Running Head: SYMMETRIC CRYPTOGRAPHY

Symmetric Cryptography

PROFESSOR : LORI FARR

Abhinav Bondugula-002828423
Suresh Reddy Kesari-002835608
Sachin Kumar Moharil-002824681
Sandeep Kumar Poddutturi-002831939
Ickram Syed-002826671
Naveen Kumar Reddy Tileti-002832252
Shravan Reddy Yampati-002824452

Cryptography-24

Department of Computer science

University Of Cumberlands

Williamsburg, Kentucky.40769
SYMMETRIC CRYPTOGRAPHY 2

Abstract

Cryptography was first invented 4000 years ago. Over the years, the use of cryptography has

significantly evolved. In modern society, Cryptography ubiquitous in our lives although in many

cases, we do not realize it. The basic principle of cryptography has remained over the years that

involve hiding transit information from view and access by unintended parties. The fundamental

principles of cryptography include; algorithm, key, encryption, plain text, cipher text, as well as

decryption (Faust, Pietrzak & Schipper, 2012). Plain text refers to the message that is to be

transmitted to the intended parties. Cipher text refers to the gibberish text that has been converted

using algorithms. Encryption refers to the process of converting a plain text to cipher text.

Decryption on the other hand refers to the process of translating cipher text to plain text.

Algorithm refers to the complicate mathematical process that is used to convert plain text to

cipher text (Oriyano, 2013). In symmetric encryption, the receiver and the sender of the message

have similar key that is used in the encryption and decryption of the message. A key refers to a

value that constitutes of a series of random bits. The bigger the key, the harder it is to crack the

algorithm.
SYMMETRIC CRYPTOGRAPHY 3

Introduction

Symmetric cryptography is a type of computerized cryptography that uses the same key

in the encryption and decryption of an electronic message. It employs both mathematical

algorithm and secret key in the conversion of data to make sense of a given message. It is a two-

way algorithm because the mathematical algorithm used is reversed in the decryption of the

message using the same encryption key. Symmetric encryption is also known as secure-key

encryption or private-key encryption (Oriyano, 2013). There are numerous advantages of using

symmetric cryptography and these include: it is inexpensive, the keys are smaller, and the

algorithms are not expensive to process. Symmetric cryptography is employed in both hardware

and hardware since it forms the base of secure communication. As a result implementation of

symmetric cryptography is very effective in both hardware and software since there are no delays

experienced as a result of the encryption and decryption process.

Symmetric cryptography is very effective and is used to provide secure communication.

It provides authentication since data encrypted with a specific key can only be decrypted with the

same key. Thus, when the parties keep the encryption key secretive, they are guaranteed to

maintain a secure communication between them as long as the decrypted messages are sensible.

The symmetric key can be exchanged with other trusted individuals to create a secure

communication. Normally, a secure key can be produced for every pair of participants to

establish communication between the parties. Symmetric cryptography ensures that the messages

exchanged between parties that are encrypted using a given key are only decipherable by the

other party with the specific key(Faust, Pietrzak & Schipper, 2012). This way, symmetric

cryptography guarantees the security of the communication. However, in order for the

communication to be kept a secure, the participants must keep the encryption key secretive. As a
SYMMETRIC CRYPTOGRAPHY 4

result, the keys are often known as secret-key ciphers. In a case where the keys are discovered by

another party, it negatively affects the authentication as well as the confidentiality of the

messages. An individual with the symmetry key is able to decrypt the messages sent using the

symmetry key as well as send new messages as if they originated from one of the parties initially

using the symmetry key (Oriyano, 2013). The major disadvantage of using secret-key ciphers is

drawn in exchanging the key between the specific participants since the key must be maintained

secretive between the parties. This means that one participant must encrypt the secret key in

another different key that the recipient already has the key to decrypt the secret-key encrypted in

the different key. As a result, this leads to an unending dependency on a different key.

Multiple symmetric algorithms have been invented in the past couple of years in both

hardware and software. Among those dozens of symmetric algorithms, the ones relevant in the

implementation of Microsoft cryptography are block algorithms and stream algorithms. Block

algorithms function on 64-bit blocks of plaintext. Block ciphers are often used on blocks of

electronic data. The encryption process comprises of a series of complicated rounds of XORs, bit

shifts, key bits, substitutions, as well as permutations of plaintext (Faust, Pietrzak & Schipper,

2012). The decryption of text is similar to the encryption process except in some cases where

decryption is procured in a reverse manner. The lengths vary in some cases while other

algorithms utilize fixed-lengths keys. The selected secret key is used to transform the specific set

length bits. The selected key is then used for every block. There are numerous types of block

ciphers and these include: DES, RC2, Triple DES, Rijndael, as well as Triple DES with two

keys.

Data Encryption Standard was first invented in 1976 by IBM after a request publically

made by National Bureau of Standards. This block cipher has received worldwide recognition
SYMMETRIC CRYPTOGRAPHY 5

and implementation over the years. DES is an example of a fixed-length algorithm that utilizes

56-bits keys. This means that any 56-bit number can be employed as a key. The main advantage

of DES is its cryptanalysis (Oriyano, 2013). However, its major drawback is its vulnerability to

brute-force attack due to its short key length. In this case, the attacker can try all keys that are

possible until the right key is attained. The perpetrators use DES-cracking machine that enables

them to find the correct key in approximately 3.5 hours.

RC2

It was first introduced by Ron Rivest for use by the RSA Data Security Inc. However; its

details have not been made available. It is a variable length cipher that has 40 hard-coded bits

when used with the Microsoft Base Cryptographic Provider (Oriyano, 2013). When used with

Strong Cryptographic Providers or Microsoft Enhanced its default key length is 128 bits. In this

case, its bits range from 40 to 128 when used in 8-bit increments.

