SYMMETRIC ENCRYPTION

Introduction to Symmetric Encryption

Symmetric encryption is one of the most fundamental concepts in

cryptography. It involves using the same key for data encryption and
decryption, making it a straightforward and efficient method for securing
information. The message's sender and receiver must have a pre-shared
secret key to convert plaintext to ciphertext and vice versa. The key to
encrypt the initial message is now being used to decrypt the ciphertext,
as indicated in the diagram below. The key must be kept confidential, and
only the sender and receiver should have access to it.

 Encryption: Converting plaintext (readable data) into ciphertext

(encoded data) using an encryption algorithm and a secret key.
 Decryption: The reverse process of converting ciphertext back into
plaintext using the same key.

Concepts in Symmetric Encryption

1. Plaintext: The original, readable message or data.

2. Ciphertext: The unreadable encrypted message without the
decryption key.
3. Key: A secret information shared between the sender and the
receiver. It is crucial for both encrypting and decrypting data.
4. Algorithm: A mathematical procedure used to perform the
encryption and decryption processes.

Characteristics of Symmetric Encryption

 Single Key Usage: The same key is used for encryption and
decryption.
 Fast and Efficient: It is computationally less expensive than
asymmetric encryption.
  Secure Key Sharing: Both parties must securely share the key
before communication can begin.
 Key Size: The encryption's security depends on the key's size.
Longer keys provide stronger security.

Types of Symmetric Encryption Algorithms

There are two primary types of symmetric encryption algorithms:

1. Block Ciphers:
o Data is divided into fixed-size blocks (e.g., 64 or 128 bits) and
encrypted one block at a time. On the other hand, block
ciphers divide the raw data into pieces of a fixed size. The size
is determined by the cipher used. Instead of a single digit, a
128-bit block cipher divides the plaintext into blocks of 128
bits each and encrypts those blocks. These ciphers are slower
but far more tamper-proof and used in some of today's most
popular algorithms.

There are different modes of operation in block cipher:

1. Electronic codebook (ECB) mode

2. Cipher block chaining (CBC) mode
3. Ciphertext feedback (CFB) mode
4. Output feedback (OFB) mode
5. Counter (CTR) mode

o Examples:

1. Data Encryption Standard (DES): DES is a block cipher

that encrypts data in 64-bit blocks and uses a single key
of one of three sizes (64-bit, 128-bit, or 192-bit keys).
However, one of every 8 bits is a parity bit, so a 64-bit
single-length key is equivalent to a 56-bit key. DES is
 one of the first symmetric encryption methods, although
it is considered insecure and has been phased out.
2. Triple Data Encryption Standard (TDEA/3DES): Unlike
DES, triple DES can employ two or three keys, allowing it
to perform additional encryption cycles (or, more
accurately, a round of encryption, a round of decryption,
and another round of encryption). While 3DES is more
secure than its DES predecessor, it’s less secure than its
successor, AES.
3. Advanced Encryption Standard (AES): This is the most
often used online encryption algorithm. With key sizes of
128 bits, 192 bits, and 256 bits, the advanced
encryption standard is more safe and efficient than DES
and 3DES. While it is a block cipher, it differs from DES
and 3DES because it uses a substitution permutation
network instead of the Feistel cipher.
4. Two fish: This block encryption cipher employs a 128-bit
block size and a variable-length key. It was one of the
AES finalists. It is based on the earlier block cipher
Blowfish, which had a 64-bit block size.
5. Serpent: A block cipher with a 128-bit block size and key
lengths of 128, 192, or 256 bits. It was also a finalist in
the AES competition. It is slower than other block
ciphers, but it is more secure.
6. IDEA: It is a reasonably strong block cipher with a block
size of 64 bits and a key size of 128 bits. IDEA
encryption is used by several applications, including
early versions of the Pretty Good Privacy (PGP) protocol.
However, due to patent issues, the use of the IDEA
scheme is limited.

