Encryption and Hashing Algorithms 101
Widely used algorithms and their aspects.
Throughout this blog, I will discuss some of the encryption and hashing algorithms and their various aspects.
- Symmetric Key Algorithm — The algorithm in which the same private key is used for the encryption and the decryption.
- Asymmetric Key Algorithm — In this algorithm 2 keys are used, 1. public key — used for encryption. 2. private key — used for decryption.
- Block size — In case of block cipher, the data is encrypted in form of blocks. E.g. AES breaks data in blocks of 128 bits and then performs encryption
— — — AES (Advanced Encryption Algorithm) — — —
AES is a symmetric key algorithm and subset of Rijndael family of ciphers. Rijndael competed with several other ciphers and kinda won the “AES” title through the AES Selection Process which are with key sizes — 128, 192, 256 and all with same 128 bit block size. What is AES-128, AES-192 & AES-256?? — These numbers denotes key sizes so larger keys means more possible keys and hence more pain in for brute force attacks.
there are 2¹²⁸ = 340282366920938463463374607431768211456 combinations possible with 128 key. When you try half of 2¹²⁸ keys, there are still 2¹²⁷ keys to go😏
About breaking AES — even using most powerful supercomputing cluster would take hell lot of years to search all the keys (few quadrillions they say..) hence, not really practical until humans gets the hold of quantum computers!😈
Also, AES supports various modes. Refer to this
— — — RSA (Rivest-Shamir-Adleman) — — —
Rivest, Shamir, Adleman are the surnames of people who invented this algorithm. RSA is an asymmetric algorithm that means.. there are two keys used in the process, Public key can be transferred over internet and can be known to everyone which used to encrypt the data and private key will be on receiver end and will be used to decrypt that data.
RSA has been breached though it does not make it useless. Refer to this
— — — SHA (Secure Hashing Algorithm) — — —
- Type: Hashing
SHA is hashing or a mathematical function that scrambles or condenses the input. They are one way, unlike encryption algorithms, you cannot reverse the operation to get input(thinking straight). What numbers mean appended to SHA??
- SHA-1 — We don’t do that here… not anymore but FYI, It is a 160 bit hashing function i.e. it produces output of 160 bit length no matter what length you feed to SHA-1.
- SHA-2 — We are a family… members being SHA-224, SHA-256, SHA-384 and SHA-512 you can think of SHA-2 as a successor of SHA-1 and the 3-digit numbers represents the length of output. You’ll see it mentioned as either as SHA-2 which is SHA-256 most probably or some people will go more specific mentioning the bit length i.e. SHA-256, SHA-512 etc.
- SHA-3 — Similar to Rijndael-AES story, SHA-3 is a subset of originally known Keccak cryptographic family who competed with several other algorithms and got selected as latest member of SHA. Keccak’s internal structure is different than SHA-1 and SHA-2 and the reason being selected as their successor. SHA-3 provides same bit lengths as that of SHA-2
example,the string "Hello World" will generate following output using SHA-256. Give it a try here
A591A6D40BF420404A011733CFB7B190D62C65BF0BCDA32B57B277D9AD9F146Eeven if single bit change in input, corresponding output gonna be something else altogether.
— — — PBKDF2 — — —
Stands for Password-Based Key Derivation Function 2, successor to the PBKDF1. It is specially made for password hashing. What makes PBKDF2 better for passwords than SHA-2?? It is slow by design. PBKDF achieve it by iterations, it hashes the text, hashes the output again and then again, hence it stands strong against brute force attacks e.g. A attack using commodity hardware can try ~10,000,000,000 SHA-1 per second and in case PBKDF2 with multiple iterations, its just ~10 tries per second. Some products in the market uses iterations ranging from 3000 to 100000.