Security

Types of Cryptography

Cryptography is the science of concealing information such that no one except the intended recipient can disclose it. The cryptographic practice involves the use of an encryption algorithm that transforms the plaintext into ciphertext. The receiver deciphers the ciphertext text with the help of a shared or decided key.

Cryptography incorporates the use of various algorithms, also known as ciphers, to perform encryption or decryption. These algorithms are an entire set of instructions and contain computations that render different characteristics of a standard cryptosystem. While some of them ensure non-repudiation and integrity, others promise confidentiality and authentication.

The types of encryptions depend upon the numbers and roles played by the keys used for encryption. Consequently, the classification based on keys is symmetric encryption and asymmetric encryption key algorithms. Cryptographic protocols that do not incorporate keys and are irreversible are known as hash functions. This article introduces types of cryptography on the basis of varying numbers and roles of keys used in encryption.

Symmetric Encryption

Symmetric or secret key cryptography uses a single/identical shared key for the encryption and decryption process. The sender and the receiver utilizing this cryptographic method decide to secretly share the symmetric key before initiating encrypted communication to use it later for decrypting the ciphertext. Some of the examples of symmetric key encryption algorithms are AES, DES, 3DES. Another technology that incorporates shared keys is Kerberos, which uses a third party known as Key Distribution Center for securely sharing the keys.

The key that communicating parties exchange can be a password or code. It can also be a random string of numbers or characters that must be generated using a secure pseudo random number generation (PRNG).

The size of the key directly links with the strength of the cryptographic algorithm. That is, a large size key strengthens the encryption with fewer chances of successful cracking. For instance, Data Encryption Standard (DES) with a 56-bit size is no longer a secure encryption standard due to its small key size.

Types of Symmetric Algorithms
Symmetric encryption algorithms are of two types:

1. Stream Algorithms
Unlike block algorithms, stream algorithms do not split the data into blocks. It encrypts one byte at a time while the data is being streamed instead of saving it in the memory.

2. Block Algorithms
Block encryption algorithms divide the message into fixed-size blocks of data and then encrypt one block of data at a time with the help of a decided secret key. Block ciphers use different modes such as Electronic Codebook (ECB), Output Feedback (OFB), Cipher Block Chaining (CBC), etc that instruct how to divide the block and encrypt data.

Some popular examples of symmetric encryption algorithms are:

  • AES (Advanced Encryption Standard)
  • DES (Data Encryption Standard)
  • IDEA (International Data Encryption Algorithm)
  • Blowfish
  • RC4 (Rivest Cipher 4)
  • RC5
  • RC6

Here, RC4 is a stream cipher algorithm. The rest of the examples are block cipher algorithms. For instance, AES uses a 128/256-bit block of the cipher.

Applications of Symmetric Encryption
Even though it is in use for ages, symmetric encryption is still admired and utilized for the sake of efficiency and speed. Symmetric encryption consumes relatively low system resources in comparison to other encryption methods. Due to these properties, organizations use symmetric encryption for fast bulk data encryption such as databases.

The most common application areas for symmetric encryption are banking and applications featuring card transactions to provide high security against identity theft. In banking sectors, Personal Identification Information has to be kept in great secrecy. It is also desirable to confirm whether the sender is the person he claims to be.

Moreover, AES, a successor of the Triple-DES, is an ideal algorithm for a wireless network that incorporates the WPA2 protocol and remote-control applications. AES is the preferred choice for quick encrypted data transfer to a USB, for Windows Encrypting File System (EFS), and used for disk encryption techniques.

Advantages and Disadvantages of Symmetric Encryption
Symmetric Encryption provides pretty high security for messaging and communication. Small key size facilitates quick encryption and decryption of messages makes it relatively simple in comparison to other types of encryption techniques.

What makes it even more favorable is improvement in its security by simply increasing the size of the key. Every new bit added to the key makes it harder to crack or disclose through brute-forcing.

Irrespective of all the advantages, symmetric encryption has the drawback of insecure key exchange. Because, if shared in a not-so-secure environment, it can fall prey to malicious third parties or adversaries.

While an increase in the size of the key can make brute force attacks difficult to automate, programmatical errors in the implementation might leave the program prone to cryptanalysis.

Asymmetric Encryption

Asymmetric or public-key encryption is a type of cryptography that uses a pair of related keys to encrypt the data. One is a public key whereas the other is called a private key. The public key is known to anyone who wants to send a secret message to protect it from unauthorized access. The message encrypted by the public key can only be decrypted using the recipient’s private key against it.

The private key is only known by a recipient or users who can keep the key as a secret. When someone wants to communicate or transfer a file, they encrypt the data with the intended recipient’s public key. Then, the recipient will use their private key to access the hidden message. Since the security of the system incorporating asymmetric key algorithms entirely depends on the secrecy of the private key, it helps attain confidentiality.

Uses of Asymmetric Encryption
The most common use of asymmetric encryption is the secure transfer of the symmetric key and digital signatures. The use of asymmetric encryption in digital signatures helps in providing non-repudiation in data exchange. This happens with the help of the sender digitally signing data with their private key while the receiver decrypts it with the sender’s public key. Hence, it helps achieve integrity and non-repudiation.

