Key: specifies the transformation of data for encryption / decryption (“key” is not synonymous with “password”, although a password can in fact be used as a key)
Cipher: an algorithm for performing encryption and decryption
Symmetric cryptography
Use the same key for the encryption and the decryption
Symmetric-key either use stream cipher and block cipher
Popular algorithms: AES, DES
Asymmetric / Public Key cryptography
Two key used: public and private
Public key is publicly known to everyone, issued by Public Key Infrastructure (PKI) and use to encrypt the data
Private key is a secret for the public,only known by the owner and it is used to decrypt the data
Asymmetric cryptography delivers confidentiality, integrity, authenticity and non-repudiation
Clear text: WE ARE DISCOVERED. FLEE AT ONCE
W . . . E . . . C . . . R . . . L . . . T . . . E
. E . R . D . S . O . E . E . F . E . A . O . C .
. . A . . . I . . . V . . . D . . . E . . . N . .
Ciphertext: WECRLTEERDSOEEFEAOCAIVDEN
Text digits are combined with a pseudorandom cipher digit stream (keystream)
Each plaintext digit is encrypted one at a time with the corresponding digit of the stream
2 type:
Synchronous Stream Ciphers : stream of pseudo-random digits is generated independently of the plaintext and ciphertext
messages, and then combined with the plaintext (to encrypt) or the ciphertext (to decrypt)
Self-Synchronizing Stream Cipher : uses several of the previous N ciphertext to compute the keystream
Example cipher: RC4
Block Cipher
Operating on fixed-length groups of bits, called a block, with an unvarying transformation that is specified by a symmetric key
Example cipher: AES, DES
Stream Cipher
RC4
Designed in 1987, leaked in 1994
Used in SSL, WEP
Simple amd fast algorithm
RC4 generates a pseudorandom stream of bits (a keystream) and combining it with the plaintext using bit-wise exclusive-or for
encryption
The permutation is initialized with a variable length key, typically between 40 and 2048 bits
Marked as insecure
Symmetric Algorithms
Data Encryption Standard (DES)
Introduced in 1975
Standardized in 1977
Problem with DES: short key length (56 bits)
Now considered as insecure
Improved version: Triple DES (involves DES three times)
Problem with Triple DES: slow, compute heavy
Parameters
Parameter
Value
Block size
64 bits
Key size
56 bits
No. of rounds
16
Advanced Encryption Standard (AES)
First published in 1998
Became a federal government standard in 2002
First approved (and only) publicly accessible cipher approved by the NSA for top secret information