Ch12 - 12.02 - Symmetric Encryption Flashcards
Symmetric Encryption
Symmetric encryption is a common encryption method that involves using the same key to encrypt and decrypt the message
Symmetric Encryption Has Many Other Names, such as the Following:
Shared or preshared key
This name stems from the fact that you need to share the key with the person who is going to decrypt the information.
Secret Key
This name comes from the fact that you must keep the key secret from anyone who should not decrypt the information.
Secret algorithm
This is the symmetric algorithm that is performing the encryption. The term secret is often interchanged with symmetric, as it comes from the fact that the key should be kept secret from those who should not decrypt the message. Keep in mind that the algorithms are not secret; they are publically proven algorithms.
Session key
This name comes from the fact that many implementations of symmetric encryption use a random key, known as a session key, to do the encryption/decryption.
Private key
This name comes from the fact that you need to keep the
key private to only the parties who are to decrypt the information; otherwise, you lose confidentiality.
Pros n Cons of Symmetric Algo
Pros:
The advantage of symmetric encryption is that it is much faster than asymmetric encryption. If you are going to encrypt a large amount of information, you get a performance benefit by using symmetric encryption rather than asymmetric encryption.
Cons:
There are two major disadvantages to using symmetric encryption.
First, how do you communicate the key to the party who needs to decrypt the message? You must ensure that whatever way you communicate the key, it is sent in a
secure manner.
The second disadvantage to symmetric encryption is the number of keys required to ensure confidentiality among all persons. This means that in order to have three people encrypt messages for one another, you need to have three different symmetric keys for each person for secure communications. The number of keys dramatically rises as you increase the number of people who need to communicate. The following formula is used to calculate the number of symmetric keys that are required:
Keys = people × (people – 1) / 2
Symmetric Encryption Algorithms
- Data Encryption Standard (DES)
- Blowfish
- Twofish
- Triple DES (3DES)
- Rivest Cipher (RC4/RC5)
- Advanced Encryption Standard (AES)
- AES256
Data Encryption Standard (DES) - SymAlgo
DES is a block cipher that was selected as an American government standard in the 1970s. It is a 56- bit encryption algorithm. It is not considered secure by today’s standards.
Blowfish
This is a block cipher algorithm created by Bruce Schneier to replace the DES algorithm. It offers variable rates of encryption, from 1- to 448-bit encryption.
Twofish
Also written by Bruce Schneier, Twofish was created after Blowfish and offers 128-bit encryption.
Triple DES (3DES)
This is an improvement on DES that runs the information through three mathematical operations using three different 56-bit keys to create 168-bit encryption. Like DES, 3DES is a block cipher.
Rivest Cipher (RC4/RC5)
RC5 is a block cipher that was created by Ronald Rivest. There are different versions of the RC algorithm, such as RC4, which is a stream cipher used in SSL and WEP (for wireless security).
Advanced Encryption Standard (AES)
AES has replaced 3DES as the new standard for symmetric encryption algorithms. AES is a block cipher that supports 128-bit, 192-bit, and 256-bit encryption.
AES256
If AES is used to encrypt data with 256-bit encryption, it is referred to as AES256, or AES-256, instead of just AES.
