Skip to main content

Cryptography

Symmetric

Symmetric Cryptography

  • Encryption gives us confidentiality
  • Symmetric encryption
  • Same key to encrypt and to decrypt

Used for general communication as its quick and easy

  • Implemented using block ciphers or stream ciphers
  • No "proof" of security

Stream Ciphers

  • Use an initial seed key to generate an infinite keystream of random looking bits
  • Message and keystream are usually combined using XOR which is reversible if applied twice

Advantages

  • Encrypting long continuous streams, possibly of unknown length
  • Extremely fast with a low memory footprint, ideal for low-power devices
  • If designed well, can seek to any location in the stream

Disadvantages

  • Keystream must appear statistically random
  • Steam ciphers do not protect the ciphertext

Block Ciphers

  • Use a key to encrypt a fixed-size block of plaintext into a fixed-size block of ciphertext
  • Different lengths of messages can be handled by splitting the message up, and padding

Key Mixing - Mixing in the key prevents attacks from reversing the process

Symmetric Algorithms

  • DES was used from 1970s to 2000
  • 3DES (using DES 3 times) is sometimes used in legacy systems
  • AES and ChaCha2- are the only two ciphers used in TLS 1.3

Key Sizes

  • Symmetric encryption (if secure) is only susceptible to brute force
  • 128 bits key means 2^128 required to brute-force

Asymmetric

Public-key Cryptography

  • Two keys: a private and a public one
  • Used key exchange and signatures
  • It is much more expensive
  • Key management easier

It is computationally infeasible to calculate a private from a public key

In practice this is achieved through reduction to intractable (NP) mathematical problems

Key Exchange

  • Diffie-Hellman Key exchange allows two parties to mathematically agree a shared secret over an insecure channel

Digital Signatures

  • The authenticity of signatures generated by the private key can be verified by the public key

Public Key Certificates

Protocols

TLS

  • TLS is a handshake and record protocol that provides end-to-end encryption. It is used in HTTPs
  • Provides - Confidentiality, Integrity, Sever Auth