Encryption is the process of converting readable plain text into an unreadable cipher text by applying a set of complex algorithms that transform that the data into blocks or streams of random alphanumeric characters.
This section deals with ciphers and various encryption algorithms such DES, AES, RC4, RC5, RC6, DSA, RSA, MD5, and SHA.
Type of Encryption
In cryptography, a cipher is an algorithm for performing encyption and decryption. Encipherment is the process of converting plain text into a cipher or code; the reverse process is call decipherment. A message is encrypted using a cipher is rendered unreadable, unless its recipient knows the secret key required to decrypt it.
For Detail Information I Alread made Blog on this you can watch it Here
Data Encryption Standard (DES)
DES is a standard for data encryption that uses a secret key for both encryption and decryption. DES uses a 64-bit secret key of which 56 bits are generated randomly and other 8 bits help in error detection.
It uses the Data Encryption Algorithm (DEA), a secret Key block-cipher — an algorithm that takes a fixed-length string of plain-text bits and transforms it into a ciphertext bit string of the same length. DES’s design allows users to implement it in hardware and use for single use-user encryption, such as to store files on a hard disk in encrypted form.
DES provides 72 quadrillion or more possible encryption keys and chooses a random key for encyption of each message. Because of the inherent weakness of DES vis-a-vis today’s technologies, some organizations use triple DES, in which they repeat the process three times(3DES) for added strength.
Triple Data Encryption Standard (3DES)
Eventually it became obvious that DES would no longer be secure. The U.S federal goverment began a contest seeking a replacement cryptography algorithm. However, in the meantime, 3DES was created as an interim solution. Essentially, it does DES three times with three different keys. 3DES uses a “key bundle” which comprises three DES keys, K1, K2, and K3. Each key is standard 56-bit DES key. it will then apply the following process:-
DES encrypt with K1, DES decrypt with K2, then DES encrypt with K3. There are three options for the keys. In the first option, all three keys are independent and different. In the second option, K1 and K3 are identical. In the third option, all three keys are the same. Therefore, you are literally applying the exact same DES algorithm three times with the same key. Option 1 is the most secure, with option 3 being the least secure.
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a National Institute of Standards and Technology (NIST) specification for the encryption of electronic data. It also helps to encrypt. digital information such as telecommunications, financial, and government data. US government agencies have been using it to secure sensitive but unclassified material.
AES consits of a symmetric-key algorithm: both encryption and decryption are performed using the same key. It is an iterated block cipher that works by repeating the defined steps multiple times. It has a 128-bit block size, with key sizes of 128, 192, and 256 bits, respectively, for AES-128, AES-192, and AES-256. The design of AES makes its use efficient in both software and hardwae . It works simultaneously at multiple network layes.
RC4, RC5, and RC6 Algorithms
- RC5 :- RC5 is a fast symmetric-key block cipher designed by Ronald Rivest for RSA data security. The algorithm is a parameterized algorithm with a variable block size, variable key size, and a variable number of rounds. The block sizes can be 32, 64, or 128 bits. The range of the rounds can vary from 0 to 255, and the size of the key can vary from 0 to 2040 bits. This built in variability can offer flexibility at all levels of security. Routines used in RC5 are key expansion, encryption, and decryption.
- In the key expansion routine, the secret key that a user provide is expanded to fill the key table. The RC5 uses key table for both encryption and decryption. The encryption routine has three fundamental operations: integer addition, bitwise XOR, and variable rotation. The Intense use of data-dependent ratation, plus the combination of different of different operations, makes RC5 a secure encryption algorithm.
Digital Signature Algorithm (DSA)
The Digital Signature Algorithm (DSA) is a Federal Information Processing Standard for digital signatures. The NIST proposed the DSA for use in the Digital SIgnature Standard (DSS), adopted as FIPS 186. The DSA helps in the generation and verification of digital signature for sensitive and unclassified applications. It creates a 320-bit digital signature but with 512–1024 bit security.
Digital Signature is a mathematical scheme used for the authentication of digital messages. Computation of the digital signature uses a set of rules and set of parameters, in that the user can verify the identity of the signatory and integrity of the data.
