Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)
Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

3 Comparing different cryptographic techniques

This section is part of the amber and green pathways.

The field of modern cryptography is steadily growing with its increased use in everyday life when surfing the internet, using your card in a cash machine etc.

There are hundreds of different cryptography schemes each with different applications, some of the most notable are described below.

There are hundreds of different cryptography schemes/algorithms each with different applications. Broadly, all cryptographic techniques that are currently used can be classified into three types; symmetric algorithms, asymmetric algorithms and hash functions.

This image demonstrates three types of crytographic algorithm using diagrams and text. The first two diagrams show the word 'plaintext' with an arrow leading to the word 'ciphertext', and then another arrow leading to another 'plaintext'. In the first diagram, there are identical keys drawn above both arrows. The text beneath reads 'Secret key (symmetric) cryptography. SKC uses a single key for both encryption and decryption.' The second diagram is identical, but the keys are drawn in different colours. The text beneath reads 'Public key (asymmetric) cryptography. PKC uses two keys, one for encryption and the other one for decryption.' The third diagram shows the word 'plaintext' with an arrowing leading to the word 'ciphertext'. The text beneath reads 'Hash function (one-way cryptography). Hash functions have no key since the plaintext is not recoverable from the ciphertext.'
Figure 9 Types of cryptographic algorithms

Some of the most notable encryption standards are described below.

DES (Data Encryption Standard)

DES was first developed in the 1970s and was adopted by the United States National Bureau Of Standards as the US government standard for encrypting sensitive information. It is a symmetric cipher using 56-bit keys.

Due to DES’s relatively small key size it was discovered that it was possible to crack the encryption with a brute force attack. Although this was a theoretical risk when first proposed, the great increases in computing power over recent years have shown that DES can be brute forced in less than a day. It was this weakness that led to official adoption of other encryption standards, such as AES, by the US government.

A variant of DES, called Triple DES was developed to provide additional security, and be compatible with the previous version, without the requirement to develop a completely new cipher. Triple DES uses three rounds of DES encryption and three separate 56-bit DES keys.

Triple DES is widely used in e-commerce and online payment applications, as well as securing data in Microsoft Outlook. By current projections of the growth in computer power, Triple DES will remain secure from a brute force attack until at least 2030.

AES (Advanced Encryption Standard)

The realisation that the DES standard was no longer adequate led the United States government to call for a replacement. After an open competition lasting five years, AES was adopted as a US government standard in 2001. AES uses a combination of symmetric ciphers and either 128, 192 or 256-bit keys providing enhanced security over DES. Although some potential weaknesses have been identified in AES, most are theoretical, with the encryption being easiest to break in a situation where it has not been implemented correctly rather than in the case of a brute force attack where every possible key combination must be tried.

AES is now widely used in commercial applications since the underlying specification is freely available for personal or commercial use. It is used to protect archive files, encrypting computer file systems (such as Windows 2000 onwards), encrypting hard disks and for secure file transmission. Such is its importance that many microprocessors now include AES in their instruction sets to speed up encryption and decryption.

Blowfish

Blowfish was developed in the early 1990s as a potential replacement for DES, though AES ultimately became the agreed standard form of encryption. It is a cipher supporting variable key lengths from 1 to 448 bits. To date there has been no known successful attempt to break the encryption in its full implementation, although weaknesses have been identified when Blowfish is used with relatively weak keys. The related twofish and threefish ciphers have been designed to overcome these weaknesses, although most users have switched to AES.

Next, you’ll find out how cryptography is used to prove identity online.

CYBER_B2

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371