Cryptography Reference
In-Depth Information
Other Block Cipher Algorithms
There are actually dozens, if not hundreds, of other block cipher algorithms.
Two additional algorithms specifi cally named in the TLS standard are IDEA
and RC2, although support for them has been deprecated with TLS 1.2. They
weren't widely implemented because both were patented. What's worse is
that RC2 uses a 40-bit (!) key. AES isn't mentioned in the specifi cation because
Rijndael hadn't yet been named as the NIST's new encryption standard when
RFC 2246 was drafted. RFC 3268, issued in 2002, defi ned the addition of AES
to SSL/TLS.
Other block ciphers known or believed to be secure are blowfi sh, twofi sh,
FEAL, LOKI, and Camelia. See Bruce Schneier's topic Applied Cryptography (Wiley,
1996) for a thorough (although now somewhat dated) discussion of many block
ciphers. By far the most common ciphers used in SSL, though, are 3DES and
AES. There's one more encryption routine I'd like to discuss because it's treated
a bit differently than the others, as it is a stream cipher .
Understanding Stream Cipher Algorithms
Stream cipher algorithms are technically the same as block cipher algorithms;
they just operate on a block size of one byte. Conceptually, the only difference
is that there's no need for padding or for CBC. Design-wise, however, stream
ciphers tend to be quite a bit different. Whereas block ciphers are concerned
with shuffl ing bits around within the block, stream ciphers concentrate on
generating a secure stream of bytes whose length is the same as the plain-
text and then simply XORing those bytes with the plaintext to produce the
ciphertext. Stream ciphers derive all of their cryptographic security from
the keystream generation function.
With block ciphers, you take a key, generate a key schedule and then mix that
key schedule with the permuted, shifted, rotated, sliced, diced, and chopped-up
block one after another. Optionally, you apply CBC to each block to ensure that
identical blocks look different in the output stream.
Stream ciphers work somewhat similarly, but they generate a key schedule
that is as long as the entire block of data to be encrypted. After the key schedule
is generated, the input block is simply XORed with the input. To decrypt, the
key schedule is similarly generated and XORed with the encrypted ciphertext
to recover the original plaintext. Therefore, all of the security is in the key
schedule generation.
Stream ciphers are also interesting from a design perspective because they're
treated somewhat differently than block ciphers; making the SSL layer treat
block and stream ciphers interchangeably is a bit tricky. Only one stream cipher
 
Search WWH ::




Custom Search