Symmetric cryptosystems ensure secure end-to-end communication by using one key for encrypting and decrypting messages. In symmetric cryptosystems, the two communicating parties must agree on the secret key before initiating the communication. For example, if the sender encrypts data using a password, the receiver must know the same password to access the data. Notably, the success of this method and the security of the encrypted message depends on the strength of the encryption key and the random number generator used to create the key. The history of modern cryptosystems (computer-based encryption) can be traced back to the early 1970s when IBM created the ‘crypto group’, which developed a block cypher to secure its customers’ sensitive and valuable data. The task of decrypting ciphers in the 1970s shifted from machines used during the Second World War to computers and mathematical functions to represent data and information securely (Pandya et al., 2015). In 1973, the US government adopted the data encryption standard (DES) to enhance its national security, and cryptographic devices were restricted in the export business since they were regarded as sensitive devices that could compromise national security (Pandya et al., 2015). The Data Encryption Standard, which uses a symmetric key algorithm, was first created in the US in 1975 to provide additional security to services such as email privacy and secure ATM services (Pandya et al., 2015). The advancement in modern cryptosystems continued in 1976 when Martin Hellman and Whitefield Diffie proposed the Diffie-Hellman key exchange in their published research paper about computer-based encryption. This invention eliminated pre-arranged code keys as it created secret keys for every communication channel (Pandya et al., 2015). In 2000, the advanced encryption standard (AES) was invented, and it replaced DES due to its expanded variable key sizes and could encrypt up to 256-bits-long plaintext (Pandya et al., 2015). After AES, several encryption standards, such as Public Key Infrastructure and Elliptic-curve Cryptography, were developed to allow the usage of low computing power and are more challenging to break. Notably, modern symmetric cryptosystems can be classified into stream ciphers and block ciphers. In stream ciphers, individual characters are enciphered in a stream as they are transferred, while in block ciphers, a group of symbols of a specified length are encrypted to construct blocks of encrypted texts, which are then transmitted. This paper aims to introduce and explore different categories of symmetric cryptosystems, paying close attention to their technical structure, related legal issues and their specific weaknesses or vulnerability points.
Stream Ciphers
Stream ciphers are symmetric key ciphers that combine pseudorandom cipher digit streams with plaintext digits, one bit at a time. This method combines an algorithm with a cryptographic key and is applied to binary digits in a data stream to encrypt data per one byte. The main requirements to create a stream cipher include plaintext, keystreams and ciphertext. The plaintext is the plain message that is to be encoded, while keystreams are a set of unique numbers, symbols or letters that replace the characters in the readable text. The ciphertext is the encrypted message, and that can only be opened if the reader obtains the proper key. One example of a stream cipher is Rivest Cipher 4 (RC4), which uses key streams of variable sizes (64-bit or 128-bit-key size) to encrypt data. RC4 generates its keystreams using permutation and 8-bit index pointers. It is mainly applicable in several applications, such as Secure Socket Layer (SSL). Another example of a stream cipher is Salsa20 which works on data blocks with 64 bytes. The key to the Salsa20 stream cipher is its hash function which receives and mixes 64-byte long input in the form of plaintext from the expansion function before eventually returning a 64-byte encoded output. The hash function for Salsa20 operates on an incoming sequence of bytes which consist of constant vectors, nonce carrying the block number and the secret key.
Synchronous Stream Ciphers
In synchronous stream ciphers, the keystream is produced independently of the ciphertext and plain text. The keystreams in synchronous stream ciphers are generated by a pseudorandom generator, while the plaintext is encrypted with a random keystream through XOR encryption. This feature makes synchronized stream ciphers unconditionally secure as long as the keystream is generated randomly. This is because generating keystream randomly and independently of the plaintext eliminates the statistical weakness of the plaintext. The development goal of synchronous stream ciphers is to generate pseudorandom bits that are identical to truly random bits efficiently. Notably, synchronous stream ciphers require less complex circuitry than block ciphers and are efficient in cases where transmission errors are likely because they have no propagation errors. Although the keystream is generated independently from ciphertext and plaintext in synchronous stream ciphers, they must be in the same state and utilize one key to enable proper data encryption. To illustrate, if a character is altered or modified in a cyphertext, the modification does not interfere with decryption in the rest of the encoded text. However, the synchronization is lost, and decryption fails if a character is inserted or deleted in the ciphertext.
Self-Synchronous Stream Ciphers
Unlike synchronous stream ciphers, self-synchronizing stream ciphers resume proper decryption in case a character is deleted or inserted in the ciphertext. This is because self-synchronizing stream ciphers do not require additional protocols to retrieve deleted characters or interrupted synchronization. Additionally, self-synchronous stream ciphers block undetectable eavesdroppers from modifying the plaintext because any interference, such as modifications of the plaintext, leads to incorrect decryption for multiple characters in the cyphertext. This security feature guarantees the safety of plaintexts from malicious intruders like eavesdroppers and makes self-synchronous stream ciphers effective against plaintext redundancy-based attacks.
Mathematical Concepts Used to Encrypt/Decrypt
The mathematical encryption transformation in stream ciphers can be represented as; Ci=Eki (mi) = mi + ki, and the decryption transformation as mi = Dki (ci) = ci + ki. In these mathematical expressions, mi represents the i-bite of the message (plaintext), ci represents the i-bit of the ciphertext, ki represents the i-bit of the keystreams, and the addition sign signifies the inclusion of module two (Lara et al., 2018). From the encryption expression, the value of ci varies according to the value of ki, implying that if ki is unpredictable and random, ci also becomes unpredictable and completely random. Notably, the expressions reveal that the security of stream ciphers depend on the unpredictable and random nature of the keystreams.
