SSL is half symmetric and half asymmetric?

I am reading http://www.definityhealth.com/marketing/how_ssl_works.html

Looks like SSL is using asymmetric algorithm to exchange the symmetric key, after that it uses symmetric algorithm to encrypt the data.

One question, can I use asymmetric algorithm only? Like Alice and Bob 开发者_StackOverflow社区both have certificate and, they are all using peer's public key to encrypt the data.

No, you can't use only asymmetric encryption.

TLS (SSL) does not support encryption of application data with public key algorithms because it would make no sense: it would be much less efficient yet provide no improvement to security.

Public key encryption is not harder to break than symmetric algorithms. In fact, for all we know, there may a trick that makes breaking some asymmetric algorithms trivial, just waiting to be discovered.

Public key algorithm solve the key exchange problem, and that's how TLS and every other security protocol use them. Symmetric algorithms are used to keep data private and protect its integrity.

As a general rule, one can say that asymmetric algorithms are much more computing intensive than symmetric algorithms. Thus it is very common case to use an asymmetric algorithms to exchange a symmetric key that will be used to exchange the data. It is also considered as sufficiently safe security wise.

• Can you use asymmetric algorithms for everything? Surely you can.
• Can you do it within SSL? I don't know.

Yes, you can, if you provide your own implementation for SSL - as this is not the original SSL design. (BTW, use TLS - it is very similiar but more secure).

Symmetric key uses the same key to encrypt and decrypt the data. The biggest issue with it is to send these to the receiver. Therefore the use of asymmetric keys are encouraged, where they have private and public keys.

Symmetric keys are generally used to encrypt large amounts of data which is faster. After, we send this data to the receiver again using an asymmetric algorithm.