[Notes: I’m back for the time being. How long? We don’t really know but let’s make the most out of it. So, first on the agenda is the series of non-technical cryptography articles I started almost a year ago. I know this is months past due but then this and that came up then I had this and had to be taken care of that and then that happened… Well better late than never, I guess. Let’s just pretend I was able to convince you with my excuses and allow me to deliver what I promised ages ago.]
(In this article I will cover symmetric key cryptography in preparation for a discussion on the Russian One-Time Pads and the German Enigma on the succeeding articles.)
Symmetric Key Cryptography
Symmetric Key Cryptography is also known as Secret Key Cryptography where in encryption and decryption is performed using a key that is the related or identical (i. e. symmetric). It relies heavily on the secrecy of the key. The use of this paradigm is often referred termed as Symmetric Key Ciphers, Private Key Ciphers, Secret Key Ciphers, Conventional Ciphers, etc.
Using the analogy of the house used in the previous articles, Symmetric Key Cryptography may be likened to either having the original key of the house or a copy of the key of the house. Either way, they will be able to fit in one key hole and open the front door (assuming again, that the front door is the only way in where you can use a key).
There are two important things that this paradigm should exhibit in order to achieve its goal: (1) security of key distribution to legal recipients and (2) adequate strength of encryption. Going back to the analogy of the house, the first one only means that in this case only the seller and the buyer has the key to the house and the second one is that all possible entrances of the house are locked and the burglar alarm is turned on. This may seem very easy. However, when there are more people who hold the keys to the front door and there are a lot more windows the risk is higher for the security to be compromised.
Now, let’s take the example of a hotel. Every time a guest checks in, he is issued a room and a key and each key is unique. This is so as to protect the contents of each room such that if one key is stolen, not every room can be opened and so that one guest cannot open other rooms. Let’s say that the key of this particular hotel is a 5 digit pin combination. The problem is how to give the 5 digit pin combination to the guest without anyone overhearing or seeing the combination aside from the guest. This is called the key distribution problem.
Now assuming that none of the guests check out, and you can just keep adding rooms and making new keys. The problem however is that after 99,999th guest checks in, even though you can make more rooms, you can no longer make new keys without the risk of a security breach because then the next keys you will make would be able to open 2 rooms. Also, assuming that each of the house keeping staff maintains a whole floor, as we ad more room to each floor, the number of keys that each staff would have to manage will also increase. This is referred to in cryptographic literature as the key management problem.
In Symmetric Key Cryptography, the most ideal scenario is for a key to be kept secret and used only once, assuming that the encryption is strong and unbreakable by brute force. Brute force can also be applied in the key itself. In the context of our hotel analogy is when an unauthorized person tries to enter a room by trying every possible 5 digit pin combination. However, taking into consideration the time it would take to find which of the 99,999 possible combination would open the door. In cryptographic literature, this is referred to as computationally secured. Strength of the symmetric key encryption depends on the size of the key used.
Also, one of the disadvantages of Private Key Cryptography is that it is trust based. In the context of the house and the hotel room the buyer would first have to buy the house from the seller and the hotel guest must first check in. But what if you want to share a secret information with someone you have never met before? That is where Public Key Cryptography comes very handy.
Terms covered in this article: Symmetric/Private/Secret Key Cryptography, Key Distribution Problem, Key Management Problem, Brute Force, Computationally Secured
(Notes: For practical and obvious reasons, I cannot keep explaining cryptography, cryptanalysis, encryption, decryption, etc. in every article so it is advised to read the previous article/s before reading this one. Feedbacks, corrections and suggestions will be appreciated. 😀 )