Collapse all Symbian^3 Product Developer Library

Symmetric ciphers -- guide

What are symmetric ciphers?

Symmetric algorithms are much faster than asymmetric algorithms so are used to encrypt and decrypt large amounts of data. In an informal setting, symmetric ciphers can be thought of as a mapping of some plaintext to ciphertext, via some well-known transformation function, dependent on a single secret key. Symmetric algorithms have the property that if a message is encrypted under a given key, it can only be decrypted using the same key:

Figure 1. The diagram above shows the encryption and decryption process using: a symmetric algorithm; a plaintext message, M; a symmetric key, K; and the ciphertext, K(M).

So it provides secrecy and also some kind of authentication. If Alice encrypts a secret using a key known only to her, then only she can access the secrets.

It can also be used for communication: if Alice shares a key with Bob (and only Bob), then she can encrypt her messages with that key and send it to Bob, and only Bob can decrypt them. In this case the key is a 'shared secret' enabling private communications.

There are two basic types of symmetric ciphers: block ciphers and stream ciphers.

Block and stream ciphers

Stream ciphers are essentially functions that are initialized with a key, and output a stream of pseudorandom bits, this 'keystream' is typically XOR-ed with the plaintext to generate the ciphertext. So they encrypt a bit of plaintext at a time. They map an n -bit stream of plaintext to a n -bit stream of ciphertext.
Block ciphers encrypt several bits at once in a fixed-size block. That is, they map m n -bit blocks of plaintext to m n -bit blocks of ciphertext. The cipher and its mode of operation define the block size: the plaintext is split up into appropriately-sized blocks and each block is fed into the cipher.

There are two issues here that don't occur with stream ciphers:
- padding: the total size of the input has to be a multiple of the block size, so the plaintext usually has to be padded to fit (see the class CPadding). Optionally, instead of padding out a plaintext message to fit in a block, block ciphers allow buffering of partial input blocks until the remainder of the block is given as input. (see How does buffering work within the symmetric cipher framework? and PKCS#7).
- combining blocks: if you just encrypt each plaintext block with the cipher and then concatenate the ciphertext blocks, then an attacker who knows something about the structure can switch the order of the ciphertext blocks to alter the meaning of the message. For example, if the plaintext includes instructions like 'pay £XXX to account holder ABC, reference number YYY', then an attacker could replace the encryption of XXX with some of the encryption of YYY. This leads to other techniques for combining blocks, called modes, where, for example, the output of the last block is fed into the input for the next one. So, the output is not just a function of that plaintext block and key, but is a function of that plaintext block, the key, and all preceding ciphertext blocks (see Symmetric Modes).

Both stream ciphers and block ciphers are provided by the API with a similar interface. Block ciphers usually need padding for non completed blocks. The API allows the user to choose the padding to be added at the end of the last encrypted block or to be checked and removed from the last decrypted block.

Types of symmetric algorithms supported

The following symmetric algorithms are supported:

Symmetric algorithm	Type	Specified in:
AES (Advanced Encryption Standard)	Block cipher	FIPS-197
DES (Data Encryption Standard)	Block cipher	FIPS 46-3
3DES (Triple Data Encryption Standard)	Block cipher	FIPS 46-3
RC2-128	Block cipher	RFC 2268
ARC4 ('alleged' RC4)	Stream cipher	the internet and a posting to sci.crypt in 1994.

Base classes and their derived classes

The symmetric cipher API is used by Networking (TLS/IPSec).

CSymmetricCipher is the abstract base class that allows a client to use the supported symmetric algorithms listed above. It allows clients to encrypt and decrypt without having to know anything about which encryption algorithm is currently in use.

The PKCS5 API (the TPKCS5KDF class, also see Password Based Encryption) offers Key Derivation Support that allows the derivation of deterministic arbitrary length byte streams from an input string. The output byte stream is generated using multiple iterations of a SHA-1 message digest (CSHA1) and is suitable for use as a cryptographic symmetric key.

The diagrams below show the main classes used in symmetric cipher framework. Blue dotted arrows indicate that a class is contained or used by another class. The arrows are labelled with the variable(s) through which the pointed class is accessible. The colour of the boxes indicates the type of Symbian class, i.e., M, C, R or T class. For detailed information on each component see the Cryptography API Reference material.

CSymmetricCipher and derived classes

Figure 2. The inheritance diagram shows the CSymmetricCipher abstract base class and its derived abstract classes CBufferedTransformation and CStreamCipher used for block and stream ciphers respectively. Also shown are the following derived classes: CBufferedDecryptor, CBufferedEncryptor, CARC4, and CNullCipher.

CBlockTransformation and derived classes

Figure 3. The inheritance diagram above shows the CBlockTransformation abstract base class used for block ciphers. Also shown are the following derived classes: CBlockChainingMode, CModeCBCEncryptor, CModeCBCDecryptor, CDES, CDESEncryptor, CDESDecryptor, C3DES, C3DESEncryptor, C3DESDecryptor, CRC2, CRC2Encryptor, CRC2Decryptor, CRijndael, CAESEncryptor, and CAESDecryptor.

CPadding and derived classes

Figure 4. Above is an inheritance diagram showing the CPadding abstract base class used with block ciphers. Also shown are the following derived classes: CPaddingPKCS7, CPaddingPKCS1Encryption, CRSAPKCS1v15Encryptor, CPaddingNone, CPaddingPKCS1Signature, and CPaddingSSLv3

Parent topic: Cryptography Concepts