Symmetric Cryptography

From NovaOrdis Knowledge Base
Revision as of 22:59, 12 December 2018 by Ovidiu (talk | contribs) (→‎Stream Cipher)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

External

Internal

Overview

Symmetric encryption is a type of encryption where the sender and the receiver agree on a secret (shared) key. The main concern behind symmetric encryption is how to share the secret key securely between the two peers. If the key gets known for any reason, the whole system is compromised.

Concepts

Block Cipher

Block ciphers process entire blocks at a time. The plain text is divided into blocks of equal size, which are then fed into the cipher to produce blocks of cipher text. If there is not enough data to make a complete input block the data must be padded. These bytes are stripped off during the decryption phase. Block encryption is also called bulk encryption.

Stream Cipher

Stream ciphers operate on streams of data, encrypting it bit by bit. A stream cipher consists of two major components: a key stream generator, and a mixing function. Mixing function is usually just an XOR function, while key stream generator is the main unit in stream cipher encryption technique.

Initialization Vector (IV)

An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption. This number, also called a nonce, is employed only one time in any session. The use of an IV prevents repetition in data encryption, making it more difficult for a hacker using a dictionary attack to find patterns and break a cipher.

Symmetric Encryption Algorithms

Advanced Encryption Standard (AES)

Wikipedia Advanced Encryption Standard

The Rijndael algorithm is a block cipher recommended by NIST to replace DES. Brute force attack is the only effective attack known against it, in which the attacker tries to test all the characters combinations to unlock the encryption. The algorithm can usually be used with 256-bit, 192-bit and 128-bit keys. A brute force attack on a 256 bit key using the fastest supercomputer publicly known at the moment would take 1053 years.

AES Encryption in Java

AES-GCM

Advanced Encryption Standard in Galois/Counter Mode (GCM).

Blowfish

Blowfish is a variable length key, 64-bit block cipher, one of the most common public domain encryption algorithms provided by Bruce Schneier.

Data Encryption Standard (DES)

There are many attacks and methods to exploit it, which makes it an insecure block cipher.

3DES

3DES is an enhancement of DES, where the encryption method is similar to the one in original DES but applied three times to increase the encryption level. 3DES is slower than other block cipher methods.

DESede

IDEA

To Process