What is not a symmetric encryption algorithm?

What is not a symmetric encryption algorithm?

Virtual Private Networks

James T. Harmening, in Computer and Information Security Handbook (Third Edition), 2017

5 Symmetric Encryption

Symmetric encryption requires that both the sender and receiver have the same key and each computes a common key that is subsequently used. Two of the most common symmetric encryption standards are known as Data Encryption Standard (DES) and Advanced Encryption Standard (AES). Once AES was released, DES was withdrawn as a standard and replaced with 3-DES, often referred to as Triple DES and TDES.

3-DES takes DES and repeats it two more times. So it is hashed with the 56-bit algorithm and password, and then done twice more. This prevents more brute-force attacks, assuming a strong key is used. Some VPN software is based on these symmetric keys, as we have discussed before.

Finally, a system of shared secrets allows encryption and decryption of data. This can either be done as a preshared password, which is known by both ends prior to communication, or some kind of key agreement protocol where the key is calculated from each end using a common identifier or public key.

Read full chapter

URL: https://www.sciencedirect.com/science/article/pii/B9780128038437000582

Understanding Cybercrime Prevention

Littlejohn Shinder, Michael Cross, in Scene of the Cybercrime (Second Edition), 2008

What Is Encryption?

Encryption is a form of cryptography that “scrambles” plain text into unintelligible cipher text. Encryption is the foundation of such security measures as digital signatures, digital certificates, and the PKI that uses these technologies to make computer transactions more secure. Computer-based encryption techniques use keys to encrypt and decrypt data. A key is a variable (sometimes represented as a password) that is a large binary number—the larger, the better. Key length is measured in bits, and the more bits in a key, the more difficult the key will be to “crack.”

The key is only one component in the encryption process. It must be used in conjunction with an encryption algorithm (a process or calculation) to produce the cipher text. Encryption methods are usually categorized as either symmetric or asymmetric, depending on the number of keys that are used. We discuss these two basic types of encryption technology in the following sections.

Symmetric Encryption

Symmetric encryption is also called secret key encryption, and it uses just one key, called a shared secret, for both encrypting and decrypting. This is a simple, easy-to-use method of encryption, but there is one problem with it: The key must be shared between the sender and the recipient of the data, so a secure method of key exchange must be devised. Otherwise, if a third party intercepts the key during the exchange, an unauthorized person can easily decrypt the data.

Asymmetric Encryption

To address the problem of key exchange, another type of encryption was developed. Asymmetric encryption is also called public key encryption, but it actually relies on a key pair. Two mathematically related keys, one called the public key and another called the private key, are generated to be used together. The private key is never shared; it is kept secret and is used only by its owner. The public key is made available to anyone who wants it. Because of the time and amount of computer processing power required, it is considered “mathematically unfeasible” for anyone to be able to use the public key to re-create the private key, so this form of encryption is considered very secure.

The primary advantage of asymmetric encryption is that there is no need to securely transmit a secret key. Instead, the public key is published openly, made available to the entire world. There is no need to keep it secret, because it can't be used alone. The encryption process works like this:

1

The sender of a message uses the intended recipient's public key, which is freely available, to encrypt a message.

2

The recipient decrypts the message using his or her private key. Only the private key associated with the public key that encrypted it can be used to decrypt the message.

This key pair can also be used to provide for authentication of a message sender's identity using the keys a little differently: This time the sender uses his or her own private key to encrypt the message. This system provides no confidentiality, because anyone can decrypt the message using the owner's public key. However, it does verify the sender's identity, because if the associated public key will decrypt the message, it could only have been encrypted with that person's private key.

Obviously, the most important issue in public key cryptography is the protection of the private keys. This concept is especially important because compromise of a private key not only allows the unauthorized person to read private messages sent to the owner, but also allows the key thief to “sign” transactions emulating the owner, thus stealing the owner's identity. When the key pair is used for secure credit card or banking transactions, this loophole can be disastrous.

