Envelope Encryption
Envelope encryption is a method used to enhance the security of data encryption by combining both symmetric and asymmetric encryption techniques.
- aka hybrid cryptography
Process
- Data encryption
- data is first encrypted using a symmetric key
- called the data encryption key (DEK)
- data is first encrypted using a symmetric key
- Key encryption
- the DEK is then encrypted using an asymmetric key pair
- public key encrypts the DEK
- private key is used to decrypt the DEK
- Transmission
- encrypted data and the encrypted DEK are transmitted together
- Decryption
- upon receiving the data, the recipient decrypts the DEK with their private key
- DEK is then used to decrypt the data