//
you're reading...
Non-Technical Articles on Cryptography, Security

Symmetric Key Cryptography (Non-Technical)

Simply put, Symmetric Key Cryptography is the use of related, often identical, key for both encryption and decryption.

Simply put, Symmetric Key Cryptography is the use of related, often identical, key for both encryption and decryption.

[Notes: I’m back for the time being. How long? We don’t really know but let’s make the most out of it. So, first on the agenda is the series of non-technical cryptography articles I started almost a year ago. I know this is months past due but then this and that came up then I had this and had to be taken care of that and then that happened… Well better late than never, I guess. Let’s just pretend I was able to convince you with my excuses and allow me to deliver what I promised ages ago.]

(In this article I will cover symmetric key cryptography in preparation for a discussion on the Russian One-Time Pads and the German Enigma on the succeeding articles.)

Previous: Earlier Forms of Cryptography (Non-Technical)

Symmetric Key Cryptography

Symmetric Key Cryptography is also known as Secret Key Cryptography where in encryption and decryption is performed using a key that is the related or identical (i. e. symmetric). It relies heavily on the secrecy of the key. The use of this paradigm is often referred termed as Symmetric Key Ciphers, Private Key Ciphers, Secret Key Ciphers, Conventional Ciphers, etc.

Using the analogy of the house used in the previous articles, Symmetric Key Cryptography may be likened to either having the original key of the house or a copy of the key of the house. Either way, they will be able to fit in one key hole and open the front door (assuming again, that the front door is the only way in where you can use a key).

There are two important things that this paradigm should exhibit in order to achieve its goal: (1) security of key distribution to legal recipients and (2) adequate strength of encryption. Going back to the analogy of the house, the first one only means that in this case only the seller and the buyer has the key to the house and the second one is that all possible entrances of the house are locked and the burglar alarm is turned on. This may seem very easy. However, when there are more people who hold the keys to the front door and there are a lot more windows the risk is higher for the security to be compromised.

Now, let’s take the example of a hotel. Every time a guest checks in, he is issued a room and a key and each key is unique. This is so as to protect the contents of each room such that if one key is stolen, not every room can be opened and so that one guest cannot open other rooms. Let’s say that the key of this particular hotel is a 5 digit pin combination. The problem is how to give the 5 digit pin combination to the guest without anyone overhearing or seeing the combination aside from the guest. This is called the key distribution problem.

Now assuming that none of the guests check out, and you can just keep adding rooms and making new keys. The problem however is that after 99,999th guest checks in, even though you can make more rooms, you can no longer make new keys without the risk of a security breach because then the next keys you will make would be able to open 2 rooms. Also, assuming that each of the house keeping staff maintains a whole floor, as we ad more room to each floor, the number of keys that each staff would have to manage will also increase. This is referred to in cryptographic literature as the key management problem.

In Symmetric Key Cryptography, the most ideal scenario is for a key to be kept secret and used only once, assuming that the encryption is strong and unbreakable by brute force. Brute force can also be applied in the key itself. In the context of our hotel analogy is when an unauthorized person tries to enter a room by trying every possible 5 digit pin combination. However, taking into consideration the time it would take to find which of the 99,999 possible combination would open the door. In cryptographic literature, this is referred to as computationally secured. Strength of the symmetric key encryption depends on the size of the key used.

Also, one of the disadvantages of Private Key Cryptography is that it is trust based. In the context of the house and the hotel room the buyer would first have to buy the house from the seller and the hotel guest must first check in. But what if you want to share a secret information with someone you have never met before? That is where Public Key Cryptography comes very handy.

Terms covered in this article: Symmetric/Private/Secret Key Cryptography, Key Distribution Problem, Key Management Problem, Brute Force, Computationally Secured

Sources and Further Readings:
Mark Dermot Ryan. Symmetric Key Cryptography. [web]
Toolbox for IT. Symmetric Key Encryption. [web]

(Notes: For practical and obvious reasons, I cannot keep explaining cryptography, cryptanalysis, encryption, decryption, etc. in every article so it is advised to read the previous article/s before reading this one. Feedbacks, corrections and suggestions will be appreciated. 😀 )

 

Advertisements

About princess of antiquity

Abbi Cabanding is a member of the Security Bloggers Network and had been blogging on information security since 2006. She is also a member of the Association for Computing Machinery. She studied Computer Science and Fine Arts at the University of the Philippines - Diliman.

Discussion

9 thoughts on “Symmetric Key Cryptography (Non-Technical)

  1. Hi, nice post. I have been pondering this topic,so thanks for writing. I will definitely be subscribing to your site.

    Posted by - | May 4, 5:30 am, 5:30 am
  2. good post. keep it up.

    Posted by goodvirtue | June 7, 8:09 pm, 8:09 pm
  3. after reading this article, no one would believe me when I say you are an arts student.

    Posted by royalflare | August 20, 9:06 pm, 9:06 pm

Trackbacks/Pingbacks

  1. Pingback: Earlier Forms of Cryptography (Non-Technical) « Princess of Antiquity - April 30, 6:48 pm

  2. Pingback: Interesting Information Security Bits for 04/30/2009 | Infosec Ramblings - May 1, 4:47 am

  3. Pingback: » One-way function Fontainebleau Schools - May 7, 6:31 am

  4. Pingback: One-Time Pa(d)sswords « Princess of Antiquity - November 24, 2:41 am

  5. Pingback: One-Time Pa(d)sswords « Would you buy it for a quarter? - November 24, 2:52 am

  6. Pingback: One-Time Pa(d)sswords | 安全业界观察 - November 24, 7:02 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Sin of Silence E-Book


SIN OF SILENCE:
THE STORIES OF OUR DAYS
download:
single-page view
two-page view

On Wordpress

  • 94,967 readers

Subscribe via FeedBurner

Enter your email address to receive notifications by email.

Princess of Antiquity on Twitter

  • RT @AltTeamAFP: The quickest way to acquire self-confidence is to do exactly what you are afraid to do. Sleep well Philippines, we got your… 3 months ago
  • I have a limit and when you reach it I dismiss you from my life. It's that simple. 3 months ago
  • I don't get mad. I get distant. 3 months ago

RSS Princess of Antiquity on Tumblr

  • An error has occurred; the feed is probably down. Try again later.

Creative Commons

Creative Commons License
Original content in this work is licensed under a Creative Commons License.
%d bloggers like this: