In the HYKER crypto system both symmetric and asymmetric crypto keys are used.
A symmetric key is tied to a document.
A asymmetric key-pair is tied to a device.
The two types of keys have different characteristics and play different roles. The beauty lies in how they interact and complement each other:
The symmetric key is used to both encrypt and decrypt a document. That means that it (the sym key) will need to be transported (over the internet) to each receiver for them being able to use it to decrypt a document. However one cannot just send it in plain text since it would be open for middle men to exploit. This is where the asymmetric key-pair comes into play:
- Each user holds one asymmetric key-pair.
- This key-pair have been around since the time the user were created.
- The private part is kept local to the device (it never touches the internet).
- The public part is published for the world to see.
- The public key may be used by anyone to encrypt a file, resulting in a new file that only the ones holding the private key can decrypt. This allows the new file to be transported across the internet without the risk of being intercepted.
Note that that the asymmetric key-pair is used to transport the symmetric key, not the document itself!
Remember, the reason we use a symmetric key in the first place, and not the alternative to use the asymmetric key-pair directly, is that it would force us to encrypt the same document for each receiver. Due to the potentially not tiny file size of a document, that is a computational heavy task and also it results in new different files for each receiver that needs to be transmitted and stored multiple times (even though they contain the exact same information when decrypted).
One way to look at it is that the is symmetric key is just a token that will grant one access to a certain file. Instead of throwing around the file, we throw around the token because its much more convenient.