Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our cryptography fundamentals module on symmetric key cryptography. Symmetric key cryptography is very fast and efficient with today's modern computers. It's much faster than asymmetric cryptography. With symmetric key cryptography we use the same key to encrypt and decrypt communications. And we keep this key secret because if someone were able to obtain this key, they would be able to view our confidential data.
The most common standard used for symmetric encryption is AES, or Advanced Encryption Standard. In order to ensure the secrecy of data and also ensure data integrity, it is critical that all of the users keep the password or secret key protected and away from unauthorized individuals. The best method here is to only use keys one time, which is known as a symmetric session key.
When you have many users, it is difficult to use symmetric key cryptography because of the amount of keys involved, which makes it very difficult to scale the system. One of the largest drawbacks is how to exchange keys. It is important to perform key exchanges out of band, meaning that we're not sending the keys through the same method that we're transmitting the encrypted data.
Typically, keys are exchanged by what we call sneakernet, which means that someone is actually walking it to another person or by a courier perhaps through the mail. Symmetric key cryptography is very good at providing confidentiality, but because the key is shared among users, there is no way to perform nonrepudiation with symmetric key cryptography.
And typically these are block ciphers, but they can also be a stream cipher such as RC4. This slide demonstrates how symmetric or shared key cryptography functions. It is important that both users know the secret key, otherwise they will not be able to communicate successfully. In this example the sender is sending a message about a secret meeting.
This plain text is put through the encryption algorithm or AES using the secret key. The plain text data then becomes ciphertext, which can be sent through any communication method because anyone who intercepts this message will not be able to understand what the content of the message is since they do not have the secret key.
This data is then transmitted to the recipient. The recipient uses the same algorithm, AES, and the same key to decrypt the message. And now they know about the secret meeting that the sender was telling them about. Again our best practice with this is to use the keys only one time.
If you use the keys over and over again, you have the chance of an attacker being able to obtain the key and then decrypt all of the data sent from the sender to the recipient. Data encryption standard, or DES, is an older obsolete and broken symmetric encryption technology. DES takes blocks of 64 bits, and puts them through 16 rounds of transposition and substitution functions using an S-box model. The order and type of the functions is dictated by the key value, and with DES, our key size was only 56 bits plus eight parity bits. This was used by government agencies in the 1980s to protect data that was sensitive but unclassified.
There were a few different variations such as the electronic code book, or ECB, and the cipher block chain, or CBC. Triple DES was developed in the 1990s and attempted to improved DES. The problem with triple DES was it performed three rounds of encryption with three different keys, so it became inefficient and also had very high overhead, which meant that it was very slow, so it never became widely used.
AES, or advanced encryption standard, is our de facto symmetric encryption technology since 2001. It supports multiple shared key strengths or lengths, and it weaves 128, 160, 192 or 256-bit keys through data blocks. And it's considered to be much more secure than DES, and it's a block cipher, which is much faster than triple DES, which had attempted to replace DES.
The longer the key length, the stronger the encryption will be, and it will be much harder to break. So for sensitive data you wanna use a very long key length. Just keep in mind that whenever you're using a longer key, you are adding additional overhead, which will cause the system to be slower.
Symmetric encryption is very fast, and it's much faster than asymmetric encryption. But the drawback, as we talked about on the previous slide, is that initial key exchange. It is necessary to figure out a secure method to exchange the key between the sender and the recipient so that the recipient will be able to decrypt the data.
Diffie and Hellman worked on an original key exchange solution in 1976, and today we use public key infrastructure, which was developed by RSA. This concludes our cryptography fundamentals module on symmetric key cryptography. Thank you for watching
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!