Chapter 6. Cryptography 203
Because a secure key must be handled in a special hardware device, the use of secret keys
is usually far slower than using clear keys as illustrated in Figure 6-1.
Figure 6-1 Three levels of protection with three levels of speed.
6.2.4 Algorithms
The algorithms of modern cryptography are differentiated by whether they use the same key
for the encryption of the message as for the decryption:
Symmetric algorithms use the same key to encrypt and to decrypt data. The function that
is used to decrypt the data is the opposite of the function used to encrypt the data.
Because the same key is used on both sides of an operation, it must be negotiated
between both parties and kept secret. Symmetric algorithms are also known as
secret key
algorithms
.
The main advantage of symmetric algorithms is that they are fast and so can be used for
huge amounts of data, even if they are not run on specialized hardware. The disadvantage
is that the key must be known by both sender and receiver of the messages. The key
therefore must be exchanged between them, and this key exchange is a weak point that
can be attacked.
Prominent examples for symmetric algorithms are the already mentioned DES, TDES, and
AES.
Asymmetric algorithms use two distinct but related keys, the public key and the private
key. As the names imply, the private key must be kept secret, while the public key is shown
to everyone. However, with asymmetric cryptography, it is not important who sees or
knows the public key. Whatever is done with one key can only be undone by the other key.
For instance, data encrypted using the public key can only be decrypted by the associated
private key, and vice versa. Unlike symmetric algorithms, which use distinct functions for
encryption and decryption, only one function is used in asymmetric algorithms. Depending
on the values passed to this function, it either encrypts or decrypts the data. Asymmetric
algorithms are also known as
public key algorithms.
Asymmetric algorithms use complex calculations and are rather slow (about 100 - 1000
times slower than symmetric algorithms). As a result, they are not used for the encryption
of bulk data. But because the private key is never exchanged, they are less vulnerable
than symmetric algorithms. Asymmetric algorithms mainly are used for authentication,
digital signatures, and for the encryption and exchange of secret keys (which then are
used to encrypt bulk data with a symmetric algorithm).
Examples for asymmetric algorithms are the already mentioned RSA, and elliptic curve
algorithms.
To Next Page
Loading...
Need help?
General