Overview#Hybrid cryptosystem is one which combines the convenience of a Public Key Cryptography with the efficiency of a Symmetric Key Cryptography.
Public Key Cryptography is convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely (among other useful properties). However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable Symmetric Key Cryptography. In many applications, the high cost of encrypting long messages in a Public Key Cryptography can be prohibitive. This is addressed by hybrid systems by using a combination of both.
Hybrid cryptosystem can be constructed using any two separate cryptosystems:
- a Key Encapsulation Method, which uses Public Key Cryptography
- a Data Encapsulation Method, which uses Symmetric Key Cryptography.
Note that for very long messages the bulk of the work in encryption/decryption is done by the more efficient Symmetric Key Cryptography scheme, while the less efficient Public Key Cryptography scheme is used only to encrypt/decrypt a short key value.
All practical implementations of Public Key Cryptography today employ the use of a Hybrid cryptosystem. Examples include the TLS protocol which uses a Public Key mechanism for Key-Exchange (such as Diffie-Hellman) and a Symmetric Key mechanism for data encapsulation (such as AES).
The OpenPGP (RFC 4880) file format and the PKCS7 (RFC 2315) file format are other examples.
- Obtains Alice's Public Key.
- Generates a fresh Symmetric Key for the data encapsulation scheme.
- Encrypts the message under the data encapsulation scheme, using the Symmetric Key just generated.
- Encrypt the Symmetric Key under the KeyEncipherment scheme, using Alice's public key.
- Send both of these encryptions to Alice.
- Uses her Private Key for Decryption with the Symmetric Key contained in the key encapsulation segment.
- Uses this Symmetric Key for Decryption the message contained in the data encapsulation segment.