Private, Public, Secret, or Shared Key Encryption

There is a wide range of terminology in use for only two concepts. Here are the concepts:

•  Secret. An algorithm that depends on a key that must remain private is a secret key system. Kerberos uses DES, which is a secret key system, to encrypt information. Because Kerberos shares the secret key among a small group of principals, it is often referred to as a shared secret key system.

•  Public. An algorithm that permits a key to be published is called a public key system. PGP uses RSA, which is a public key encryption system.

If a system depends on a secret key, the intention clearly is to prevent usage by anyone who lacks the key. Any message encrypted with a secret key may only be decrypted by the holder of the secret key.

A public key system is actually a dual key system. Each key consists of two parts, a secret part held by a single individual, and a public part that may be published to the world. Anyone with the public key may encrypt a message to the holder of the private key, and be confident that only one individual has access to the message. In the other direction, the holder of the private part may encrypt a message and send it to the world. Anyone who decrypts the message with the public part of the key can be confident that the message could only have originated from one individual. By combining the two systems and double encrypting a message, it is possible to send a message to a single individual and provide the recipient with confidence that the message could only have originated from one person.

The primary advantage of public-key cryptography is increased security. The private keys do not need to be transmitted or revealed to anyone. In a secret-key system, by contrast, the potential always exists for an enemy to discover the secret key during transmission.

A disadvantage of using public-key cryptography for encryption is speed. Certain popular secret-key encryption methods are significantly faster than any currently available public-key encryption methods.

With recent advances in the speed of computer hardware, the trade-off between speed and security is leaning toward the public key-based systems. Although Kerberos can be implemented with a public-key encryption system, the option to encrypt all data between principals leaves the potential for very large amounts of encryption to take place. It is only when you plan to encrypt large volumes of data that a shared secret key system starts to become the better choice. With this in mind, Kerberos has been designed to handle the problem of secure distribution of secret keys.

Private or Secret Key Encryption

A secret-key encryption system consists of an encryption function and a decryption function. The encryption function uses the key to generate a mapping of the plaintext into the ciphertext. In the reverse, the decryption system takes the same key to generate a mapping of the ciphertext back into the plaintext. Such systems, in which the same key value is used to encrypt and decrypt, also are known as symmetric cryptosystems.

Although many secret key encryption systems are around, the most well-known system is DES.

DES and Its Variations

Originally developed by IBM, DES stands for Data Encryption Standard, an encryption block cipher. The U.S. government defined and endorsed it in 1977 as an official standard. The details can be found in the official FIPS (Federal Information Processing Standards) publication. DES has been studied extensively over the past 18 years and is the most well-known and widely used encryption system in the world.

DES is a secret-key, symmetric cryptosystem. When DES is used for communication, the sender and receiver both must know the same secret key, because it’s used to encrypt and decrypt the message. DES was designed to be implemented in hardware and operates relatively quickly (compared to other encryption systems) on 64-bit blocks with a 56-bit key. It works well for bulk encryption, that is, for encrypting a large set of data.

DES has been recertified as an official U.S. government encryption standard every five years. The government last recertified DES in 1993, but has indicated that it might not recertify it again.

As far as is known, DES never has been broken with a practical attack, despite the efforts of many researchers over many years. The obvious method of attack is a brute-force exhaustive search of the key space. This takes 255 steps on average. Early on, someone suggested that a rich and powerful enemy could build a special-purpose computer capable of breaking DES by exhaustive search in a reasonable amount of time. Wiener estimated the cost of a specialized computer to perform such an exhaustive search at one million dollars—a sum within the budget of a moderate-sized corporation, or a special interest group. Martin Hellman later showed a time-memory trade-off that provides improvement over exhaustive search if memory space is plentiful, after an exhaustive precomputation. These ideas have fostered doubts about the security of DES. Accusations also flew that the NSA had intentionally weakened DES.

The consensus is that DES, used properly, is secure against all but the most powerful enemies. Triple encryption DES might be secure against anyone at all. Biham and Shamir have stated that they consider DES secure.

When using DES, several practical considerations can affect the security of the encrypted data. One should change DES keys frequently, to prevent attacks that require sustained data analysis. In a communications context, the sender or receiver must find a secure way to communicate the DES key to the other.