2. Stream Ciphers:
 Data is encrypted one bit or byte at a time rather than in
blocks. The algorithms encrypt basic information one byte/bit
at a time known as stream ciphers. You utilize a bitstream
generation algorithm to generate a binary key and encrypt the
plaintext. The following is the procedure for encrypting and
decrypting data using stream ciphers:

 Get the plaintext to be encrypted

 Using the bitstream generation algorithm, create a
binary key.
 Using the created binary key, do an XOR operation on
the plaintext.
 The output becomes the ciphertext.
 Perform XOR operations on the ciphertext using the
same key to get back the plaintext
o Examples:

RC-4, Salsa20, and SEAL are the most well-known stream

ciphers.

1. Rivest Cipher (RC4): RC4/ARC4/ARCFOUR is a fast and

straightforward encryption technique created in 1987 to
implement byte-byte encryption using 64 or 128-bit long
keys. Transport Layer Security, Secure Sockets Layer,
and the IEEE 802.11 WLAN standard all use RC4. The
popular encryption system is available in various
variants, including SPRITZ, RC4A, and RC4A+.
2. Salsa20: Salsa20 is a modern encryption cipher that
generates the encryption keystream using an expansion
function. Salsa20 also relies on a core function that uses
add-rotate-XOR (ARX) operations to map the key, a
nonce digit, and constant vectors from the expansion
function to the keystream.
 3. Software-optimized Encryption Algorithm (SEAL): SEAL is
an additive binary stream cipher that works best on
devices with 32-bit CPUs and enough RAM. The
encryption standard employs a pseudorandom family
with a length-increasing function and a 160-bit key to
map a 32-bit string to any length string.

PANAMA, Scream, Rabbit, HC-256, and Grain are another few

examples of stream ciphers

5. How Symmetric Encryption Works

The process of symmetric encryption can be summarized in the following

steps:

1. Key Generation: A secret key is generated and securely shared

between the sender and receiver.
2. Encryption: The plaintext and the key are input into the encryption
algorithm to produce ciphertext.
3. Transmission: The ciphertext is sent to the receiver over a
communication channel.
4. Decryption: The receiver uses the same key and the decryption
algorithm to convert the ciphertext back into plaintext.

6. Advantages of Symmetric Encryption

1. Faster than Asymmetric: Asymmetric encryption takes longer to

decrypt than symmetric encryption. It is considerably less complex
because it uses a single key for both encryption and decryption.
2. Better Performance: Symmetric encryption has been determined to
have a higher performance metric than asymmetric encryption.
Fewer calculations help the host manage its memory better.
 3. Better Optimization: Symmetric algorithms are ideal for large
volumes of data that need to be encrypted. Large amounts of data
are simple and easy to use in servers and data farms since they are
significantly faster.
4. Easy Implementation: When compared to asymmetric encryption,
setting up symmetric infrastructure for an organization is
comparatively simple because just a single key is required for both
encryption and decryption of data

7. Disadvantages of Symmetric Encryption

1. Need for secure channel for secret key exchange: In symmetric

encryption, sharing the secret key at the beginning is an issue. It
must be exchanged in such a way that it remains confidential.
2. Too many keys: A new shared key must be generated for
communication with each separate partner. These 9 Cryptographic
Techniques complicate the task of managing and securing all of
these keys.
3. The origin and authenticity of messages cannot be guaranteed:
Messages cannot be verified to have come from a specific user
because both sender and receiver use the same key. If there is a
dispute, this might be a problem.

8. Applications of Symmetric Encryption

Symmetric encryption is used in a variety of real-world applications,

including:

 File Encryption: Protecting files on computers and mobile devices.

 Disk Encryption: Encrypting entire hard drives or storage devices.
 Network Security: Securing data transmitted over networks using
protocols like WPA2 for Wi-Fi.
 Payment Systems: Ensuring the security of credit card and
banking transactions.
Key Management in Symmetric Encryption

Key management is crucial for the effectiveness of symmetric encryption.

Best practices include:

 Using strong, randomly generated keys.

 Changing keys periodically to prevent prolonged exposure.
 Using secure channels to share keys.
 Storing keys securely to prevent unauthorized access.

Symmetric encryption is an essential technique in cryptography that uses

the same key for encryption and decryption. While it is fast and efficient,
secure key management and distribution remain critical challenges.
Understanding symmetric encryption is foundational for students studying
cryptography and forms the basis for more advanced encryption
techniques.