Symmetric cryptography is one of the oldest cryptographic techniques known to man and that even today offers a high level of security to deal with different situations of use, and all this thanks to a secret key to encrypt and decrypt the information. .
Among the first methods used for the encryption of information is the symmetric cryptography. Also known as cryptography secret key or key cryptography. Its name is because this method uses the same key for both encryption and decryption of a message. Therefore, the sender and the receiver must previously agree and be aware of the key to be used.
A good example of this type of cryptographic system would be the following:
Suppose that Maria wants to send an encrypted message to Jose. Both must communicate previously, and agree on the key they are going to use. Once this, María can encrypt the message and send it to José, where he is with the same key that María used, she can decrypt the message.
In symmetric cryptography, all security is key-centric. So it must be secret and not easy for a third person to guess. However, with the technology we have today, the key communication or distribution process became the weak point of this method. Since when communicating (the sender and the receiver) to define and agree on the password, a third party can intercept said communication, obtain the password and access the information contained in the message.
But before digging into these details, let's get to know a little bit about the history of symmetric cryptography.
Basic Bitcoin Course
Basic levelStart from scratch in Bitcoin in a clear, easy, safe and quick way. This course is specially designed for beginners practically know nothing about Bitcoin.
Who developed it?
As we mentioned at the beginning, cryptography was developed many, many years ago. It is estimated that since the times of Ancient Egypt and Roman empire symmetric cryptography was used in a very basic way. However, this was developed and was widely used during the Second World War. It was during this warlike conflict that armies employed and developed powerful symmetric cryptographic systems. All in order to encode messages and protect them from enemies.
After these events, the era of modern symmetric cryptography underwent a whole revolution until it reached what we know today.. All thanks to the work of researchers and scientists dedicated to this field. However, one name stands out above all others, that of Claude Shannon. Shannon is known as the father of mathematical cryptography.
Shannon's work developed from 1949, when he published an article called Communication Theory of Secrecy Systems. This article describes the modernization of the encryption techniques known until then, with advanced mathematical processes that gave it a higher level of complexity and security. Later he wrote a book with the computer scientist, Warren weaver. All this set of works carried out, became the bases of modern symmetric cryptography.
Brief history of its development and evolution
The first notable advance in symmetric cryptography was described by the third president of the United States, Thomas Jefferson between 1790 and 1780. This was called cipher wheel or Jefferson cylinder. It consisted of an axis that had 26 rotating cylinders that had the 26 letters of the alphabet engraved at random.
Using this curious artifact, the sender could write the message on one line and then choose any other to send it to the receiver. Then the receiver with another cylinder with the same sequence of discs, transferred the order and looked for the line that made sense, deciphering the message. However, this method was never used at the time of its creation. But its concept was so advanced that it served as the basis for America's military cryptography during World War I.
On the other hand, during Second World War, Germany also made another breakthrough in symmetric cryptography: the creation of the Enigma machine. It was very similar in operation to the Jefferson cylinder, as it used rotating wheels to encrypt a message. So they were virtually impossible to read without using another Enigma machine. Although later the Allies were able to unravel and break the encryption of the machine using the first computers in the world. This fact ended up giving the Allies a definite advantage over Nazism.
The age of computing is coming
Then, with the advancement and development of computing technologies, computers became key instruments within cryptography. But the encryption and decryption of messages began to be considered as something secret and related to espionage. So the National Security Agency (NSA) of the United States monopolized, concealed and blocked all type of investigations and studies on cryptography. It was the beginning of what many know as Cryptowars.
This event occurred in several countries; so the development of crypto was censored from the 50s to the 70s. The world changed again, when IBM developed the encryption algorithm Data Encryption Standard (DES) in 1975. This was the first public breakthrough in crypto that did not depend on the NSA, and motivated the concept and research of cryptanalysis and block encryption.
Later, it was replaced by the algorithm Advanced Encryption Standard (AES) which after 5 years of review and analysis, became a standard. In fact, AES is so secure that data encrypted with this algorithm would take billions of years to break without the proper key.
All of these cryptographic system references are based on symmetric cryptography. In other words, both the sender and the receiver used the same key for the encryption and decryption of the information. Thus we can realize the important role that cryptography has played in the history of humanity. And its most significant evolution was closely related to computers and the new digital age. Today, the progress and development that cryptography has had allows us, many times unknowingly or unconsciously, to make use of it daily as the volume of information we generate and exchange grows.
Methods: Symmetric encryption algorithms
Since the birth of computers, cryptography has undergone great changes. In which it went from being carried out in a classical and manual way, to integrate complex mathematical problems. Nowadays, there are many encryption algorithms that are used in emails, in databases and even in hard drives. Let's look at some of the best known and widely used.
