Symmetric Cryptography

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Now I mentioned this a little bit earlier when we were
00:00
talking about historic uses of cryptography.
00:00
But let's go ahead and define
00:00
this process a little bit more clearly,
00:00
and then we're going to talk about
00:00
some of the difficulties that
00:00
come with symmetric cryptography
00:00
as well as some of the benefits.
00:00
Then we're going to talk about
00:00
the two types of symmetric algorithms.
00:00
We have stream algorithms and we have block algorithms.
00:00
Don't forget algorithm in cipher mean the same thing.
00:00
Sometimes I'll say stream cipher,
00:00
I might say stream algorithm
00:00
just to mix it up a little bit,
00:00
but no difference between the terms.
00:00
Symmetric cryptography.
00:00
This is what all of
00:00
our historical types of
00:00
cryptography or the Caesar
00:00
cipher and the Enigma machine,
00:00
they were all symmetric.
00:00
We really didn't have an asymmetric algorithm
00:00
until the late '70s.
00:00
Two gentlemen, Whitfield Diffie and
00:00
Martin Hellman came out
00:00
with the Diffie-Hellman algorithm,
00:00
which was our first asymmetric,
00:00
so everything historical is
00:00
going to fall in the category of being symmetric.
00:00
Now, symmetric cryptography,
00:00
remember we have one key shared between two parties.
00:00
I'm going to use that key to encrypt,
00:00
you're going to use the key to decrypt.
00:00
Now the tricky part is we have
00:00
to share that key between us.
00:00
Now, remember we referred to that as being
00:00
out-of-band key exchange and
00:00
our encryption is only as strong as our key exchanges.
00:00
If we have weak key exchange,
00:00
we have weak encryption
00:00
because anybody could intercept that key.
00:00
I have to find a good secure way for me
00:00
to get the secret to you.
00:00
That's problem number 1.
00:00
Now the second problem is
00:00
that symmetric cryptography is
00:00
not great for large environment.
00:00
In a large environment,
00:00
I need a key with
00:00
every individual I'm going to be communicating with.
00:00
Every individual needs a key
00:00
for everyone they'll be communicating with.
00:00
We wind up having a lot of keys in
00:00
symmetric environments if we were going to
00:00
have it implement just purely symmetrically.
00:00
If you think about this, let's say that I want to start
00:00
a dog walking club and I get
00:00
50 of my closest friends and
00:00
neighbors to participate in this dog walking club,
00:00
and we've decided that we're going to want
00:00
anybody in our club to be able
00:00
to walk anybody else's dog.
00:00
I've got 50 people.
00:00
I'm going to need a house key for the 49 other people and
00:00
each of them are going to need a house key for
00:00
the 49 other people in our group.
00:00
Even though 50 isn't
00:00
a tremendously large number of folks,
00:00
the number of keys we're going to have in
00:00
that type of environment is going to be very large.
00:00
As a matter of fact, there's actually
00:00
a formula that you can use.
00:00
This is going to be referenced later,
00:00
but I'll just mention it now.
00:00
The formula is n times n minus 1 divided by
00:00
2 is the number
00:00
of keys that you would need in a symmetric environment.
00:00
If we just think about that, it would be 50,
00:00
which is n times n minus 1,
00:00
which is 49, divided by 2.
00:00
That means in our little dog walking club,
00:00
there would be 1,225
00:00
keys distributed between the parties.
00:00
That's a lot of keys to have to keep up with.
00:00
Symmetric cryptography does not
00:00
grow well, it just doesn't.
00:00
Now the last problem with
00:00
symmetric cryptography, if you'll remember,
00:00
we talked earlier that
00:00
our desired security services are privacy,
00:00
authenticity, integrity, and non-repudiation.
00:00
The only one of those security services we can
00:00
get with symmetric cryptography is privacy.
00:00
We cannot get integrity,
00:00
can't get non-repudiation,
00:00
or authenticity only privacy.
00:00
Now we do get good privacy with symmetric cryptography,
00:00
but we don't get those other elements.
00:00
If you think about that, those are some big problems.
00:00
We have out-of-band key exchange that makes it difficult.
00:00
You can't use symmetric cryptography
00:00
in a large environment,
00:00
and we don't get authenticity or integrity,
00:00
so of course, we don't get non-repudiation.
00:00
Why in the world do we even want to use
00:00
symmetric cryptography then with all those problems?
00:00
Well, the reason that we want to is because it's fast.
00:00
Very beneficial to have a means to exchange data that
00:00
has very quick performance
00:00
because we've already said
00:00
there's always a trade-off for security,
00:00
and we want to minimize the costs
00:00
associated with security as much as possible.
00:00
We've got the pros and cons.
00:00
To be honest with you,
00:00
the most difficult thing about
00:00
symmetric cryptography
00:00
is all the different names you can call it.
00:00
As a matter of fact, you can
00:00
call it symmetric cryptography,
00:00
of course, but you can also call it secret key.
00:00
You can call it private-key cryptography.
00:00
You can call it shared key
00:00
because the two parties are sharing the same key,
00:00
and session keys are also symmetric in nature.
00:00
You need to know all of those names
00:00
because they may use them interchangeably.
00:00
Symmetric, secret, private,
00:00
shared, session keys,
00:00
they're all symmetric cryptography.
