CRYPTOGRAPHY CONCEPT | Symmetric Encryption

If you go to a coffee shop or at the airport, and you're using open wireless, I would use a VPN service that you could subscribe for 10 bucks a month. Everything is encrypted in an encryption tunnel, so a hacker cannot tamper with your connection. -- Kevin Mitnick

• Symmetric Encryption

---

Symmetric, or secret key, encryption is the most commonly used form of cryptography, because the shorter key length increases the speed of execution. Symmetric key algorithms are based on simple mathematical operations that can easily be accelerated by hardware. Symmetric encryption is often used for wire-speed encryption in data networks and to provide bulk encryption when data privacy is required, such as to protect a VPN.

• Well-known encryption algorithms that use symmetric keys including:

1. DES(3DES)
2. AES(Rijndael)
3. Software Encryption Algorithm (SEAL)
4. Rivest ciphers (RC) series (RC2, RC4, RC5, and RC6)
5. Twofish
6. Blowfish

1. DES

--- DES Is a block cipher i.e. it operates on the blocks of plaint text input message.

-- In actual, the key length for DES key is 64 bits, but only 56 bits are considered and
the rest of 8 bits are used as parity bits (for calculating checksum).
DES is considered to be lacking strength for many applications, mainly due to the
56-bit key size being too small. Some critical analysis have theoretically proved the
weakness of DES algorithm, although it is practically too tough to crack it.

Description of DES

• Single key Triple DES
  If all the three keys are identical, then it is known as keying option 3.
  For example – if your single DES key is abcdef0123456789, then your equivalent
  Triple DES key would be –

abcdef0123456789 abcdef0123456789 abcdef0123456789
<------k1---------> <------k2---------> <------k3--------->

• Two key triple DES
  If the first and the third keys (i.e k1 and k3) are identical, it is called as keying option
  2 For example –
  If k1 = abcdef0123456789 and k2 = 9abcdef012345678 , then the equivalent triple
  DES key would be –

abcdef0123456789 9abcdef012345678 abcdef0123456789
<------k1---------> <------k2---------> <------k3---------->

• Triple DES
  If all the keys are different, then the keying option is 1

For example –
k1 = abcdef0123456789
k2 = 9abcdef012345678
k3 = 89abcdef01234567
Equivalent Triple DES key would be -

abcdef0123456789 9abcdef012345678 abcdef0123456789
<------k1---------> <------k2---------> <------k3---------->

The DES algorithm is now superceded because of its shorter key size, by a much
stronger scheme known as Advanced Encryption Standard (AES).

2. AES(Rijndael Algorithm)

--Advanced Encryption Standard (AES) is the current standard for secret key encryption. AES was created by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, replacing the old Data Encryption Standard (DES). The Federal Information Processing Standard 197 used a standardized version of the algorithm called Rijndael(Dutch Pronunciation) for the Advanced Encryption Standard. The algorithm uses a combination of Exclusive-OR operations (XOR), octet substitution with an S-box, row and column rotations, and a MixColumn. It was successful because it was easy to implement and could run in a reasonable amount of time on a regular computer.

Description of AES

KeyExpansions—round keys are derived from the cipher key using Rijndael's key schedule. AES requires a separate 128-bit round key block for each round plus one more.
InitialRound
AddRoundKey—each byte of the state is combined with a block of the round key using bitwise xor.
Rounds
SubBytes—a non-linear substitution step where each byte is replaced with another according to a lookup table.
ShiftRows—a transposition step where the last three rows of the state are shifted cyclically a certain number of steps.
MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in each column.
AddRoundKey
Final Round (no MixColumns)
--SubBytes
--ShiftRows
--AddRoundKey.

