Symmetric Ciphers

 Key Usage:

o Use a single, shared secret key for both encryption and decryption.

o The key must be kept secret and securely exchanged between parties.

 Operation:

o Transform plaintext into ciphertext using an encryption algorithm and the secret
key.

o Recover plaintext by decrypting ciphertext using the same key.

 Types of Transformations:

o Substitution: Replace plaintext elements (bits, characters) with others.

 Examples: Caesar cipher, Playfair cipher, AES.

o Transposition: Rearrange plaintext elements to change their positions.

 Example: Rail fence cipher.

o Product Ciphers: Combine multiple stages of substitutions and transpositions for

added complexity.

 Processing Methods:

o Block Ciphers: Process data in fixed-size blocks (e.g., DES, AES).

o Stream Ciphers: Process data continuously, one element at a time (e.g., RC4).

 Advantages:

o Speed: Faster and more efficient than asymmetric ciphers.

o Simplicity: Easier to implement in hardware and software.

 Disadvantages:

o Key Management: Secure key exchange and management are challenging.

o Scalability: Difficult to manage keys for large numbers of users.

 Examples:
 o DES (56-bit key).

o 3DES (enhanced DES with two or three keys).

o AES (128, 192, or 256-bit keys).

o RC4 (stream cipher).

Block Ciphers

 Definition:

o Encrypt data in fixed-size blocks (e.g., 64 bits, 128 bits).

 Operation:

o Encryption: Transform plaintext blocks into ciphertext using substitutions and

permutations.

o Decryption: Reverse the process using the same key.

 Key Characteristics:

o Block Size: Fixed (e.g., 64 bits in DES, 128 bits in AES).

o Reversible Mapping: Each plaintext block maps to a unique ciphertext block.

o Feistel Structure: Used in many block ciphers (e.g., DES).

o Diffusion and Confusion: Make the relationship between plaintext, ciphertext,

and key complex.

 Modes of Operation:

o ECB (Electronic Codebook): Encrypts each block independently.

 Vulnerable to repeating patterns.

o CBC (Cipher Block Chaining): XORs current plaintext with previous

ciphertext.

 Hides repeating patterns.

o CFB (Cipher Feedback): Converts block ciphers into stream ciphers.

 o OFB (Output Feedback): Generates a keystream independent of plaintext.

o CTR (Counter): Uses an encrypted counter for each block.

 Examples:

o DES (64-bit block, 56-bit key).

o AES (128-bit block, 128/192/256-bit keys).

Stream Ciphers

 Definition:

o Encrypt data continuously, one bit or byte at a time.

 Operation:

o Keystream Generation: Use a pseudorandom bit generator to produce a

keystream.

o Encryption: XOR plaintext with the keystream to produce ciphertext.

o Decryption: XOR ciphertext with the same keystream to recover plaintext.

 Key Characteristics:

o Continuous Processing: No fixed block size.

o Keystream: Must be unpredictable and as long as the plaintext.

o Real-time Operation: Suitable for real-time data streams.

 Advantages:

o Speed: Faster and simpler than block ciphers.

o No Padding: No need to pad data to fit block sizes.

 Disadvantages:

o Key Reuse: Unsafe to reuse keys; can lead to cryptanalysis.

 Examples:
 o RC4.

o Autokeyed Vigenère Cipher.

o Vernam Cipher.

Key Differences Between Block and Stream Ciphers

Feature Block Cipher Stream Cipher

Data Processing Fixed-size blocks Continuous, bit-by-bit or byte-by-byte

Block Size Specific (e.g., 64, 128 bits) No block size

Keystream Not applicable Uses a pseudorandom keystream

Padding Required for incomplete blocks Not needed

Speed Slower Faster

Key Reuse Keys can be reused Keys should not be reused

Applications

 Block Ciphers:

o File transfer, email, databases.

o Network-based symmetric cryptography.

 Stream Ciphers:

o Real-time data streams (e.g., communications, browser links).

