Information Technology Reference

In-Depth Information

Two types of encryption are available:

•
Stream cipher
: The message is seen as a sequence of bits that are

encrypted one bit at a time. They are certainly the fastest but they are

considered unsafe, although the security depends on the algorithm used.

•
Block cipher
: The message is divided into blocks of fixed length

encrypted a block at a time. Although they are slower than the previous

ones, they are considered more secure because each block is encrypted by

mixing it with the previous one.

The RC4, developed by RSA Data Security Inc., is an example of stream

cipher encryption. It is a very fast algorithm that accepts a variable-length

key. His security was not yet well established but, until now, has resisted

very well to different types of attacks. It uses a random number generator; the

generated number is then applied using the XOR function to the bit sequence.

Block cipher encryption is more and more used by several known

algorithms, such as:

•

Data Encryption Standard (DES), developed in 1970 by IBM under the

name of Data Encryption Algorithm (DEA)), in 1976 became the standard

for the US government. It adopts 64-bit blocks and a symmetric key of

56 bits. Given the limited length of the key, DES is easily violable by

computers. A variant called Triple-DES or 3DES was recently developed:

it encrypts the message three times with many different keys.

•

Blowfish, developed in 1993 by Bruce Schneier, is a symmetric block

cipher that uses 64-bit blocks and a variable-length key, from 32 bits to

448 bits, making it ideal for both domestic and exportable use. It received

great support from the international community and no successful attacks

are known so far. It has been used in some well-known systems like

Nautilus or PGPhone.

•

International Data Encryption Algorithm (IDEA), developed in

Switzerland in 1991, operates on 64-bit blocks using a 128-bit key. It is

considered very safe although it is not so fast if compared with others.

The private key algorithms have the advantage of being very fast, suitable

for encrypting large volumes of data, but has the disadvantage of requiring

the distribution of private key to all the recipients. They therefore need to

secure an additional channel through which to distribute the key. This contra-

diction, in the recent past, has set limits to the development of cryptography,

up to the birth of public key algorithms.

3.2.2
Public key algorithms

Public key algorithms use two complementary keys, public key and private key,

making sure that the private key cannot be inferred from the public key (Figure 2).