Read full chapter

URL: https://www.sciencedirect.com/science/article/pii/B9781597492768000121

Domain 3

Eric Conrad, ... Joshua Feldman, in Eleventh Hour CISSP® (Third Edition), 2017

Types of Cryptography

There are three primary types of modern encryption: symmetric, asymmetric, and hashing. Symmetric cryptography uses a single key to encrypt and decrypt. Asymmetric cryptography uses two keys, one to encrypt and the other to decrypt. Hashing is a one-way cryptographic transformation using an algorithm, but no key.

Symmetric Encryption

Symmetric encryption uses a single key to encrypt and decrypt. If you encrypt a zip file, then decrypt with the same key, you are using symmetric encryption. Symmetric encryption is also called “secret key” encryption because the key must be kept secret from third parties. Strengths of this method include speed and cryptographic strength per bit of key; however, the major weakness is that the key must be securely shared before two parties may communicate securely.

Stream and block ciphers

Symmetric encryption may have stream and block modes. Stream mode means each bit is independently encrypted in a “stream.” Block mode ciphers encrypt blocks of data each round; for example, 64 bits for the Data Encryption Standard (DES), and 128 bits for AES. Some block ciphers can emulate stream ciphers by setting the block size to 1 bit; they are still considered block ciphers.

Initialization vectors and chaining

Some symmetric ciphers use an initialization vector to ensure that the first encrypted block of data is random. This ensures that identical plaintexts encrypt to different ciphertexts. Also, as Bruce Schneier notes in Applied Cryptography, “Even worse, two messages that begin the same will encrypt the same way up to the first difference. Some messages have a common header: a letterhead, or a ‘From’ line, or whatever.”2 Initialization vectors solve this problem.

Chaining (called feedback in stream modes) seeds the previous encrypted block into the next block ready for encryption. This destroys patterns in the resulting ciphertext. DES Electronic Code Book mode (see below) does not use an initialization vector or chaining, and patterns can be clearly visible in the resulting ciphertext.

DES

DES is the data encryption standard, which describes the data encryption algorithm (DEA). IBM designed DES, based on their older Lucifer symmetric cipher, which uses a 64-bit block size (ie, it encrypts 64 bits each round) and a 56-bit key.

Exam Warning

Even though DES is commonly referred to as an algorithm, it is technically the name of the published standard that describes DEA. It may sound like splitting hairs, but that is an important distinction to keep in mind on the exam. DEA may be the best answer for a question regarding the algorithm itself.

Modes of DES

DES can use five different modes to encrypt data. The modes’ primary difference is block versus emulated stream, the use of initialization vectors, and whether errors in encryption will propagate to subsequent blocks.

Fast Facts

The five modes of DES are:

Electronic Code Book (ECB)

Cipher Block Chaining (CBC)

Cipher Feedback (CFB)

Output Feedback (OFB)

Counter (CTR) Mode

ECB is the original mode of DES. CBC, CFB, and OFB were added later. CTR mode is the newest mode, described in NIST Special Publication 800-38a (see http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf).

Electronic code book

ECB is the simplest and weakest form of DES. It uses no initialization vector or chaining. Identical plaintexts with identical keys encrypt to identical ciphertexts. Two plaintexts with partial identical portions, such as the header of a letter, encrypted with the same key will have partial identical ciphertext portions.

Cipher block chaining

CBC mode is a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted. The first encrypted block is an initialization vector that contains random data. This “chaining” destroys patterns. One limitation of the CBC mode is that encryption errors will propagate; an encryption error in one block will cascade through subsequent blocks due to the chaining, therefore destroying their integrity.

Cipher feedback

CFB mode is very similar to CBC, but the primary difference is that CFB is a stream mode. It uses feedback, which is the name for chaining when used in stream modes, to destroy patterns. Like CBC, CFB uses an initialization vector and destroys patterns, and so errors propagate.

Output feedback

OFB mode differs from CFB in the way feedback is accomplished. CFB uses the previous ciphertext for feedback. The previous ciphertext is the subkey XORed to the plaintext. OFB uses the subkey before it is XORed to the plaintext. Since the subkey is not affected by encryption errors, errors will not propagate.

Counter

CTR mode is like OFB; the difference again is the feedback. CTR mode uses a counter, so this mode shares the same advantages as OFB in that patterns are destroyed and errors do not propagate. However, there is an additional advantage: since the feedback can be as simple as an ascending number, CTR mode encryption can be executed in parallel.

