Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [symmetric]

Symmetric cryptosystems assume two communicating entities share a pre-established secret key.

Symmetric cryptosystems assume two communicating entities share the same secret key. Symmetric secrets are generally used for encryption (block ciphers, stream ciphers) or authentication (MACs).

906 questions
55
votes
3 answers

Why is public-key encryption so much less efficient than secret-key encryption?

I'm currently reading Cryptography Engineering. After giving a high level explanation of the difference between secret-key encryption and public-key encryption, the book says: So why do we bother with secret-key encryption if public-key encryption…
user670
47
votes
7 answers

How can we reason about the cryptographic capabilities of code-breaking agencies like the NSA or GCHQ?

I have read in Applied Cryptography that the NSA is the largest hardware buyer and the largest mathematician employer in the world. How can we reason about the symmetric ciphers cryptanalysis capabilities of code-breaking agencies like the NSA or…
jokoon
  • 723
  • 1
  • 6
  • 13
47
votes
2 answers

Is AES-128 quantum safe?

I've been reading lately some contradicting messages with regards to the quantum-safe resistance of AES128. First, there are blog posts by Ericsson people like these ones: Can quantum attackers break AES-128? No. NIST estimates that a quantum…
Jimakos
  • 795
  • 1
  • 5
  • 11
41
votes
2 answers

Why do we use encrypt-decrypt-encrypt (EDE) in 3DES, rather than encrypting three times?

I'm wondering why we use encrypt-decrypt-encrypt (EDE) sequence in 3DES (also known as DES-EDE, TDES or TDEA) with three keys instead of three times encryption (EEE) with three different keys?
alaamub
  • 583
  • 1
  • 5
  • 6
37
votes
1 answer

What is a tweakable block cipher?

Pretty simple question - but I can't seem to find much information about it. What exactly is a tweakable block cipher? How do they differ from traditional block ciphers? What is the 'tweak'? Is it just a sequence of bytes? Does it have any special…
hunter
  • 4,051
  • 6
  • 29
  • 42
33
votes
3 answers

Is 128-bit security still considered strong in 2020, within the context of both ECC Asym & Sym ciphers

Given that much of our ECC crypto primitives provide “only” 128-bit security when defined over a 256-bit curve due to pollard-rho, is it then still safe in 2020 to consider 128-bit security safe for the medium term (5-8 years). I’m looking for an…
Woodstock
  • 1,454
  • 1
  • 15
  • 26
30
votes
2 answers

Why is asymmetric cryptography bad for huge data?

I've been told that asymmetric cryptography requires that the message to be encrypted be smaller than its key length. Why is this? I know about hybrid encryption, which uses symmetric encryption to resolve this problem. But I still want to know why…
K_X
  • 413
  • 1
  • 4
  • 4
30
votes
2 answers

Rubik's Cube as Encryption

Consider this scenario: Alice gets a Rubik's Cube and peels off the colors from each piece. She then writes a small message on one of the faces of the cube and fills the remaining pieces with random letters. Then, she scrambles the pieces in a way…
yasar
  • 417
  • 4
  • 4
29
votes
9 answers

Why not the one-time pad with pseudo-number generator

I am very new to cryptography (so be kind), but I have a question that may seem silly. If the one-time pad is the perfect cipher and impossible to crack, why would the following algorithm not be one of the strongest: To encrypt: generate a random…
dardawk
  • 401
  • 1
  • 4
  • 6
28
votes
2 answers

Why is Diffie-Hellman considered in the context of public key cryptography?

In all textbooks I used the Diffie-Hellman key exchange is under "public key cryptography". As far as I can see it is a method to exchange a key to be used with a symmetric cryptographic algorithm, so it falls very naturally in the area of symmetric…
Mr_and_Mrs_D
  • 383
  • 1
  • 3
  • 10
27
votes
3 answers

Information leakage from the ecryptfs filesystem

I'm wondering what information might be leaked from the ecryptfs filesystem. This is what Ubuntu uses if you check the box for "encrypted home directory" when using the desktop installer, so is probably quite widely used. Key characteristics of…
Hamish Downer
  • 371
  • 3
  • 5
25
votes
4 answers

Is using the same IV in AES similar to not using an IV in the first place?

So if I understand how an IV works with AES, I'm supposed to generate a different IV for every message because using only a key, I will get the same encryption if the message was encrypted twice (which is not secure) thus we use the IV which is some…
Ali_Nass
  • 353
  • 1
  • 4
  • 8
22
votes
2 answers

Deriving Keys for Symmetric Encryption and Authentication

So here's the concept. Rather than storing 2 keys and using a random IV, which presents its own problems (key rotation, ensuring no key is used in more than 2^32 cycles, sharing the keys, etc), is it OK to derive the cipher key, authentication key…
ircmaxell
  • 425
  • 3
  • 8
21
votes
1 answer

How to choose a padding mode with AES

Depending on the framework you are using, there are various padding modes that can be used with AES encryption. For example, with .NET we can choose PKCS7, ISO10126, ANSIX923, Zeros or None. I understand that the encryptor and decryptor need to use…
Cocowalla
  • 450
  • 1
  • 5
  • 17
19
votes
5 answers

Why does the recommended key size between symmetric and asymmetric encryption differ greatly?

In various articles it is mentioned that for secure communications, the recommended key sizes are 128-bit key size for symmetric encryption (which makes it $2^{128}$ possible keys?) and 2048-bit key size for asymmetric encryption ($2^{2048}$…
Bailala
  • 191
  • 1
  • 1
  • 3
1
2 3
60 61