CompTIA Sec+ | Microsoft MTA Security: Symmetric Key Cryptography

Posted filed under CompTIA Security+, MICROSOFT MTA SECURITY.

In here we will learn about different symmetric key algorithms and their key features. More importantly, we will learn about some more key concepts related to cryptography as it applies to both symmetric and asymmetric algorithms. Finally, we will learn the advantages and disadvantages of symmetric and asymmetric algorithms. First, let’s learn a bit about the differences between block and stream ciphers.

 

Block v. Stream Ciphers

The difference between a block and a stream cipher is rather simple. A block cipher would break up a clear text into fixed-length blocks and then proceed to encrypt those blocks into fixed-length ciphers. Because the blocks are of a fixed length, keys can be re-used, making key management a breeze. Typically, computer software uses block ciphers.

Stream ciphers operate on continuous (read: non-discrete) portions of data that arrives“in real time.” In other words, stream ciphers work on information “bit-by-bit” rather than “block-by-block.” Because the data does not need to broken down, stream ciphers are generally faster than block ciphers, but keys are not re-usable in stream ciphers, making key management a real pain. For this reason, stream ciphers are usually employed at the hardware level.

 

 

End-to-End Encryption

End-to-End encryption refers to a situation in which data is encrypted when it is sent and decrypted only by the recipient. Of course, in order for the packets to be routed, the relevant TCP/IP headers must be present and unencrypted on the packet.

 

 

Link Encryption

In Link encryption, every packet is encrypted at every point between two communicating hosts. In this formulation, information sent to one router is encrypted by the host and decrypted by the router, which then re-encrypts the information with a different key and sends it to the next point. Of course, in this formulation, the headers are also encrypted. The obvious drawbacks include speed and vulnerability to “man-in-the-middle” attacks.

 

 

Key Strength

A cryptovariable, or key, is the value applied to encrypted or clear text in order to decrypt or encrypt the text. The length of the key, in bits, is usually a good indicator of the strength of the key. A 128-bit key is, for example, much stronger than a 32-bit key.

 

 

Symmetric Key Cryptography

In a symmetric key cryptosystem, a single key is used to encrypt and decrypt data between two communicating hosts. In order to break the system, an attacker must either: A) discover the key through trial-and-error, or  discover the key during the initial “key agreement.”

Symmetric key protocols are known to be faster and stronger than their asymmetric counterparts but do possess unique disadvantages that we will discuss later. We will now look at some common symmetric algorithms.

 

 

DES

DES is an outdated 64-bit block cipher that uses a 56-bit key. It is a symmetric algorithm that splits the 64-bit block into two separate blocks under the control of the same key. It is considered highly insecure and unreliable and has been replaced by 3DES.

 

 

3DES

Triple DES or 3DES is the partial successor to DES but is still considered outdated and slow. It uses three separate 56-bit keys for an effective key length of 168 bits. However, a vulnerability exists that would allow a hacker to reduce the length of the key, reducing the time it would take to crack the key. In addition, 3DES is very slow by today’s standards and would not be practical to use in encrypting large files.

 

 

AES

AES is the true successor to DES and uses a strong algorithm with a strong key. It is based on the Rijndael Block Cipher. The Rijndael Block Cipher can utilize different block and key lengths (including 128, 192, and 256 bit keys) to produce a fast and secure symmetric block cipher. The Twofish algorithm, an alternative to Rijndael, utilizes 128-bit blocks for keys up to 256 bits.

 

 

IDEA

All you have to remember about IDEA is that:

  • PGP uses IDEA to ensure email security, and
  • It operates using 64-bit blocks and a 128-bit key

 

RC5

RSA Security developed RC5, a fast, variable-length, variable-block symmetric cipher. It can accommodate a block size of up to 128 bits and a key up to 2048 bits.

 

 

Symmetric v. Asymmetric

Here is a quick run-down of the advantages of symmetric and asymmetric algorithms:

Symmetric

  • Faster and easier to implement
  • Lower overhead on system resources

Asymmetric

  • Scalable and does not require much administration
  • Easier for users to use

 

 

**Source by wikipedia**

 To Become Certified For CompTIA Security+ Please Visit This Link ;

 

 

Comments are closed.