Symmetric Cryptography

If the key for encryption and decryption is the same shared secret, then the cryptographic algorithm is termed a symmetric algorithm. As in Figure 10.1, the key must be shared by both the sender and the receiver. The sender applies the encryption function using the key to the cleartext to produce the cyphertext. The cyphertext is sent to the receiver, who then applies the decryption function using the same shared key. Since the cleartext cannot be derived from the cyphertext without knowledge of the key, the cyphertext can be sent over public networks such as the Internet.

The US standard for symmetric cryptography, in which the same key is used for both encryption and decryption is the Data Encryption Standard (DES). This is based upon a combination and permutation of shifts and xors and so can be very fast when implemented directly on hardware (1 GByte/s throughput or better) or on general purpose processors. The current key size of 56 bits (plus 8 parity bits) is now starting to seem small, but the use of larger keys with triple DES can generate much greater security. Since the implementation of DES is fast, it can easily be pipelined with software codecs and not impact the performance.

IDEA is an alternative and stronger form of symmetric block encryption. Its security is based upon combining xors with addition and multiplication in modulo 16 arithmetic. This is also fast on general purpose processors and is comparable in speed to DES implementations. The major advantage of IDEA is that the keys are 128 bits and thus much stronger (a.k.a. harder to break) than standard 56 bit DES.