Release 10.1A: OpenEdge Getting Started:
Core Business Services

Symmetric-key cryptography

The foundation of all PKI is public-key (also known as asymmetric-key) cryptography (see the "Public key cryptography" section), which it uses for the primary authentication services that it provides. However, while very secure, this is a relatively slow cryptographic technique. Therefore, a PKI uses symmetric-key cryptography for its combination of speed and strength to handle the encryption and decryption of actual data after it has already been authenticated. The PKI might generate the symmetric keys randomly using a Pseudo Random Number Generation function (PRNG), or it might use password-based encryption (less typical) to generate keys based on a user-supplied password (see the "Password-based encryption (PBE)" section). It then uses asymmetric-key cryptography to exchange and maintain the confidentiality of the symmetric keys used to encrypt and decrypt the data.