Digital Ciphers

Digital ciphers have become very important due to the Internet and the desire for secure communications. They break down into three distinct types:

• Public key ciphers, or asymmetric key ciphers
• Stream ciphers
• Block ciphers

Sometimes included with in this list are message digest algorithms, but I've excluded these for the moment and I'll cover them at a later date.

Public Key Ciphers

Up until the 1970's, most ciphers, both stream ciphers and block ciphers, involved the use of a single key to operate. You use the same key to encrypt the message and to decrypt it. The problem with this is that the key becomes critical to the security of the system: if a third-party gets hold of it, the security is compromised. In the 70's two groups, one in the UK working for GCHQ and some academics at MIT in the US, came up with the idea that you can have one algorithm that encrypts using one key, a public key, and another algorithm that decrypts using another key, a private key.

The mathematics behind public/private key cryptography is complex, involving a branch of mathematics called number theory, and involved the use of huge prime numbers. This gives rise to the problem that public key ciphers are generally slower compared to the equivalent block or stream cipher.

Stream Ciphers

As explained before, stream ciphers operate on a bit stream, one bit at a time, XORing the plain text stream with a stream of pseudo-random bits to produce the cipher text stream:



Stream ciphers are extremely fast, much faster than block ciphers, but are less secure. For this reason, they tend to be used where speed is a critical factor, such as mobile phone telephony. The clever bit about stream ciphers is in the design of the algorithm that produces the key stream, as it must be able to produce a stream of bits which looks random, but is seeded from a unique key. I'll discuss the design of a simple yet surprisingly strong cipher, RC4, at a later date.

Block Ciphers

Instead of working on a single bit at a time, a block cipher works, as the name suggests, on a block of bits, encrypting the same block over and over. The most common way of doing this is using a design known as a Feistel Network. This splits the block into two halves. The right half gets swapped with the left half and the left half is encrypted using a function of the right half and part of the key:



Block ciphers are, generally, more secure than stream ciphers and faster than public key ciphers, so they are used for encrypting large quantities of data, such as files and web pages. Also block ciphers can support different modes of operation, such as cipher block chaining, which can enhance strength of the encryption even further.