Symmetric Algorithms

(OBJ 1.4)

DES (Data Encryption Standard)

• Encryption algorithm which breaks the input into 64-bit blocks and uses transposition and substitution to create ciphertext using an effective key strength of only 56-bits
• Uses a 64-bit key (56 effective bits due to parity)
• Encrypts data in 64-bit blocks through 16 rounds of transposition and substitution
• Widely used from the 1970s to the early 2000s
  • Weakness is its key size.

Triple DES (3DES)

• Utilizes three 56-bit keys
• Encrypts data with the first key, decrypts with the second key, and encrypts again with the third key
  • Redundancy scrabbles the ciphertext even further
• Provides 112-bit key strength but is slower than DES

IDEA (International Data Encryption Algorithm)

• A symmetric block cipher with a 64-bit block size
• Uses a 128-bit key, faster and more secure than DES
• Not as widely used as AES
• Commonly known only because it was used a lot inside the PGP, or Pretty Good Privacy suite of tools.
• Declared not strong enough. A replacement was needed.

AES (Advanced Encryption Standard)

• Replaced DES and 3DES as the US government encryption standard
  • National Institute of Standards and Technology
• Supports 128-bit, 192-bit, or 256-bit keys and matching block sizes
• Widely known as the Rijndael Algorithm or Rijndael Cipher because that was the name of the creator who made AES.
• Widely adopted and considered the encryption standard for sensitive unclassified information
• Defacto Symmetric Encryption standard.
  • Used by the Federal Government for any encryption of sensitive but unclassified information.

Blowfish

• A block cipher with key sizes ranging from 32 to 448 bits
• Developed as a DES replacement but not widely adopted

Twofish

• A block cipher supporting 128-bit block size and key sizes of 128, 192, or 256 bits
• Both blowfish and Twofish were never patented
• Open source and available for use

RC Cipher Suite (RC4, RC5, RC6)

• Created by cryptographer, Ron Rivest

  • Created 6 algorithms under the name RC, which stands for Rivest Cipher
  • RC1 was never published
  • RC2 was considered weak and was skipped over
  • RC3 was actually cracked before it was even released to the public
  • RC4, RC5, RC6 were all released and are commonly used in our networks today.

• Rivest Cipher (RC4)

  • RC4 is a stream cipher with variable key sizes from 40 to 2048 bits, used in SSL and WEP

• Rivest Cipher (RC5)

  • RC5 is a block cipher with key sizes up to 2048 bits

• Rivest Cipher (RC6)

  • RC6, based on RC5, was considered as a DES replacement
  • AES was chosen instead

Classification and Notes

• All the mentioned algorithms are symmetric
• Most are block ciphers except for RC4, which is a stream cipher
• Note: When working with encryption, identify if it's symmetric or asymmetric and whether it's a block or stream cipher