Rivest Shamir Adleman (RSA)
Ron RIvest, Adi Shamir, and Leonard Adleman formulated RSA, a public-key cryptosystem for Internet encryption and authentication. RSA uses modular and arithmetic and elementary number theories to perform computations using two large numbers. The RSA system is widely used in a variety of products, platforms, and industries.
For More Information Check My Previous Blog Here
Message Digest Function (MD)
Hash functions calculate a unique fixed-size string representation called a message digest of any arbitrary block of information. Message Digest functions distill the information contained in a file into a single fixed-length number, typically between 128 and 257 bits. If any given an Input is changed, every output bit has a 50% chance of charging. Given an input file and its corresponding message digest, it should be nearly impossible to find another file with the same message digest value, as it is computationally infeasible to have two files with the same message digest value.
Message Digest functions are also called one-way hash functions because they produce values that are almost impossible to invert, resistant to attack, mostly unique, and widely distributed. Message Digest algorithms themeselves do not participate in encryption and decryption operations. They enable creation of digital signatures and message authentication codes , and the derivation of encryption keys form passphrases.
Message Digest 5
MD2, MD4, and MD5 are message-digest algorithms used in digital signature applications to compress document securely before the systme signs it with a private key. The algorithms can be of variable length, but the resulting message digest is always 128 bits.
The structures of all three algorithms appear similar, althrough the design of MD2 is reasonably different from MD4 and MD5. MD2 supports 8-bit machines, while MD4 and MD5 support 32-bit machines. the algorithm pads the message with extra bits to ensure that the length of the bits is divisibleby 512. The extra bits may include a 64-bit binary message.
Attacks on versions of MD4 have become increasingly successful. Research has shown how attacker launches collision attacks for the full versions of MD4 under a minute on a typical PC. MD5 is slightly more secure, but is slower than MD4. However, both the message-digest size and padding requirements remain the same.
MD5 algorithm is a widely used cryptographic hash functions that takes a message of aribitarary length as input and outputs a 128-bit (16byte) fingerprint or message digest of the input. MD5 algorithm comes into use in a wide variety of cryptographic applications and is useful for digital signature applications, file integrity checking, and storing passwords. On the other hand, MD5 is not collision resitant; therefore, it is better to use the lastest algorithms, such as SHA-2 and SHA-3.
Secure Hashing Algorithm (SHA)
The NIST has developed the Secure Hash Algorithm (SHA), specified in the Secure Hash Standard (SHS) and published as a federal information-processing standard (FIPS PUB 180). It generates a cryptoghaphically secure one-way hash.
- SHA-0 :- retronym applied to the original version of 160-bit hash function published in the year 1993 under the name SHA, which was withdrawn from the trade due to undisclosed “significant flaw” in it and was replaced with slightly revised version SHA-1.
- SHA-1 :- It is a 160-bit hash function that resembles the former MD5 algorithm developed by Ron Rivest. it produces a 160-bit digest from a message with a maximum length of (264–1) bits. It was designed by the National Security Agency (NSA) to be part of the Digital Signature Algorithm (DSA). It is most commonly used in security protocols such as PGP, TLS, SSH, and SSL. As of 2010, SHA-1 is no longer approved for cryptographic use because of cryptographic weaknesses.
- SHA-2 :- SHA-e is a family of two similar hash functions, with different block sizes, namely, SHA-256, which uses 32-bit words, and SHA-512, which uses 64-bit words. Truncated versions of each standard are SHA-224 and SHA 384.
- SHA-3 :- SHA-3 uses the sponge construction in which message blocks are XORed into the initial bits of the state, which the algorithm then invertibly permutes. It supports the same hash lengths as SHA-2 and differs in its internal structure considerebly from rest of the SHA family.
Rivest developed the SHA, which is similar to the message-digest algorithm family of hash functions. It is slightly slower than MD5, but its larger message digest makes it more secure against brute-force collision and inversion attacks.
SHA Encryption is a series of five different cryptographic functions, and it currently has three generations: SHA-1, SHA-2, and SHA-3.
Comparison of SHA functions (SHA-0, SHA-1, SHA-2, and SHA-3).