Asymmetric Ciphers (Public-Key Ciphers)

 Key Usage:

o Use two keys: a public key (shared) and a private key (kept secret).

 Operation:
 o Encryption: Data encrypted with a public key can only be decrypted with the
corresponding private key.

o Authentication: Data encrypted with a private key can be decrypted with the
corresponding public key to verify identity.

 Applications:

o Confidentiality: Ensure only the intended recipient can read the message.

o Authentication: Verify sender identity and message integrity.

o Digital Signatures: Create unforgeable authenticators.

o Key Exchange: Securely exchange symmetric keys over insecure channels.

 Advantages:

o Simplified Key Distribution: Public keys can be shared openly.

o Authentication: Provides both confidentiality and authentication.

 Disadvantages:

o Computational Overhead: Slower and more resource-intensive than symmetric

ciphers.

o Key Management: Secure storage of private keys is critical.

o Complexity: Algorithms are more complex than symmetric ciphers.

 Examples:

o RSA (based on factoring large numbers).

o ECC (Elliptic Curve Cryptography).

o Diffie-Hellman (key exchange protocol).

Key Differences Between Symmetric and Asymmetric Ciphers

Feature Symmetric Ciphers Asymmetric Ciphers

Key Type Single secret key Two keys (public and private)
Key Sharing Requires secure exchange Public key can be shared openly

Speed Faster and efficient Slower and resource-intensive

Primary Uses Bulk data encryption, Key exchange, digital signatures

confidentiality

Key Management Complex Simplified (but private keys must be

secure)

Algorithm Simpler More complex

Complexity

Combined Usage (Hybrid Systems)

 Use asymmetric ciphers for secure key exchange.

 Use symmetric ciphers for bulk data encryption.

 Combines the strengths of both types for optimal performance and security.

Summary

 Symmetric Ciphers: Fast and efficient for encrypting large amounts of data.

 Asymmetric Ciphers: Ideal for key exchange, authentication, and digital signatures.

 Block vs. Stream Ciphers: Block ciphers process fixed-size blocks; stream ciphers
process data continuously.

Data Encryption Standard (DES)

 Key and Block Size:

o Uses a 56-bit key (64-bit input with 8 bits ignored).

o Encrypts 64-bit blocks of data.

  Structure:

o A Feistel cipher with 16 rounds of permutations and substitutions.

o Splits the 64-bit input into two 32-bit halves for processing.

 Encryption Process:

o Begins with an initial permutation (IP) of the plaintext.

o Each round uses a unique 48-bit subkey derived from the 56-bit key.

o Applies the function 'f' (expansion, XOR, S-box substitution, permutation).

o Ends with a final permutation (IP-1).

 Decryption:

o Reverses encryption using the same algorithm with subkeys in reverse order.

 Security Concerns:

o Vulnerable to brute-force attacks due to short key length.

o EFF's Deep Crack machine can break DES in ~4.5 days.

o S-box design criteria were not publicly disclosed, raising concerns.

Advanced Encryption Standard (AES)

 Key and Block Size:

o Supports key sizes of 128, 192, or 256 bits.

o Operates on 128-bit blocks of data.

 Structure:

o A symmetric block cipher using a substitution-permutation network (not

Feistel).

 Encryption Process:

o Involves 10, 12, or 14 rounds (depending on key size).

 o Each round applies four transformations:

1. Substitute Bytes.

2. Shift Rows.

3. Mix Columns.

4. Add Round Key.

o Expands the key to generate subkeys for each round.

 Decryption:

o Applies inverse transformations in reverse order.

 Security:

o Highly secure and resistant to known cryptanalytic attacks.

 S-box Construction:

o Built using finite field arithmetic.

Triple DES (3DES)

 Key and Block Size:

o Uses three 56-bit keys or two 56-bit keys.

o Encrypts 64-bit blocks of data.

 Structure:

o Applies DES three times in an encrypt-decrypt-encrypt (EDE) sequence.

