Symmetric key cryptography: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
mNo edit summary
 
(8 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{PropDel}}<br><br>{{subpages}}
{{main|Cryptography}}
{{main|Cryptography}}
{{TOC|right}}
'''Symmetric key cryptography''' uses the same key for both [[cipher#Encryption and decryption=|encryption  and decryption]]. Since compromise of a single key completely defeats the security of symmetric key techniques, it is also called '''secret key''' cryptography. "Secret key" is slightly misleading, as the [[private key]] in [[asymmetric key cryptography]] also must be protected.
'''Symmetric key cryptography''' uses the same key for both [[cipher#Encryption and decryption=|encryption  and decryption]]. Since compromise of a single key completely defeats the security of symmetric key techniques, it is also called '''secret key''' cryptography. "Secret key" is slightly misleading, as the [[private key]] in [[asymmetric key cryptography]] also must be protected.


The first symmetric ciphers were monoalphabetic, operating  on individual letters. They included substitutions such as the [[Caesar cipher]], as well as simple [[transposition cipher]]. All used symmetric keying, as, indeed, did every known system until the advent of asymmetric key (public key) methods in the mid-1970s.  The next level of complexity moved to polyalphabetic substitution, still one character at a time.  
The first symmetric ciphers were monoalphabetic, operating  on individual letters. They included substitutions such as the [[Caesar cipher]], as well as simple [[transposition cipher]]. All used symmetric keying, as, indeed, did every known system until the advent of asymmetric key (public key) methods in the mid-1970s.  The next level of complexity moved to polyalphabetic substitution, still one character at a time.  


The study of symmetric-key ciphers involves the study of [[block ciphers]] and [[stream ciphers]] and to their applications.   
The study of symmetric-key ciphers involves the study of [[block cipher]]s and [[stream cipher]]s and their applications.   
==Block ciphers==
==Block ciphers==


A [[block cipher]] is the modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size.  Block ciphers are used in a [[Block cipher modes of operation|mode of operation]] to implement a cryptosystem.
A [[block cipher]] is the modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size.  Block ciphers are used in a [[Block cipher modes of operation|mode of operation]] to implement a cryptosystem.


[[Data Encryption Standard|DES]] and [[Advanced Encryption Standard|AES]] are block ciphers which have been designated [[cryptography standards]] by the US government (though DES's designation was eventually withdrawn after the AES was adopted)<ref name="aes">[http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf FIPS PUB 197: The official Advanced Encryption Standard].</ref>.  Despite its delisting as an official standard, DES (especially its still-approved and much more secure [[triple-DES]] variant) remains quite popular; it is used across a wide range of applications, from ATM encryption<ref name="atm">[http://www.ncua.gov/letters/2004/04-CU-09.pdf NCUA letter to credit unions], July 2004</ref> to [[e-mail privacy]]<ref name="opgp">[http://tools.ietf.org/html/2440 Open PGP Message Format] RFC at the [[IETF]]</ref> and [[SSH|secure remote access]]<ref name="ssh">[http://www.windowsecurity.com/articles/SSH.html SSH at windowsecurity.com] by Pawel Golen, July 2004</ref>.  Many other block ciphers have been designed and released, with considerable variation in quality. <ref name="schneierbook">{{citation  
[[Data Encryption Standard|DES]] and [[Advanced Encryption Standard|AES]] are block ciphers which have been designated [[cryptography standards]] by the US government (though DES's designation was eventually withdrawn after the AES was adopted)<ref name="aes">[http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf FIPS PUB 197: The official Advanced Encryption Standard].</ref>.  Despite its delisting as an official standard, DES (especially its still-approved and much more secure [[Triple DES]] variant) remains quite popular; it is used across a wide range of applications, from ATM encryption<ref name="atm">[http://www.ncua.gov/letters/2004/04-CU-09.pdf NCUA letter to credit unions], July 2004</ref> to [[e-mail privacy]]<ref name="opgp">[http://tools.ietf.org/html/2440 Open PGP Message Format] RFC at the [[IETF]]</ref> and [[SSH|secure remote access]]<ref name="ssh">[http://www.windowsecurity.com/articles/SSH.html SSH at windowsecurity.com] by Pawel Golen, July 2004</ref>.  Many other block ciphers have been designed and released, with considerable variation in quality. <ref name="schneierbook">{{citation  
  | first = Bruce | last = Schneier
  | first = Bruce | last = Schneier
  | title = Applied Cryptography
  | title = Applied Cryptography
Line 17: Line 19:


