Abstract
This chapter provides an overview of modern symmetric encryption and asymmetric encryption.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note: This acronym will mean different things in different chapters, so pay close attention to context.
- 2.
Actually, Rijndael is a family of algorithms and had a range of configurations. Only a subset are certified as AES.
- 3.
Note, however, it does not work in the reverse direction. A change made to the last block only changes the last block.
- 4.
Although, in practice, block ciphers must do the same thing. As you saw in the previous section, if each block is encrypted exactly the same, patterns emerge. Modes of operation like Cipher Block Chaining mode carry over the output from one block’s encryption into the input of the next. In short, how the cipher encrypts the block is changed or influenced by the previous block’s encryption. For this reason, CBC mode may be considered a form of stream cipher even though it is not usually referred to as such.
- 5.
Some machines cannot generate that much random data quickly.
- 6.
Even though this is true from a purely theoretical perspective, an attacker may have some contextual knowledge that would permit them to recognize the “correct” plaintext. In practice, however, for a message of even a relatively short length, the odds of getting a zero key (key of all zeros) are very unlikely. For the short 14-character message I used as an example, the odds of getting the zero key are \(2^{14*8} = 2^{112} = 5{,}192{,}296{,}858{,}534{,}827{,}628{,}530{,}496{,}329{,}220{,}096\).
- 7.
In order to make the image displayable, the header portion of the BMP file is not modified. But all of the data that comprises the visible image is XORed.
- 8.
There are other modes of operation that produce a stream cipher, but counter mode is the most common and probably the easiest to understand.
- 9.
Although AES-CTR mode and other modes like it do have limits on how large the key stream can safely get, these details are outside the scope of the book.
- 10.
Sometimes, the term key exchange is used as a synonym for key agreement. However, I am going to follow the Handbook of Applied Cryptography’s nomenclature. Key establishment is getting the parties to share a key. Key transport and key agreement are two forms of key establishment. The term key exchange can refer to various algorithms including the Diffie-Hellman algorithm discussed in this section, but it is not a synonym.
- 11.
Diffie-Hellman Ephemeral is abbreviated DHE. However, it is such a common mode for DH that even when it is not expressly stated, or even when the DH abbreviation is used, it may very well be DHE. You may need to ask for clarification if it is not clear from context. This is also true for ECDHE.
References
Crypto done right!
The quantum computer and its implications for public-key crypto systems. Technical report, Entrust Datacard, 2019.
Anderson, R.J. 2020. Security Engineering: A Guide to Building Dependable Distributed Systems, 3 ed. Wiley Publishing.
Bernstein, D.J. 2005. Salsa20 design. Department of Mathematics, Statistics, and Computer Science. The University of Illinois at Chicago, Chicago.
Bishop, M. 2019. Computer Security Art and Science, 2nd ed. Addison-Wesley Professional.
Bruce, S. 1996. Applied Cryptography: Protocols, Algorithms, and Source Code in C.-2nd. Wiley.
Dame-Boyle, A. 2015. EFF at 25: Remembering the case that established code as speech.
Duckett, C. 2020. Zoom concedes custom encryption is substandard as citizen lab pokes holes in it.
Green, M. 2011. How (not) to use symmetric encryption.
Green, M. 2023. A few thoughts on cryptographic engineering.
Junod, P. 2001. On the complexity of Matsui’s attack. In Selected Areas in Cryptography, ed. S. Vaudenay and A.M. Youssef, 199–211. Berlin/Heidelberg: Springer.
Knudsen, L.R., and J.E. Mathiassen. 2001. A chosen-plaintext linear attack on des. In Fast Software Encryption, ed. G. Goos, J. Hartmanis, J. van Leeuwen, and B. Schneier, 262–272. Berlin/Heidelberg: Springer.
Marczak, B., and J. Scott-Railton. 2020. Move fast and roll your own crypto: A quick look at the confidentiality of zoom meetings. Technical Report 126, University of Toronto.
Matsui, M. 1994. Linear cryptanalysis method for des cipher. In Advances in Cryptology—EUROCRYPT’93, ed. T. Helleseth, 386–397. Berlin/Heidelberg: Springer.
Menezes, A.J., S.A. Vanstone, and P.C.V. Oorschot. 1996. Handbook of Applied Cryptography, 1st ed. Boca Raton: CRC Press, Inc.
Najm, Z., D. Jap, B. Jungk, S. Picek, and S. Bhasin. 2018. On comparing side-channel properties of AES and chacha20 on microcontrollers. In 2018 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), 552–555.
National Institute of Standards and Technology. 2023. Post quantum cryptography FAQs: To protect against the threat of quantum computers, should we double the key length for AES now?
Nir, Y., and A. Langley. 2015. ChaCha20 and Poly1305 for IETF Protocols (7539).
Prodhan, G. 2010. Secret coding inventors finally win recognition.
Schneier, B. Schneier on security.
Vinck, A.J.H. 2012. Introduction to public key cryptography. Accessed 08 Oct 2018.
Vopson, M.M. 2021. The world’s data explained: how much we’re producing and where it’s all stored.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature
About this chapter
Cite this chapter
Nielson, S.J. (2023). Core Cryptography Technology. In: Discovering Cybersecurity. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-9560-1_5
Download citation
DOI: https://doi.org/10.1007/978-1-4842-9560-1_5
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-9559-5
Online ISBN: 978-1-4842-9560-1
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books