# Cryptography Algorithms

## Terms

undefined, object

copy deck

- Rijndael = the new Advanced Encryption Standard (AES), replacing DES
- Symmetric; block cipher = 128, 192, or 256 bits (AES standardized on 128 bits); key length = variable; rounds = 4-step, parallel series, key size of 128 bits = 9 rounds, 192 bits = 11 rounds, 256 bits = 13 rounds; suited for smart cards, various processors, ISDN, ATM, satellite regulated under NIST as the US government FIPS algorithm; secures Sensitive but Unclassified material
- Data Encryption Standard (DES)
- Symmetric; block cipher = 64 bits; key length = 56 bits (weak); rounds = 16; each chunk is permutated
- Triple DES
- Symmetric; like DES applied 3 times; key length = 168 bits; 3 methods: a) keys 1, 2, and 3 are unique, b) keys 1 and 2 are unique but key 3 is just key 1 repeated again, c) keys 1, 2, and 3 are copies of one another (the method backward compatible with DES).
- Blowfish
- Symmetric; block cipher = 64 bits; key length = variable, 32 to 448 bits; rounds = 16; a drop in substitute for the time consuming algoriths IDEA and DES; unpatented, royalty-free, requires no license to use
- Twofish
- Symmetric; block cipher = 128-bit; key length = 128, 192, or 256 bits; rounds = 16; efficient for use on smart cards; much faster than Blowfish; unpatented, free to use
- Serpent
- Symmetric; block cipher = 128 bits; key length = 128, 192, or 256 bits; rounds = 32
- Skipjack
- Symmetric; data chunks = 64 bits; key length = 80 bits; rounds = 32; developed by the NSA; classified as Secret with details not released to the public for scrutiny; implementation is limited to government-authorized hardware manufacturers and is not used in software; used in the Clipper chip
- International Data Encryption Algorithm (IDEA)
- Symmetric; block cipher = 64 bits; key length = 128 bits (which is used to generate 52, 16-bit keys); rounds = 8; concatenation; susceptible to a weak key (a key made of all zeros), which is easy to check for and mitigate; used in PGP
- MARS (Multiplication, Addition, Rotation, Substitution)
- Symmetric; shared-key block cipher = 128 bits; key length = variable, 128 to over 400 bits; small footprint, making it ideal for smart cards
- CAST
- Symmetric; Feistel cipher; block size = 64 bits for key length = 64 and 128 bits, block size = 128 for key length = 256 bits; rounds = 8 for key length = 64 bits, rounds = 16 for key length = 128, rounds = 48 for key length = 256; used in PGP
- RC6
- Symmetric; block cipher = 128 bit; key length = 128, 192, and 256 bits; rounds = 20; works well for hash functions; runs well on 32-bit computers
- RC5
- Symmetric; block cipher = variable; key length = variable; rounds = variable
- RC2
- Symmetric; block cipher = 64 bits; key length = 8 to 1024 bits; rounds = 18 in one or two operations; operations are mix and mash; drop-in substitute for slower DES; the ability to accept variable key lengths is one of the larger vulnerabilities; any key length below 64 bits can be easily retrieved; source code was illegally posted on the internet
- RC4
- Symmetric; stream cipher; key length = 8 to 2048 bits (with 128 bits being the most common, unless subject to old export restrictions, in which case 40 bits is common); key is used to initialize a 256-byte state table, which is used to generate the pseudo-random stream that is XORed with the plaintext to generate the ciphertext; most vulnerable point is the possibility of weak keys, with 1 key in 256 closely correlating with key bytes; faster than a block cipher because stream ciphers encrypt on the fly; works well in conjunction with SSL to encrypt data transferred between secure web sites and their customers; remained a trade secret of RSA until it was posted on the internet
- GOST
- Symmetric; 64-bit cipher; key length = 256 bits; from the former Soviet Union; can be used in software and hardware implementations
- Tiny Encryption Algorithm (TEA)
- Symmetric; 128-bit cipher; uses a large number of rounds as opposed to a complex program; uses a minimal amount of code to implement
- RSA
- Asymmetric; recommended key length for corporate environments = 1024 bits, recommended key length for sensitive transfers = 2048 bits; takes two large primes exceeding 100 digits and multiplies them together forming a product called the modulus, which is the basis for what what the public and private keys end up being comprised of; included in many popular software applications, such as Microsoft Internet Explorer and Netscape Navigator; provides a means of encryption and the use of Digital Signatures to provide authentication and integrity verification; a defacto standard for many years, now patented
- Diffie-Hellman (DH), or key agreement protocol
- Asymmetric; offers security by way of the discrete logarithm problem; also uses large prime numbers to work; plays a role in the electronic key exchange method of the Secure Sockets Layer (SSL) protocol, the SSH protocol, and the IPsec protocol; used in PGP; the second most widely used asymmetric algorithm next to RSA; provides a way to exchange private keys across an open connections such as the Internet without first exchanging any secret data; it remains effective because of the nature of what it is protecting, which is just a temporary automatically generated secret key that is only good for a single communication session; once patented, now released into the public domain