Table 3.3 summarizes the five modes of DES.

Table 3.3. Modes of DES Summary

TypeInitialization VectorError Propagation?
Electronic code book (ECB)Block No No
Cipher block chaining (CBC)Block Yes Yes
Cipher feedback (CFB)Stream Yes Yes
Output feedback (OFB)Stream Yes No
Counter mode (CTR)Stream Yes No

Single DES

Single DES is the original implementation of DES, encrypting 64-bit blocks of data with a 56-bit key, using 16 rounds of encryption. The work factor required to break DES was reasonable in 1976, but advances in CPU speed and parallel architecture have made DES weak to a brute-force key attack today, where every possible key is generated and attempted.

Triple DES

Triple DES applies single DES encryption three times per block. Formally called the “triple data encryption algorithm (TDEA) and commonly called TDES,” it became a recommended standard in 1999.

International data encryption algorithm

The international data encryption algorithm (IDEA) is a symmetric block cipher designed as an international replacement to DES. It uses a 128-bit key and 64-bit block size. The IDEA has patents in many countries.

Advanced encryption standard

The advanced encryption standard (AES) is the current US standard in symmetric block ciphers. AES uses 128-bit (with 10 rounds of encryption), 192-bit (with 12 rounds of encryption), or 256-bit (with 14 rounds of encryption) keys to encrypt 128-bit blocks of data.

Choosing AES

The US National Institute of Standards and Technology (NIST) solicited input on a replacement for DES in the Federal Register in January 1997. Fifteen AES candidates were announced in August 1998, and the list was reduced to five in August 1999. Table 3.4 lists the five AES finalists.

Table 3.4. Five AES Finalists

NameAuthor
MARSIBM (11 authors)
RC6RSA (Rivest, Robshaw, Sidney, Yin)
RijndaelDaemen, Rijmen
SerpentAnderson, Biham, Knudsen
TwofishSchneier, Kelsey, Hall, Ferguson, Whiting, Wagner

Rijndael was chosen and became AES. AES has four functions: SubBytes, ShiftRows, MixColumns, and AddRoundKey.

Blowfish and Twofish

Blowfish and Twofish are symmetric block ciphers created by teams lead by Bruce Schneier, author of Applied Cryptography. Blowfish uses from 32- through 448-bit keys (the default is 128-bit) to encrypt 64 bits of data. Twofish was an AES finalist, encrypting 128-bit blocks using 128-bit through 256-bit keys. Both are open algorithms, meaning they are unpatented and freely available.

RC5 and RC6

RC5 and RC6 are symmetric block ciphers by RSA Laboratories. RC5 uses 32-bit (testing purposes), 64-bit (replacement for DES), or 128-bit blocks. The key size ranges from zero to 2040 bits.

RC6 was an AES finalist. RC6 is based on RC5 and is altered to meet the AES requirements. It is also stronger than RC5, encrypting 128-bit blocks using 128-, 192-, or 256-bit keys.

Asymmetric Encryption

Asymmetric encryption uses two keys, one for encryption and the other for decryption. The public key, as its name indicates, is made public, and asymmetric encryption is also called public key encryption for this reason. Anyone who wants to communicate with you may simply download your posted public key and use it to encrypt their plaintext. Once encrypted, your public key cannot decrypt the plaintext, but your private key can do so. As the name implies, your private key must be kept private and secure.

Additionally, any message encrypted with the private key may be decrypted with the public key, as it is for digital signatures, as we will see shortly.

Asymmetric methods

Math lies behind the asymmetric breakthrough. These methods use one-way functions, which are easy to compute one way but are difficult to compute in the reverse direction.

Factoring prime numbers

An example of a one-way function is factoring a composite number into its primes. Multiplying the prime number 6269 by the prime number 7883 results in the composite number 49,418,527. That way is quite easy to compute, as it takes just milliseconds on a calculator. However, answering the question “Which prime number times which prime number equals 49,418,527” is much more difficult. That computation is called factoring, and no shortcut has been found for hundreds of years. Factoring is the basis of the RSA algorithm.