Description of DES

• Single key Triple DES
  If all the three keys are identical, then it is known as keying option 3.
  For example – if your single DES key is abcdef0123456789, then your equivalent
  Triple DES key would be –

abcdef0123456789 abcdef0123456789 abcdef0123456789
<------k1---------> <------k2---------> <------k3--------->

• Two key triple DES
  If the first and the third keys (i.e k1 and k3) are identical, it is called as keying option
  2 For example –
  If k1 = abcdef0123456789 and k2 = 9abcdef012345678 , then the equivalent triple
  DES key would be –

abcdef0123456789 9abcdef012345678 abcdef0123456789
<------k1---------> <------k2---------> <------k3---------->

• Triple DES
  If all the keys are different, then the keying option is 1

For example –
k1 = abcdef0123456789
k2 = 9abcdef012345678
k3 = 89abcdef01234567
Equivalent Triple DES key would be -

abcdef0123456789 9abcdef012345678 abcdef0123456789
<------k1---------> <------k2---------> <------k3---------->

The DES algorithm is now superceded because of its shorter key size, by a much
stronger scheme known as Advanced Encryption Standard (AES).

2. AES(Rijndael Algorithm)

-- Advanced Encryption Standard (AES) is the current standard for secret key encryption. AES was created by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, replacing the old Data Encryption Standard (DES). The Federal Information Processing Standard 197 used a standardized version of the algorithm called Rijndael(Dutch Pronunciation) for the Advanced Encryption Standard. The algorithm uses a combination of Exclusive-OR operations (XOR), octet substitution with an S-box, row and column rotations, and a MixColumn. It was successful because it was easy to implement and could run in a reasonable amount of time on a regular computer.

Description of AES

KeyExpansions—round keys are derived from the cipher key using Rijndael's key schedule. AES requires a separate 128-bit round key block for each round plus one more.
InitialRound
AddRoundKey—each byte of the state is combined with a block of the round key using bitwise xor.
Rounds
SubBytes—a non-linear substitution step where each byte is replaced with another according to a lookup table.
ShiftRows—a transposition step where the last three rows of the state are shifted cyclically a certain number of steps.
MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in each column.
AddRoundKey
Final Round (no MixColumns)
--SubBytes
--ShiftRows
--AddRoundKey.

3. Software Encryption Algorithm (SEAL)

-- Encrypting Fast In Software -Encryption must often be performed at high data rates a requirement sometimes met with the help of supporting crypto graphic hardware-Unfortunately cryptographic hardware is often absent and data condentiality is sacriced because the cost of software cryptography is deemed to be excessive- The computational cost of software cryptography is a function of the underlying algorithm and the quality of its implementation- But regardless of imple mentation a cryptographic algorithm designed to run well in hardware will not perform in software as well as an algorithm optimized for software execution-The hardwareoriented Data Encryption Algorithm DES is no exception- Of ten what is needed is a welldesigned softwareoptimized encryption method for todays general purpose computers

--To this end we have designed SEAL
Software Encryption Algorithm-SEAL is a pseudorandom function family under control of a key rst preprocessed into a set of tables SEAL stretches a bit position index into a keystream of essentially arbitrary length-One then encrypts by XORing this keystream withthe plaintext in the manner of a Vernam cipher-As with any Vernam cipher it is imperative that the keystream only be used once-On a modern bit processor SEAL can encrypt messages at a rate of about clock cycles per byte of text-In comparison the DES algorithm is more than times as expensive- Even a Cyclic Redundancy Code CRC is more costly

4. Rivest ciphers (RC) series (RC2, RC4, RC5, and RC6)

--Ron Rivest, an MIT professor and one of the founders of RSA Security, has devised a number of ciphers for that company, either alone or with collaborators. These designs are designated as RCn. Officially, "RC" stands for Rivest Cipher; it may also be taken as Ron's Code. There are also a series of cryptographic hashes, designed by Rivest for RSA security, numbered MDn for "Message Digest".

RC2(Rivest Cipher 2)

--RC2 was a block cipher designed in 1987 for Lotus Corporation for use in their Lotus Notes software. It is a Feistel cipher with 18 rounds and a 64-bit block size. Details are in RFC 2268.
Like RC4, this cipher was authorised for export under the then current US laws, provided the key size was limited to 40 bits.

