Cryptographic Algorithms

Hello There,

As a continuation of cryptographic Libraries, lets discuss about Cryptography algorithms and Hashing algorithms, what identifies them, mentioning also their strengths and weaknesses.

When it comes to Cryptography we have 2 major schools; Symmetric Algorithms and  Asymmetric Algorithms, and there is 1 hybrid school which uses them both at the same time. regarding which of the schools you could adapt; will actually it depend on your needs, later on we will see why . 

 

Symmetric Algorithms :

Symmetric algorithms use a single key to encrypt and decrypt data. These encryption algorithms typically work fast and are well suited for encrypting blocks of messages at once. The most known example is the DEA (Data Encryption Algorithm) which is specified within the DES (Data Encryption Standard). Triple DES is a more reliable version while AES (Advanced Encryption Standard) has become new the government standard.

Chapter 1. AES 

Section 1. Rijndael

AES is based on a design principle known as a Substitution permutation network. It is fast in both software and hardware. Unlike its predecessor, DES, AES does not use a Feistel network.

AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits, whereas Rijndael can be specified with block and key sizes in any multiple of 32 bits, with a minimum of 128 bits. The blocksize has a maximum of 256 bits, but the keysize has theoretically no maximum.

AES operates on a 4×4 array of bytes, termed the state (versions of Rijndael with a larger block size have additional columns in the state). Most AES calculations are done in a special finite field.

The AES cipher is specified as a number of repetitions of transformation rounds that convert the input plaintext into the final output of ciphertext. Each round consists of several processing steps, including one that depends on the encryption key. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key.

Section 2. Serpent

Serpent was a finalist in the Advanced Encryption Standard (AES) contest, where it came second to Rijndael.

Like other AES submissions, Serpent has a block size of 128 bits and supports a key size of 128, 192 or 256 bits. The cipher is a 32-round substitution-permutation network operating on a block of four 32-bit words. Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. Serpent was designed so that all operations can be executed in parallel, using 32 1-bit slices. This maximizes parallelism, but also allows use of the extensive cryptanalysis work performed on DES.

The Serpent cipher has not been patented. It is completely in the public domain and can be freely used by anyone. There are no restrictions or encumbrances whatsoever regarding its use. As a result, anyone is free to incorporate Serpent in their software (or hardware implementations)

Chapter 2. 3DES

Triple DES provides a relatively simple method of increasing the key size of DES to protect against brute force attacks, without requiring a completely new block cipher algorithm.

In general Triple DES with three independent keys (keying option 1) has a key length of 168 bits (three 56-bit DES keys), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. Keying option 2, reduces the key size to 112 bits. However, this option is susceptible to certain chosen-plaintext or known-plaintext attacks and thus it is designated by NIST to have only 80 bits of security.

The best attack known on keying option 1 requires around 2 32 known plaintexts, 2 113 steps, 2 90 single DES encryptions, and 2 88 memory (the paper presents other tradeoffs between time and memory). This is not currently practical and NIST considers keying option 1 to be appropriate through 2030. If the attacker seeks to discover any one of many cryptographic keys, there is a memory-efficient attack which will discover one of 2 28 keys, given a handful of chosen plaintexts per key and around 2 84 encryption operations.

Chapter 3. Blowfish

Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. However, the Advanced Encryption Standard now receives more attention.

Schneier designed Blowfish as a general-purpose algorithm, intended as a replacement for the aging DES and free of the problems and constraints associated with other algorithms. At the time Blowfish was released, many other designs were proprietary, encumbered by patents or were commercial/government secrets. Schneier has stated that, “Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone.”

Notable features of the design include key-dependent S-boxes and a highly complex key schedule.

Blowfish is a fast block cipher, except when changing keys. Each new key requires pre-processing equivalent to encrypting about 4 kilobytes of text, which is very slow compared to other block ciphers. This prevents its use in certain applications, but is not a problem in others. In one application, it is actually a benefit: the password-hashing method used in OpenBSD uses an algorithm derived from Blowfish that makes use of the slow key schedule; the idea is that the extra computational effort required gives protection against dictionary attacks. See key strengthening.

Blowfish has a memory footprint of just over 4 kilobytes of RAM. This constraint is not a problem even for older desktop and laptop computers, though it does prevent use in the smallest embedded systems such as early smartcards.

Blowfish was one of the first secure block ciphers not subject to any patents and therefore freely available for anyone to use. This benefit has contributed to its popularity in cryptographic software.

Chapter 4. Towfish

Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but was not selected for standardisation. Twofish is related to the earlier block cipher Blowfish.

