Cryptography is a vital component of secure communications and online banking. It transforms human-readable, plaintext information into gibberish that only the intended recipient can understand.
This transformation is accomplished by a cryptographic algorithm and a key, which is used to decrypt the ciphertext back into its original form. Three basic cryptographic algorithms exist: symmetric, asymmetric, and hash functions.
Encryption is scrambling data in a message so that only those intended to receive it can decode it. There are two types of encryption algorithms: symmetric and asymmetric. Symmetric algorithms use the same secret key for encryption and decryption, while asymmetric algorithms use different keys. Block ciphers are a type of symmetric algorithm.
Block ciphers take a block of plaintext bits and generate a block of ciphertext bits, generally of the same size as the plaintext block. They offer high diffusion, meaning that if a block of plaintext bits were subjected to multiple encryption iterations, the changes would be distributed across various ciphertext blocks. This makes it difficult for an attacker to identify specific changes or insertions.
A vital feature of a block cipher is the initialization vector (IV). This random sequence of bits is sent along with the encrypted data and acts as the first block of ciphertext in the process. It is a vital part of any block cipher because, without it, the ciphertext can be reconstructed from the original plaintext, even if the key is known.
There are several ways to implement block ciphers, each with advantages and disadvantages.
Some block ciphers also support “tweakable” modes, which allow you to adjust the cipher’s internal state. This enables new operations that are impossible with standard block ciphers, such as format-preserving encryption. This involves constructing secure pseudorandom permutations of arbitrarily sized finite sets, making it easy to add an encryption layer to legacy software, for example.
Among the types of cryptography is symmetric algorithms. Symmetric algorithms use one key, called a secret key, for both encryption and decryption. This is in contrast to asymmetric encryption, which requires two keys (one public, one private) for each message. Both parties must securely exchange the key before sending encrypted data or messages.
Essentially, the algorithm turns the original plain text into an unreadable code by anyone who needs the secret key to decrypt it back to its original form. Once the encrypted data or message gets to its intended recipient, they can enter the secret key to decrypt it and return it to its original form.
Several factors determine the cryptographic strength of a symmetric encryption algorithm, such as the number of rounds, the length of the key used, and its resistance to attacks like brute force or differential cryptanalysis. The longer the key is, and the more rounds are used, the stronger the algorithm.
Block symmetric encryption algorithms encrypt a fixed-length group of bits called blocks. In contrast, stream algorithms encrypt data or messages as they stream by combining a plaintext digit stream with a pseudo-randomized cipher digit stream. This allows the algorithm to encrypt a message byte by byte, bit by bit, without retaining the information in memory.
Despite its relative weakness against brute force and differential cryptanalysis, the critical advantage of symmetric encryption is its speed and simplicity. This makes it a good choice for contexts where security is the primary concern, and high bandwidth is not a significant limitation. Unlike asymmetric encryption, symmetric encryption does not require exponentiation to encode, and it can be faster and more efficient than some asymmetric key algorithms. This makes it a good choice for securing communication over the internet, for example.
As the name suggests, stream ciphers work continuously. Unlike block ciphers that convert entire blocks of plaintext at once, these ciphers break down a message into its bits and then encrypt them bit by bit. This allows for much higher transmission speeds.
Stream ciphers combine an initialization vector (IV) and the key to generate a sequence of pseudorandom cipher digits. The exclusive operation combines each bit of a plaintext message with this keystream. This creates a ciphertext that cannot be reverse-engineered without the original key. Stream ciphers also do not suffer from diffusion like block ciphers, so one mistake at the transmission stage doesn’t spread to other digits in the plaintext.
A famous example of a stream cipher is the RC4. Many websites and banking systems use it to secure data transfer. Stream ciphers are helpful because they allow companies to transmit information quickly and easily without worrying about storing or distributing keys.
However, this speed comes with a cost. While a stream cipher can transmit data rapidly, detecting if a message has been tampered with during transmission can be challenging. To protect against this, a checksum or hash must be included in the message.
Another issue with stream ciphers is that they can be easier to crack than other encryption algorithms. Using the same IV repeatedly can lead to attackers discovering patterns that will help them decrypt ciphertext more easily. This is why changing the IV each time you send a message is essential.