In cryptography, public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely (among other useful properties). However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable symmetric-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. A hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem.
A hybrid cryptosystem can be constructed using any two separate cryptosystems:
- a key encapsulation scheme, which is a public-key cryptosystem, and
- a data encapsulation scheme, which is a symmetric-key cryptosystem.
Note that for very long messages the bulk of the work in encryption/decryption is done by the more efficient symmetric-key scheme, while the inefficient public-key scheme is used only to encrypt/decrypt a short key value.
Other articles related to "hybrid cryptosystem, hybrid":
... chosen ciphertext attacks, then the hybrid scheme inherits that property as well ... However, it is possible to construct a hybrid scheme secure against adaptive chosen ciphertext attack even if the key encapsulation has a slightly weakened ...