Triple DES

The Triple DES is intended to enhance the security on DES through the application of

DES encryption three times via the use of three varied keys. This results in 56x3 = 168 bits key

length (Oriyano, 2013). This key length eliminates the threat of brute-force attacks that is the

primary threat facing the DES encryption.

Triple DES using 2 keys

This is a variation of Triple DES that utilizes two keys rather than three keys. The first

key is initially applied then the second key then followed by the first key (Oriyano, 2013). The

effective length of the key is 56x2 = 112bits.

SYMMETRIC CRYPTOGRAPHY 6

Advanced Encryption Standard (Rijndael)

This is a block cipher invented by Joan Daemen and Vincent Rijmen. It is a candidate

algorithm utilized by the AES. It supports a variety of key lengths including 128, 192, and 256

bits (Oriyano, 2013).

In stream algorithms, the stream algorithms are not contained in the encryption system

memory but are transmitted in stream algorithms. As a result stream algorithms are regarded to

be more secure since the data is not held in the system without encryption. Stream ciphers are

designed to encrypt plaintext a bit a time (Oriyano, 2013). The key in the stream cipher is known

as seed value. The encryption process is identical to the encryption process with the XORed that

are ciphertext bitts with a keystream that is a function of the key.

RC4

First developed by Ron Rivest in 1987, RC4 is variable-key-size cipher. The specific

details of the algorithm still remain unavailable. The algorithm is very easy to describe as well as

program and the description is available on the internet in the book, “Applied Cryptography”.

Similarly, the 40-bit RC4 contains keys ranging from 40 to 128 bits that are available in 8-bit

increments and is supported by Microsoft Base Cryptographic Provider (Oriyano, 2013).

The use of cryptography has gained a lot of popularity in modern society. Businesses

across the globe have adopted the use of cryptography to enhance security of private and

confidential data. Although symmetric cryptography is often applied in various aspects of

businesses, it is mainly employed alongside asymmetrical cryptography. One of the common

applications of symmetrical cryptography is insecure Security Layer in Hypertext transfer

protocol, HTTP (Oppliger, 2016). HTTP forms a critical part of the World Wide Web and is the
SYMMETRIC CRYPTOGRAPHY 7

backbone of communication of the internet. It is a stateless protocol since the server does not

keep information regarding the client once the transaction has been procured. HTTPS runs on

Secure Socket Layer. When people shop online, critical information such as bank number and

credit card numbers is revealed online. This data need to be secured since it is vulnerable to

malicious use when it falls in the wrong hands. SSL is basically an application for both

symmetric as well as asymmetric encryption. It applies both public-private key from asymmetric

encryption as well as symmetric session keys (Oppliger, 2016). A session key refers to a one-

time key that is used in the encryption and decryption of messages. The session key is randomly

chosen and is only utilized during the given session. The application of symmetric encryption in

SSL guarantees security of confidential information and enhances communication online.

Another practical application of symmetric encryption is Pretty Good Privacy. PGP

employs hybrid encryption (both symmetric and asymmetric) to securely and quickly encrypt

messages and give verification of the sender of the message. PGP is currently the trademark for

Symantec that in 2010 acquired PGP Corp. the company utilizes OpenPGP standard to encrypt

as well as decrypt files (Callas et al., 20017). OpenPGP RSA a type of asymmetric encryption in

validating identity and encrypting messages to ensure the message only gets to the intended

recipient. However, encrypting huge amounts of data using RSA is slow and requires more

resources that are more promiscuous when using mobile devices. As a result, OpenPGP employs

symmetric encryption commonly AES in the encryption of messages to accelerate the process.

Since symmetric encryption cannot be employed in signing, SSL relies on both asymmetric and

symmetric encryption algorithms (Callas et al., 20017). For example, the sender of a message

utilizes the receiver’s public key in the encryption of a random session key that is utilized in the
SYMMETRIC CRYPTOGRAPHY 8

encryption of the content of the real message. Hence, the combination of both symmetric and

asymmetric encryption ensures the security of the data and accelerates the encryption process.
SYMMETRIC CRYPTOGRAPHY 9

Conclusion

Symmetric encryption is often employed to establish secure communication. In this case,

both the sender and the recipient utilize the same key to encrypt and decrypt a message.

Symmetric encryption is founded on the bases that the key must be kept secretive in order to

ensure security of the communication process. As a result, one of the primary challenges of

symmetric encryption is transmitting the key in a secure manner. This challenge is often known

as “key distribution problem.” According to the Kerckhoff’s principle, anyone can access the

algorithm in symmetric encryption since it is public (Oriyano, 2013). In a case where the key is

misplaced or lost, the messages can be decrypted using scrupulous elements. Additionally,

symmetric cryptography maintains the confidentiality element of the CIA triad. Confidentiality

entails ensuring that the message send only gets to the intended recipient.
SYMMETRIC CRYPTOGRAPHY 10

References

 Callas, J., Donnerhacke, L., Finney, H., Shaw, D., & Thayer, R. (2007). OpenPGP

message format (No. RFC 4880).

 Faust, S., Pietrzak, K., & Schipper, J. (2012, September). Practical leakage-resilient

symmetric cryptography. In International Workshop on Cryptographic Hardware and

Embedded Systems (pp. 213-232). Springer, Berlin, Heidelberg.

 Narendra, S. G., Tadepalli, P., & Spitzer, T. N. (2013). U.S. Patent No. 8,477,940.

Washington, DC: U.S. Patent and Trademark Office.

 Oppliger, R. (2016). SSL and TLS: Theory and Practice. Artech House.

 Oriyano, S. P. (2013). Cryptography (pp. 71-97). John Wiley & Sons, Inc..