Symmetric Encryption Algorithms
Consider the classical model (K. Shannon) of a symmetric cryptosystem (Figure 12.3), in which three participants solve the following problems:
• the sender on the open channel must send a message in a protected form. To do this, it encrypts the plaintext X on the key k and sends the encrypted text Y;
• the recipient must decrypt Y and read the message X. It is assumed that the sender has its own key source. The generated key is transmitted to the recipient in advance on a reliable channel;
• The attacker intends to intercept transmitted messages and/or simulate false messages.
The most popular symmetric algorithm is the open standard for data encryption (Data Encryption Standard - DES), developed by IBM. To explain the essence of this algorithm, we use Fig. 12.4.
Before encryption, the original data (block of text) is converted to a number by any open procedure. For example, by merging ASCII codes of consecutive text characters, a binary number can be obtained. The size of the data block must be 64 bits. The block is divided
Fig. 12.3. Symmetric encryption
Fig. 12.4. Illustration of the DES algorithm
in half to the left L and the right R parts and goes to the input of the encryption function for preprocessing. It consists in placing the right-hand side R of the source block in place of the left-hand side of the resulting block L , and the right-hand side is calculated as a logical sum modulo 2 (addition modulo 2 ) of the left and right parts of the source block (see Figure 12.4). For basic processing, the key of this algorithm is used as a 64-bit binary sequence, of which 56 bits are randomly selected, and 8 are used to control the key. By using this random binary sequence, bit-wise substitutions and permutations are performed according to a specific scheme.
The DES algorithm is widely used in various technologies and security products of information systems. To increase the cryptographic strength of the DES algorithm, three-time encryption using two different keys is used. We can assume that the key length increases from 56 to 112 bits. Such an algorithm with enhanced cryptographic stability is called triple DES. It requires three times as long as normal DES.
When exchanging secret data according to the principle each with each in a system with n subscribers need a large number of keys. Keys must be generated and reliably distributed. Therefore, for symmetric algorithms, the main problem is the keys.
This problem is solved by asymmetric algorithms based on the use of public keys.
Unsymmetric encryption algorithms. The features of algorithms will be considered on the example of a model with three participants (Figure 12.5).
Fig. 12.5. Asymmetric encryption
The recipient has two keys:
• private , or personal, the key D, which should be stored in a secure place. Only with the private key D the recipient can decrypt the message sent to him;
• public key E, used to encrypt text that the recipient can transfer to anyone with whom he wants to maintain secure relationships, so his recipient sends the sender in an unprotected form.
The sender, using the recipient's public key E , encrypts the message X and sends it to the recipient via an open communication channel.
To exchange sensitive information, each subscriber of the network must have its own pair of keys E and D. Therefore, the network of n subscribers will be 2n keys: n public keys for encryption and n private keys for decryption. Thus, if in symmetric algorithms there was a quadratic dependence of the number of keys on the number of subscribers, then in asymmetric algorithms it is replaced by a linear dependence. There is no need for secret key delivery, as well as an attempt by an attacker to seize a public key, as this excludes the ability to decipher text or calculate a private key.
Despite the fact that information about the public key is not secret, it needs to be pr