20. Symmetric Encryption
A symmetric algorithm uses the same key in both the encryption and decryption processes.
The decryption process is a mirror image of the encryption process.
- The two communicating parties need to share knowledge of the same key.
- A person without the correct key cannot read the encrypted message.
Challenges
- If two parties think a communication path is compromised, they should not share key material along that path.
- Someone who has compromised communications between the parties could intercept the key.
- Key distribution is difficult because the key cannot be sent in the same channel as the encrypted message.
- Sending the key through a different channel than the encrypted message is called out-of-band key distribution.
- Examples of out-of-band key distribution include sending the key by:
- courier
- fax
- phone
- Any party with knowledge of the key can access and change the message.
- Each person or group that wants to communicate needs a different key for each individual or group they want to connect with.
- This creates a scalability challenge because the number of needed keys grows quickly as the number of users or groups increases.
- In this arrangement, an organization of 1,000 employees would need to manage 499,500 keys if every employee wanted to communicate confidentially with every other employee.
Primary Uses of Symmetric Algorithms
- Encrypting bulk data (e.g., backups, hard drives, portable media)
- Encrypting messages traveling through communication channels (e.g., IPsec, TLS)
- Streaming large-scale, time-sensitive data (e.g., audio/video materials, gaming)
Other Names for Symmetric Algorithms
- Same key
- Single key
- Shared key
- Secret key
- Session key
Symmetric Encryption via Decoding Ring
- An example of symmetric encryption is a substitution cipher.
- It involves substituting letters for other letters, or bits for other bits, based on a cryptovariable.
- These ciphers replace each letter of the plaintext with another letter that may be farther down the alphabet.