In our previous post, we read about Cryptography in Digital forensics and some commonly encountered terms used in cryptography. In this post we will talk about various types of cryptography.
There are several ways of classifying cryptographic algorithms. One of them is based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The two main types of algorithms that will be discussed are:
- Symmetric key or private key Cryptography: Uses a single key for both encryption and decryption, which is also called symmetric encryption. It is primarily used for privacy and confidentiality.
- Asymmetric Key or Public Key Cryptography: Uses one key for encryption and another different key for decryption and is also called asymmetric encryption. It is primarily used for authentication, nonrepudiation, and key exchange.
Symmetric key Cryptography
Symmetric cryptography methods employ a single key for both encryption and decryption. Symmetric keys are also known as secret keys. As shown in the figure below, the sender uses the key to encrypt the plaintext and sends the ciphertext to the receiver. The receiver then applies the same key to decrypt the message and recover the plaintext. Because a single key is used for both functions, it is called symmetric encryption.
With this form of cryptography, the key is the secret which obviously must be known to both the sender and the receiver. The biggest difficulty, therefore, with this approach, is the distribution of the key.
Symmetric Cryptography schemes are are categorized as being either Classical or Modern Cryptography. Classical Cryptography is further divided into Transposition Cipher and Substitution Cipher whereas Modern Cryptography is divided into Stream Cipher and Block Cipher.
Substitution Cipher: The substitution cipher replaces bits, characters, or blocks of characters of the plaintext with different bits, characters, or blocks. Caesar cipher, which was discussed in the beginning, is an example of substitution cipher. As such, if the letters of the English alphabet are shifted by three letters to create the cipher text, the letter ‘A’ in the plaintext would correspond to the letter ‘D’ in the ciphertext. Substitution ciphers are still used today, however, with a much higher complexity than this example which is simply meant to show the concept of how the method works.
Transposition Cipher: In contrary, the transposition cipher does not replace the original text with different text, but rather moves or scrambles the original values around. It only rearranges the bits, characters, or blocks of characters to hide the original meaning. The order of rearrangement is defined by the key. A simplified example of one way of performing the transposition cipher is illustrated in the following figure:
Block Cipher: In block cipher, the message or the plaintext is divided into blocks of bits. These blocks are then put through mathematical functions, one block at a time. For example, in order to encrypt a message you are sending to your mother using a block cipher that uses 64 bits, your original message which is made up of 640 bits is chopped up into 64 bits, thus creating 10 individual blocks. Each block is then put through a succession of mathematical formulas, and what you end up with is 10 blocks of encrypted text. You send this encrypted message to your mother. She has to have the same block cipher and key, and those 10 ciphertext blocks go back through the algorithm in the reverse sequence and end up in your plaintext message.
Stream Cipher: A stream cipher, on the other hand, does not divide a message into blocks. Rather, a stream cipher treats the message as a stream of bits and performs mathematical functions on each bit individually. Stream ciphers use what is known as keystream generators, which produce a stream of bits that is XORed (XOR operation) with the plaintext bits to produce the final ciphertext. The keys are constantly changing, due to which, a plaintext bit will be transformed into a different ciphertext bit each time it is encrypted.
Advantages of Symmetric Key Cryptography
• Much faster (less computationally intensive) than asymmetric systems.
• Hard to break if using a large key size.
Disadvantages of Symmetric Key Cryptography
• Requires a secure mechanism to deliver keys properly.
• Each pair of users needs a unique key, so as the number of individuals increases, so does the number of keys, possibly making key management overwhelming.
• Provides confidentiality but not authenticity or nonrepudiation.
Asymmetric Key Cryptography
In symmetric key cryptography, a single secret key is used between the sender and the receiver, whereas in asymmetric cryptography, two different asymmetric keys are used.
One of the keys is known as the Public key and the other is called the Private or secret key. These keys are mathematically related, such that, if a message is encrypted by one key, the other key is required in order to decrypt the message. Nonetheless, this does not mean that if someone has access to the public key, then they can mathematically figure out the private key.
In this system, the public key of a user is known to everyone and is usually listed in databases or directories of email addresses, so that anyone can encrypt or decrypt the message with the public key and send it to the owner of that key. The private key should, however, be only known and used by the sole owner. It, therefore, solves the problem of key distribution faced in symmetric cryptography, as both parties use different keys for encryption/decryption.
If confidentiality (to be read only by the authorized person) is the primary concern for the communication, then the sender should encrypt the message with the receiver’s public key, which will ensure that no unauthorised person can read the message as only the receiver has access to the private key required to decrypt the ciphertext.
However, if authentication (to prove one’s identity) is the most important objective for the communication, then the sender would encrypt the data with his/her own private key. This provides assurance to the receiver that the only person who could have encrypted the data is the individual who has the possession of that private key. If the sender encrypted the data with the receiver’s public key, authentication is not provided because this public key is available to anyone. The encrypted message can then be decrypted by the receiver, with the help of the sender’s public key, which is available to everyone.
Note: Both the keys (public key and private key) can be used to encrypt and decrypt, so do not get confused and think that the public key is only meant for encryption and the private key is only for decryption. They both have the capability to encrypt and decrypt data. However, it should be known that, if data is encrypted with a private key, it cannot be decrypted using a private key; it can only be decrypted with the corresponding public key and vice versa.
Advantages of Asymmetric Key Cryptography
• Better key distribution than symmetric systems.
• Better scalability than symmetric systems
• Can provide authentication and nonrepudiation
Disadvantages of Asymmetric Key Cryptography
• Works much more slowly than symmetric systems due to their complexity
• Mathematically intensive tasks