Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

One question I had to answer in my crypto exam today was: Do we need symmetric c

ID: 653291 • Letter: O

Question

One question I had to answer in my crypto exam today was:

Do we need symmetric cryptosystems?

As it stands, that's probably a debatable question, so I'd like to reformulate this as:

Are there any situations where symmetric cryptosystems could not be replaced by asymmetric cryptosystems without serious downsides?

I'm not thinking of performance-related issues here; rather, I'm looking for things that would be impossible to achieve in an asymmetric-only model, or at least that would require prohibitively complex or costly implementations.

I would be interested to hear of any answer, since my teacher seemed to suggest that I was missing something, but he wouldn't say what (this was an oral examination).

Explanation / Answer

Yes, we need symmetric cryptosystems, for many reasons; to give three of these:

1. We need a hash function to make most asymmetric cryptosystems secure (e.g. we simply do not have a secure signature system based on RSA without a hash), and current hash functions are (or are built from) symmetric cryptosystems.
2. All asymmetric encryption cryptosystems are bound to output ciphertext larger than the plaintext, and there are situations where this is a major drawback (e.g. bulk disk encryption).
3. The best asymmetric encryption cryptosystems we have around are some orders of magnitude slower/more energy-hungry than state-of-the-art symmetric ones; it turns out this worsens, badly, if we want to minimize the ciphertext expansion ratio by using huge parameters.

Note: Point 1 has the appearance of being sufficient to prove my assertion, but it is debatable to a degree: perhaps in this question we want the big picture only, and disregard the symmetric internals of all existing asymmetric cryptosystems; and/or perhaps we could devise asymmetric-based hashes (though these would be symmetric cryptosystems in disguise).
Also: we could live with 2, if there was not 3, which in the end is the real killer.

Related Questions

One position expressed in the financial literature is that firms set their divid
Question #2776349
One positive charge is placed on a horizontal surface. It has a mass of 10 kg. A
Question #1705732
One positive charge is placed on a horizontal surface. It has a mass of 10 kg. A
Question #1705751
One possibility for a low-pollution automobile is for it to use energy stored in
Question #1305513
One possibility for a low-pollution automobile is for it to use energy stored in
Question #1305865
One possibility for a low-pollution automobile is for it to use energy stored in
Question #1305883
One possibility for a low-pollution automobile is for it to use energy stored in
Question #1305943
One possibility for a low-pollution automobile is for it to use energy stored in
Question #1520405

Navigate

Previous
One question Grub Chemical Company has developed cost standards for the producti
Next
One question about textile engineering i. Identify the possible consequence(s) o

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.