Discrete logarithm

A logarithm is the opposite of exponentiation. Computing 7 to the 13th power (exponentiation) is easy on a modern calculator: 96,889,010,407. Asking the question “96,889,010,407 is 7 to what power,” which means to find the logarithm, is more difficult. Discrete logarithms apply logarithms to groups, which is a much harder problem to solve. This one-way function is the basis of the Diffie-Hellman and ElGamal asymmetric algorithms.

Diffie-Hellman key agreement protocol

Key agreement allows two parties the security with which to agree on a symmetric key via a public channel, such as the Internet, with no prior key exchange. An attacker who is able to sniff the entire conversation is unable to derive the exchanged key. Whitfield Diffie and Martin Hellman created the Diffie-Hellman Key Agreement Protocol (also called the Diffie-Hellman Key Exchange) in 1976. Diffie-Hellman uses discrete logarithms to provide security.

Elliptic curve cryptography

ECC leverages a one-way function that uses discrete logarithms as applied to elliptic curves. Solving this problem is harder than solving discrete logarithms, so algorithms based on elliptic curve cryptography (ECC) are much stronger per bit than systems using discrete logarithms (and also stronger than factoring prime numbers). ECC requires less computational resources because it uses shorter keys comparison to other asymmetric methods. Lower-power devices often use ECC for this reason.

Asymmetric and symmetric tradeoffs

Asymmetric encryption is far slower than symmetric encryption, and it is weaker per bit of key length. The strength of asymmetric encryption is the ability to communicate securely without presharing a key.

Hash Functions

A hash function provides encryption using an algorithm and no key. They are called one-way hash functions because there is no way to reverse the encryption. A variable-length plaintext is “hashed” into a fixed-length hash value, which is often called a “message digest” or simply a “hash.” Hash functions are primarily used to provide integrity: if the hash of a plaintext changes, the plaintext itself has changed. Common older hash functions include secure hash algorithm 1 (SHA-1), which creates a 160-bit hash and Message Digest 5 (MD5), which creates a 128-bit hash. There are weaknesses in both MD5 and SHA-1, so newer alternatives such as SHA-2 are recommended.

Collisions

Hashes are not unique because the number of possible plaintexts is far larger than the number of possible hashes. Assume you are hashing documents that are a megabit long with MD5. Think of the documents as strings that are 1,000,000 bits long, and think of the MD5 hash as a string 128 bits long. The universe of potential 1,000,000-bit strings is clearly larger than the universe of 128-bit strings. Therefore, more than one document could have the same hash’ this is called a collision.

MD5

MD5 is the Message Digest algorithm 5. It is the most widely used of the MD family of hash algorithms. MD5 creates a 128-bit hash value based on any input length. MD5 has been quite popular over the years, but there are weaknesses where collisions can be found in a more practical amount of time. MD6 is the newest version of the MD family of hash algorithms, first published in 2008.

Secure hash algorithm

Secure hash algorithm (SHA) is the name of a series of hash algorithms. SHA-1 creates a 160-bit hash value. SHA-2 includes SHA-224, SHA-256, SHA-384, and SHA-512, named after the length of the message digest each creates.

Read full chapter

URL: https://www.sciencedirect.com/science/article/pii/B9780128112489000036

Domain 5

Eric Conrad, ... Joshua Feldman, in CISSP Study Guide (Second Edition), 2012

Symmetric Encryption

Symmetric encryption uses one key to encrypt and decrypt. If you encrypt a zip file, and then decrypt with the same key, you are using symmetric encryption. Symmetric encryption is also called “secret key” encryption, as the key must be kept secret from third parties. Strengths include speed and cryptographic strength per bit of key. The major weakness is that the key must be securely shared before two parties may communicate securely. Symmetric keys are often shared via an out-of-band method, such as via face-to-face discussion. The key is usually converted into a subkey, which changes for each block of data that is encrypted.

Stream and block ciphers

Symmetric encryption may have stream and block modes. Stream mode means each bit is independently encrypted in a “stream.” Block mode ciphers encrypt blocks of data each round; for example, 56 bits for the Data Encryption Standard (DES), and 128, 192, or 256 bits for AES. Some block ciphers can emulate stream ciphers by setting the block size to 1 bit; they are still considered block ciphers.

