## Encryption algorithms: a primer

Encryption algorithms are used to secure the content of communications and stored data. An algorithm in general is a recipe for calculations which can be performed automatically by a computer. An encryption algorithm (also called a *cipher*) encrypts a readable *plaintext* into an unreadable *ciphertext*. A cipher can usually also perform the reverse operation of decrypting an unreadable ciphertext into a readable plaintext. For encryption and decryption a cipher needs a *key*. The security of a cipher depends on the secrecy of the used key. Two general categories of encryption algorithms exist:

- Symmetric encryption algorithms: the key used for encryption is the same as the key used for decryption.
- Asymmetric encryption algorithms: the key used for encryption differs from the key used for decryption.

If you want to use a symmetric cipher for communication you are facing the *key exchange problem*: The key needs to be exchanged over a secure channel, otherwise the encryption will be useless. Because such a secure channel often does not exist asymmetric encryption can be used to solve the problem. Asymmetric encryption (also called *public-key* encryption) uses *key pairs* comprised of a public key and a private key:

- Something encrypted for a given
*public key*can only be decrypted by the corresponding*private key*. - The reverse operation is a
*digital signature*: Something encrypted (*signed*) by a private key can only be decrypted (*verified*) by the corresponding public key.

Public-key encryption solves the key exchange problem, because the public keys can be exchanged via an insecure channel. But to prevent *man-in-the-middle attacks* it still needs to be verified that the public key has not been tampered with by a third party. In a man-in-the-middle attack an active eavesdropper makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The verification can be done by comparing the *fingerprints* of the public keys on a different channel (for example, on the phone) or by employing a _web of trus_t. In a web of trust, public keys are signed by other parties to make the trust in them transferable.

Asymmetric ciphers are often computationally expensive, especially for long plaintexts. In such cases *hybrid encryption* can remedy the problem. In a hybrid cipher a unique *session key* is generated which is then used to encrypt the plaintext with a symmetric cipher. Afterwards the session key is encrypted with an asymmetric cipher and send together with the ciphertext to the receiver.

Because of the properties of symmetric and asymmetric ciphers explained above, for applications like hard disk encryption typically a symmetric cipher is used (no need to exchange a key). For secure communication via email or chat an asymmetric or hybrid cipher is usually the better solution, because it makes the secure key exchange simpler.

An important encryption concept is the *key length* (also called *key size*). Usually larger key lengths are better, but key lengths cannot be compared between algorithms. For example, the symmetric AES algorithm uses key lengths of 128, 196, or 256 bit. The asymmetric RSA algorithm typically uses key sizes between 1024 and 4096 bit, but that doesn’t mean that RSA is more secure than AES. Short key lengths are problematic, because they are easier to attack with *brute-force*. In a brute-force attack a fast computer is used to try out all possible keys until the correct one is found.

It is important to consider the relation between the length of a user chosen password and the corresponding key length of the underlying encryption algorithm. For example, if you use the rather secure AES algorithm with a key length of 196 bit to encrypt your hard disk, but the corresponding password has only a length of 32 bit you are vulnerable to brute-force attacks.