Weaknesses in Stream Ciphers
The primary weakness of stream ciphers is the reuse of one key for encryption and decryption. The vulnerability of stream ciphers due to this weakness originates during keystream generation. The vulnerability arises because the cipher must create a random keystream that is equal in length to the plaintext that is to be encoded, and the key is not generated in entirely random ways in practical situations. Another weakness in stream ciphers is weak keys or keys that leave traceable marks in the output bytes or keystream. Another weakness of stream ciphers is the statistical weakness. Statistical weakness in stream ciphers arises from the difference in the probability of events occurring in theory and in practical situations. For instance, as stream ciphers analyze more messages, the unique, non-random patterns can be identified by a trained binary classifier.
Attacks on Stream Ciphers
The main attack on stream ciphers is the reused key attack which occurs when the same key is used twice. This attack vector can be common in stream ciphers because they produce a string of bits that have the same length as the message to be encrypted. This vulnerability allows attackers to intercept two messages encoded using the same key. Another common attack on stream ciphers is the bit-flipping attack which allows attackers to alter the content of the message if the exact content of sections of the message is known. Finally, stream ciphers are vulnerable to Chosen-IV attacks which occur when unique but predictable IVs are used in the initialization vector to generate a pseudorandom sequence. The legal issues that may arise from stream cipher attacks depend on the level of the breach and the number of users affected by the breach. However, the main legal consequences may include litigation and substantial fines if customers’ personal data, such as credit card numbers, are compromised.
Block Ciphers
Block ciphers are encryption algorithms that take blocks of plaintext bits and produce blocks of ciphertext bits of fixed lengths. One example of a block cipher is the data encryption standard (DES) which encrypts the message in 64 bits and uses similar algorithms for encryption and decryption. Another example of a block cipher is International Data Encryption Algorithm (IDEA), which uses 128-bit keys. It encrypts data in 64-bit blocks and generates outputs of 64-bit blocks. Besides DES and IDEA, another example of block ciphers is Fast Data Encipherment Algorithm (FEAL). FEAL uses the same key for encryption and decryption and is based on 8-bit manipulations to perform tasks such as additions with modulo 256. These features allow FEAL to perform faster than DES and IDEAL.
Mathematical Concepts and Formulas Used to Encrypt and Decrypt
In block ciphers, decryption D is an inverse function of the encryption algorithm. The mathematical formula for block cipher encryption can be expressed as follows;
EK (P) = E(K, P):{0,1}k *{0,1}n, where K is the input key, k is the key size, P is the bit string, and n is the block size. The decryption function is the reverse of the E function and can be represented as;
DK (C) = D (K,C):{0,1}k * (0,1}n. The transformation during encryption is controlled using a secret key in both the encryption and decryption algorithms of block ciphers.
Weaknesses in Block Ciphers
One of the main vulnerabilities in block ciphers is weak keys, especially in DES. Although the weak keys represent only a small portion of the entire key space, they can provide attackers with vulnerability points to exploit. For instance, weak keys in IDEA and DES block cipher algorithms make the relationship between ciphertext and plaintext predictable. Besides weak keys, another weakness of block ciphers is error propagation since an error in one character of the ciphertext can corrupt and modify the whole block. Finally, block ciphers are relatively slower because entire blocks must be accumulated before the algorithm begins encryption or decryption.
Attacks on Block Ciphers
One of the most common attacks on block ciphers is linear cryptanalysis. In linear cryptanalysis attacks, the attacker examines the probabilistic relationship between parity bits of the secret keys, plaintext and ciphertext. The attacker can advance the attack to obtain more bits of the secret keys and access the encrypted message or the plaintext. Besides linear cryptanalysis, another common attack on block ciphers is differential cryptanalysis, in which the attacker examines the differences in multiple network transformations to detect where the cipher displays non-random patterns. Such patterns can then be exploited to recover the secret key and access the encrypted information. Notably, the legal consequences of block cipher attacks depend on attack severity and the number of affected users. Like stream ciphers, legal issues arising from block cipher attacks include substantial fines and lengthy litigation processes.
Conclusion
Modern symmetric cryptosystems are classified into two categories; stream ciphers and block ciphers. The main difference between stream ciphers and block ciphers is that stream ciphers encrypt plaintext into ciphertexts one byte at a time, while block ciphers perform the conversion one block at a time. The main weaknesses of stream ciphers include weak keys, susceptibility to insertions and low diffusion. These weaknesses expose it to common attacks such as reused key attacks and bit-flipping attacks. Similarly, block ciphers have notable weaknesses like weak keys, error propagation and slowness of encryption. These weaknesses expose it to attacks such as linear cryptanalysis attacks and differential cryptanalysis attacks.
References
Lara, E., Aguilar, L., García, J. A., & Sanchez, M. A. (2018). A lightweight cipher based on salsa20 for resource-constrained IoT devices. Sensors, 18(10), 3326.
Pandya, D., Narayan, K. R., Thakkar, S., Madhekar, T., & Thakare, B. S. (2015). Brief history of encryption. International Journal of Computer Applications, 131(9), 28-31.
Rueppel, R. A. (2012). Analysis and design of stream ciphers. Springer Science & Business Media.
Stone, W., Kim, D., Kemmoe, V. Y., Kang, M., & Son, J. (2020). Rethinking the Weakness of Stream Ciphers and Its Application to Encrypted Malware Detection. IEEE Access, 8, 191602-191616.
write