From the course: Symmetric Cryptography Essential Training

Symmetric keys

From the course: Symmetric Cryptography Essential Training

Start my 1-month free trial Buy for my team

Symmetric keys

- [Presenter] Let's dive right in to symmetric cryptosystems. First, we have a message, sometimes called the plain text or the clear text. This is most often represented with the capital letter M. This is the unencrypted thing that we want to protect. Then there's the cipher text, which is the scrambled version of the plain text. This is often represented as a capital C. And finally, we have the key, which will be represented by a capital K. We shouldn't be able to get the original message back from a cipher text without this key. Encryption and decryption, as I said before, are the two fundamental operations of symmetric cryptography. Encryption algorithms and the decryption algorithms will often follow similar steps. For clarity here, though, we separate them and use the symbols capital E and capital D to represent them. We call a cipher symmetric when it uses the same key for encryption as it does for decryption. This is similar to how the key for a door can both lock and unlock the door. You just kind of turn it in a different direction. The formulas that we have here are common expressions showing symmetric encryption and decryption, but there's really no math here. I'm just saying applying an encryption algorithm, E, with key, K, to message, M, and we'll get the cipher text, C, as a result. The second formula is pretty similar. Apply decryption algorithm, D, with key, K, to cipher text, C, and get the plain text, M, as a result. Here's another way of showing encryption and decryption in a flow chart. Again, the thing to notice is that the same key is used in the encryption and the decryption. The original message, M, is encrypted with the key, K, which produces the cipher text, C. This gets you to the middle. When we need the plain text back, the cipher text can then be decrypted using the same key, K, and that produces the original message, M. I previously mentioned that the security of a cryptosystem should rely only on the keys. Even with a perfect cryptosystem, though, that means that we shift some other responsibility for the security to the key exchange. This is a sort of chicken and egg problem that means that the exchange of keys is now a place where a bad actor can meddle. Modern notions of key exchange usually require us to use asymmetric cryptography, which we cover very briefly in Chapter 6 of this course. Protocols like Diffie-Hellman allow us to exchange keys with a great deal of confidence that they won't be intercepted. If we're looking to describe this process again but more in the form of an algorithm that secures data in transit, this is the sequence of actually using symmetric cryptography. First, the parties agree on a cryptosystem, and this might seem obvious, but it's important so that everyone is speaking the same language and knows what's required at each step. Next, the parties agree on a key somehow. This is the key exchange that I just mentioned before. Then the sender encrypts the plain text with the key and produces the cipher text. The sender takes that cipher text and sends it to the recipient, typically over some sort of insecure channel. And just on a side note, if there was a secure channel available, we probably wouldn't need to encrypt the message in the first place. And then the last step, the recipient decrypts the cipher text with the agreed upon key and produces the plain text. One thing to note, senders often compress the message before they encrypt it. This is nice because the compression not makes the message smaller so there's less data to encrypt, but removes redundant parts of the plain text that might be used in cryptanalysis. So here's the new sequence with data compression included. You'll notice that these are almost the same as the previous steps. Here, though, just before encrypting in step 3, the sender compresses the plain text. Then just after the cipher text is decrypted in step 5, the recipient will decompress that and produce the original plain text.

Contents