Symmetric(Private)KeyCryptography

In this lesson we will learn about different symmetric key algorithms and their key features. More importantly, we will learn about some more key concepts related to cryptography as it applies to both symmetricandasymmetricalgorithms . Finally, we will learn the advantages and disadvantages of symmetric and asymmetric algorithms. First, lets learn a bit about the differences between block and stream ciphers.

[edit section ] Blockv. StreamCiphers

The difference between a block and a stream cipher is rather simple. A block cipher would break up a clear text into fixedlengthblocksand thenproceedto encryptthoseblocksinto fixedlengthciphers . Because the blocks are of a fixed length, keys can be re-used, making key management a breeze. Typically, computer software uses block ciphers. Stream ciphers operate on continuous (read: non-discrete) portions of data that arrivesin real time.In otherwords,streamciphersworkon informationbit-by-bit ratherthanblockby-block. Because the data does not need to broken down, stream ciphers are generally faster than block ciphers, but keys are not re-usable in stream ciphers, making key management a real pain. For this reason, stream ciphers are usually employed at the hardware level.

[edit section ] Endto-EndEncryption

End-to-End encryption refers to a situation in which data is encrypted when it is sent and decrypted only by the recipient. Of course, in order for the packets to be routed, the relevant TCP/IP headers must be present and unencrypted on the packet.

[edit section ] Link Encryption

In Link encryption, everypacketis encryptedat everypoint between two communicating hosts. In this formulation, information sent to one router is encrypted by the host and decrypted by the router, which then re-encrypts the information with a different key and sends it to the next point. Of course, in this formulation, the headers are also encrypted. The obvious drawbacks include speed and vulnerability to man-in-the-middle attacks.

[edit section ] Key Strength

A cryptovariable, or key, is the valueappliedto encryptedor clear text in orderto decryptor encrypt the text. The length of the key, in bits, is usually a good indicator of the strength of the key. A 128-bit key is, for example, much stronger than a 32-bit key.

[edit section ] SymmetricKey Cryptography

In a symmetric key cryptosystem, a single key is used to encrypt and decrypt data between two communicating hosts. In order to break the system, an attacker must either: A) discover the key through trial-and-error, or discover the key during the initial key agreement.

(From Navy) Symmetric Key Encryption Schema Symmetric key protocols are known to be faster and stronger than their asymmetric counterparts but do possess unique disadvantages that we will discuss later. We will now look at some common symmetric algorithms.

[edit section ] DES

DES is an outdated 64-bit block cipher that uses a 56-bit key. It is a symmetric algorithm that splits the 64-bit block into two separate blocks under the control of the same key. It is considered highly insecure and unreliable and has been replaced by 3DES.

[edit section ] 3DES

Triple DES or 3DES is the partial successor to DES but is still considered outdated and slow. It uses three separate 56-bit keys for an effective key length of 168 bits. However, a vulnerability exists that would allow a hacker to reduce the length of the key, reducing the

time it would take to crack the key. In addition, 3DES is very slow by todays standards and would not be practical to use in encrypting large files.

[edit section ] AES

AES is the true successor to DES and uses a strong algorithm with a strong key. It is based on the Rijndael Block Cipher. The Rijndael Block Cipher can utilize different block and key lengths (including 128, 192, and 256 bit keys) to produce a fast and secure symmetric block cipher. The Twofish algorithm, an alternative to Rijndael, utilizes 128-bit blocks for keys up to 256 bits.

[edit section ] IDEA

All you have to remember about IDEA is that: PGP uses IDEA to ensure email security, and It operates using 64-bit blocks and a 128-bit key

[edit section ] RC5

RSA Security developed RC5, a fast, variable-length, variable-block symmetric cipher. It can accommodate a block size of up to 128 bits and a key up to 2048 bits.

[edit section ] Symmetricv. Asymmetric

Here is a quick run-down of the advantages of symmetric and asymmetric algorithms: Symmetric Faster and easier to implement Lower overhead on system resources Asymmetric Scalable and does not require much administration Easier for users to use