Public Key Methods of Encryption

History

• It was once thought that the only way to ensure secure message communication was for two parties to secretly exchange keys. This type of exchange required a third, trusted party that would deliver the secret key to the recipient. However, when large-scale encryption is required, such as in military operations, secure communication is impossible all of the time. This resulted in the conception of PKC, a type of cryptography that does not require exchanging private keys for secure communications.

RSA

• RSA uses a variable size encryption block and a variable sized key. Encryption and authentication take place without any sharing of private keys. For encryption to occur, the message is encrypted using the recipient's public key and can only be decrypted using the public and the private key. For authentication to occur, the message is encrypted and sent with a public key. The recipient can use the public key to authenticate the sender.

DES

• Data Encryption Standard (DES) was developed by the National Institute of Standards and Technology (NIST) and is a strong algorithm capable of protecting nonclassified information. Originally known as Lucifer, DES uses a key length of only 56 bits, and is typically not sufficient for high-security applications. It is, however, widely used in financial institutions and to protect online applications. More recently, the cipher has been superseded by the Advanced Encryption Standard (AES).

Blowfish

• Blowfish is a symmetric block cipher that uses a variable length key from 32 to 448 bits. Blowfish is considered a strong encryption method and is freely distributed. It was designed as a general-purpose algorithm, and, because it is considered nonproprietary, has fewer constraints than other algorithms. Typically, Blowfish is not used in applications where speed is required when exchanging keys. Blowfish is included in a large number of cipher suites and encryption products.

IDEA

• The International Data Encryption Algorithm (IDEA) is a symmetric block cipher that operates on 64-bit blocks using a 128-bit key. The IDEA algorithm was originally intended as a replacement for DES. IDEA uses interleaving operations from different groups that are algebraically incompatible and its operations include exclusive-ORs, addition modulus and multiplication modulus. IDEA is a rarely used code and thus is prone to security and interoperability problems.

SEAL

• The Software-Optimized Encryption Algorithm (SEAL) is a stream cipher that is an alternative to 3DES and AES. A stream cipher is a cipher that encrypts data continuously, and so is generally faster than block ciphers like DES, Blowfish, and IDEA, although stream ciphers do have a longer initialization phase. SEAL uses a 160-bit key for encryption and is considered very safe. SEAL encryption has a lower impact to the CPU when compared to other software-based algorithms.

RC4

• Like SEAL, RC4 is a stream cipher. RC4 is used in both encryption and decryption, and takes keys of random lengths and the output is "XORed" together with a stream of data to generate encrypted data. RC4 is popular among web enthusiasts and is used in Secure Sockets Layer (SSL) to protect wireless networks and WEP to secure wireless networks. RC4 is known for its simplicity and speed but has weaknesses that somewhat restrict its use in newer systems.