Symmetric key cryptography

From Citizendium
Revision as of 15:21, 9 August 2008 by imported>Howard C. Berkowitz (Added more introduction and structure. Need to define terms such as monoalphabetic, Alberti, either inline or by links)
Jump to navigation Jump to search

Symmetric key cryptography uses the same key for both encryption and decryption. Since compromise of a single key completely defeats the security of symmetric key techniques, it is also called secret key cryptography. "Secret key" is slightly misleading, as the private key in asymmetric key cryptography also must be protected.

The first symmetric ciphers were monoalphabetic, operating on individual letters. They included substitutions such as the Caesar cipher, as well as simple transposition cipher. All used symmetric keying, as, indeed, did every known system until the advent of asymmetric key (public key) methods in the mid-1970s. The next level of complexity moved to polyalphabetic substitution, still one character at a time.

The study of symmetric-key ciphers involves the study of block ciphers and stream ciphers and to their applications.

Block ciphers

A block cipher is the modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size. Block ciphers are used in a mode of operation to implement a cryptosystem.

DES and AES are block ciphers which have been designated cryptography standards by the US government (though DES's designation was eventually withdrawn after the AES was adopted)[1]. Despite its delisting as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption[2] to e-mail privacy[3] and secure remote access[4]. Many other block ciphers have been designed and released, with considerable variation in quality. [5].

Stream ciphers

Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit by bit or character by character, somewhat like the one-time pad. In a stream cipher, the output stream is created based on an internal state which changes as the cipher operates. That state's change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known stream cipher [5]

References