- ElGamal
- Asymmetric; based upon the difficulty of calculating discrete logarithms in a finite field; for encryption, 3 numbers are needed to generate a key pair; for digital signatures, a different function is used utilizing a prime number and concatenation; is primarily used for digital signatures, but is also used for encryption; used as the US standard for digital signatures; never patented and free for use
- Elliptic curve cryptography (ECC)
- Asymmetric; works on the basis of elliptic curves, which are simple functions drawn as gently sloping curves on the X,Y plane; by adding two points on the curve together, one can get a third point on the curve; users agree on an elliptic curve and a fixed curve point--info that is not a shared secret and can be made public without compromise; users then choose a secret random number each; security of this system is questioned because of lack of analysis
- Secure Hash Algorithm (SHA), the latest being SHA-1
- Hashing; message digest = 160 bits; rounds = 5; a process called message padding forces the size of the pre-hashed text string to be a multiple of 512, which is the block size; if the data that is input is not a multiple of 512, the message is padded with zeros and an integer describing the original length of the message; although it is possible, SHA-1 does not typically use any shared secrets or keys to accomplish its fingerprinting; works as all hashing functions work by applying a compression function to the data input; security is assumed based on the fact that it is computationally infeasible for 2 different strings of text to hash to the same message digest (a collision); message created can be used by the Digital Signature Algorithm (DSA), which can then compute the signature of the message; was developed by NIST and the NSA as the algorithm to be used for secure hashing in the US Digital Signature Standard (DSS)
- MD2
- Hashing; takes a data input of any length and produces a hash output of 128 bits; optimized for 8-bit machines; input data is padded to become a multiple of 16 bytes; after padding, a 16-byte checksum is added to the message; a compression function is invoked; the output result is a 128-bit digest; the only successful known attack is dependent upon the checksum not being appended to the message before the hash function is run, making the algorithm vulnerable to a collision attack
- MD4
- Hashing; optimized for 32-bit computers; takes a data input of any length and produces a digest of 128 bits; message is padded to become a multiple of 512, which is then concatenated with the representation of the message's original length; an extended version of MD4 computes the message in parallel and produces two 128-bit outputs, effectively a 256-bit hash; the vulnerability to collisions applies equally to both versions, as security is not improved because of basic flaws in the algorithm
- MD5
- Hashing; rounds = 4; optimized for 32-bit computers; takes a data input of any length and outputs a message digest of 128 bits; the original message is padded and a representation of the original length of the message is added to the padded value to bring the entire message up to a 512-bit multiple; concatenation is performed; there has been cryptanalysis displaying weaknesses in the compression function, but this weakness does not lend itself to an attach on MD5, itself; a combination of problems has pushed people to adopt SHA for security reasons; MD5 is faster but less secure than SHA; source code for MD5 is freely available on the Internet; can be used in a variety of software and hardware implementations
- transposition cipher
- The same letters are used, but the order is changed, as when the Spartans used a ribbon wrapped around a specific gauge cylinder and then wrote on the cylinder; the message could only be read when someone wrapped the ribbon back around the same gauge cylinder; a common modern-day example of this is the ROT13 cipher, where every letter is rotated 13 positions in the alphabet
- shift cipher
- An example is Caesar's cipher, which uses an algorithm and a key, the algorithm specifying that you offset the alphabet either to the right (forwards) or to the left (backwards), and the key specifying how many letters the offset should be
- substitution cipher
- Is far more complex than a shift cipher; popular in Elizabethan England; works on the principle of substituting a different letter for every letter, permitting 26 possible values for every letter in the message; the Vigenere cipher works as a polyalphabetic substitution cipher that depends on a password; a substitution table is set up; the password is matched up to the text it is meant to encipher; if the password is not long enough, the password is repeated until one character of the password is matched up with each character of the plaintext; the cipher letter is determined by use of the previous grid, matching the plaintext character's row with the password character's column, resulting in a single ciphertext character from where the two meet; if someone knows what the table is, they can determine how the encryption was performed, but they still will not know the key to decrypt the message
- one-time pad (OTP) cipher
- Key length is equal to the length of the message and completely random data must be used for the key; this allows the keyspace to be unlimited, therefore making a brute-force attack impossible