Symmetric Encryption uses a key to encrypt a message. The key is usually a large binary number (128 or 256 bits being typical). The message can be anything - a file, an email, a block of data, etc. The key and message are fed into an algorithm which produces an encrypted version of the message. The encrypted message is approximately the same length as the original message. The original message is called the *plaintext* and the encrypted message is called the *ciphertext*.

Once encrypted, provided the encryption method is strong, it is impossible for anyone who doesn't know the key to decode the message from the ciphertext. A simple analogy for symmetric encryption is a briefcase with a combination lock. If you know the combination you can open the case and put documents in or take them out. If you donâ€™t know the combination, you have no idea what is in there.

With a locked briefcase, you can be reasonably sure that if you leave the case by your desk while you go to lunch nobody will be able to sneak a look at your secret documents. The same is true of encrypted data - you can store it on your hard disk, transfer it via a network, CD or memory stick secure in the knowledge that anyone who intercepts the ciphertext will never be able to read the original message. The difference is that strong encryption is much more secure - if someone stole your encrypted files and spent the next ten years trying to decode them, they probably wouldn't manage it. Few briefcases are so strong.

For anyone who knows the key, decrypting the ciphertext is quite easy. It is simply a matter of reversing the encryption, using the same key that was used to encrypt the message in the first place.

This type of encryption is called symmetric encryption because the same key is used to encrypt and decrypt the data. It is also called private key encryption, or secret key encryption, because you must keep the key secret. It is generally best to use the term symmetric encryption, because terms such as private or secret are somewhat overloaded in the field of cryptography.

You have probably heard the term *strong* encryption. Symmetric algorithms are classed as strong if, as far as is known, it is impossible to decrypt messages without knowing the key. In particular this means:

- The key must be sufficiently long (at least 128 bits). If a short key is used, an attacker could simply try every possible key until he decrypted the message.
- There must be a very high degree of confidence that the algorithm is free of any weaknesses which help an attacker break the encryption.

Copyright (c) Axlesoft Ltd 2020