Twofish’s distinctive features are the use of pre-computed key-dependent S-boxes, and a relatively complex key schedule. One half of an n-bit key is used as the actual encryption key and the other half of the n-bit key is used to modify the encryption algorithm (key-dependent S-boxes). Twofish borrows some elements from other designs; for example, the pseudo-Hadamard transform (PHT) from the SAFER family of ciphers. Twofish uses the same Feistel structure as DES.

On most software platforms Twofish is slightly slower than Rijndael (the chosen algorithm for Advanced Encryption Standard) for 128-bit keys, but somewhat faster for 256-bit keys.

The Twofish cipher has not been patented and the reference implementation has been placed in the public domain. As a result, the Twofish algorithm is free for anyone to use without any restrictions whatsoever. It is one of a few ciphers included in the OpenPGP standard (RFC 4880). However, Twofish has seen less widespread usage than Blowfish, which has been available for a longer period of time.

Chapter 5. IDEA

International Data Encryption Algorithm (IDEA) is a block cipher. As a block cipher, it is also symmetric. The algorithm was intended as a replacement for the Data Encryption Standard. IDEA is a minor revision of an earlier cipher, PES (Proposed Encryption Standard); IDEA was originally called IPES (Improved PES).

IDEA was used in Pretty Good Privacy (PGP) v2.0, and was incorporated after the original cipher used in v1.0, BassOmatic, was found to be insecure.2 IDEA is an optional algorithm in the OpenPGP standard.

It uses the same key for encryption and decryption, like DES operating on 8 bytes at a time. Unlike DES though it uses a 128 bit key. This key length makes it impossible to break by simply trying every key, and no other means of attack is known. It is a fast algorighm, and has also been implemented in hardware chipsets, making it even faster.

Chapter 6. For a list of less common Symmetric Encryption Ciphers see Symmetric-key_algorithm (Wikipedia)

 

Asymmetric Algorithms

These types of encryption algorithms involve a pair of relative keys that encode and decode messages. One key is used to encrypt data into ciphertext while the other key decrypts it back into plaintext. Asymmetric algorithms are more commonly known as Public-key cryptography, first introduced in 1978 with RSA encryption. These schemes work by multiplying two large prime numbers to generate a larger number that is incredibly difficult to revert to the original form.

Asymmetric algorithms tend to be slower than their symmetric counterparts. Because of this, they aren’t recommended for encrypting large amounts of data. The biggest advantage to such a scheme lies in the utilization of two keys. Hence the name, the public key can be made publicly available, enabling anyone to encrypt private messages. However, the message can only be decrypted by the party that owns the relative private key. This type of encryption algorithm also provides proof of origin to ensure to overall integrity of communications.

Chapter 7. RSA

RSA is much slower than DES and other symmetric cryptosystems. In practice, the sender typically encrypts a secret message with a symmetric algorithm, encrypts the (comparatively short) symmetric key with RSA, and transmits both the RSA-encrypted symmetric key and the symmetrically-encrypted message to the recipient.

This procedure raises additional security issues. For instance, it is of utmost importance to use a strong random number generator for the symmetric key, because otherwise an eavesdropper wanting to see what was sent could bypass RSA by guessing the symmetric key.

Chapter 8. Other Asymmetric Algorithms

For a list of less common Asymmetric Encryption Ciphers see Public-key_cryptography (Wikipedia)
But, RSA is pretty much the only game in town and other algorithms do not have any wide-spread use.

Hash Algorithms

Hash algorithms function by transforming data of arbitrary length into a smaller fixed length, more commonly known as a message digest. These types of algorithms are considered one-way functions. The generated output varies, making them very efficient when it comes to detecting alterations that might have been made to a message. Hash algorithms are often generated by the DES algorithm to encrypt online banking transactions and other communications where messages can’t afford to be corrupted.

Chapter 9. MD5

In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. However, it has been shown that MD5 is not collision resistant; as such, MD5 is not suitable for applications like SSL certificates or digital signatures that rely on this property. An MD5 hash is typically expressed as a 32-digit hexadecimal number.

MD5 was designed by Ron Rivest in 1991 to replace an earlier hash function, MD4. In 1996, a flaw was found with the design of MD5. While it was not a clearly fatal weakness, cryptographers began recommending the use of other algorithms, such as SHA-1 (which has since been found also to be vulnerable). In 2004, more serious flaws were discovered, making further use of the algorithm for security purposes questionable. In 2007 a group of researchers described how to create a pair of files that share the same MD5 checksum. In an attack on MD5 published in December 2008, a group of researchers used this technique to fake SSL certificate validity. US-CERT of the U. S. Department of Homeland Security said MD5 “should be considered cryptographically broken and unsuitable for further use,” and most U.S. government applications will be required to move to the SHA-2 family of hash functions after 2010.

