Topic List

Click a topic to learn more.


Term of the Moment

intuitive software


Look Up Another Term


Redirected from: secret key examples

Definition: encryption algorithm


A formula used to turn ordinary data, or "plaintext," into a secret coded message known as "ciphertext." The ciphertext can reside in storage or travel over unsecure networks without its contents being divulged to unauthorized people.

Also known as a "cipher," each algorithm uses a randomly generated string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making it harder to break the code and decrypt the contents.

Most encryption algorithms use the block cipher method, which codes fixed blocks of input. Others use the stream method, which encrypts one bit at a time. See mode of operation, cryptography, security protocol, stream cipher, block cipher and algorithm.




Algorithm Choices
This dialog shows a selection of algorithms from ScramDisk, an earlier program that encrypted files on the hard drive. "Mouse entropy" is the amount of randomness used to create the key, and the more the mouse was jiggled, the more randomness. Following are excerpts from the ScramDisk's documentation, which provide a brief summary of secret key algorithms.




3DES
This is far better than DES; it uses three applications of the DES cipher in EDE (Encipher-Decipher-Encipher) mode with totally independent keys. Outer-CBC is used. This algorithm is thought to be very secure (major banks use it to protect valuable transactions), but it is also very, very slow.

Blowfish
Blowfish is a high security encryption alogorithm designed by Bruce Schneier, the author of Applied Cryptography and owner of the company Counterpane. It is very fast, is considered secure and is resistant to linear and differential analysis. This is my personal cipher of choice.

DES
Data Encryption Standard was designed in the early 1970s by IBM with input from NSA. It is OK, but a single key can be broken in three days by the Electronic Frontier Foundation, a poorly funded organization. This algorithm was provided for completeness.

IDEA
International Data Encryption Algorithm was produced by Xuejia Lai and James Massey. It is fairly fast, is considered secure, and it is also resistant to both linear and differential analysis. To use this for anything other than personal use, a royalty must be paid to Ascom-Systec Ltd.

Misty1
Misty1 was designed by M. Matsui of Mitsubishi. It is a reasonably fast cipher that is resistant to both linear and differential analysis. It is fairly new though, so use it with caution.

Square
Square is a very fast and reasonably secure block cipher produced by John Daemen and Vincent Rijmen. It hasn't been subject to as much peer review as Blowfish, 3DES, IDEA, etc., so it may be susceptible to attacks.

Summer
This is a proprietary stream cipher constructed by the author and is designed for speed alone. It is supplied for backward compatibility with Version 1 of ScramDisk and is not recommended for use on newly created disks. Instead, use TEA or Blowfish, which are both reasonably fast.

TEA
Tiny Encryption Algorithm is a very fast and moderately secure cipher produced by David Wheeler and Roger Needham of Cambridge Computer Laboratory. There is a known weakness in the key schedule, so it is not recommended if utmost security is required. TEA is provided in 16 and 32 round versions. The more rounds (iterations), the more secure, but slower.

                         Block  Key
 Encryption               Size  Size
 Type      Author         Bits  Bits  Time**

 3DES      Diffie-Hellman   64   168  4:05

 Blowfish  Schneier         64   256  0:55

 DES       IBM-NSA          64    56  1:42

 IDEA      Lai-Massey       64   128  1:07

 Misty1    Matsui           64   128  2:50

 Square    Daemon-Rijmen   128   128  0:39

 Summer    Aman       (stream)   128  0:46

 TEA 16    Wheeler-Needham  64   128  0:46

 TEA 32    Wheeler-Needham  64   128  1:03

 **Minutes/seconds to encrypt a 50MB file.
   Although times are based on an older
   166 MHz Pentium, the list serves as an
   algorithm speed comparison.