Symmetric encryption algorithms - Informatics

Symmetric Encryption Algorithms

Consider the classical model (K. Shannon) of a symmetric cryptosystem (Figure 12.3), in which three participants solve the following problems:

• the sender on the open channel must send a message in a protected form. To do this, it encrypts the plaintext X on the key k and sends the encrypted text Y;

• the recipient must decrypt Y and read the message X. It is assumed that the sender has its own key source. The generated key is transmitted to the recipient in advance on a reliable channel;

• The attacker intends to intercept transmitted messages and/or simulate false messages.

The most popular symmetric algorithm is the open standard for data encryption (Data Encryption Standard - DES), developed by IBM. To explain the essence of this algorithm, we use Fig. 12.4.

Before encryption, the original data (block of text) is converted to a number by any open procedure. For example, by merging ASCII codes of consecutive text characters, a binary number can be obtained. The size of the data block must be 64 bits. The block is divided

Symmetric Encryption

Fig. 12.3. Symmetric encryption

Illustration of the DES algorithm

Fig. 12.4. Illustration of the DES algorithm

in half to the left L and the right R parts and goes to the input of the encryption function for preprocessing. It consists in placing the right-hand side R of the source block in place of the left-hand side of the resulting block L , and the right-hand side is calculated as a logical sum modulo 2 (addition modulo 2 ) of the left and right parts of the source block (see Figure 12.4). For basic processing, the key of this algorithm is used as a 64-bit binary sequence, of which 56 bits are randomly selected, and 8 are used to control the key. By using this random binary sequence, bit-wise substitutions and permutations are performed according to a specific scheme.

The DES algorithm is widely used in various technologies and security products of information systems. To increase the cryptographic strength of the DES algorithm, three-time encryption using two different keys is used. We can assume that the key length increases from 56 to 112 bits. Such an algorithm with enhanced cryptographic stability is called triple DES. It requires three times as long as normal DES.

When exchanging secret data according to the principle each with each in a system with n subscribers need a large number of keys. Keys must be generated and reliably distributed. Therefore, for symmetric algorithms, the main problem is the keys.

This problem is solved by asymmetric algorithms based on the use of public keys.

Unsymmetric encryption algorithms. The features of algorithms will be considered on the example of a model with three participants (Figure 12.5).

Asymmetric Encryption

Fig. 12.5. Asymmetric encryption

The recipient has two keys:

private , or personal, the key D, which should be stored in a secure place. Only with the private key D the recipient can decrypt the message sent to him;

public key E, used to encrypt text that the recipient can transfer to anyone with whom he wants to maintain secure relationships, so his recipient sends the sender in an unprotected form.

The sender, using the recipient's public key E , encrypts the message X and sends it to the recipient via an open communication channel.

To exchange sensitive information, each subscriber of the network must have its own pair of keys E and D. Therefore, the network of n subscribers will be 2n keys: n public keys for encryption and n private keys for decryption. Thus, if in symmetric algorithms there was a quadratic dependence of the number of keys on the number of subscribers, then in asymmetric algorithms it is replaced by a linear dependence. There is no need for secret key delivery, as well as an attempt by an attacker to seize a public key, as this excludes the ability to decipher text or calculate a private key.

Despite the fact that information about the public key is not secret, it needs to be protected. Otherwise, an attacker, under the name of a legitimate user, can impose his public key, and then use his private key to decrypt all messages sent to the legitimate user and send his messages on his behalf.

Consider one of the most popular cryptal algorithms with a public key.

RSA crypto algorithm. The RSA public key encryption system was developed by scientists Rivest, Shamir, Adleman and is named after the initials of their surnames. The sequence of operations of this algorithm:

• two very large prime numbers are chosen: p and q

the products n = p × q u m = (p-l) × (q-1);

• select a random integer E, that does not have common factors with т;

contains D, such that DE = 1 modulo t;

• the source code X is divided into blocks in such a way that 0 & lt; X & lt; n;

to encrypt the message, you must compute C = XE modulo u;

• For decoding, calculate X = CD modulo n.

Thus, to encrypt a message, it is necessary to know a pair of numbers (E, n ), which is a public key, and in order to decrypt it, it is necessary to know a pair of numbers (D, u) key.

The high cryptographic strength of the RSA algorithm is due to the enormous computational costs. Indeed, to determine the private key D from the known values ​​of the public key (E, n), we must first find the numbers p and q by decomposing a very large number n, into prime factors, which takes a lot of time. For example, to decompose a 200-digit number, it takes 4 billion years of computer operation with a speed of a million operations per second [20].

Example . We show the use of the RSA algorithm for encrypting the word BIT.

1. Choose p = 3 u q = 11. Define n = 3 × 11 = 33.

2. We find (p-1) × (& lt;/- 1) = 20. Accept the number d = 3, which is relatively prime to the number 20.

3. We choose the number e = 7, for which the relation (e × 3) mod 20 = 1 is satisfied.

4. We represent the word BIT as a sequence of integers in the range 1-32, denoting the letter B by the number 2, the letter I by the number 10, and the letter T by the number 20. Then the sequence for the word BIT has the form {2 10 20}.

5. We encrypt the message using the key {7, 33}.

6. Cl = (27) mod 33 = 128 mod 33 = 29,

C2 = (107) mod 33 = 10,000,000 mod 33 = 10,

C3 = (207) mod 33 = 1 280 000 000 mod 33 = 26.

Thus, the encrypted word has the form {29 10 26}. Let's solve the inverse problem: decrypt message {2910 26}, obtained as a result of encryption by a known key, based on the secret key {3,33}:

Ml = (293) mod 33 = 24 389 mod 33 = 2 (B),

M2 = (103) mod 33 = 1000 mod 33 = 10 (I),

M3 = (263) mod 33 = 17,576 mod 33 = 20 (T).

Thus, as a result of decryption, the original word BIT was received.

Comparison of DES and RSA. Some characteristics for comparison of algorithms DES and RSA are resulted in tab. 12.1.

In view of the complexity of the software implementation of modular arithmetic operations, the RSA algorithm is most often used only for encryption of small amounts of information, for example, for the distribution of secret keys or in digital signature algorithms. The bulk of the information sent is encrypted using symmetric algorithms of DES type.

Table 12.1

Characteristic

DES

RSA

Encryption Speed ​​

High

Low

Encryption function used

Permutation and substitution

Exponentiation

Key length, bit

56

Over 500

The least expensive cryptanalysis (its complexity determines the stability of the algorithm)

Busting around the entire key space

Decomposition of a number into simple multiples -

Key generation time

Milliseconds

Minutes

Key Type

Symmetrical

Asymmetric

Also We Can Offer!

Other services that we offer

If you don’t see the necessary subject, paper type, or topic in our list of available services and examples, don’t worry! We have a number of other academic disciplines to suit the needs of anyone who visits this website looking for help.

How to ...

We made your life easier with putting together a big number of articles and guidelines on how to plan and write different types of assignments (Essay, Research Paper, Dissertation etc)