Reid Barton
- 6 minutes
Some practical context for encryption, starting with symmetric encryption
This post is the first in our series discussing the basics of encryption and its applications, for those who have some awareness about encryption and encryption keys but want to learn more about some of the practical topics needed for implementation. In this post, we will discuss the basics of symmetric-key encryption, block ciphers, AES, GCM, initialization vectors, and more.
Symmetric-key encryption is a great way to protect data. The concepts behind symmetric encryption date back thousands of years1, with modern algorithms being flexible for many use cases, easy to implement, computationally fast, and incredibly secure.
The use of the word “symmetric” refers to the fact that the same key used to encrypt a plaintext message is used to decrypt the resulting ciphertext back to the original message. Care should be taken to keep the key completely private, as anyone who has it can decrypt your messages and data or encrypt messages to masquerade as you.
Some commonly referenced algorithms include AES, DES (now considered insecure), Blowfish, Camellia, and ChaCha, and their many use cases include data storage, disk encryption, and securing communication using HTTPS while you browse the internet.
With such widespread use of symmetric-key encryption, there are clear industry preferences that make it easy for developers who are new to the topic to pick what to use. Let’s look at the algorithm most commonly called the gold standard, the Advanced Encryption Standard (AES).
AES is a type of algorithm known as a block cipher, meaning that it operates on fixed-width chunks of plaintext data (the message to be protected) to produce fixed-width blocks of ciphertext (the encrypted output from the cipher). For AES, the data is always chunked into blocks of 128-bit length before encryption. Extra bytes of padding can be added to the data to make it divisible into complete blocks.
Despite the constant block size, AES comes in three flavors based on the size of the key used to encrypt the blocks; AES-128, AES-192, and AES-256 corresponding to 128-bit, 192-bit, and 256-bit keys.
In general, a larger key length for the same algorithm means higher security, and AES-256 is even used to encrypt information classified as top secret2. After it was released as a Federal Information Processing Standard in 20013, AES replaced the Data Encryption Standard (DES) and is currently a NIST-endorsed encryption algorithm4 for protecting the federal government’s sensitive information.
As an aside, another class of ciphers called stream ciphers operate on data bit-by-bit and do not rely on blocks.
It is important to be aware when using a block cipher like AES that different modes of operation have evolved to help protect against attacks and to be more performant. We’ll review some of the common modes that a developer might come across in an AES library.
ECB is the “vanilla” mode of operation where plaintext data is simply divided into blocks and encrypted with the encryption key, without any data (other than the key) shared between blocks of plaintext or ciphertext. This might be a great starting place while learning, but is unlikely to be useful in practice. The problem is that encrypting the same plaintext with the same key will produce a duplicate ciphertext, making it easy to find patterns in the encrypted data and even opening the door to some cyberattacks.
An immediate upgrade to ECB is the CBC mode of operation. As the name implies, CBC chains blocks together by including information from the previously encrypted block in the next. However, since the first block will not have a preceding one, an initialization vector (IV) is required to seed the encryption chain.
Together, block chaining and the IV help to randomize ciphertexts and hide patterns that would otherwise be present with ECB.
A further upgrade beyond CBC and popular choice for AES’s mode of operation is GCM. Like CBC, GCM requires an IV and provides the same level of confidentiality, but falls under a more complicated category of modes called authenticated encryption.
With authenticated encryption, an additional authentication tag is produced during encryption that acts like a secure cryptographic hash. The tag is used to validate that the ciphertext has not been tampered with before attempting to decrypt it, and is extremely difficult to be spoofed or modified by an attacker. These security advancements along with some performance improvements over CBC have earned GCM the spot for today’s go-to mode of operation.
Symmetric encryption is a great way to protect data from prying eyes, especially for protecting sensitive data when it’s being stored. Using AES-256 with GCM as the block cipher mode of operation is a great way to secure data with a widely trusted methodology.
This post has hopefully helped when starting to dive into encryption and gives enough context to start using some encryption libraries, and to explore more advanced topics of encryption.
A quick summary of key terms is provided below: