Throughout time man has had secrets that needed to be sheared without others knowing what was talked about. This led to the development of cryptography to help man meet this requirement. Cryptography is the practice of the enciphering and deciphering of messages in secret code in order to render them unintelligible to all but the intended receiver (Merriam-Webster, 2014). However, in the modern day cryptography has taken on new importance as we have the need to pass more and more data securely. Below we will look at the strengths, weaknesses of symmetric, asymmetric, and hybrid cryptography along with the systems and algorithms they use.
In symmetric cryptography, the same key is used for both encryption and decryption (IBM, 2014). Symmetric cryptography can use ether a block ciphers or stream ciphers to secure your communications. A block cipher consists of two paired algorithms, one for encryption, and the other for decryption that shear the same secret key (Cusick, 2009). This is considered very efficient for commutations systems that are packet based since the blocks tend to fit nicely with the packet sized. A good example of a block cipher is the Advanced Encryption Standard (AES), which can encrypt blocks from 128bits to 256bits.
Secondly, we have stream ciphers, which is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time (Rouse, 2014). This means that every bit is encrypted as it passes through the system and is commonly used in point to point communications. One example of a stream cipher is RC4 designed in RSA laboratories by Ron Rivest in 1987 (Weizmann Institute, 2014). Another stream cipher that was in common use was A5 used to encrypt GSM. However, A5 had a short key-length of 54 bits, which now renders it useless (CryptoDox, 2014).
So what are the advantages and disadvantages of stream ciphers? First, they are extremely secure with many systems generating a one-time pad for each session they are difficult to crack. Secondly, they are considered relatively fast with minimal latency as the mathematics are not all that complicated to execute the algorithm. However, the biggest problem with symmetric key encryption is that you need to have a way to get the key to the party with whom you are sharing data (Lander, 2014). This will require you to find a secure way of sending the key to the distant end.
Asymmetric cryptography is a form of encryption where keys come in pairs. What one key encrypts, only the other can decrypt. Asymmetric cryptography is also known as Public Key Cryptography, since users typically create a matching key pair, and make one public while keeping the other secret (Hitachi ID Systems, 2014). Asymmetric cryptography has a number of choses when it comes to picking algorithms as development in this field has taken off in recent years due to the development of the internet. Three important algorithms in use today are RSA Asymmetric algorithm, Diffie-Hellman, and Digital Signature Algorithm (DSA)
The RSA algorithm is the most commonly used asymmetric algorithm (public key algorithm). It can be used both for encryption and for digital signatures. Secondly you have Diffie-Hellman is the first asymmetric encryption algorithm, invented in 1976, using discrete logarithms in a finite field. This allows two users to exchange a secret key over an insecure medium without shearing any prior secrets. Furthermore, DH is a widely used key exchange algorithm. Lastly we have DSA which is a United States Federal Government standard or FIPS for digital signatures (Encryption and Decryption, 2014).
So what are some of the advantages and disadvantages of asymmetric encryption. The primary advantage of asymmetric encryption is increased security and convenience in that private keys never need to be transmitted or revealed to anyone. Secondly, another major advantage of public-key systems is that they can provide digital signatures that cannot be repudiated. This means that you know for fact where the data is coming from (RSA Laboratories, 2014).
However, there are disadvantages to asymmetric encryption. The main disadvantage of using public-key cryptography for encryption is speed. There are many secret-key encryption methods that are significantly faster than any currently available public-key encryption method. Lastly, asymmetric encryption may be vulnerable to impersonation, even if users’ private keys are not available. A successful attack on a certification authority will allow an adversary to impersonate whomever he or she chooses by using a public-key certificate from the compromised authority to bind a key of the adversary’s choice to the name of another user (RSA Laboratories, 2014).
Lastly, we have hybrid technologies that use both symmetric and asymmetric cryptography to secure our communications. Hybrid allow for the ease of key transmittal form asymmetric cryptography and the encryption speed from symmetric cryptography. An example of a hybrid system is OpenPGP which uses a combination of strong public-key and symmetric cryptography to provide security services for electronic communications and data storage (J. Callas, 2007). Overall, any system that uses asymmetric cryptography for a secret key exchange and symmetric cryptography for the encryption of the data would be considered a hybrid system. As you can see, there are several types of cryptosystems in use today, that are based off a few methods that are constantly evolving as technology advances.
Works Cited
CryptoDox. (2014, 08 30). A5/2. Retrieved from CryptoDox: http://cryptodox.com/A5/2
Cusick, T. W. (2009). Cryptographic Boolean functions and applications. Waltham: Academic Press.
Encryption and Decryption. (2014, 08 30). Asymmetric Algorithms. Retrieved from Encryption and Decryption: http://www.encryptionanddecryption.com/algorithms/asymmetric_algorithms.html
Hitachi ID Systems. (2014, 08 30). Definition of Asymmetric Encryption. Retrieved from Hitachi ID Systems: http://hitachi-id.com/concepts/asymmetric_encryption.html
IBM. (2014, 08 30). Symmetric cryptography. Retrieved from IBM: http://pic.dhe.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=%2Fcom.ibm.ztpf-ztpfdf.doc_put.cur%2Fgtps7%2Fs7symm.html
J. Callas, L. D. (2007, 11 01). OpenPGP Message Format (RFC 4880). Retrieved from The Internet Engineering Task Force (IETF®): http://tools.ietf.org/html/rfc4880
Lander, S. (2014, 08 30). Advantages & Disadvantages of Symmetric Key Encryption. Retrieved from Opposing Views: http://science.opposingviews.com/advantages-disadvantages-symmetric-key-encryption-2609.html
Merriam-Webster. (2014, 08 30). cryptography. Retrieved from Merriam-Webster: http://www.merriam-webster.com/dictionary/cryptography
Rouse, M. (2014, 08 30). Stream Cipher. Retrieved from TechTarget: http://searchsecurity.techtarget.com/definition/stream-cipher
RSA Laboratories. (2014, 08 30). 2.1.3 What are the advantages and disadvantages of public-key cryptography compared with secret-key cryptography? Retrieved from RSA Laboratories: http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/advantages-and-disadvantages.htm
Weizmann Institute. (2014, 08 30). RC4. Retrieved from Weizmann Institute: http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html