Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

# 1.2 Encryption keys

Figure _unit6.1.3 Figure 3

Keys are pieces of information that determine the output from an encryption (or decryption) process. A single cipher can produce an almost limitless number of different outputs with different key values, allowing secure communication even if the cipher itself is known to hostile third parties.

It might surprise you to know that almost all ciphers are published in the scientific press or in standards documents; having them available for widespread scrutiny allows many people to check that they are secure and do not contain weaknesses which could be exploited to compromise the security of the data encrypted using that cipher.

A computer encryption key is nothing more than a string of bits where each bit can have a value of either 0 or 1. The number of possible values for a key is simply the total number of values that the key can have. So our one-bit long key can only have two possible values – 0 and 1. If we choose to have a two-bit key it could have one of four possible values – 00, 01, 10 and 11. In fact every time we increase the length of the key by one bit we double the number of possible keys – so a three-bit key has eight possible values – 000, 001, 010, 011, 100, 101, 110 and 111.

The total number of keys can be written in scientific form as 2key length; so a key with a length of eight has 28 – that is 256 – values.

But how long should a key be? How short is too short?

## The problem with short keys

Short keys are vulnerable to what is known as a brute force attack, just like you learned in Week 2 about passwords. A brute force attack is where a computer, or a number of computers, try every possible value for a key until they produce recognisable plaintext.

Since computers can work through key values extremely rapidly, keys must be sufficiently long that they offer a very large number of possible values.

Keys may be known to the user in the form of passwords, or they may be stored in a computer’s hardware (such as the decryption keys stored on a DVD player that allow it to play the encrypted data stored on the movie disk), or they can be generated by a computer as and when they are needed (such as conducting a secure transaction on a shopping site).

Next, you’ll learn about the key distribution problem.

## Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371