Initialization vectors and chaining

An initialization vector is used in some symmetric ciphers to ensure that the first encrypted block of data is random. This ensures that identical plaintexts encrypt to different ciphertexts. Also, as Bruce Schneier noted, “Even worse, two messages that begin the same will encrypt the same way up to the first difference. Some messages have a common header: a letterhead, or a ‘From’ line, or whatever.” [6] Initialization vectors solve this problem.

Chaining (called feedback in stream modes) seeds the previous encrypted block into the next block to be encrypted. This destroys patterns in the resulting ciphertext. DES Electronic Code Book mode (see below) does not use an initialization vector or chaining, and patterns can be clearly visible in the resulting ciphertext.

DES

The Data Encryption Standard (DES) describes the Data Encryption Algorithm (DEA). DES was made a U.S. federal standard symmetric cipher in 1976. It was created due to a lack of cryptographic standards; vendors used proprietary ciphers of unknown strengths that did not interoperate with other vendors' ciphers. IBM designed DES, based on their older Lucifer symmetric cipher. It uses a 64-bit block size (meaning it encrypts 64 bits each round) and a 56-bit key.

Exam Warning

Even though DES is commonly referred to as an algorithm, DES is technically the name of the published standard that describes DEA. It may sound like splitting hairs, but that is an important distinction to keep in mind on the exam. DEA may be the best answer for a question regarding the algorithm itself.

Modes of DES

DES can use five different modes to encrypt data. The primary difference in the modes is block versus (emulated) stream, the use of initialization vectors, and whether errors in encryption will propagate to subsequent blocks. The five modes of DES are

1.

Electronic Code Book (ECB)

2.

Cipher Block Chaining (CBC)

3.

Cipher Feedback (CFB)

4.

Output Feedback (OFB)

5.

Counter Mode (CTR)

ECB is the original mode of DES; CBC, CFB, and OFB were later added [7]. CTR mode is the newest mode [8].

Electronic Code Book

Electronic Code Book (ECB) is the simplest and weakest form of DES. It uses no initialization vector or chaining. Identical plaintexts with identical keys encrypt to identical ciphertexts. Two plaintexts with partial identical portions (such as the header of a letter) encrypted with the same key will have partial identical ciphertext portions.

Note

The term “Code Book” in Electronic Code Book derives from cryptographic codebooks such as those used during the Civil War. This is also a hint to remind you of ECB's simplicity (and weakness).

ECB may also leave plaintext patterns evident in the resulting ciphertext. Bitmap image data (see Figure 6.11A) encrypted with a key of “Kowalski” using 56-bit DES ECB mode (see Figure 6.11B) shows obvious patterns.

What is not a symmetric encryption algorithm?

Figure 6.11A. Plaintext 8-bit Bitmap (BMP) Image.

Courtesy of the National Security Agency.

What is not a symmetric encryption algorithm?

Figure 6.11B. 56-bit DES ECB-Encrypted Ciphertext Bitmap.

Cipher Block Chaining

Cipher Block Chaining (CBC) mode is a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted. The first encrypted block is an initialization vector that contains random data. This “chaining” destroys patterns. One limitation of CBC mode is that encryption errors will propagate: An encryption error in one block will cascade through subsequent blocks due to the chaining, destroying their integrity.

Cipher Feedback

Cipher Feedback (CFB) mode is very similar to CBC; the primary difference is that CFB is a stream mode. It uses feedback (the name for chaining when used in stream modes) to destroy patterns. Like CBC, CFB uses an initialization vector that destroys patterns and errors propagate.

Output Feedback

Output Feedback (OFB) mode differs from CFB in the way feedback is accomplished. CFB uses the previous ciphertext for feedback. The previous ciphertext is the subkey XORed to the plaintext. OFB uses the subkey before it is XORed to the plaintext. Because the subkey is not affected by encryption errors, errors will not propagate.

Counter

Counter (CTR) mode is like OFB; the difference again is the feedback, as CTR mode uses a counter. This mode shares the same advantages as OFB (patterns are destroyed and errors do not propagate) with an additional advantage. Because the feedback can be as simple as an ascending number, CTR mode encryption can be done in parallel. A simple example would be the first block is XORed to the number 1, the second to the number 2, etc. Any number of rounds can be combined in parallel this way. Table 6.7 summarizes the five modes of DES.

