Symmetric key encryption utilizes only one key. The same key that encrypts also decrypts the data.

 

- This method is quick but “key exchange” can be an issue if the transmission of the key is not secure. When data is encrypted using a symmetric key the transmission of the key to the partner who is decrypting the data needs to be secured. One method to achieve this is using asymmetric encryption for symmetric key transmission: HTTPS/TLS transmission is one method to secure the symmetric key exchange.

- Bosch cameras can use Advanced Encryption Standard (AES) to encrypt in several cases. Encrypting for example: 

  a) UDP encryption in Live view;

  b) Recording video data in a VRM setup;

  c) Control and video data transferred via HTTPS/TLS


Asymmetric key encryption utilizes a two key system known as a Public and Private Key Pair:

- This method might require the deployment of signed certificates.

- Bosch VRM and cameras use this method for securing the symmetric key exchange in the new feature ‘Prevent unauthorized access to video recording’.

- The public key is sent over the network and is used by the partner to encrypt data. Only the device which holds the belonging private key can decrypt the data. The private key stays on the device and needs to be kept secret from unauthorized access.

- Asymmetric cryptography is used for different scenarios such as:

  a) Public-Key-Encryption (-> e.g. BVMS 10: Prevent unauthorized access to video recording)

  b) Public-Key-Authentication (-> e.g. e-commerce, internet shops)

  c) Digital Signatures (-> e.g. BVMS 7.0 feature “Authenticity” or in general E-mail signatures) ...... and many others


Certificate 

- It is a data package that contains information about its owner, the signing Certificate Authority (CA), validity period, public key, etc.

- Certificates are exchanged between the communication partners. They contain the public key of the certificate owner but not the private key. Due to security reason the private key is not transmitted over a network.

- It can be issued by a trusted Certificate Authority CA (signed by it). Certificates that are not signed by any CA but by the owner itself are called self-signed certificates.