Data Encryption Standard (DES)
It was the first method of computer encryption developed by the IBM company in 1975. This algorithm works in blocks and employs a 64-bit long symmetric key that undergoes 16 interactions. Of the 64 bits, 56 bits are used for encryption. And the remaining 8 bits are used for parity and for error detection, and are then discarded. So the actual key length is 56 bits.
To perform encryption, this algorithm applies a series of permutations and substitutions. With which it initially modifies the sequence of the bits and writes the result in different blocks of a certain size. Which are then independently encrypted. The process consists of 16 rounds of encryption and once completed, the results are grouped into a 64-bit size block that is also subjected to another permutation. The final text that results from this whole process is the encrypted message.
DES has 4 modes of operation: the Electronic Codebook Mode (ECB) which is used for short messages of length less than 64 bits. The Cipher Block Chaining Mode (CBC) used for long messages. The Cipher Block Feedback (CFB)) used to encrypt bit-for-bit, or byte-for-byte. And lastly, the Output Feedback Mode (OFB) which has the same use, but also prevents the spread of errors.
However, although this algorithm at the time of its creation was a breakthrough and laid the foundation for the modern cryptography we know today. Today, it is no longer used because its key is too short and it is no longer secure to brute force attacks. As demonstrated in 1999 when it was broken.
Triple Data Encryption Standard (3DES)
The 3DES algorithm is the same as the DES algorithm, only as its name indicates, it is applied 3 times. Depending on the keys used, a more robust system can be generated. For example, if 3 keys are used, a 168-bit key can be generated; if only 2 keys are used, a 112-bit key can be generated.
Advanced Encryption Standard (AES)
This new algorithm was the substitute for DES and is the one currently used because its encryption method is better adapted to the needs of the 128st century. AES encryption can be used in both software and hardware, and the fixed block size is 128 bits. While the keys can be chosen at will between 192, 256 and 128 bits. XNUMX-bit length being a standard. And like its predecessor, it applies block encryption.
The result of encrypting with this method generates an array of 4 rows by 4 columns. To which a series of encryption rounds are then applied that are based on mathematical operations according to the length of their keys. For a 128-bit key 10 rounds of encryption apply, for a 192-bit key 12 rounds apply, and for a 256-bit key 14 rounds are required.
And while it is a widely used algorithm today, many cryptographers begin to doubt its security. Since the possibility of attacks has been registered in a number of rounds of encryption very close to the number of rounds necessary for encryption.
How secure is symmetric cryptography?
In terms of security, symmetric encryption is not as reliable due to the fact that the private key must be shared to decrypt it. In this type of encryption, all security is reflected in the key. Therefore, sharing it represents a great vulnerability if the proper communication systems are not used. However, when this method is used, two essential parameters must be met for it to be considered safe, which are:
- After encrypting information, the key used for encryption and decryption cannot be obtained. Neither the information contained in the encrypted message.
- The cost of decrypting information must be higher than the same information contained in the encrypted message.
Importance today
Symmetric cryptography has been widely used since the beginning of civilization. However, with current technological development, encryption algorithms are programmable on any computer. For what they are present in our day to day and thus, we can use cryptography more widely and efficiently on different devices.
As we already mentioned, due to its greater speed, symmetric cryptography allows its use for the protection of information in various current computing systems. such as emails, hard drive files, database records and any amount of information we can generate. This through the application of symmetric encryption algorithms such as AES. Which is the most widely used today to encrypt and protect classified information. So many times when using communication and information systems such as gmail or mobile phones, we make unconscious use of symmetric cryptography. Since it guarantees us that an unauthorized person cannot intercept or access our conversations.
In the same way, symmetric cryptography is used combined with asymmetric cryptography in cases that require it. This as a way to take full advantage of the advantages that both have.
Advantages and disadvantages
This type of cryptography has several advantages. For example, speed, since requires less computing power due to the length of its keys, which is 64 bits, while in the AES algorithm they range from 128 to 256 bits. In addition, it has a simple infrastructure and only requires a key, so it is very easy to use for encrypting files that contain personal data.
On the other hand, symmetric encryption guarantees privacy and integrity in communications via telephone or the Internet, such as email.
However, its biggest disadvantage is in the exchange or distribution of the key. Because it must be distributed to everyone who needs to access the encrypted information. And in that exchange, a third party can intercept the key in an unsecured communication medium and get hold of the information contained in the message.
Similarly, symmetric cryptography is vulnerable to brute force attacks. In theory, breaking this encryption is possible through the linear cryptanalysis and differential cryptanalysisBut in practice these attacks have been unsuccessful. However, if it is possible to break it with a brute force attack, try all possible combinations until you find the correct key.
Another disadvantage is that this type of encryption does not allow the identity of the issuer to be authenticated. As it happens in the asymmetric cryptography, since the issuer digitally signs the message.