|
Types of symmetric systems
Data Encryption Standard (DES):
Certified by NIST, based on IBM's 128 bit algorithm Lucifer. Is a block encryption algorithm. 64 bit in -> 64 bit out. 56 bits make up the true key and 8 bits are used for parity. A block of 64 bits is divided in half and each character is encrypted one at a time. The characters are put through 16 rounds of transposition and substitution functions. Have four distinct modes of operation:
ECB mode / Electronic Code Book - Native encryption mode. Provides the recipe of substitutions and permutations that will be performed on the block of plaintext. Data within a file does not have to be encrypted in a certain order. Used for small amounts of data, like challenge-response, key management tasks. Also used to encrypt PINs in ATM machines.
CBC mode / Cipher Block Chaining - Each block of text, the key, and the value based on the pervious block is processed in the algorithm and applied to the next block of text.
CFB Mode / Cipher Feedback Mode - The previously generated ciphertext from the last encrypted block of data is inputted into the algorithm to generate random values. These random values are processed with the current block of plaintext to create ciphertext. This mode is used when encrypting individual characters is required.
OFB Mode / Output Feedback - Functioning like a stream cipher by generating a stream of random binary bits to be combined with the plaintext to create ciphertext. The ciphertext is fed back to the algorithm to form a portion of the next input to encrypt the next stream of bits.
DEA - Data Encryption Algorithm
FIPS - Federal Information Processing Standard
Trippel-DES (3DES):
Uses 48 rounds in its computation. Heavy performance hit and it can take up to three times longer than DES to perform encryption and decryption.
Advanced Encryption Standard (AES):
NIST replacement standard for DES. The winner was Rijndael, which is a block cipher with a variable block length and key length
Employs a round transformation that is comprised of three layers of distinct and invertible transformations: The non-linear layer / the linear mixing layer / the key addition layer. Is suited for high speed chips with no area restrictions / a compact co-processor on a smart card.
International Data Encryption Algoritm (IDEA):
Block cipher that operates on 64 bit blocks of data. The key is 128 bits long. The 64-bite data block is divided into 16 smaller blocks and each has eight rounds of mathematical functions performed on it. Is used in the PGP encryption software.
Blowfish:
A block cipher that works on 64-bit blocks of data. The key length can be up to 448 bits and the data blocks go through 16 rounds of cryptographic functions.
RC5:
A block cipher that has a variety of parameters it can use for block size, key size and the number of rounds used. Block sizes: 32/64/128 and key size up to 2048 bits.
|
|
