# Symmetric Cryptography

Video Activity

Join over 3 million cybersecurity professionals advancing their career

Sign up with

Required fields are marked with an *

or

Already have an account? Sign In »

Time

15 hours 43 minutes

Difficulty

Advanced

CEU/CPE

16

Video Transcription

00:00

>> Now I mentioned this a little bit earlier when we were

00:00

talking about historic uses of cryptography.

00:00

But let's go ahead and define

00:00

this process a little bit more clearly,

00:00

and then we're going to talk about

00:00

some of the difficulties that

00:00

come with symmetric cryptography

00:00

as well as some of the benefits.

00:00

Then we're going to talk about

00:00

the two types of symmetric algorithms.

00:00

We have stream algorithms and we have block algorithms.

00:00

Don't forget algorithm in cipher mean the same thing.

00:00

Sometimes I'll say stream cipher,

00:00

I might say stream algorithm

00:00

just to mix it up a little bit,

00:00

but no difference between the terms.

00:00

Symmetric cryptography.

00:00

This is what all of

00:00

our historical types of

00:00

cryptography or the Caesar

00:00

cipher and the Enigma machine,

00:00

they were all symmetric.

00:00

We really didn't have an asymmetric algorithm

00:00

until the late '70s.

00:00

Two gentlemen, Whitfield Diffie and

00:00

Martin Hellman came out

00:00

with the Diffie-Hellman algorithm,

00:00

which was our first asymmetric,

00:00

so everything historical is

00:00

going to fall in the category of being symmetric.

00:00

Now, symmetric cryptography,

00:00

remember we have one key shared between two parties.

00:00

I'm going to use that key to encrypt,

00:00

you're going to use the key to decrypt.

00:00

Now the tricky part is we have

00:00

to share that key between us.

00:00

Now, remember we referred to that as being

00:00

out-of-band key exchange and

00:00

our encryption is only as strong as our key exchanges.

00:00

If we have weak key exchange,

00:00

we have weak encryption

00:00

because anybody could intercept that key.

00:00

I have to find a good secure way for me

00:00

to get the secret to you.

00:00

That's problem number 1.

00:00

Now the second problem is

00:00

that symmetric cryptography is

00:00

not great for large environment.

00:00

In a large environment,

00:00

I need a key with

00:00

every individual I'm going to be communicating with.

00:00

Every individual needs a key

00:00

for everyone they'll be communicating with.

00:00

We wind up having a lot of keys in

00:00

symmetric environments if we were going to

00:00

have it implement just purely symmetrically.

00:00

If you think about this, let's say that I want to start

00:00

a dog walking club and I get

00:00

50 of my closest friends and

00:00

neighbors to participate in this dog walking club,

00:00

and we've decided that we're going to want

00:00

anybody in our club to be able

00:00

to walk anybody else's dog.

00:00

I've got 50 people.

00:00

I'm going to need a house key for the 49 other people and

00:00

each of them are going to need a house key for

00:00

the 49 other people in our group.

00:00

Even though 50 isn't

00:00

a tremendously large number of folks,

00:00

the number of keys we're going to have in

00:00

that type of environment is going to be very large.

00:00

As a matter of fact, there's actually

00:00

a formula that you can use.

00:00

This is going to be referenced later,

00:00

but I'll just mention it now.

00:00

The formula is n times n minus 1 divided by

00:00

2 is the number

00:00

of keys that you would need in a symmetric environment.

00:00

If we just think about that, it would be 50,

00:00

which is n times n minus 1,

00:00

which is 49, divided by 2.

00:00

That means in our little dog walking club,

00:00

there would be 1,225

00:00

keys distributed between the parties.

00:00

That's a lot of keys to have to keep up with.

00:00

Symmetric cryptography does not

00:00

grow well, it just doesn't.

00:00

Now the last problem with

00:00

symmetric cryptography, if you'll remember,

00:00

we talked earlier that

00:00

our desired security services are privacy,

00:00

authenticity, integrity, and non-repudiation.

00:00

The only one of those security services we can

00:00

get with symmetric cryptography is privacy.

00:00

We cannot get integrity,

00:00

can't get non-repudiation,

00:00

or authenticity only privacy.

00:00

Now we do get good privacy with symmetric cryptography,

00:00

but we don't get those other elements.

00:00

If you think about that, those are some big problems.

00:00

We have out-of-band key exchange that makes it difficult.

00:00

You can't use symmetric cryptography

00:00

in a large environment,

00:00

and we don't get authenticity or integrity,

00:00

so of course, we don't get non-repudiation.

00:00

Why in the world do we even want to use

00:00

symmetric cryptography then with all those problems?

00:00

Well, the reason that we want to is because it's fast.

00:00

Very beneficial to have a means to exchange data that

00:00

has very quick performance

00:00

because we've already said

00:00

there's always a trade-off for security,

00:00

and we want to minimize the costs

00:00

associated with security as much as possible.

00:00

We've got the pros and cons.

00:00

To be honest with you,

00:00

the most difficult thing about

00:00

symmetric cryptography

00:00

is all the different names you can call it.

00:00

As a matter of fact, you can

00:00

call it symmetric cryptography,

00:00

of course, but you can also call it secret key.

00:00

You can call it private-key cryptography.

00:00

You can call it shared key

00:00

because the two parties are sharing the same key,

00:00

and session keys are also symmetric in nature.

00:00

You need to know all of those names

00:00

because they may use them interchangeably.

