21CS3287R

21CS3287R
CLOUD SECURITY

1
Chapter 4-Symmetric Key Algorithms
Session 7
Symmmetric Cryptography
 Introduction
Symmetric key algorithms, also known as secret key algorithms or private key
algorithms, are a fundamental component of modern cryptography. They form the basis
for secure data communication, encryption, and decryption. In this chapter, we will
explore the principles of symmetric key algorithms, common symmetric key
algorithms,applications of symmetric key algorithms and ciphers.
Principles of Symmetric Key Algorithms
a)Shared Secret Key
 Both the sender and receiver use the same key for encryption and decryption.
 This key must be kept confidential and shared securely.
b) Ciphers
Algorithms that perform the encryption and decryption processes.
Stream ciphers: Encrypt data one bit or byte at a time.
Block ciphers: Encrypt data in fixed-size blocks (e.g., AES encrypts 128-bit blocks).
Principles of Symmetric Key Algorithms
c)Encryption Process
 Plaintext is input to the cipher along with the secret key.
 Cipher applies a series of mathematical operations and transformations based on the
key.
 Ciphertext is produced as output.
d) Decryption Process
 Ciphertext is input to the cipher along with the same secret key.
 Cipher reverses the operations, using the key to decipher the message.
 Plaintext is recovered as output.
Principles of Symmetric Key Algorithms
e) Key Strength
 Longer keys are more secure, making brute-force attacks (guessing the key) more
difficult.
 Common key lengths: 128, 192, 256 bits.
f) Key Distribution
 Securely distributing the secret key to authorized parties is a challenging aspect of
symmetric key cryptography.
 The key should be exchanged securely to prevent interception by unauthorized
entities.
Common Symmetric Key Algorithms
Several widely used symmetric key algorithms are designed to provide secure encryption.
a)Data Encryption Standard (DES)
DES was one of the first widely used symmetric key algorithms. However, due to its
small key size (56 bits), it is now considered insecure for many applications. Triple DES
(3DES) is a variation that applies DES three times with different keys for increased
security.
b)Advanced Encryption Standard (AES)
AES is a widely used symmetric encryption algorithm that replaced the aging Data
Encryption Standard (DES). It supports key lengths of 128, 192, and 256 bits and is
considered secure for a wide range of applications.
Common Symmetric Key Algorithms
c)Blowfish
Blowfish is a symmetric key block cipher that operates on 64-bit blocks and supports key
sizes ranging from 32 to 448 bits. It is designed to be fast and efficient and is often used in
situations where hardware resources are limited.
d)Twofish
Twofish is a symmetric key block cipher that supports block sizes of 128, 192, and 256
bits. It was one of the five finalists in the AES competition but was not selected as the
standard. Nonetheless, Twofish remains a strong and secure algorithm.
e) RC4
RC4 is a stream cipher that uses variable key lengths. It is often used in applications like
secure sockets layer (SSL) for web communication. However, RC4 has been found to
have vulnerabilities, and its usage is discouraged in modern cryptographic applications.
Symmetric Key Encryption
Symmetric key encryption is a cryptographic technique that uses the same key for
both the encryption and decryption of data. The key is kept secret and shared only
between the parties that need to communicate securely. This method is fast and
efficient, making it ideal for encrypting large amounts of data.
Symmetric Key Encryption Process
The encryption process using symmetric key algorithms involves following steps
 Key Generation
 Encryption
 Decryption
Applications of Symmetric Key Algorithms
Symmetric key algorithms are used in a wide range of applications, including
 Data Encryption
 Secure Communication
 File and Disk Encryption
 Virtual Private Networks
 Secure Shell
 Secure File transfer
Security Considerations
While symmetric key algorithms provide strong security when implemented correctly,
they also have vulnerabilities and require proper key management. Key distribution and
key storage are critical aspects of using symmetric key algorithms securely.
 Session 8
Stream Ciphers, Block Ciphers
Stream Cipher
A stream cipher is a type of symmetric key encryption algorithm that encrypts data in a
continuous stream rather than in fixed-size blocks, as block ciphers do. Stream ciphers
are commonly used for real-time encryption and are efficient for applications like
secure communication and data transmission. In this section, we will explore the
principles, operations, and provide examples of stream ciphers.
Stream Cipher Operation
The encryption process using stream ciphers can be summarized in the following steps
Key Generation
A secret key is generated or provided to both the sender and the receiver. The key is
used to initialize the internal state of the stream cipher.
Key Stream Generation
The stream cipher generates a pseudorandom key stream based on the key (and IV if
used). This key stream is generated in a deterministic manner, meaning that it can be
reproduced at the receiver's end using the same key and IV i.e initialization vector.
Stream Cipher Operation
Encryption
The key stream is combined with the plaintext using a bitwise XOR operation. Each bit
(or byte) of the key stream is XORed with the corresponding bit (or byte) of the
plaintext. This process is repeated for the entire message.
Encryption Equation: Ciphertext=Plaintext⊕Key
Decryption
At the receiving end, the same key (and IV if used) is used to regenerate the key stream.
The key stream is then XORed with the received ciphertext to recover the original
plaintext.
Decryption Equation: Plaintext=Ciphertext⊕Key Stream
Examples of Stream Ciphers
 RC4
 Salsa20/ChaCha
 Grain
Applications of Stream Ciphers
Stream ciphers have a wide range of applications, including:
 Secure Communication
 Wireless Communication
 Secure File Storage
 Access Control
Security Considerations
Proper key management is crucial for stream ciphers. The security of the ciphertext
heavily depends on the randomness and unpredictability of the key stream. Key reuse,
weak key generation, or improper implementation can lead to vulnerabilities.
Block Cipher