Table 6.7. Modes of DES Summary

ModeTypeInitialization VectorError Propagation?
Electronic Code Book (ECB) Block No No
Cipher Block Chaining (CBC) Block Yes Yes
Cipher Feedback (CFB) Stream Yes Yes
Output Feedback (OFB) Stream Yes No
Counter Mode (CTR) Stream Yes No

Single DES

Single DES is the original implementation of DES, encrypting 64-bit blocks of data with a 56-bit key, using 16 rounds of encryption. The work factor required to break DES was reasonable in 1976, but advances in CPU speed and parallel architecture have made DES weak to a brute-force key attack today, where every possible key is generated and attempted. Massively parallel computers, such as COPACOBANA (Cost-Optimized Parallel COde Breaker, given as a non-testable example; see http://www.copacobana.org for more information), which uses over 100 CPUs in parallel, can break 56-bit DES in a week or so (and faster with more CPUs), at a cost of under $10,000.

Triple DES

Triple DES applies single DES encryption three times per block. Formally called the Triple Data Encryption Algorithm (TDEA) and commonly called TDES, it became a recommended standard in 1999 [9]. Single DES was recommended for legacy use only, due to the ever-lowering work factor required to break single DES.

Triple DES has held up well after years of cryptanalysis; the primary weakness is that it is slow and complex compared to newer symmetric algorithms such as AES or Twofish. Note that double DES (applying DES encryption twice using two keys) is not used due to a meet-in-the-middle attack: See the “Cryptographic Attacks” section for more information.

Triple DES encryption order and keying options

Triple DES applies DES encryption three times per block. FIPS 46-3 describes “Encrypt, Decrypt, Encrypt” (EDE) order using three keying options: one, two, or three unique keys (1TDES EDE, 2TDES EDE, and 3TDES EDE, respectively).

This order may seem confusing. Why not encrypt, encrypt, encrypt, or EEE? And why use one through three keys? If you decrypt with a different key than the one used to encrypt, you are really encrypting further. Also, EDE with one key allows backward compatibility with single DES.

Table 6.8 shows a single DES ECB encryption of “ATTACK AT DAWN” with the key “Hannibal,” resulting in ciphertext of “•ÁGPÚ ¦qŸÝ«¦-” (this is the actual ciphertext; some bytes contain nonprintable characters).

Table 6.8. Single DES Encryption

OperationKeyInputOutput
Encrypt Hannibal ATTACK AT DAWN •ÁGPÚ¦qŸÝ«¦

Applying triple DES EDE with the same key each time results in the same ciphertext as single DES. Round 3 is identical to round 1, as shown in Table 6.9.

Table 6.9. Triple DES Encryption with One Key

OperationKeyInputOutput
Encrypt Hannibal ATTACK AT DAWN •ÁGPÚ¦qŸÝ«¦
Decrypt Hannibal •ÁGPÚ¦qŸÝ«¦ ATTACK AT DAWN
Encrypt Hannibal ATTACK AT DAWN •ÁGPÚ¦qŸÝ«¦

2TDES EDE uses key 1 to encrypt, key 2 to decrypt, and key 1 to encrypt. This results in 112 bits of key length. It is commonly used for legacy hardware applications with limited memory.

3TDES EDE (three different keys) is the strongest form, with 168 bits of key length. The effective strength is 112 bits due to a partial meet-in-the-middle attack; see the Cryptographic Attacks section for more information.

International Data Encryption Algorithm

The International Data Encryption Algorithm (IDEA) is a symmetric block cipher designed as an international replacement for DES. The IDEA algorithm is patented in many countries. It uses a 128-bit key and 64-bit block size. IDEA has held up to cryptanalysis; the primary drawbacks are patent encumbrance and its slow speed compared to newer symmetric ciphers such as AES.

Advanced Encryption Standard

The Advanced Encryption Standard (AES) is the current U.S. standard symmetric block cipher [10]. AES uses 128-bit (with 10 rounds of encryption), 192-bit (12 rounds of encryption), or 256-bit (14 rounds of encryption) keys to encrypt 128-bit blocks of data. AES is an open algorithm, free to use, and free of any intellectual property restrictions. AES was designed to replace DES. Two- and three-key TDES EDE remain a FIPS-approved standard until 2030, to allow transition to AES. Single DES is not a current standard and is not recommended.

