- Symmetric key encryption (also known as secret key encryption, pre-shared key or private key encryption) uses only one key to encrypt and decrypt data.
- Symmetric encryption is well suited for bulk encryption of less sensitive data because it is less CPU-intensive than other encryption methods.
- Before communications begin, both parties must exchange the shared secret key using a secure channel. This is often done manually or with some form of asymmetric key cryptography.
- Each pair of communicating entities requires a unique shared key. This means that the number of keys required grows exponentially as the number of communication partners grows. For example, 1,000 users in a system would require the generation of almost 500,000 different keys.
- The key space is typically short, ranging from 56-bits to a maximum of 512-bits. (As the number of bits in the key increases, so does the strength of the encryption. However, the greater the number of bits in the key, the more CPU resources are required to perform the encryption.)
- Data Encryption Standard (DES) is a very popular encryption standard created by the National Security Agency. DES can be easily broken.
- Triple DES (3DES) is an enhanced version of DES. 3DES applies DES three times, and uses a 168-bit key.
- AES (Advanced Encryption Standard) is an improved version of Triple DES that supports encryption key lengths of up to 256 bits.
- Blowfish is a keyed, symmetric block cipher that was intended to be free of the problems associated with other algorithms and replace DES. Blowfish uses 64-bit blocks and key lengths anywhere from 32 bits to 448 bits.
Asymmetric Key Cryptosystem
- Asymmetric encryption (also known as public key encryption) uses two keys that are mathematically related. Both keys together are called the key pair.
- The public key is made available to anyone; the private key is kept secret.
- Use one key to encrypt and the other to decrypt. For example, if data is encrypted with the public key, use the private key to decrypt the data.
- The strength of an asymmetric encryption system lies in the secrecy and security of its private keys. If the private key is ever discovered, a new key pair must be generated.
- Asymmetric encryption of large amounts of data is slow and requires high CPU usage.
- Processing speeds are much slower (about 1,000 times slower) than symmetric key encryption.
- Asymmetric encryption requires fewer keys than symmetric key encryption, because only two keys per user are required (not a key for every communicating partner).
Example:
- Rivest, Shamir Adleman (RSA) is based on factoring large numbers into their prime values. It was developed by Rivest, Shamir and Adleman. RSA has key-length ranges from about 512 bit to 8,000 bits (2401 digits).
- DSA (Digital Signature Algorithm) is a United States Government encryption standard often used for digital signing. DSA currently supports Secure Hashing Algorithm-1 (SHA-1), which uses key lengths between 160 and 256 bits, or SHA-2, which uses key lengths between 256 and 1024 bits.
- The Diffie-Hellman Key Exchange was the first asymmetric algorithm. It was developed by Whitfield Diffie and Martin Hellman. It is a key agreement protocol that generates symmetric keys simultaneously at sender and recipient sites over non-secure channels. The Diffie-Hellman key exchange:
- Provides for key distribution and does not provide any cryptographic services.
- Is based on calculating discreet logarithms in a finite field.
- Is used in many algorithms and standards such as DES.
- Is subject to man in the middle attacks and requires strong authentication to validate the end points.
EPZ015666 shows potent cellular activity that blocks symmetric dimethylation of SmD3 and inhibit proliferation of MCL cell lines (Z-138, Granta-519, Maver-1, Mino, and Jeko-1) with IC50 of 96-904 nM. EPZ015666
ReplyDelete