00:00

Symmetric, secret, private,

00:00

shared, session keys,

00:00

they're all symmetric cryptography.

00:00

The heart and soul of it,

00:00

same key is used to encrypt that is used to decrypt.

00:00

Now with our symmetric ciphers,

00:00

we said the algorithm itself

00:00

is the type of math that's used.

00:00

Symmetric ciphers can specifically either

00:00

use stream functions or block functions.

00:00

Symmetric ciphers are either stream or block.

00:00

Let me talk about that just a little bit more.

00:00

When we look at stream encryption,

00:00

what we're doing is we're encrypting one bit at a time,

00:00

or possibly one bite at a time

00:00

if we're doing one character at a time.

00:00

The idea is bit by bit by bit, we encrypt data.

00:00

Now the alternative to that is using

00:00

a block cipher and

00:00

a block cipher chunks data into blocks,

00:00

and each chunk goes through a series of

00:00

math functions called S-boxes, substitution boxes.

00:00

That's what I demonstrated several

00:00

videos ago when we talked

00:00

about the algorithms and how they work,

00:00

because block ciphers are the most common by far.

00:00

All this data we chunk it may be in 128 bit blocks.

00:00

Each block goes through a series of

00:00

math functions where substitution happens,

00:00

and that's how the magic of block ciphers work.

00:00

Just to look at this a little bit more depth

00:00

with stream ciphers.

00:00

Stream ciphers frequently use [NOISE]

00:00

a process called XORing or eXclusive OR.

00:00

I've got a little example of how XOR works down below.

00:00

If you take a look,

00:00

what you can see is I have

00:00

some characters and I've got two bytes worth of data.

00:00

Up at the top the 1101001

00:00

and its corresponding second byte of data,

00:00

we'll assume that that's plain text.

00:00

Then we have the XOR function,

00:00

which is what our key is going to do,

00:00

and then underneath we

00:00

have the ciphertext that's produced.

00:00

Now I know this looks complex,

00:00

it's actually really easy.

00:00

What happens is each bit

00:00

of the plain text is matched with a bit of the key,

00:00

and if the values are the same, ciphertext becomes zero.

00:00

If the values are different,

00:00

the ciphertext becomes one.

00:00

If you look at this, one and zero are different,

00:00

so the ciphertext is just one.

00:00

Same thing, one and zero are different, ciphertext one.

00:00

Zero and one, different ciphertext one.

00:00

Different, different, all the way to the last two bits.

00:00

The second bit from the end here,

00:00

zero and zero are the

00:00

same so the ciphertext becomes zero.

00:00

One and one are the same.

00:00

Ciphertext becomes zero.

00:00

Ultimately, this XOR process just requires a bit of

00:00

the plain text being XORed against the bit of the key.

00:00

If the values are alike,

00:00

the ciphertext becomes zero,

00:00

if the values are different, ciphertext becomes one.

00:00

Now this is actually very

00:00

quick to produce encrypted text using XORing.

00:00

That's the thing about stream ciphers.

00:00

They are fast.

00:00

Boom, boom, boom.

00:00

As matter of fact, a lot of

00:00

times they're going to be used with

00:00

hardware encryption devices because you need

00:00

a hardware encryptor to keep up with

00:00

the capabilities of how fast stream ciphers can be.

00:00

Now the downside.

00:00

If it's super quick to encrypt,

00:00

it may also be super-quick to decrypt.

00:00

That usually goes hand in hand.

00:00

The idea is stream ciphers are very fast,

00:00

but they don't provide

00:00

the same sophistication of

00:00

encryption that a block cipher would.

00:00

Long story short, stream ciphers

00:00

are considered to be less secure.

00:00

Of note, I want you to remember the algorithm

00:00

RC4 is the only stream cipher

00:00

that I want you to know for this course.

00:00

It's the only one that's going to come up,

00:00

it's the only one we're going to ask you about.

00:00

Is AES a stream or a block? It's a block.

00:00

Why? Because it's not RC4.

00:00

The only time I want you to answer

00:00

stream is when you see RC4.

00:00

But Kelly, what about our C2?

00:00

Is it RC4?

00:00

Nope. Then it's a block.

00:00

Only RC4 is the stream we care about.

00:00

Then remember, this is very comparable to

00:00

the illustration we had earlier

00:00

when we were looking at algorithms and keys.

00:00

At each one of these S-boxes,

00:00

there is a math function that's performed.

00:00

Like we said, with your block ciphers

00:00

static it's chunked into blocks,

00:00

in this case maybe 64 bits.

00:00

Each block goes through series of math functions.

00:00

Which math function and

00:00

in what order and how many math functions,

00:00

that's what the key dictates.

00:00

Now we have a list here of symmetric algorithms.

00:00

I think you might see a question or two where you have to

00:00

know whether an algorithm is symmetric or asymmetric.

00:00

You want to take a look at these may be

00:00

screenshot them and make

00:00

sure that you can associate these

00:00

with being symmetric in nature.

00:00

In a little bit I'll show you the list

00:00

of our asymmetric algorithms also.

00:00

Just to wrap things up,

00:00

we gave an overview of

00:00

symmetric cryptography and talked

00:00

about some of its pros and cons.

00:00

Then we looked at stream ciphers versus block ciphers,

00:00

and we also just gave a list of

00:00

some of the common symmetric algorithms.

Up Next

Instructed By

Similar Content