## Symmetric Encryption

## The attributes of symmetric encryption

What makes encryption symmetric? You know what symmetry is right? So you can hazard a guess… Symmetric encryption algorithms use the same key for both encryption and decryption. They are typically used for blocks of data such as files or on streams of data such as a network data flow. Table 1, shown below, defines six of the main attributes of symmetric encryption.

#### Table 1: The main attributes of symmetric encryption

Attribute | Property |
---|---|

Key | One key is shared between two or more entities. |

Key exchange | Out of band (communication outside of the main system: for example, sending a text message with the key, password or login code to access your email or banking website) or by using asymmetric encryption. |

Speed | Fast with minimal complexity. |

Key length | Fixed key length: 128-bit, 192-bit or 256-bit, for example. |

Applications | Bulk data encryption: files, databases, logical partitions and physical drives. Protecting data-in-transit: Internet Protocol Security (IPSec), Secure Shell (SSH) and Transport Layer Security (TLS)/Secure Sockets Layer (SSL). |

Security properties | Confidentiality. |

## Symmetric encryption algorithms

Some of the best known encryption algorithms in use across modern technology are symmetric algorithms. The list includes DES (Data Encryption Standard), 3DES (Triple DES), Twofish, Blowfish, RC4, Serpent and AES(Rijndael).

## Data Encryption Standard (DES)

The original DES was published on 15 January 1977 by the National Institute of Standards and Technology (NIST). It is a symmetric block cipher with a 64 bit block size. The block size of a cipher is the fixed number of bits that the cipher operates on during any encryption/decryption operation. It turns out that with a 64 bit block size, you dont have to encrypt a block or stream of data that is too large before you run into problems of block repetition. Still between 1977 and the retirement of DES, the amount of data seemed like a large amount (less so nowadays).

DES uses a 64 bit key however 8 bits are sacrificed as overhead due to error protection/detection meaning the effective key length is 56 bits. With a key length of 56 bits, 72 thousand trillion keys are therefore possible. Thats a lot of possibilities. DES, as well as many other well known symmetric ciphers (3DES, Twofish, Blowfish and RC5) are based on an earlier cipher known as a Feistel cipher. Feistel ciphers have two main advantages. First, they provide structural reusability (the same structure can be used for encryption and decryption); therefore, the decryption logic does not need to be implemented in reverse order. The second advantage is one-way functions. Ill write a post down the line about Feistel ciphers and if Ive done it yet then you can click HERE to go read it. Ok you’re still here so I obviously haven’t written it yet. Get on twitter and give me a nudge. Ok lets look in a little bit more detail about how these encryption algorithms work.

## Substitution box (S box) & Permutation box (P box)

Symmetric block ciphers typically use structures called S boxes and P boxes to work with their keys to transform input to output. S boxes along with P boxes work together to obscure the relationship between the key and the ciphertext. This conforms to the Shannon principle of confusion.S boxes are used in many symmetric block ciphers including DES, 3DES, Blowfish, Twofish and the daddy of them all, AES. An S box takes a fixed number of bits on the input and maps it to a fixed number of bits at the output according to an agreed lookup table. The output and input need not be the same bit length. S boxes are designed with diffusion in mind such that changing a single input bit should result in the change of two or more output bits and should also, on average, keep a reasonable balance between 0s and 1s.

Permutation boxes typically come after S boxes and effectively jumble the block in a predetermined way. Again this is done to obfuscate the relationship between the key and the ciphertext. When taken together the S box and the P box make up whats called an SP network and encryption algorithms use a number of these SP networks in succession (known as rounds, as in boxing rounds) to transform the input plaintext block into the output ciphertext block.

## Advanced Encryption Standard (AES)

When DES was overtaken by data demands and Moores law and placed into an early grave by being demonstrably brute forced, the world needed to find a successor. That successor needed to be robust enough to last for the foreseeable future so a global competition invited all comers to compete to have their algorithm take the crown and be named as the new Advanced Encryption Standard. In the meantime DES needed to be temporarily shored up and thus was born 3DES which fudged a bit more security but not in a sustainable way.

The competition whittled the entrants down to the final 5 and these 5 went into the final stages where they were tested and challenged to destruction. These finalists were, MARS, RC6, Rijndael, Serpent, and Twofish. Each algorithm had done great to make it this far but there could be only one winner and so two Belgian cryptographers, Vincent Rijmen and Joan Daemen won the contest from 15 shortlisted proposals and Rijndael was announced as the lucky algorithm that would lose its name and forever be known as AES.

## Rijndael Encryption Algorithm

Let’s take a look at the winner of the competition, the Rijndael algorithm. Rijndael is a 128 block size algorithm and uses three key lengths, namely 128, 192 and 256 bit keys. Like Feistel it uses rounds of increasing encryption where repetition further obfuscates the plaintext and, like all encryption algorithms which use rounds, there is a tradeoff between rounds and computational overhead. So 128 bit key AES (Rijndael) uses 10 rounds, 192 bit uses 12 and 256 uses 14. Each round (apart from the last) breaks a round into 4 parts, namely, SubBytes, ShiftRows, MixColumns and AddRoundKey. Lets look at each of these in turn.

