Skip to content

CompTIA Security+: Encryption

comptia-cert

Encryption in General

Encryption is the technique of transformation information into an unreadable format to hide the meaning from unauthorized recipients. The information resulting from the encryption process is called ciphertext, the original text is called plain text, and the algorithm used to perform the encryption and decryption is called cypher. There many ways we can encrypt data:

Symmetric Encryption

In symmetric encryption, a single key is used to encrypt and decrypt the data. It is referred to as private key cryptography.

Block Ciphers

Data Encryption Standard - DES

  • 64-bit blocks
  • 56-bit key
  • Considered insured

3DES

  • Modified DES
  • Applies DES 3 times
  • Uses three different 56-bit keys to encrypt, decrypt, and encrypt again
  • More secured than DES

International Data Encryption Algorithm - IDEA

  • 64-bit blocks
  • 128-bit key
  • Not widely used
  • Known to be used in PGP
  • Still not powerful enough

Advanced Encryption Standars - AES

  • 128, 192, or 256-bit blocks
  • 128, 192, or 256-bit key matching the block size
  • Widely used for symmetric encryption

Blowfish

  • 64-bit blocks
  • Variable length encryption key (32-bits to 448-bits)
  • Replacement for DES
  • Not widely used
  • Open-source

Towfish

  • A variant of Blowfish
  • 128-bit blocks
  • 128, 192, ir 256-bit key
  • Open-source

Rivest Cipher 5 - RC5

  • Variable block size
  • Created by Ron Rivest
  • Uses a variable length key (0-bits to 204-bits)

Rivest Cipher 6 - RC6

  • 128-bit blocks
  • 128, 192, or 256-bit key
  • Introduced as a replacement for DES

Stream Ciphers

Rivest Cipher 4 - RC4

  • Created by Ron Rivest
  • Uses a variable length key (40-bits to 2048-bits)
  • Used in SSL and WEP
  • Considered insecure

ChaCha20

  • 256-bit key
  • More secure than RC4
  • Widely used in TLS and secure messaging

Asymmetric Encryption

In Asymmetric encryption, two different keys are a used: one to encrypt and the other to decrypt the data. It is referred to as public key cryptography.

Diffie-Hellman - DH

  • Used securely exchange keys over an unsecure network
  • Succeptible to a on-path attack

Rivest-Shamir-Adleman - RSA

  • 1024-bit to 4096-bit key
  • Based on the difficulty of integer factorization

Elliptic Curve Cryptography - ECC

  • Popular in mobile devices
  • Based on Elliptic Curve Discrete Logarithm Problem to defines keys
  • More efficient than RSA