RC4(Rivest Cipher 4)

--RC4 is a very widely deployed stream cipher.
The design has a size parameter; the 8-bit version is in widespread use. This generates pseudo-random data one byte at a time and maintains a 256-byte internal state. The combining operation is XOR. The key can be any size up to the state size, 256 bytes or 2048 bits for the 8-bit version.RC4 is quite simple to implement in software and is very widely used. It is used (at least as one option) in Internet protocols such as TLS (RFC 2246) for secure web browsing and SSH (RFC 4251) for secure remote login. It is also use in WEP wireless networking, in Microsoft PPTP and in many other applications.
The design was proprietary until an Internet post that revealed the internal workings of the cipher. The posted version is sometimes labelled ARC4 for "Alleged RC4".

RC5(Rivest Cipher 5)

--RC5 is a block cipher with 64-bit blocks, one of the DES generation of block ciphers. It was the first well-known cipher to make extensive use of data-dependent rotations to achieve nonlinearity. It is a Feistel cipher.
RFC 2040 gives an RC5 specification for Internet use.
Its descendant RC6, also using data-dependent rotations, was an AES finalist. RSA Security have a web page describing both ciphers.

RC6(Rivest Cipher 6)

--RC6 is a block cipher that was a finalist in the AES competition. Like all AES candidates, it uses 128-bit blocks and supports key sizes of 128, 192 or 256 bits.
Like RC5, RC6 made extensive use of data-dependent rotations. RSA Security have a web page describing both ciphers.
RC6 is the only one of the five finalists which does not have a completely open license; it is still proprietary to RSA Security.

5. Twofish

--Between 1972 and 1974 NIST issued the first public request for an encryption standard. As a result DES became the accepted encryption standard. Although this algorithm was very popular, it has always been surrounded by controversy as many cryptographers objected to the “closed-door” design of the algorithm. There was also a suspicion that NSA planted a “back-door” in the algorithm, as NSA modified it before it was standardized, although none was able to prove this until now. Furthermore the key length of DES became to small for acceptable commercial security, so as a interim solution Triple-DES was used for a while because it provided increased security.Responding to the desire to replace DES with stronger and more reliable algorithm, NIST announced another public request for an encryption standard, called Advanced Encryption Standard(AES), in 1997. Twofish is one of the candidates that made it to the final round of the AES program.

General Description

-128-bit block
-128, 192, or 256-bit key
-16 rounds
Works in all standard modes
Encrypts data in:
-18 clocks/byte on a Pentium
-16.1 clocks/byte on a Pentium Pro

6. Blowfish

--Blowfish is a symmetric block cipher that can be effectively used for encryption and safeguarding of data. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for securing data. Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms.Blowfish is unpatented and license-free, and is available free for all uses. Blowfish Algorithm is a Feistel Network, iterating a simple encryption function 16 times. The block size is 64 bits, and the key can be any length up to 448 bits. Although
there is complex initialization phase required before any encryption can take place, the actual encryption of data is very efficient on large microprocessors.

Basically, Blowfish encryption algorithm is requires 32 bit microprocessor at a rate of one byte for every 26 clock cycles. Blowfish contains 16 rounds. Each round consists of XOR operation and a function. Each round consists of key expansion and data encryption. Key expansion generally used for generating intial contents of one arry and data encryption uses a 16 round feiestek network methods. Fig1 shows how blowfish algorithm works. plain text and key are the inputs of this algorithm.64 bit palin text taken is divided into two 32 bits data and at each round the given key is expanded and stored in 18 p-arry and gives 32 bit key as input and XOR ed with previous round data.

Source: #Wikipedia, #Google

---

If you want to about previous concepts then visit my page @sujityadav and see the more posts about cryptography. :)
Feel free to Flollow me: @sujityadav if you like my post
If you want to know in datail about all the above concepts, I will post all of these concepts, and please comment below if you like and love to know what is computer and web securities.

Thank you for reading my posts & all of your responces.
@sujityadav