 Encryption Process:

o With three keys: E(K3, D(K2, E(K1, P))).

o With two keys: E(K1, D(K2, E(K1, P))).

 Decryption:

o Reverses encryption using keys in reverse order.

  Security:

o More secure than DES, with effective key lengths of 112 bits (two keys) or 168
bits (three keys).

o Slower than DES due to three DES operations.

 Compatibility:

o Backward compatible with DES.

Comparison Table

Feature DES AES Triple DES

Key Size 56 bits 128, 192, or 256 bits 112 or 168 bits (effective)

Block Size 64 bits 128 bits 64 bits

Structure Feistel Substitution-Permutation Feistel (3 DES operations)

Network

Rounds 16 10, 12, or 14 (key 48 (16 rounds x 3)

dependent)

Security Vulnerable to Highly secure More secure than DES, but less
brute force secure than AES

Speed Relatively fast Fast Slower than DES due to 3 DES

operations

Key Differences and Implications

 Key Length:

o DES has the smallest key size, making it vulnerable.

o AES offers the largest key sizes, ensuring high security.

o Triple DES increases key length but is less efficient than AES.

 Structure:
 o DES uses a Feistel structure.

o AES uses a substitution-permutation network.

 Security:

o AES is the most secure.

o Triple DES improves on DES but is not as robust as AES.

 Speed:

o DES is faster than Triple DES.

o AES is faster than both DES and Triple DES.

 Adoption:

o DES is outdated and insecure.

o AES is the modern standard.

o Triple DES is used in legacy systems requiring DES compatibility.

Summary

 DES: Historically significant but insecure due to short key length.

 Triple DES: Improves DES security but is slower and less efficient.

 AES: The preferred modern standard, offering high security and speed.

 DES is outdated and insecure.

 AES is the current standard for encryption, offering high security and efficiency.

 Triple DES is more secure than DES but is being replaced by AES due to its inefficiency
and smaller block size.

Types of Asymmetric Encryption Algorithms

RSA (Rivest-Shamir-Adleman)

 Most widely used public-key cryptosystem.

  Security: Based on the difficulty of factoring large prime numbers.

 Used for encryption & digital signatures.

 Key Generation: Involves selecting two large prime numbers and computing their
modulus.

 Encryption/Decryption: Uses modular exponentiation with public/private keys.

 Key sizes: 512, 1024, or 2048 bits

 Most widely used public-key algorithm

Diffie-Hellman Key Exchange

 Purpose: Securely exchanges secret keys over an insecure network.

 Key Agreement: Allows two parties to generate a shared secret key.

 No encryption or digital signatures (only key exchange).

ElGamal Cryptosystem

 Based on discrete logarithms (difficult to solve).

 Supports both encryption and digital signatures.

 Key sizes: 512 or 1024 bits

Elliptic Curve Cryptography (ECC)

 Uses elliptic curve mathematics for encryption.

 More efficient than RSA (provides strong security with shorter key lengths).

 Ideal for resource-limited devices.

 Applications: Digital signatures, key exchange, and encryption.

Comparison: Asymmetric vs. Symmetric Encryption

Feature Asymmetric Symmetric

Key Use Separate keys for encryption & decryption Same key for both
Feature Asymmetric Symmetric

Speed Slower (complex calculations) Faster (suitable for large data)

Usage Secure key exchange, digital signatures Bulk data encryption

Security Considerations

 Mathematical Attacks: RSA can be vulnerable to factoring attacks.

 Brute-Force Attacks: Small key sizes increase vulnerability.

 Chosen Ciphertext Attacks: Some algorithms are at risk.

 Key Management: Secure storage of private keys is crucial.

Summary

 Asymmetric encryption ensures secure key exchange, encryption, and digital

signatures.

 Common algorithms: RSA, Diffie-Hellman, ElGamal, ECC—each with unique

strengths.

 Used widely in secure communications, authentication, and data protection.

=
00010011
00110100

01010111

01111001

10011011

10111100
11011111

11110001