Choosing AES

The U.S. National Institute of Standards and Technology (NIST) solicited input on a replacement for DES in the Federal Register in January 1997. They sought a public symmetric block cipher algorithm that was more secure than DES, open, and fast and efficient in both hardware and software. Fifteen AES candidates were announced in August 1998, and the list was reduced to five in August 1999. Table 6.10 lists the five AES finalists.

Table 6.10. Five AES Finalists

NameAuthor
MARS IBM (11 authors)
RC6 RSA (Rivest, Robshaw, Sidney, Yin)
Rijndael Daemen, Rijmen
Serpent Anderson, Biham, Knudsen
Twofish Schneier, Kelsey, Hall, Ferguson, Whiting, Wagner

Rijndael was chosen and became AES. The name, pronounced “Rhine Dahl” in English, is a combination of the Belgian authors’ names: Vincent Rijmen and Joan Daemen. Rijndael was chosen “because it had the best combination of security, performance, efficiency, and flexibility.” [11]

Table 6.11 shows the state, which is the block of data that is being encrypted via AES. Each smaller box in the state is a byte (8 bits), and there are 16 bytes (128 bits) in each block. Data is encrypted and visualized in literal blocks. The algorithm that AES is based on was called Square for this reason.

Table 6.11. One 128-bit Block of AES Data Called the State

AES functions

AES has four functions: ShiftRows, MixColumns, SubBytes, and AddRoundKey. These functions provide confusion, diffusion, and XOR encryption to the state.

ShiftRows

ShiftRows provides diffusion by shifting rows of the state. It treats each row like a row of blocks, shifting each a different amount:

Row 0 is unchanged.

Row 1 is shifted 1 to the left.

Row 2 is shifted 2 to the left.

Row 3 is shifted 3 to the left.

Table 6.12 shows the transformation to the state.

Table 6.12. ShiftRows, Before and After

MixColumns

MixColumns also provides diffusion by mixing the columns of the state via finite field mathematics, as shown in Table 6.13.

SubBytes

The SubBytes function provides confusion by substituting the bytes of the state. The bytes are substituted according to a substitution table (also called an S-Box). To use the table, take the byte of the state to be substituted (assume the byte is the letter “T”). ASCII “T” is hexadecimal byte “53.” Look up 5 on the X row and 3 on the Y column, resulting in hexadecimal byte “ed,” which replaces “53” in the state. Figure 6.12 shows the AES substitution table with the byte 53 lookup overlaid on top.

What is not a symmetric encryption algorithm?

Figure 6.12. AES Substitution Table Converting Byte “53” to “eb.” [12]

AddRoundKey

AddRoundKey is the final function applied in each round. It XORs the state with the subkey. The subkey is derived from the key, and is different for each round of AES.

Blowfish and Twofish

Blowfish and Twofish are symmetric block ciphers created by teams lead by Bruce Schneier, author of Applied Cryptography. Blowfish uses from 32- to 448-bit (the default is 128) keys to encrypt 64 bits of data. Twofish was an AES finalist, encrypting 128-bit blocks using 128- to 256-bit keys. Both are open algorithms, unpatented and freely available.

RC5 and RC6

RC5 and RC6 are symmetric block ciphers by RSA Laboratories. RC5 uses 32-(testing purposes), 64- (replacement for DES), or 128-bit blocks. The key size ranges from zero to 2040 bits. RC6 was an AES finalist. It is based on RC5, altered to meet the AES requirements. It is also stronger than RC5, encrypting 128-bit blocks using 128-, 192-, or 256-bit keys.

Read full chapter

URL: https://www.sciencedirect.com/science/article/pii/B9781597499613000066

Domain 1: Access Control

Eric Conrad, ... Joshua Feldman, in Eleventh Hour CISSP (Second Edition), 2014

Kerberos

Kerberos is a third-party authentication service that may be used to support Single Sign-On. Kerberos (http://www.kerberos.org/) was the name of the three-headed dog that guarded the entrance to Hades (also called Cerberus) in Greek mythology.

