Symmetric key cryptography: Difference between revisions
imported>Sandy Harris |
mNo edit summary |
||
(7 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
{{PropDel}}<br><br>{{subpages}} | |||
{{main|Cryptography}} | {{main|Cryptography}} | ||
{{TOC|right}} | |||
'''Symmetric key cryptography''' uses the same key for both [[cipher#Encryption and decryption=|encryption and decryption]]. Since compromise of a single key completely defeats the security of symmetric key techniques, it is also called '''secret key''' cryptography. "Secret key" is slightly misleading, as the [[private key]] in [[asymmetric key cryptography]] also must be protected. | '''Symmetric key cryptography''' uses the same key for both [[cipher#Encryption and decryption=|encryption and decryption]]. Since compromise of a single key completely defeats the security of symmetric key techniques, it is also called '''secret key''' cryptography. "Secret key" is slightly misleading, as the [[private key]] in [[asymmetric key cryptography]] also must be protected. | ||
The first symmetric ciphers were monoalphabetic, operating on individual letters. They included substitutions such as the [[Caesar cipher]], as well as simple [[transposition cipher]]. All used symmetric keying, as, indeed, did every known system until the advent of asymmetric key (public key) methods in the mid-1970s. The next level of complexity moved to polyalphabetic substitution, still one character at a time. | The first symmetric ciphers were monoalphabetic, operating on individual letters. They included substitutions such as the [[Caesar cipher]], as well as simple [[transposition cipher]]. All used symmetric keying, as, indeed, did every known system until the advent of asymmetric key (public key) methods in the mid-1970s. The next level of complexity moved to polyalphabetic substitution, still one character at a time. | ||
The study of symmetric-key ciphers involves the study of [[block | The study of symmetric-key ciphers involves the study of [[block cipher]]s and [[stream cipher]]s and their applications. | ||
==Block ciphers== | ==Block ciphers== | ||
A [[block cipher]] is the modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size. Block ciphers are used in a [[Block cipher modes of operation|mode of operation]] to implement a cryptosystem. | A [[block cipher]] is the modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size. Block ciphers are used in a [[Block cipher modes of operation|mode of operation]] to implement a cryptosystem. | ||
[[Data Encryption Standard|DES]] and [[Advanced Encryption Standard|AES]] are block ciphers which have been designated [[cryptography standards]] by the US government (though DES's designation was eventually withdrawn after the AES was adopted)<ref name="aes">[http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf FIPS PUB 197: The official Advanced Encryption Standard].</ref>. Despite its delisting as an official standard, DES (especially its still-approved and much more secure [[ | [[Data Encryption Standard|DES]] and [[Advanced Encryption Standard|AES]] are block ciphers which have been designated [[cryptography standards]] by the US government (though DES's designation was eventually withdrawn after the AES was adopted)<ref name="aes">[http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf FIPS PUB 197: The official Advanced Encryption Standard].</ref>. Despite its delisting as an official standard, DES (especially its still-approved and much more secure [[Triple DES]] variant) remains quite popular; it is used across a wide range of applications, from ATM encryption<ref name="atm">[http://www.ncua.gov/letters/2004/04-CU-09.pdf NCUA letter to credit unions], July 2004</ref> to [[e-mail privacy]]<ref name="opgp">[http://tools.ietf.org/html/2440 Open PGP Message Format] RFC at the [[IETF]]</ref> and [[SSH|secure remote access]]<ref name="ssh">[http://www.windowsecurity.com/articles/SSH.html SSH at windowsecurity.com] by Pawel Golen, July 2004</ref>. Many other block ciphers have been designed and released, with considerable variation in quality. <ref name="schneierbook">{{citation | ||
| first = Bruce | last = Schneier | | first = Bruce | last = Schneier | ||
| title = Applied Cryptography | | title = Applied Cryptography | ||
Line 18: | Line 20: | ||
==Stream ciphers== | ==Stream ciphers== | ||
[[Stream cipher]]s, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit by bit or character by character, somewhat like the one-time pad. In a stream cipher, the output stream is created based on an internal state which changes as the cipher operates. That state's change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. [[RC4]] is an example of a well-known stream cipher <ref name= schneierbook /> | [[Stream cipher]]s, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit by bit or character by character, somewhat like the one-time pad. In a stream cipher, the output stream is created based on an internal state which changes as the cipher operates. That state's change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. [[RC4]] is an example of a well-known stream cipher <ref name= schneierbook /> | ||
== Hybrid cryptosystems== | |||
In general, symmetric ciphers are much faster than asymmetric ones, but [[key management]] for symmetric ciphers can be difficult. For <math>n</math> people to communicate, <math>n(n-1)/2</math> keys are needed and all of them must be ''securely'' communicated before they can be used. This problem is often managed by using a [[hybrid cryptosystem]] in which [[public key]] techniques handle key management and symmetric ciphers do the encryption of actual messages. | |||
==References== | ==References== | ||
{{reflist}} | {{reflist}} | ||
[[Category:Suggestion Bot Tag]] |
Latest revision as of 06:01, 24 October 2024
This article may be deleted soon. | ||
---|---|---|
Symmetric key cryptography uses the same key for both encryption and decryption. Since compromise of a single key completely defeats the security of symmetric key techniques, it is also called secret key cryptography. "Secret key" is slightly misleading, as the private key in asymmetric key cryptography also must be protected. The first symmetric ciphers were monoalphabetic, operating on individual letters. They included substitutions such as the Caesar cipher, as well as simple transposition cipher. All used symmetric keying, as, indeed, did every known system until the advent of asymmetric key (public key) methods in the mid-1970s. The next level of complexity moved to polyalphabetic substitution, still one character at a time. The study of symmetric-key ciphers involves the study of block ciphers and stream ciphers and their applications. Block ciphersA block cipher is the modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size. Block ciphers are used in a mode of operation to implement a cryptosystem. DES and AES are block ciphers which have been designated cryptography standards by the US government (though DES's designation was eventually withdrawn after the AES was adopted)[1]. Despite its delisting as an official standard, DES (especially its still-approved and much more secure Triple DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption[2] to e-mail privacy[3] and secure remote access[4]. Many other block ciphers have been designed and released, with considerable variation in quality. [5] Stream ciphersStream ciphers, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit by bit or character by character, somewhat like the one-time pad. In a stream cipher, the output stream is created based on an internal state which changes as the cipher operates. That state's change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known stream cipher [5] Hybrid cryptosystemsIn general, symmetric ciphers are much faster than asymmetric ones, but key management for symmetric ciphers can be difficult. For people to communicate, keys are needed and all of them must be securely communicated before they can be used. This problem is often managed by using a hybrid cryptosystem in which public key techniques handle key management and symmetric ciphers do the encryption of actual messages. References
|