A block cipher is a symmetric key encryption algorithm that operates on fixed-size

blocks of data. It takes a plaintext block as input and transforms it into a ciphertext
block using a secret key. Unlike stream ciphers, which encrypt data bit by bit or byte by
byte, block ciphers process data in fixed-sized chunks, typically 64 or 128 bits.

Basic Concepts
 Key
 Block Size
 Key Size
Block Cipher Operation
Block ciphers operate on fixed-size blocks of data, encrypting or decrypting the entire
block at once. The basic operation of a block cipher involves the following steps:
a)Key Generation
A secret key is generated or provided to both the sender and the receiver. The key is
used to configure the internal state of the block cipher algorithm.
b) Block Division
The plaintext message is divided into fixed-size blocks. The size of the block is
determined by the specific block cipher algorithm (e.g., 64 bits, 128 bits).
c)Initialization Vector (IV) (Optional)
Some block cipher modes of operation use an initialization vector (IV) to add
randomness and uniqueness to the encryption process, especially when encrypting
multiple blocks or messages. The IV is typically XORed with the first block of plaintext
before encryption.
Block Cipher Operation
d)Encryption
Each block of plaintext is independently encrypted using the secret key. The specific
encryption algorithm and mode of operation dictate the details of this process. Common
block cipher modes include Electronic Codebook (ECB), Cipher Block Chaining
(CBC), Counter (CTR), and others.
Encryption Equation: Ciphertext=Block Cipher Encryption(Plaintext,Key)
e)Decryption
At the receiving end, each block of ciphertext is independently decrypted using the
same key. The decryption algorithm and mode of operation determine the details of this
process.
Decryption Equation: Plaintext=Block Cipher Decryption(Ciphertext,Key)
Block Cipher Modes of Operation
a)Electronic Code Book (ECB)
Block Cipher Modes of Operation
Electronic code book is the easiest block cipher mode of functioning. It is easier
because of direct encryption of each block of input plaintext and output is in form of
blocks of encrypted ciphertext. Generally, if a message is larger than b bits in size, it
can be broken down into a bunch of blocks and the procedure is repeated.
Block Cipher Modes of Operation
b)CBC(Cipher Block Chaining Mode)
In CBC for the first block, what is known as a “randomized initialization vector”
(IV) is used to add a degree of randomization. This ensures that identical plaintext
blocks are not encrypted into identical ciphertext blocks. Even if the encryption is
invoked twice for the same plaintext and key, the ciphertext will be different each
time due to the randomized IV and chaining.
c)CTS (padding and ciphertext stealing)
Another method known as “padding” is necessary for the CBC mode. If the plaintext
is not a multiple of the block size, e.g. if the plaintext is 132 bits long, a first 128-bit
block can be generated, but a 128-bit block is also required for the remaining 4 bits
of plaintext, so 124 bits must be added to the 4 bits to produce 128 bits. One effect of
padding is that the ciphertext is always slightly longer than the plaintext.
d)CTR(Counter mode)
CTR, which stands for Counter mode, is a mode of operation for symmetric key
block ciphers. It is used to convert a block cipher into a stream cipher, allowing for
the encryption of arbitrary-length messages. CTR mode is commonly used for its
simplicity and parallelizability.
Security Considerations
Selecting an appropriate key size, using secure modes of operation, and implementing
proper key management practices are essential for the security of block ciphers.
Cryptanalysis techniques continue to evolve, and it's important to stay updated on the
latest best practices.
Summary
Stream ciphers provide an efficient and real-time solution for securing data
transmission and communication. Understanding the principles and the use of examples
like RC4, Salsa20, and ChaCha is essential for ensuring data privacy and security in a
world where secure real-time communication is increasingly critical. Proper key
management and secure implementation are key factors in building robust
cryptographic systems
Block ciphers are a cornerstone of modern cryptography, enabling secure data
encryption and decryption for various applications. Understanding their principles and
their use in different modes of operation is crucial for ensuring data privacy and
security in an increasingly interconnected world. The choice of the right block cipher
and its secure implementation are key factors in building robust cryptographic systems.
Conclusion
Symmetric key algorithms play a crucial role in securing data and communications in
various applications. Understanding the principles behind these algorithms, their
strengths, and their limitations is essential for building secure systems and maintaining
data privacy. Careful key management and the choice of appropriate algorithms are key
factors in achieving robust security in the digital age.
31