## SubBytes

The SubBytes stage of a Rijndael round is simply the use of an S-Box and the Rijndael S-Box is shown below. This step adds confusion as per the Shannon model.

00 | 01 | 02 | 03 | 04 | 05 | 06 | 07 | 08 | 09 | 0a | 0b | 0c | 0d | 0e | 0f | |

00 | 63 | 7c | 77 | 7b | f2 | 6b | 6f | c5 | 30 | 01 | 67 | 2b | fe | d7 | ab | 76 |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|

10 | ca | 82 | c9 | 7d | fa | 59 | 47 | f0 | ad | d4 | a2 | af | 9c | a4 | 72 | c0 |

20 | b7 | fd | 93 | 26 | 36 | 3f | f7 | cc | 34 | a5 | e5 | f1 | 71 | d8 | 31 | 15 |

30 | 04 | c7 | 23 | c3 | 18 | 96 | 05 | 9a | 07 | 12 | 80 | e2 | eb | 27 | b2 | 75 |

40 | 09 | 83 | 2c | 1a | 1b | 6e | 5a | a0 | 52 | 3b | d6 | b3 | 29 | e3 | 2f | 84 |

50 | 53 | d1 | 00 | ed | 20 | fc | b1 | 5b | 6a | cb | be | 39 | 4a | 4c | 58 | cf |

60 | d0 | ef | aa | fb | 43 | 4d | 33 | 85 | 45 | f9 | 02 | 7f | 50 | 3c | 9f | a8 |

70 | 51 | a3 | 40 | 8f | 92 | 9d | 38 | f5 | bc | b6 | da | 21 | 10 | ff | f3 | d2 |

80 | cd | 0c | 13 | ec | 5f | 97 | 44 | 17 | c4 | a7 | 7e | 3d | 64 | 5d | 19 | 73 |

90 | 60 | 81 | 4f | dc | 22 | 2a | 90 | 88 | 46 | ee | b8 | 14 | de | 5e | 0b | db |

a0 | e0 | 32 | 3a | 0a | 49 | 06 | 24 | 5c | c2 | d3 | ac | 62 | 91 | 95 | e4 | 79 |

b0 | e7 | c8 | 37 | 6d | 8d | d5 | 4e | a9 | 6c | 56 | f4 | ea | 65 | 7a | ae | 08 |

c0 | ba | 78 | 25 | 2e | 1c | a6 | b4 | c6 | e8 | dd | 74 | 1f | 4b | bd | 8b | 8a |

d0 | 70 | 3e | b5 | 66 | 48 | 03 | f6 | 0e | 61 | 35 | 57 | b9 | 86 | c1 | 1d | 9e |

e0 | e1 | f8 | 98 | 11 | 69 | d9 | 8e | 94 | 9b | 1e | 87 | e9 | ce | 55 | 28 | df |

f0 | 8c | a1 | 89 | 0d | bf | e6 | 42 | 68 | 41 | 99 | 2d | 0f | b0 | 54 | bb | 16 |

Thus, the 4×4 block (known as a *state*) is systematically substituted for its replacement byte from the table above and that concludes part 1.

## ShiftRows

The shift rows step is similarly straightforward. The 4×4 state which is produced is now passed to this stage which does the following to it.

- Row 0 (top row) remains unchanged
- Row 1 (next row down) is shifted to the left by one block
- Row 2 (next row down) is shifted to the left by two blocks
- Row 3 (next row down) is shifted to the left by three blocks

Therefore, at the conclusion of this stage, the state is now further obfuscated from the original.

## MixColumns

The state produced after the ShiftRows stage is thus passed to the MixColumns stage. In this step, each column is matrix multiplied with a 4×4 circulant (a special type of square matrix in which all row vectors are composed of the same elements and each row vector is rotated one element to the right relative to the preceding row vector) matrix. I don’t propose to go too far into the linear algebra of this step but let’s just suffice it to say that the translation taking place at this stage is limited to remain within a Galois field.

So, the preceding two steps afford the translation with its diffusion as per the Shannon model. Also note that this step is not competed during the final round as it would not add value to the encrypted output at that stage.

## AddRoundKey

The final stage is the AddRoundKey stage. In this stage the state is effectively XORed with the round key which is a derived sub key which is generated using a separate algorithm applied to the initial main key.

## AES Rijndael (Overview)

So to conclude, examining the entire process in its entirety we have the following:

- Initial plaintext block input
- Block is XORed with the initial main key
- Round 1 begins
- R1 SubBytes
- R1 ShiftRows
- R1 MixColumns
- R1 Round key XORed
- Round 2 begins

- (Rounds repeat until penultimate round concludes)
- Final Round SubBytes
- Final Round ShiftRows
- Final Round key XORed
- Ciphertext block complete

## Conclusion

To conclude we can summarise that symmetric key algorithms are some of the most robust, secure and widely used algorithms in the cryptography toolbox. Their strengths include convenience and speed and they are used primarily for block encryption of data at rest such as files, directories, volumes and even full disk drives as well as for data in motion such as flow data in transit as streams on browsers for example. The original DES algorithm, although eventually overtaken by technological progress gave rise to a number of extremely secure algorithms one of which is now known as the Advanced Encryption Standard AES.

## Comments