternative in quantum computing to more traditional encryption schemes. Until standards have been put in place, however, a hybrid approach can be accompanied by an increased risk of implementation flaws that can negate the encryption scheme's usefulness.