Back to the full dot-point answer
NSWSoftware EngineeringQuick questions
Module 1: Secure Software Architecture
Quick questions on Symmetric and asymmetric encryption explained: HSC Software Engineering Module 1
9short Q&A pairs drawn directly from our worked dot-point answer. For full context and worked exam questions, read the parent dot-point page.
What is symmetric encryption?Show answer
One shared key is used to encrypt and decrypt. The same key that scrambles the data unscrambles it.
What is asymmetric encryption?Show answer
A key pair: a public key (shared with everyone) and a private key (kept secret by the owner). Data encrypted with the public key can only be decrypted with the private key.
What is the hybrid model?Show answer
Real systems combine both. HTTPS is the canonical example: asymmetric encryption for the handshake (key exchange), then symmetric encryption for the bulk traffic. The diagram shows the four-step handshake.
What is worked code?Show answer
A short Python example using the cryptography library:
What is cloud storage encryption?Show answer
symmetric (AES-256). The startup controls both ends and needs to encrypt potentially gigabytes of data. Key management is internal.
What is public feedback form?Show answer
asymmetric. Publish the startup's public key. Anyone can encrypt feedback with it.
What is forgetting that HTTPS uses both?Show answer
A common single-mark trap is "what kind of encryption does HTTPS use?" The answer is hybrid: asymmetric for handshake, symmetric for data.
What is mixing up encryption and hashing?Show answer
Encryption is reversible (with the key). Hashing is one-way. Password storage uses hashing, not encryption.
What is conflating algorithm with key size?Show answer
AES with a 128-bit key is symmetric; AES with a 256-bit key is also symmetric. The key size is independent of the symmetric-versus-asymmetric distinction. :::