Reference: About modern cryptography


Symmetric-key and public-key encryption:

Modern cryptography can be divided into two general categories: symmetric-key and public-key encryptions.

Symmetric-key encryption uses the same key to both encrypt and decrypt data. Symmetric-key encryption has faster processing speed, making it particularly appropriate for encrypting large quantities of data, as in image and voice applications, but since the sender and receiver must use the same key, securely conveying that key to the recipient becomes somewhat problematic. DES is a typical example of symmetric-key encryption, as is FEAL, developed by NTT.

Public-key encryption uses one key to encrypt data and a different one to decrypt it. Because key-management is so much simpler using public-key encryption, it is very widely used for exchanging data. But the encryption and decryption processes are much more time-consuming, so it is used for encrypting small quantities of data, such as exchanging secret keys for symmetric-key encryption. Some examples of public-key encryption are RSA, elliptic curve encryption, and EPOC, an algorithm developed by NTT.

Cryptanalysis:

Cryptanalysis is an attempt by a third party to get the original plaintexts from the ciphertexts without using the (decryption) key. There are many different cryptanalytic techniques, one of which is brute-force attack. This involves trying every conceivable key to find the one that works.

The key used in encryption is represented as a binary number of some length, (such as 1001 or 000100). The number of digits in the binary number is the key length. The longer the key length, the greater the number of possible keys, so that the effort of trying them all becomes greater. For instance, a four-digit key length results in 24 = 16 possible keys. An eight-digit key results in 28 = 256 possible keys.

DES, the current encryption standard, uses a 56-bit key, meaning there are 256 possible keys. Given the performance of computers at the time DES was designed, it would have taken hundreds of years to run through all the possible keys, so it was felt to be practically unbreakable.

However, with the vast improvements in computing power in recent years, along with the spread of networking, which makes it possible for many computers to work on the same problem simultaneously, it is now possible to break DES in about 40 days. Recently, it was shown that DES can be broken in only 3 days (4.5 days average) by using dedicated hardware. In order to stand up to brute-force attacks, key lengths now need to be at least 128 bits long.

Additionally, there are now powerful attacks called differential cryptanalysis and linear cryptanalysis, which use lots of ciphertext-plaintext pairs without trying out every possible key. These have compromised the security of many existing block ciphers.



    - Reference: Classification of modern cryptography and E2.


BACK