Symmetric-Key Cryptosystem

See also: Security | Cryptography | Symmetric | Cryptosystem | Public-Key Cryptosystem

A cryptosystem, or method of scrambling data, that uses a single key or password to both encrypt and decrypt a given message. This key is then shared by all parties who wish to view a given encrypted file. From “symmetric,” meaning same on both sides.

• Benefits: Symmetric-key cryptosystems are much faster and more efficient with smaller file sizes than most other methods including Public-Key Cryptosystems and One-time Pad Cryptosystems.

• Vulnerabilities: This method is vulnerable because a password must be communicated via phone, fax, email, or in person and, if it is ever discovered, another communication must take place.

Contents

• 1 Use in Public-Key systems
• 2 Dual-Use
• 3 Examples
  • 3.1 Very Strong
  • 3.2 Strong
  • 3.3 Strong but key too small too protect agaisnt a very determined attacker
  • 3.4 Very Weak

Use in Public-Key systems

Symmetric-Key and Public-Key Cryptosystems are often used together for added security. Many Public Key systems (such as SSL) will list a Symmetric-Key system as its method of cryptography, usually DES, RC4, or 3DES along with its core system, usually RSA.

Dual-Use

More than one algorithm can be used to protect against a possible eventual failure in one algorithm (such as the case with DES). For instance, Twofish and AES used together would be exceedingly difficult to ever hope to decrypt. The chances of a weakness being found in one system is small but both systems is very unlikely and, therefore, security is improved.

Examples

Various symmetric algorithms:

Very Strong

• Twofish
• AES

Strong

• Twofish and Blowfish
• RC4
• 3DES
• CAST
• IDEA (patented)

Strong but key too small too protect agaisnt a very determined attacker

• DES
• Skipjack

Very Weak

• Vigenère
• ROT-13 (not really a symmetric algorithm as there is no password)

TakeDown.NET -> “Symmetric-Key-Cryptosystem”