Open in app

Sign in

Write

Sign in

Secret key Algorithms in Cryptography

Sahani Rajapakshe
7 min readJul 29, 2020

Symmetric encryption is a type of encryption where only one key is used to both encrypt and decrypt electronic information. We called it ‘Secret Key’.

The entities communicating via symmetric encryption must exchange the key so that it can be used in the decryption process. By using symmetric encryption algorithms, data is converted to a form that cannot be understood by anyone who does not possess the secret key to decrypt it. Once the intended recipient who possesses the key has the message, the algorithm reverses its action so that the message is returned to its original and understandable form. The secret key that the sender and recipient both use could be a specific password/code or it can be random string of letters or numbers that have been generated by a secure random number generator.

ciphertext = encrypt( plaintext, key )

plaintext = decrypt( ciphertext, key )

There are two types of symmetric encryption algorithms. They are,

1. Block algorithms — Set lengths of bits are encrypted in blocks of electronic data using secret key. As the data is being encrypted, the system holds the data in its memory as it waits for complete blocks.

2. Stream algorithms — Data is encrypted as it streams instead of being retained in the system’s memory.

Some examples of symmetric encryption algorithms include.

AES (Advanced Encryption Standard)

Most commonly used symmetric algorithm.

The features of AES are as follows −

  • Symmetric key symmetric block cipher
  • 128-bit data, 128/192/256-bit keys
  • Stronger and faster than Triple-DES
  • Provide full specification and design details
  • Software implementable in C and Java

AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix .

How does AES work?

Encryption process

  • data is divided into blocks.

Under this method of encryption, the first thing the plaintext is separated into blocks. The block size of AES is 128-bits, so it separates the data into a four-by-four column of sixteen bytes.

Ex: message — ‘the web assignment ’

First block looks like this,

  • Byte Substitution (SubBytes)

The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The result is in a matrix of four rows and four columns.

  • Shiftrows

Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’ are re-inserted on the right side of row.

- First row is not shifted.

-Second row is shifted one (byte) position to the left.

-Third row is shifted two positions to the left.

-Fourth row is shifted three positions to the left.

-The result is a new matrix consisting of the same 16 bytes but shifted with respect to each other.

  • MixColumns

Simply each column has a mathematical equation applied to it in order to further diffuse it.

  • And next step is Addroundkey again

Decryption Process

The process of decryption of an AES ciphertext is similar to the encryption process in the reverse order.

DES (Data Encryption Standard)

DES was the first standardized cipher for securing electronic communications, and is used in variations.

  • The DES algorithm is a block cipher algorithm
  • The data block size of the DES algorithm is 64 bit (8 bytes)
  • Key size is 64 bit (8 bytes), but 1 byte is used for parity, so the actual key size is 56 bit

There are different kind of modes in DES.

1-ECB

2-CBC

3-CFB

How does AES work?

DES works by encrypting groups of 64 message bits, which is the same as 16 hexadecimal numbers. To do the encryption, DES uses “keys” where are also apparently 16 hexadecimal numbers long, or apparently 64 bits long. However, every 8th key bit is ignored in the DES algorithm, so that the effective key size is 56 bits. But, in any case, 64 bits (16 hexadecimal digits) is the round number upon which DES is organized

1- Round Function

2- Key schedule

3- Initial and final permutation

Example-

plaintext message - “12345678987”

and encrypt it with the DES key “0EWF0KDGDHCBD0”, we end up with the ciphertext “0000000000000000”.

If the ciphertext is decrypted with the same secret DES key “0EWF0KDGDHCBD0”, the result is the original plaintext “12345678987”.

Triple DES

Triple-DES is just DES with two 56-bit keys applied. Given a plaintext message, the first key is used to DES- encrypt the message. The second key is used to DES-decrypt the encrypted message. Triple-DES is just DES done three times with two keys used in a particular order.

IDEA (International Data Encryption Algorithm)

· This also a block cipher. uses a fixed-length plaintext of 16 bits and

· encrypts them in 4 chunks of 4 bits each

· to produce 16 bits ciphertext.

· The length of the key used is 32 bits.

· The key is also divided into 8 blocks of 4 bits each.

This algorithm involves a series of 4 identical complete rounds and 1 half-round. Each complete round involves a series of 14 steps that includes operations like:

· Bitwise XOR

· Addition modulo

· Multiplication modulo +1

After 4 complete rounds, the final “half-round” consists of only first 4 out of the 14 steps previously used in the full-rounds. To perform these rounds, each binary notation must be converted to its equivalent decimal notation, perform the operation and the result obtained should be converted back to the binary representation for the final result of that particular step.

Single round information

There are 8 rounds in IDEA. Every single requires a number of operations around the four data blocks applying 6 keys. These steps work numerous mathematical activities. There are multiple *, add * & XOR procedures. Multiply * means multiplication modulo. Add* requires addition modulo.

The BLOWFISH Algorithm

Blowfish is a symmetric block cipher that can be used as a drop-in replacement for DES or IDEA. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for both domestic and exportable use. Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. It is one of the first, secure block cyphers not subject to any patents and hence freely available for anyone to use.

1. blockSize: 64-bits

2. keySize: 32-bits to 448-bits variable size

3. number of subkeys: 18 [P-array]

4. number of rounds: 16

5. number of subsitution boxes: 4 [each having 512 entries of 32-bits each]

Blowfish can be a little faster than AES implemented in software.

How blowfish works?

Blowfish has a 64-bit block size and a key length of anywhere from 32 bits to 448 bits. It is a 16-round Feistel cipher and uses large key-dependent S-boxes. It is similar in structure to CAST-128, which uses fixed S-boxes. Each line represents 32 bits. The algorithm keeps two subkey arrays: the 18-entry P-array and four 256-entry S-boxes. The S-boxes accept 8-bit input and produce 32-bit output. One entry of the P-array is used every round, and after the final round, each half of the data block is XORed with one of the two remaining unused P-entries. The diagram to the right shows Blowfish’s F-function. The function splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. The outputs are added modulo 232 and XORed to produce the final 32-bit output.

Thank You…!

Cryptography
Secret Key

--

--

Sahani Rajapakshe

Written by Sahani Rajapakshe

11 Followers

I would say I’m… Someone who is modest, hard-working and consistently sets firm goals for myself. Then, once I’ve defined my benchmarks, I take the necessary st

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams