Keeping Secrets: Select a Cipher

So you want to encrypt your sensitive information to protect its confidentiality. Good! But exactly how should this be done? There are many ciphers (or encryption algorithms) to choose from. Let’s see what choices are available.

Splitting the Choices

Selecting a cipher is like sharing bread with your friend.

Wait. What?

Let’s say you want to share a small loaf of bread with your friend. You can bring the knife down vertically to split the loaf left-right. Or cut it vertically from the side to split it front-back. Or cut it horizontally to split it top-bottom. There are many ways to split the loaf into two halves, and then you can slice your half many ways. There’s no one correct way to slice your bread, it depends on what you want to achieve.

Cipher selection is like that, several binary choices and then slices or further, finer choices.

Symmetric versus Asymmetric

BaguettesOnBreadBoardForTableServiceThe first choice you must make, and the one you hear the most about, is symmetric versus asymmetric.

Symmetric ciphers have good performance. Use them on large data sets. Appropriate choices include AES, Twofish, and Blowfish. Our data files grow and grow. Notice how new camera models have more and more megapixels every year. Then you put those pictures into presentations, and the resulting files grow.

Whole-disk encryption is good for devices that might be lost or stolen. It makes sense for a laptop, smart phone, or USB stick, but it makes no sense for a server. I hope you’re not worried about someone walking off with your server!

Whole-disk encryption may mean terabytes of data on today’s laptops and we aren’t willing to wait very long. Network speeds continue to climb, and we want data to stream as fast as possible.

Symmetric is the choice for files and streams.

Until public-key cryptography was invented, we had the problem of managing shared secret keys. Now we solve this with asymmetric cryptography. The negotiation involves small exchanges at the beginning, so we don’t care about the computational expense of some forms of asymmetric cryptography. Appropriate choices include RSA and the various Elliptic Curve Ciphers.

Asymmetric is the choice for authentication and key negotiation.

Hybrid Systems Combine Asymmetric and Symmetric

Hybrid systems are the practical reality. An encrypted message from me to you would start with a header encrypted with RSA, an asymmetric cipher, using your public key. It would say something like “Let’s use AES with this randomly-generated session key for this message only: 0x902328857ba7a75532c5ffb5fded61b164663e251a89fa35172d4788e5fbb9ce.”

The rest of the message would be the possibly bulky content encrypted efficiently with that symmetric cipher using that one-time-only session key. Your software uses your private key to decrypt the header, and then uses the instructions in the header to decrypt the body.

Or, let’s say we’re setting up a TLS connection. The hosts authenticate with RSA. Then they negotiate a mutually supported symmetric cipher and agree on a shared session key with the Diffie-Hellman Ephemeral method or something similar. They then encrypt the data stream with the negotiated cipher and unique session key.

Block versus Stream

Asymmetric ciphers are used for very specific authentication and negotiation tasks, they aren’t used directly on the data itself. The symmetric ciphers used on the data come in two varieties, block and stream.

Stream ciphers emulate a one-time pad, which is the only perfect secrecy system. That doesn’t mean that stream ciphers are perfect! It takes a totally random key stream to accomplish that. The shared secret key for a stream cipher generates a pseudorandom key stream. As long as we’re careful about how we generate and use that pseudorandom stream, it will probably be secure enough for our purposes. Notice the use of “probably” and “enough” in that sentence!

Stream cipher encryption and decryption goes fast. It’s a simple XOR of cleartext and key stream at the sender and XOR of ciphertext and key stream at the receiver, with XOR (or exclusive-OR) a direct hardware operation. We don’t have to know in advance how long the stream will be, and we don’t have to pad the data to any standardized length.

Block ciphers, on the other hand, deal with data a block at a time. 32, 64, 128, or 256 bits, typically. If the data isn’t an even multiple of the block size, it’s padded.

Use block ciphers on data known in advance like files and email messages, and use stream ciphers on stream-like data.

We talk about the symmetric/asymmetric and block/stream decisions in Learning Tree’s System and Network Security Introduction course. As the title says, that’s the introduction.

Now that we’ve split the loaf in various ways, let’s see how to slice the block symmetric ciphers! Come back next time and see how to go further, exploring various block cipher modes appropriate for use in specific situations.

Type to search

Do you mean "" ?

Sorry, no results were found for your query.

Please check your spelling and try your search again.