Kerberos uses symmetric encryption and provides mutual authentication of both clients and servers. It protects against network sniffing and replay attacks. The current version of Kerberos is version 5, described by RFC 4120 (http://www.ietf.org/rfc/rfc4120.txt).

Fast Facts

Kerberos has the following components:

Principal: Client (user) or service

Realm: A logical Kerberos network

Ticket: Data that authenticates a principal's identity

Credentials: A ticket and a service key

KDC: Key Distribution Center, which authenticates principals

TGS: Ticket-Granting Service

TGT: Ticket-Granting Ticket

C/S: Client/Server, regarding communications between the two

Read full chapter

URL: https://www.sciencedirect.com/science/article/pii/B9780124171428000017

Domain 5

Eric Conrad, ... Joshua Feldman, in Eleventh Hour CISSP® (Third Edition), 2017

Kerberos

Kerberos is a third-party authentication service that may be used to support SSO. Kerberos, also called Cerberus, (http://www.kerberos.org/) was the name of the three-headed dog that guarded the entrance to Hades in Greek mythology.

Kerberos uses symmetric encryption and provides mutual authentication of both clients and servers. It protects against network sniffing and replay attacks. The current version of Kerberos is Version 5, described by RFC 4120 (http://www.ietf.org/rfc/rfc4120.txt).

Fast Facts

Kerberos has the following components:

Principal: Client (user) or service.

Realm: A logical Kerberos network.

Ticket: Data that authenticates a principal's identity.

Credentials: A ticket and a service key.

KDC: Key Distribution Center, which authenticates principals.

TGS: Ticket Granting Service.

TGT: Ticket Granting Ticket.

C/S: Client Server, regarding communications between the two.

Kerberos operational steps

For example, a Kerberos principal, a client run by user Alice, wishes to access a printer. Alice may print after taking these five (simplified) steps: Stopped here.

1.

Kerberos Principal Alice contacts the Key Distribution Center (KDC), which acts as an AS, requesting authentication.

2.

The KDC sends Alice a session key, encrypted with Alice's secret key. The KDC also sends a TGT (Ticket Granting Ticket), encrypted with the Ticket Granting Service's (TGS) secret key.

3.

Alice decrypts the session key and uses it to request permission to print from the TGS.

4.

Seeing Alice has a valid session key (and therefore has proven her identity claim), the TGS sends Alice a C/S session key (second session key) to use for printing. The TGS also sends a service ticket, encrypted with the printer's key.

5.

Alice connects to the printer. The printer, seeing a valid C/S session key, knows Alice has permission to print and also knows that Alice herself is authentic.

This process is summarized in Fig. 5.3.

What is not a symmetric encryption algorithm?

Fig. 5.3. Kerberos steps.

The session key in Step 2 of Fig. 5.3 is encrypted with Alice's key, which is represented as {Session Key}KeyAlice. Also note that the TGT is encrypted with the TGS's key; this means that Alice cannot decrypt the TGT (only the TGS can), so she simply sends it to the TGS. The TGT contains a number of items, including a copy of Alice's session key. This is how the TGS knows that Alice has a valid session key, which proves Alice is authenticated.

Read full chapter

URL: https://www.sciencedirect.com/science/article/pii/B978012811248900005X

What is not a symmetric encryption algorithm quizlet?

What is NOT a symmetric encryption algorithm? Explanation: DES, CAST, and IDEA are all symmetric algorithms. RSA is an asymmetric algorithm.

What is not part symmetric encryption?

What is Asymmetric Encryption? Asymmetric encryption is also known as public key cryptography, which is a relatively new method, compared to symmetric encryption. Asymmetric encryption uses two keys to encrypt a plain text. Secret keys are exchanged over the Internet or a large network.

Which algorithm does not use the symmetry?

Unlike symmetric algorithms, asymmetric algorithms use two different cryptographic keys to encrypt and decrypt plain text. The two keys have a mathematical relationship. A message encrypted by the algorithm using one key can be decrypted by the same algorithm using the other key.

Which of the following is not an encryption algorithm?

Explanation. SHA1 is a hashing algorithm. Encryption Algorithms are: DES (family), IDEA, RSA, Blowfish, Twofish, and AES.