Symmetric Cryptography: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(19 intermediate revisions by the same user not shown)
Line 1: Line 1:
=External=
* Performance Analysis of Data Encryption Algorithms https://www.cse.wustl.edu/~jain/cse567-06/ftp/encryption_perf/
=Internal=
=Internal=


Line 4: Line 8:


=Overview=
=Overview=
Symmetric encryption is a type of encryption where the sender and the receiver agree on a secret (shared) key. The main concern behind symmetric encryption is how to share the secret key securely between the two peers. If the key gets known for any reason, the whole system is compromised.
=Concepts=
==Block Cipher==
Block ciphers process entire blocks at a time. The plain text is divided into blocks of equal size, which are then fed into the cipher to produce blocks of cipher text. If there is not enough data to make a complete input block the data must be ''padded''. These bytes are stripped off during the decryption phase. Block encryption is also called bulk encryption.
==Stream Cipher==
Stream ciphers operate on streams of data, encrypting it bit by bit. A stream cipher consists of two major components: a key stream generator, and a mixing function. Mixing function is usually just an XOR function, while key stream generator is the main unit in stream cipher encryption technique.
==Initialization Vector (IV)==
An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption. This number, also called a nonce, is employed only one time in any session. The use of an IV prevents repetition in data encryption, making it more difficult for a hacker using a dictionary attack to find patterns and break a cipher.


=Symmetric Encryption Algorithms=
=Symmetric Encryption Algorithms=
Line 9: Line 29:
==<span id='Advanced Encryption Standard'></span><span id='AES'></span>Advanced Encryption Standard (AES)==
==<span id='Advanced Encryption Standard'></span><span id='AES'></span>Advanced Encryption Standard (AES)==


A block cipher recommended by NIST to replace DES. Brute force attack is the only effective attack known against it, in which the attacker tries to test all the characters combinations to unlock the encryption.
{{External|[https://en.wikipedia.org/wiki/Advanced_Encryption_Standard Wikipedia Advanced Encryption Standard]}}
 
* https://www.eetimes.com/document.asp?doc_id=1279619
 
The Rijndael algorithm is a block cipher recommended by NIST to replace DES. Brute force attack is the only effective attack known against it, in which the attacker tries to test all the characters combinations to unlock the encryption. The algorithm can usually be used with 256-bit, 192-bit and 128-bit keys. A brute force attack on a 256 bit key using the fastest supercomputer publicly known at the moment would take 10<sup>53</sup> years.
 
{{Internal|AES Encryption in Java|AES Encryption in Java}}
 
===AES-GCM===
 
Advanced Encryption Standard in Galois/Counter Mode (GCM).


==Blowfish==
==Blowfish==
Blowfish is a variable length key, 64-bit block cipher, one of the most common public domain encryption algorithms provided by Bruce Schneier.


==<span id='Data_Encryption_Standard'></span><span id='DES'></span>Data Encryption Standard (DES)==
==<span id='Data_Encryption_Standard'></span><span id='DES'></span>Data Encryption Standard (DES)==
Line 20: Line 51:


3DES is an enhancement of DES, where the encryption method is similar to the one in original DES but applied three times to increase the encryption level. 3DES is slower than other block cipher methods.
3DES is an enhancement of DES, where the encryption method is similar to the one in original DES but applied three times to increase the encryption level. 3DES is slower than other block cipher methods.
==DESede==
==IDEA==
=To Process=
<font color=darkgray>
* Password Based Encryption Example  http://localhost:9627/personal/Wiki.jsp?page=SymmetricEncryptionInJava
</font color>

Latest revision as of 22:59, 12 December 2018

External

Internal

Overview

Symmetric encryption is a type of encryption where the sender and the receiver agree on a secret (shared) key. The main concern behind symmetric encryption is how to share the secret key securely between the two peers. If the key gets known for any reason, the whole system is compromised.

Concepts

Block Cipher

Block ciphers process entire blocks at a time. The plain text is divided into blocks of equal size, which are then fed into the cipher to produce blocks of cipher text. If there is not enough data to make a complete input block the data must be padded. These bytes are stripped off during the decryption phase. Block encryption is also called bulk encryption.

Stream Cipher

Stream ciphers operate on streams of data, encrypting it bit by bit. A stream cipher consists of two major components: a key stream generator, and a mixing function. Mixing function is usually just an XOR function, while key stream generator is the main unit in stream cipher encryption technique.

Initialization Vector (IV)

An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption. This number, also called a nonce, is employed only one time in any session. The use of an IV prevents repetition in data encryption, making it more difficult for a hacker using a dictionary attack to find patterns and break a cipher.

Symmetric Encryption Algorithms

Advanced Encryption Standard (AES)

Wikipedia Advanced Encryption Standard

The Rijndael algorithm is a block cipher recommended by NIST to replace DES. Brute force attack is the only effective attack known against it, in which the attacker tries to test all the characters combinations to unlock the encryption. The algorithm can usually be used with 256-bit, 192-bit and 128-bit keys. A brute force attack on a 256 bit key using the fastest supercomputer publicly known at the moment would take 1053 years.

AES Encryption in Java

AES-GCM

Advanced Encryption Standard in Galois/Counter Mode (GCM).

Blowfish

Blowfish is a variable length key, 64-bit block cipher, one of the most common public domain encryption algorithms provided by Bruce Schneier.

Data Encryption Standard (DES)

There are many attacks and methods to exploit it, which makes it an insecure block cipher.

3DES

3DES is an enhancement of DES, where the encryption method is similar to the one in original DES but applied three times to increase the encryption level. 3DES is slower than other block cipher methods.

DESede

IDEA

To Process