is a method of encrypting and decrypting data using the same secret key.
- AKA: secret-key, single-key, or private-key encryption.
- The secret key is shared between both parties. (increases the risk)
- The same key is used to encrypt and decrypt the message.
- It can use block or stream ciphers.
- Pros: good for volumes of data, files, databases, and networks. Fast.
- Pros: confidentiality, integrity, and authentication
- Cons: How do I share the key? How do I scale for multiple users? (multiple keys)
- Cons: Doesn’t support non-repudiation.
- Examples: Blowfish, RC4, DES, Triple DES (3DES), and AES (most popular).
- Examples: ChaCha20 (used by TLS 1.3, for instance)