Explanation of Symmetric Cryptography

Before you start

Objectives: Find our the specifics about symmetric cryptography and about specific algorithms that are often used.

Prerequisites: you should know what is cryptography in general.

Key terms: key, cryptography, bit, DES, symmetric, encryption, RC, algorithm, block, cipher, private


What is Symmetric Cryptography

The specific thing about symmetric cryptography is that both the sender and receiver share a single private key. The key is always kept secret. Because of that it is also often called Private Key cryptography. Before secure communication between parties can begin, both parties must exchange the shared secret key. When compared to Asymmetric cryptography, symmetric cryptography is much faster (about 1000 times faster, or even more). However, there are also some problematic things about symmetric cryptography. For example, there is always an issue with the key exchange, which has to be done securely. Also, it is not very scalable since every communication partner has to have their own key pair. The key is not shared with other communication partners.

Symmetric cryptography is often used for bulk encryption, message digest, and hashing functions. If we use large keys, symmetric cryptography is very hard to break.

The terms Private Key Cryptography, Shared Private Key Cryptography, and Secret Key Cryptography all refer to symmetric cryptography. In all this things we use a single shared private key between both parties. The term Private Key refers to the one key of the private public key pair, and this is the part from the asymmetric cryptography.

Usage of Symmetric Cryptography

There are several different Symmetric Cryptography algorithms and we will mention some of them here. The first one we should be familiar with is the Data Encryption Standard (DES).

Data Encryption Standard (DES)

DES algorithm was originally created in 1972, and we can still find it in usage today. DES breaks messages to 64-bit blocks before processing them. DES uses the 56-bit length key. The length of the DES key is considered to be its biggest disadvantage. In fact, DES has been broken so it’s not considered secure anymore.

Triple DES (3DES)

To deal with the weaknesses of DES algorithm, 3DES was introduced. 3DES basically takes DES system and applies it three times to the same message. This can be done by using the same key, or by using multiple different keys. The total key length is 168-bit. 3DES was replaced  with the Advanced Encryption Standard (AES).

Advanced Encryption Standard (AES)

AES was introduced in 2001. AES uses the Rijndael block cipher algorithm. This algorithm is resistant to all known attacks, and it is very fast. It uses variable block sizes, and variable key lengths. Key length can be 128-bit, 192-bit, and 256-bit. AES is considered to be extremely strong encryption standard.

Blowfish and Twofish

Blowfish was designed by Bruce Schneider. Blowfish is a variable block size encryption algorithm that uses variable keys up to 448-bits. Twofish is actually the improvement of Blowfish. Twofish is also a symmetric block cipher, nad uses 128-bit blocks and can use key lengths of 128-bit, 192-bit or 256-bit.

Carlisle Adams Stafford Tavares (CAST)

CAST can operate in two modes. In 64-bit block mode it uses 128-bit key. In 128-bit block mode it uses 256-bit key. CAST is often used in Pretty Good Privacy (PGP) e-mail encryption.

International Data Encryption Algorithm (IDEA)

IDEA cipher is another algorithm which can be used in Pretty Good Privacy e-mail encryption. IDEA uses 64-bit blocks, and uses 128-bit key.

Rivest Cipher (RC)

RC ciphers are patented by the RSA Data Security Group. There are several versions of RC cipher. For example, RC2 works with 64-bit blocks, and uses variable key lengths which can range from 1-bit to infinity. Another version is RC4, which is actually a stream cipher. It works with 40-bit or 128-bit keys. We also have RC5, which is the variable block cipher and uses variable key length between 1 and infinity. RC6 is actually an improved version of RC5. RC6 was introduced because of theoretical weakness which was discovered in RC5. RSA  data security group also introduced the RSA algorithm which is used in asymmetric systems.