The security of the MD5 hash function is severely compromised. A collision attack exists that can find collisions within seconds on a regular computer (complexity of 2 24.1). Further, there is also a chosen-prefix collision attack that can produce a collision for two chosen arbitrarily different inputs, within hours on a single regular computer (complexity 2 39).

These collision attacks have been demonstrated in the public in various situations, including colliding document files and digital certificates.

As of 2009, a theoretical attack also breaks MD5’s preimage resistance.

MD5 digests have been widely used in the software world to provide some assurance that a transferred file has arrived intact. For example, file servers often provide a pre-computed MD5 checksum for the files, so that a user can compare the checksum of the downloaded file to it. Unix-based operating systems include MD5 sum utilities in their distribution packages, whereas Windows users use third-party applications.

However, now that it is easy to generate MD5 collisions, it is possible for the person who created the file to create a second file with the same checksum, so this technique cannot protect against some forms of malicious tampering. Also, in some cases the checksum cannot be trusted (for example, if it was obtained over the same channel as the downloaded file), in which case MD5 can only provide error-checking functionality: it will recognize a corrupt or incomplete download, which becomes more likely when downloading larger files.

MD5 is widely used to store passwords. To mitigate against the vulnerabilities mentioned above, one can add a salt to the passwords before hashing them. Some implementations may apply the hashing function more than once—see key strengthening.

Chapter 10. SHA-2

n cryptography, SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256, SHA-384, SHA-512) designed by the National Security Agency (NSA) and published in 2001 by the NIST as a U.S. Federal Information Processing Standard. SHA stands for Secure Hash Algorithm. SHA-2 includes a significant number of changes from its predecessor, SHA-1. SHA-2 consists of set of four hash functions with different digest sizes, with 224, 256, 384 or 512 bits respectively.

In 2005, security flaws were identified in SHA-1, namely that a mathematical weakness might exist, indicating that a stronger hash function would be desirable. Although SHA-2 bears some similarity to the SHA-1 algorithm, these attacks have not been extended to SHA-2.

A new hash standard, SHA-3, is currently under development — an ongoing NIST hash function competition is scheduled to end with the selection of a winning function in 2012. The SHA-3 algorithm will not be derived from SHA-2.

The SHA-2 hash function is implemented in some widely-used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. Those applications can also use SHA-1 and MD5.

SHA-1 and SHA-2 are the secure hash algorithms required by law for use in certain U.S. Government applications, including use within other cryptographic algorithms and protocols, for the protection of sensitive unclassified information. FIPS PUB 180-1 also encouraged adoption and use of SHA-1 by private and commercial organizations. SHA-1 is being retired for most government uses; the U.S. National Institute of Standards and Technology says, “Federal agencies should stop using SHA-1 for…applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010” (emphasis in original).

Implementations of all FIPS-approved security functions can be officially validated through the CMVP program, jointly run by the National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE). For informal verification, a package to generate a high number of test vectors is made available for download on the NIST site; the resulting verification however does not replace in any way the formal CMVP validation, which is required by law for certain applications.

Chapter 11. Other Hash Algorithms

For a list of less common Hash Ciphers see Cryptographic_hash_function (Wikipedia)

Cipher Algorithms Comparison List

Algorithm Key Size Block Size Algorithm Structure Rounds Cracked? Existing Cracks
Rijndael 128 bits, 192 bits,256 bits 128 Bits Substitution-Permutation Network 10, 12 or 14 No Side channel attacks
Twofish 128 bits, 192 bits , 256 bits 128 bits Feistel Network 16 No Truncated differential cryptanalysis
Blowfish 32 bits , 448 bits , Default 128 bits 64 bits Feistel Network 16 No Second-order differential attack
DES 56 bits 64 bits Feistel Network 16 Yes Brute force attack, differential crypanalysis, linear cryptanalysis, Davies’ attack
3DES 168 bits , 112 bits , 56 bits 64 bits Feistel Network 48 No Theoretically possible
IDEA 128 bits 64 bits addition and multiplication, and XOR 8 No Theoretically possible
RSA unlimited prime numbers , modulus , Hamming weight None No Timing Attacks, Adaptive chosen ciphertext attacks , Side-channel analysis attacks
MD5 512 bits Modular Addition , XOR, AND , OR and NOT 4 Yes Preimage Attack , Rainbow Tables , Collision attack
SHA-2 512 bits , 1024 bits Addition , XOR, AND , OR and NOT 64 , 80 No Preimage attack , Birthday attack

 

Reference

Cryptographic Algorithms (Wikipedia)

Posted in Cryptography and tagged , , , , , , , , , , , , . Bookmark the permalink. RSS feed for this post. Leave a trackback.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Swedish Greys - a WordPress theme from Nordic Themepark.