# Symmetric Encryption Overview One-sentence definition: Single shared key for encryption/decryption—fast and preferred for bulk data (e.g., **AES**). ## Key Facts - AES key sizes: 128/192/256; widely standardized. - Use authenticated modes (e.g., GCM) to add integrity. - Key distribution is the main challenge; combine with asymmetric for exchange. - Avoid legacy ciphers (DES/3DES) in new designs. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Pick symmetric for performance and at-rest encryption. **Mnemonic:** “One key, **speed**.” ## Mini Scenario Q: Encrypt database at rest—cipher approach? A: AES (with proper mode, e.g., AES-GCM/TDE context). ## Revision Checklist - List AES key sizes. - State why symmetric is used for bulk. - Note risk: key distribution. ## Related [[Block Cipher Modes (ECB, CBC, CTR, GCM)]] · [[Asymmetric Encryption Overview (RSA, ECC)]] · [[Hashing, HMAC, and Digital Signatures]] · [[Public Key Infrastructure (PKI) Components]] · [[Certificates, Revocation, and Pinning]] · [[Domain 3 - Index]]