00:00
The heart and soul of it,
00:00
same key is used to encrypt that is used to decrypt.
00:00
Now with our symmetric ciphers,
00:00
we said the algorithm itself
00:00
is the type of math that's used.
00:00
Symmetric ciphers can specifically either
00:00
use stream functions or block functions.
00:00
Symmetric ciphers are either stream or block.
00:00
Let me talk about that just a little bit more.
00:00
When we look at stream encryption,
00:00
what we're doing is we're encrypting one bit at a time,
00:00
or possibly one bite at a time
00:00
if we're doing one character at a time.
00:00
The idea is bit by bit by bit, we encrypt data.
00:00
Now the alternative to that is using
00:00
a block cipher and
00:00
a block cipher chunks data into blocks,
00:00
and each chunk goes through a series of
00:00
math functions called S-boxes, substitution boxes.
00:00
That's what I demonstrated several
00:00
videos ago when we talked
00:00
about the algorithms and how they work,
00:00
because block ciphers are the most common by far.
00:00
All this data we chunk it may be in 128 bit blocks.
00:00
Each block goes through a series of
00:00
math functions where substitution happens,
00:00
and that's how the magic of block ciphers work.
00:00
Just to look at this a little bit more depth
00:00
with stream ciphers.
00:00
Stream ciphers frequently use [NOISE]
00:00
a process called XORing or eXclusive OR.
00:00
I've got a little example of how XOR works down below.
00:00
If you take a look,
00:00
what you can see is I have
00:00
some characters and I've got two bytes worth of data.
00:00
Up at the top the 1101001
00:00
and its corresponding second byte of data,
00:00
we'll assume that that's plain text.
00:00
Then we have the XOR function,
00:00
which is what our key is going to do,
00:00
and then underneath we
00:00
have the ciphertext that's produced.
00:00
Now I know this looks complex,
00:00
it's actually really easy.
00:00
What happens is each bit
00:00
of the plain text is matched with a bit of the key,
00:00
and if the values are the same, ciphertext becomes zero.
00:00
If the values are different,
00:00
the ciphertext becomes one.
00:00
If you look at this, one and zero are different,
00:00
so the ciphertext is just one.
00:00
Same thing, one and zero are different, ciphertext one.
00:00
Zero and one, different ciphertext one.
00:00
Different, different, all the way to the last two bits.
00:00
The second bit from the end here,
00:00
zero and zero are the
00:00
same so the ciphertext becomes zero.
00:00
One and one are the same.
00:00
Ciphertext becomes zero.
00:00
Ultimately, this XOR process just requires a bit of
00:00
the plain text being XORed against the bit of the key.
00:00
If the values are alike,
00:00
the ciphertext becomes zero,
00:00
if the values are different, ciphertext becomes one.
00:00
Now this is actually very
00:00
quick to produce encrypted text using XORing.
00:00
That's the thing about stream ciphers.
00:00
They are fast.
00:00
Boom, boom, boom.
00:00
As matter of fact, a lot of
00:00
times they're going to be used with
00:00
hardware encryption devices because you need
00:00
a hardware encryptor to keep up with
00:00
the capabilities of how fast stream ciphers can be.
00:00
Now the downside.
00:00
If it's super quick to encrypt,
00:00
it may also be super-quick to decrypt.
00:00
That usually goes hand in hand.
00:00
The idea is stream ciphers are very fast,
00:00
but they don't provide
00:00
the same sophistication of
00:00
encryption that a block cipher would.
00:00
Long story short, stream ciphers
00:00
are considered to be less secure.
00:00
Of note, I want you to remember the algorithm
00:00
RC4 is the only stream cipher
00:00
that I want you to know for this course.
00:00
It's the only one that's going to come up,
00:00
it's the only one we're going to ask you about.
00:00
Is AES a stream or a block? It's a block.
00:00
Why? Because it's not RC4.
00:00
The only time I want you to answer
00:00
stream is when you see RC4.
00:00
But Kelly, what about our C2?
00:00
Is it RC4?
00:00
Nope. Then it's a block.
00:00
Only RC4 is the stream we care about.
00:00
Then remember, this is very comparable to
00:00
the illustration we had earlier
00:00
when we were looking at algorithms and keys.
00:00
At each one of these S-boxes,
00:00
there is a math function that's performed.
00:00
Like we said, with your block ciphers
00:00
static it's chunked into blocks,
00:00
in this case maybe 64 bits.
00:00
Each block goes through series of math functions.
00:00
Which math function and
00:00
in what order and how many math functions,
00:00
that's what the key dictates.
00:00
Now we have a list here of symmetric algorithms.
00:00
I think you might see a question or two where you have to
00:00
know whether an algorithm is symmetric or asymmetric.
00:00
You want to take a look at these may be
00:00
screenshot them and make
00:00
sure that you can associate these
00:00
with being symmetric in nature.
00:00
In a little bit I'll show you the list
00:00
of our asymmetric algorithms also.
00:00
Just to wrap things up,
00:00
we gave an overview of
00:00
symmetric cryptography and talked
00:00
about some of its pros and cons.
00:00
Then we looked at stream ciphers versus block ciphers,
00:00
and we also just gave a list of
00:00
some of the common symmetric algorithms.
Up Next