Cryptography Symmetric Algorithms Flashcards
Digital Encryption Standard (DES)
symmetric system created by NSA
Based on 128 bit Lucifer algorithm by IBM
Uses 64 bit key, 8 bits for parity so key length is 56 bits
Divides message into 64 bit blocks
16 rounds of transposition and substitution are performed on each block, giving 64 bit block of ciphertext
replaced by 3DES and AES
DES-X is a variant using multiple 64 bit keys in addition to 56 bit DES key
Double-DES used a 112 bit key, but no longer used after attacks reduced its security to that of DES
5 Modes of DES
1st Mode
ECB, Electronic Code Book
64 bit blocks are processed using the key
ciphertext can be padded to ensure result is 64 bit block
encryption errors only affect one block of the message
security issue is that because every 64 bit block is encrypted with same key, when encrypting large amounts of data, patterns would emerge
Works well with databases because it works well with encrypting short messages
5 Modes of DES
2nd Mode
CBC, Cipher Block Chaining
Each 64 bit block is chained together because each resultant 64 bit ciphertext block is applied to the next block
ciphertext is used to encrypt next block of plaintext (IV), which is encrypted again with the key
encrypts large files without having any patterns in the ciphertext
if a unique IV used with each message encryption, resultant ciphertext will be different each time, even when same plaintext is used
5 Modes of DES
3rd Mode
CFB, Cipher Feedback
Uses 8 bit (or smaller) blocks and combines stream and block ciphering
ciphertext block must be same size as plaintext block
encryptions errors affect any future block encryption
should not be used to encrypt video or voice
this limit/problem led to need for DES OFB mode
5 Modes of DES
4th Mode
OFB, Output Feedback
Uses 8 bit (or smaller) blocks and combines stream and block ciphering
Uses previous key stream with the key to create the next key stream
Size of key stream value must be same size as plaintext block
Less prone to errors that CFB has
5 Modes of DES
5th Mode
CTR, Counter Mode
Similar to OFB but uses incrementing IV counter to ensure each block is encrypted with unique key stream
Ciphertext is not chaining into encryption process
Performance is much better than other modes
Triple DES
Uses three 56 bit keys
Up to 3 times slower than DES
Temporary replacement to DES
Comes in 4 Modes
3DES-EEE3 - each block of data encrypted 3 times each with different key
3DES-EDE3 - each block of data encrypted with first key, decrypted with second key, encrypted with 3rd key
3DES-EEE2 - each block of data encrypted with first key, encrypted with second key, finally encrypted with first key
3DES-EDE2 - each block of data encrypted with first key, decrypted with second key, finally encrypted with first key
Advanced Encryption Standard (AES)
replacement for DES
Uses Rijndael algorithm
3 block sizes: 128, 192, 256 bits
128bit key with 128bit block size undergoes 10 transformation rounds
192 bit key with 192 bit block size undergoes 12 transformation rounds
256 bit key with 256 bit block size undergoes 14 transformation rounds
Is the required algorithm for sensitive but unclassified US government data
International Data Encryption Algorithm (IDEA)
Block cipher that uses 64 bit blocks
each block divided into 16 smaller blocks
Uses 128 bit key, performs 8 rounds of transformations on each of the 16 smaller blocks
Faster and stronger than DES but not as widely used as DES or AES because it was patented until 2012
Used in PGP
Skipjack
Block cipher, symmetric algorithm developed by NSA
Uses 80 bit key to encrypt 64 bit blocks
Algorithm that was used in the clipper chip
Algorithm details are classified
Blowfish
block cipher that uses 64 bit data blocks
Uses 32 to 448 bit keys
performs 16 rounds of transformation
Developed to replace DES and is one of the few algorithms not patented
Twofish
version of blowfish that uses 128 bit data blocks
Uses 128, 192, 256 bit keys
Performs 16 rounds of transformation
Like blowfish, not patented
RC4 aka ARC4
One of the most popular stream ciphers
Used in SSL and WEP
RC4 uses variable key size of 40 to 2048 bits
Performs up to 256 rounds of transformation
RC5
Block cipher that uses key size of up to 2048 bits
Uses 32, 64 or 128 bit block sizes
Performs up to 255 rounds of transformation
Commonly uses RC5=w/r/b designation where
w=block size
r=number of rounds
b=number of bits in the key
RC6
Block cipher based on RC5 but faster
Uses same key size, rounds and block size
Developed as AES solution but lost contest to Rijndael