A digital signature is a digital equivalent of a fingerprint, seal, or handwritten signature. It is in use in the industry for the authentication of digital documents and data. They are also used in encrypted emails where a public key encrypts the data and private key decrypts it.

Another application of asymmetric encryption is SSL/TLS cryptographic protocols which help establish secure links between web browsers and websites. It uses asymmetric encryption to share the symmetric key and then uses symmetric encryption for fast data transmission. Cryptocurrencies like Bitcoin also utilize public-key encryption for secure transactions and communications.

Advantages and Disadvantages of Asymmetric Encryption
Unlike symmetric key encryption, the key management issue does not exist with asymmetric encryption. Since the keys are mathematically related, it increases their security with minimum cost. However, it is a slower process. Hence, it is not suitable for large-size data encryption.

Moreover, once the private key is lost, the receiver might not be able to decrypt the message. Users are supposed to verify the ownership of the public key, as the public keys are not authenticated. It is never sure without confirmation whether the key belongs to the person specified or not. But this problem is resolved with the help of digital certificates as it binds the public key to a certificate generated by a trusted third-party certificate authority CA.

Examples of Asymmetric Encryption
The most widely acknowledged and utilized asymmetric encryption algorithm is Rivest, Shamir, and Adleman (RSA). It is embedded in SSL/TLS protocols to provide security over computer networks. RSA is considered a strong algorithm due to the computational complexity of factoring large integers. RSA uses 2048–4096-bit key size that makes it a computationally hard to crack method.

However, Elliptic Curve Cryptography (ECC) is also gaining popularity as an alternative to RSA. ECC uses elliptic curve theory to create small and fast encryption keys. The key generation process requires all the involved parties to agree on certain elements/points that define the graph. Hence, breaking the ECC requires finding the correct points on the curve, which is a difficult task. It makes Elliptic Curve Cryptography relatively stronger and way more preferable over other algorithms.

Hash Functions

Cryptographic hash functions take a variable length of data and encrypt it into an irreversible fixed-length output. The output is called hash value or a message digest. It can be stored in place of the credentials to achieve security. Later, when needed, the credential like a password is made to pass through the hash function to verify its authenticity.

Properties of Hash Functions
These are properties that impact the security of hashing and credential storage.

  • It is non-reversible. After creating a hash of a file or a password via a hash function, it is impossible to revert/decipher the text, unlike encryption, it does not incorporate the use of keys. A reliable hash function should make it really hard to crack the hashed credentials/files to their former state.
  • It follows the avalanche effect. A slight change in password should unpredictably and significantly impact the password on the whole.
  • The same input generates the same hash output.
  • Non-predictability property should make the hash unpredictable from the credential.
  • A reliable hash function ensures no two password hashes to the same digest value. This property is called collision resistance.

Uses of Cryptographic Hash Functions
Hash functions are widely used for secure information transactions in cryptocurrencies by observing the anonymity of the user. Bitcoin, the largest and most authentic platform for cryptocurrency, uses SHA-256. While the IOTA platform for the internet of things uses its own cryptographic hash function called curl.

However, it plays a vital role in many more sectors of computing and technology for data integrity and authenticity. This usage is possible through its property of determinism. It also finds its uses in digital signature generation and verification. It can also be used to verify files and message authenticity.

The Need of Different Types of Cryptographic Protocols
Each cryptographic protocol is optimized and unique to a specific scenario and cryptographic applications. For instance, hash functions vouch for the authenticity, and integrity of the message, file, or signature, if verified. No good hash function generates the same value for two different messages. Hence, authenticity and data integrity are ensured with a high degree of confidence.

Similarly, secret key encryption is for the secrecy and confidentiality of messages. It further ensures quick computation and file delivery of large files. Hence, the security of the messages conveyed over a network is ensured by the secret key encryption. No adversary can intrude on messages encrypted by a strong secret key algorithm as long as the key is not disclosed.

Lastly, Asymmetric or public-key encryption incorporates the use of two related keys that securely transmits the key used in symmetric encryption and user authentication.

Conclusion

To sum it up, cryptography is the need of the hour, more so than ever, in this era of digital transformation. While the access of people to digital information has seen a massive surge in the last few years, the potential of cyberthreats and cyber-attacks are an alarming bell for individuals and businesses alike. Therefore, it becomes imperative to not only learn about cryptographic protocols but also to employ them in your daily routine.

Even though the properties and usage of cryptography type may differ from the other, cryptographic practices combinedly ensure secure information exchange. This article elaborates the unique features of each cryptography type and details their advantages and disadvantages, so you can use them according to your requirements, and finally, make the world of computers secure altogether.

About the author

Usama Azad

A security enthusiast who loves Terminal and Open Source. My area of expertise is Python, Linux (Debian), Bash, Penetration testing, and Firewalls. I’m born and raised in Wazirabad, Pakistan and currently doing Undergraduation from National University of Science and Technology (NUST). On Twitter i go by @UsamaAzad14