==Stream ciphers==
==Stream ciphers==
Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit by bit or character by character, somewhat like the one-time pad.  In a stream cipher, the output stream is created based on an internal state which changes as the cipher operates. That state's change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. [[RC4]] is an example of a well-known stream cipher <ref name= schneierbook />
[[Stream cipher]]s, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit by bit or character by character, somewhat like the one-time pad.  In a stream cipher, the output stream is created based on an internal state which changes as the cipher operates. That state's change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. [[RC4]] is an example of a well-known stream cipher <ref name= schneierbook />
 
== Hybrid cryptosystems==
 
In general, symmetric ciphers are much faster than asymmetric ones, but [[key management]] for symmetric ciphers can be difficult. For <math>n</math> people to communicate, <math>n(n-1)/2</math> keys are needed and all of them must be ''securely'' communicated before they can be used. This problem is often managed by using a [[hybrid cryptosystem]] in which [[public key]] techniques handle key management and symmetric ciphers do the encryption of actual messages.
 
==References==
==References==
{{reflist}}
{{reflist}}
[[Category:Suggestion Bot Tag]]

Latest revision as of 06:01, 24 October 2024

This article may be deleted soon.
To oppose or discuss a nomination, please go to CZ:Proposed for deletion and follow the instructions.

For the monthly nomination lists, see
Category:Articles for deletion.


This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.
For more information, see: Cryptography.

Symmetric key cryptography uses the same key for both encryption and decryption. Since compromise of a single key completely defeats the security of symmetric key techniques, it is also called secret key cryptography. "Secret key" is slightly misleading, as the private key in asymmetric key cryptography also must be protected.

The first symmetric ciphers were monoalphabetic, operating on individual letters. They included substitutions such as the Caesar cipher, as well as simple transposition cipher. All used symmetric keying, as, indeed, did every known system until the advent of asymmetric key (public key) methods in the mid-1970s. The next level of complexity moved to polyalphabetic substitution, still one character at a time.

The study of symmetric-key ciphers involves the study of block ciphers and stream ciphers and their applications.

Block ciphers

A block cipher is the modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size. Block ciphers are used in a mode of operation to implement a cryptosystem.

DES and AES are block ciphers which have been designated cryptography standards by the US government (though DES's designation was eventually withdrawn after the AES was adopted)[1]. Despite its delisting as an official standard, DES (especially its still-approved and much more secure Triple DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption[2] to e-mail privacy[3] and secure remote access[4]. Many other block ciphers have been designed and released, with considerable variation in quality. [5]

Stream ciphers

Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit by bit or character by character, somewhat like the one-time pad. In a stream cipher, the output stream is created based on an internal state which changes as the cipher operates. That state's change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known stream cipher [5]

Hybrid cryptosystems

In general, symmetric ciphers are much faster than asymmetric ones, but key management for symmetric ciphers can be difficult. For people to communicate, keys are needed and all of them must be securely communicated before they can be used. This problem is often managed by using a hybrid cryptosystem in which public key techniques handle key management and symmetric ciphers do the encryption of actual messages.

References

  1. FIPS PUB 197: The official Advanced Encryption Standard.
  2. NCUA letter to credit unions, July 2004
  3. Open PGP Message Format RFC at the IETF
  4. SSH at windowsecurity.com by Pawel Golen, July 2004
  5. 5.0 5.1 Schneier, Bruce (2nd edition, 1996,), Applied Cryptography, John Wiley & Sons, ISBN 0-471-11709-9