is a cryptographic approach that combines the benefits of both symmetric and asymmetric encryption.
- Symmetric: the same secret key is used for both encryption and decryption.
- Asymmetric: uses a pair of keys; public (encrypt) and private (decrypt).
- Common steps:
- The sender obtains the recipient’s public key (ex: Browser from a web server).
- A random and temporary symmetric key is generated by the sender (to encrypt the data).
- The sender encrypts the data with the symmetric key.
- The symmetric key is encrypted with the recipient’s public key.
- The encrypted data and the encrypted symmetric key are sent to the recipient.
- The recipient decrypts the symmetric key using their private key and uses it to decrypt the data.
- Examples: SSL/TLS (HTTPS), PGP, SSH, IPsec, S/MIME