Cryptography, a Greek word meaning “secret writing,” is a technique used to securely store and transmit data. It has been used since antiquity in military and diplomatic communication.

The message to be encrypted is called plaintext, which can be converted into ciphertext by using a function. The parameter of the function is called the key. While everyone knows the encryption algorithm, only the sender and the specific recipient know the key. Attackers try to decrypt the cryptogram.

Keys need to be changed at regular intervals since they may be disclosed, or security policies may require it. The longer a key is used, the higher the chances of it being obtained. As manual key exchange is time-consuming, the process is left to automated key management.

There are 2 types of encryptions: one is symmetric (secret key) and the other is asymmetric (public key) cryptography.

Symmetric key cryptography

Basic elements of product ciphers

Source: https://faculty.ksu.edu.sa/sites/default/files/computer_networks_-_a_tanenbaum_-_5th_edition_1.pdf

The figure above shows the components of hardware encryption. The P-box performs permutation on the data, the S-box is for substitution. In practice, the P-box is placed inside the S-box. By combining the P and S boxes, the multiplication encryption device is created.

In this encryption group, the same key is used for both encryption and decryption. Examples are DES, 3DES (triple DES) and AES.

DES (Data Encryption Standard)

This method converts a 64-bit plaintext into a 64-bit encrypted text using a 56-bit encryption key.

Circuits can be used for exchanges and substitutions. When substituting, the order of the letters is changed, which is done in the so-called P box. A P-box is a circuit with 8 inputs and 8 outputs, which connects the inputs and outputs according to a parameter, so that the substitution takes place. The substitution requires an S box, which changes a 3-bit plaintext to a 3-bit encoded text.

The first step of encryption is an exchange unrelated to the key and the last operation is the inverse of this. In the penultimate step, the 32-bits element at the beginning are replaced with the 32 bits at the end. The other intermediate steps are performed with different parameters, but the essence is the same.

3DES (Triple Data Encryption Algorithm)

3DES uses triple cryptography to strengthen security. It consists of 2 keys and 3 levels. Firstly, the first key is used to encrypt the plaintext. Then the decryption process is performed with a second key. In the last step, the first key is used again for encryption. Only two keys are used because this is sufficient for a high level of security, it was considered unnecessary to generate more overhead for encryption.

AES (Advanced Encryption Standard)

In 1997, the National Institute of Standards and Technology (NIST for short) issued a tender for the development of an advanced encryption standard (AES), which had to meet several criteria: symmetric-key encryption must be implemented as a block cipher, the algorithm must be public and royalty-free, and it must support 128-bit, 192-bit and 256-bit keys. Finally, Rijndael encryption won in 2000. The name comes from the name of the creators.

Asymmetric cryptography

Each party involved in asymmetric encryption has a public key and a secret key. In addition to encryption, this solution allows both parties to identify each other.

First, the parties create a key pair. The sender encrypts the message with the recipient’s public key. This encrypted message can only be decrypted by the recipient with the secret key known to him. This ensures secure transmission.

The most widely used asymmetric encryption algorithm is RSA, named after the names of its creators: Rivest, Shamir, Adleman. For an attacker to decrypt a message, it is necessary to guess the prime factors from the multiplication of the prime numbers, which is unlikely to happen given the current computational calculations.

The disadvantage is that it uses longer keys than symmetric key encryption, which makes the process slower and uses more resources.

Its main applications are digital signatures and certificate authentication.