Symmetric-key algorithm

Symmetric-key algorithms are special methods used in cryptography to keep information safe. These algorithms use the same secret key for both locking up (encrypting) information and unlocking it (decrypting). This key is a shared secret between two or more people who want to communicate privately.

One challenge with symmetric-key encryption is that both parties must have the same key. If they don’t, they can’t read each other’s messages. This is different from asymmetric-key encryption, where one key is public and the other is private.

Even with this challenge, symmetric-key algorithms are very useful, especially for protecting large amounts of data quickly. Except for the one-time pad, these algorithms usually need smaller keys, which makes them faster and easier to use than asymmetric methods. Often, asymmetric encryption is used to safely share the secret key needed for symmetric-key encryption.

Types

Symmetric-key encryption can use either stream ciphers or block ciphers. Stream ciphers encrypt each part of a message, like individual letters or numbers, one at a time. An example of this is ChaCha20. Block ciphers, on the other hand, take a group of bits together and encrypt them as one piece. The Advanced Encryption Standard (AES), which was approved in 2001, uses blocks of 128 bits to secure data.

Implementations

Some well-known symmetric-key algorithms are Twofish, Serpent, AES (also called Rijndael), Camellia, Salsa20, ChaCha20, Blowfish, CAST5, Kuznyechik, RC4, DES, 3DES, Skipjack, Safer, and IDEA. These algorithms use the same secret key to both hide and reveal information, making them useful for keeping messages private between people who share the key.

Use as a cryptographic primitive

Symmetric ciphers are not only used for encrypting messages. They can also help make sure messages haven't been changed by adding something called a message authentication code. This helps the person receiving the message know if it was altered during travel.

Symmetric ciphers can also be used to create special math functions called hash functions, which help in many security tasks. However, they cannot be used alone for proving that someone sent a message without any help from other parties. Main article: cryptographic primitives Main articles: AEAD, AES-GCM, non-repudiation, hash functions, one-way compression function

Construction of symmetric ciphers

Main article: Feistel cipher

Many modern ways to protect information in blocks use an idea from a person named Horst Feistel. His method helps create special functions that can be reversed, even if the starting functions cannot be reversed on their own. This makes it easier to build strong security tools for keeping messages private.

Security of symmetric ciphers

Symmetric ciphers have sometimes been vulnerable to certain types of attacks, such as known-plaintext attacks, chosen-plaintext attacks, differential cryptanalysis, and linear cryptanalysis. To protect against these attacks, the design of each round of the encryption process is very important. Adding more rounds or using longer keys can make the cipher harder to break, but it also makes the process slower.

Modern symmetric-key algorithms are generally safe even if future quantum computers are developed. While quantum computers could make some ciphers easier to break, using longer keys, such as in AES-256, helps keep information safe. For example, a 256-bit key would remain secure even on a quantum computer, whereas a shorter 128-bit key might not.

Key management

Main article: Key Management Interoperability Protocol

Key management is about taking care of the special codes, or keys, used in secure communication. These keys must be kept safe and shared only with people who need them to keep information private. Proper key management ensures that the keys are created, stored, and used correctly so that messages stay secret and secure between the people who share them.

Key establishment

Main article: Key establishment

Symmetric-key algorithms need both the sender and the recipient to share the same secret key. In the past, this meant someone had to safely deliver the key in person. Today, most systems still use symmetric-key algorithms to protect messages, but they use special methods like the Diffie–Hellman key exchange or other public-key protocol to create a new secret key for each conversation without needing to share it in person. This helps keep information safe and private.

Key generation

Main article: Key generation

Symmetric-key algorithms need special keys to work. These keys are like secret codes that help keep information safe. To make these keys, we often use tools called pseudorandom key generators. But these tools must be very good at making random numbers, or the secret codes might not work well. That’s why it’s important to use a strong source of randomness, called entropy, to start these tools properly. This helps keep our information extra safe.

Reciprocal cipher

A reciprocal cipher is a special kind of code where you can use the same machine to both hide a message and reveal it again. If you type in the hidden message, the machine can show you the original message. This makes it easier because you only need one type of machine for both hiding and revealing secrets.

Many famous secret codes are reciprocal ciphers, like the Atbash, Beaufort cipher, Enigma machine, Purple cipher, RC4, ROT13, XOR cipher, and the Vatsyayana cipher. Most modern secret codes are either stream ciphers or block ciphers, which also use reciprocal methods to keep information safe.