Cryptographic Systems Flashcards
Cryptology
Is the science of making and breaking secret codes. The development and use of codes is called cryptography, and breaking codes is called crypt-analysis
Data Encryption Standard (DES)
- is a cipher/ a method of encrypting information
- DES is now considered to be insecure for many applications: chiefly due to the 56-bit key size being too small. Can be broken in as few as 24 hours.
- is believed to be practically secure in the form of triple DES
Advanced Encryption Standard (AES)
- successor of DES
- Is a symmetric cipher defined in federal information processing (FIPS) standard number 197 in 2001
- NSA approves 128-bit for SECRET and 192-bit AES for TOP SECRET
- AES has a fixed block size of 128, 192, or 256 bits (those are the 3 approved key lengths)
3 Approved AES key lengths
128 bit
192 bit
256 bit
Triple DES / 3DES
- 3des is 256 times stronger than DES
- It takes a 64-bit block of data and then performs 3 DES operations in sequence, encrypt, decrypt, encrypt
- requires additional processing time
- can use 1,2, or 3 different keys (1 key = DES)
Software-optimized Encryption Algorithm (SEAL)
Is an alternative algorithm to software based DES, 3DES, and AES
- Is a stream cipher that uses a 160-bit encryption key
- Because it is a stream cipher, data to be encrypted is continuously encrypted and therefore much faster than block ciphers
- longer initialization phase during which a large set of tables is created using SHA
- SEAL has a lower impact on CPU compared to other software-based algorithms
- SEAL support was added to cisco IOS release 12.3(7)T
RC Algorithms
Rc algorithms are widely deployed in many networking applications because of their favorable speed and variable key-length capabilities Several Variations of RC algorithms: -RC2 -RC4 -RC5 -RC6
RC2
Variable key-size block cipher that was designed as a “drop-in” replacement for DES
RC4
- Worlds most widely used stream cipher.
- Variable key-size stream cipher that is often used in file encryption products and for secure communications, such as within SSL
- It is not considered a one-time pad, because the key is not random
- The cipher can be expected to run very quickly in software and is considered secure, although it can be implemented insecurely, as in Wired Equivalent Privacy (WEP)
RC5
a fast block cipher that has a variable block size and key size. RC5 can be used as a drop-in replacement for DES if the block size is set to 64-bit
RC6
RC6 was an AES finalist. a 128-bit to 256-bit block cipher that was designed by rivest, sidney, and yin and is based on RC5.
Bulk Data Encryption - symmentric keys
- The best encryption method for bulk encryption is AES
- AES provides good security and speed and versatility across a variety of computer platforms.
- RSA keys are large numbers that are only suitable for short messages
- DES can be brute forced
- 3DES can take a long time (3 times as long as DES)
Symmetric Encryption Algorithm examples (3)
- DES
- 3DES
- AES
Symmetric encryption requires a much larger key size to achieve the same level of protection as asymmetric encryption.
Stream Cipher
A stream cipher converts one symbol of plaintext directly to a symbol of ciphertext
- Stream ciphers encrypt plaintext one byte or one bit at a time
- Can be much faster than block ciphers, and generally do not increase the message size
Block Ciphers
Encrypt a group of plaintext symbols as one block
- most modern symmetric encryption algorithms are block ciphers
-block sizes vary, 64=des 128=aes
-Block ciphers transform a fixed-length block of plaintext into a common block of ciphertext of 64 or 128 bits
-