By Rick Hayoun – Security Consultant
As we explained in the previous article, it is possible to encrypt a message to make it unintelligible to people who are not supposed to read it, and to do this we need to define an encryption key. We asked ourselves two main questions:
- How do I set this secret key?
- How to ensure that it is sufficiently protected to guard against attacks.
Definition of the secret key
There are two main types of encryption: symmetric key encryption and asymmetric key encryption. Let me explain...
Symmetric key encryption
Symmetric encryption refers to the use of the same key to encrypt and decrypt a message. By analogy, we often use the example of a padlock and key, which you are probably familiar with:
You can easily guess that we will need to communicate this famous key to our correspondent so that they can decrypt the message, and we will need to do so securely so that they are the only one who has it. To do this, we naturally think of a secure communication channel, but... If we can communicate a key through this secure channel, why not send the entire message directly through it?
Indeed, we cannot be sure that the channel is completely secure, which is why, in the case of symmetric key encryption, it is preferable to give the key "in person" to the other party and to communicate via encrypted messages.
Fortunately, there is a slightly more sophisticated method of communication: asymmetric key encryption.It uses not one, but two keys: one for encryption and one for decryption. Each individual must therefore have a unique pair of keys, known as a public key and a private key. These keys are generated once and only once by an encryption algorithm that must be robust.
To continue with the analogy of the padlock and key, in this case, the public key will lock the padlock, while the private key will be the key that unlocks it.
Asymmetric key encryption
Now that we know this, let's take a look at what the asymmetric key encryption and decryption process looks like.
In a previous article, we discussed four key principles: confidentiality, integrity, authentication, and non-repudiation.
It is now easier to explain how these principles are ensured. Confidentiality is obviously ensured by encrypting the message. Integrity can be verified by using a hash function such as SHA-2, for example (even though we have not studied hash functions in detail), which is still considered robust today.
As for authentication and non-repudiation, these concepts come into their own with asymmetric encryption. This is because a sender can sign their document with their private key so that the recipient can be sure that it is indeed from them. Verification is carried out using the sender's public key.
This process is now used for most large online transactions so that neither party can deny having sent or received anything.
To conclude, here is a summary diagram
Ensure key protection to guard against attacks
Digital signatures are composed of two different algorithms: the hash algorithm (e.g., SHA-2) and the encryption algorithm (e.g., AES-256). Over time, these algorithms, or the parameters they use, must be updated to ensure an ever-increasing level of security.
Today, ECRYPT's recommendations from June 2018 are as follows:
Recommended algorithms:
Encryption algorithm: short-term AES-128 and long-term AES-256.
Hash functions: short-term SHA-256 and long-term SHA-512 and SHA-3 with a 512-bit result.
Algorithms for the long term (security over a lifetime of 10 to 50 years):
Encryption algorithm: AES, Camellia, Serpent
Hash functions: SHA2 (256, 384, 512, 512/256), SHA3 (256, 384, 512, SHAKE128, SHAKE256), Whirlpool-512, BLAKE (256, 584, 512)
NB: Choosing a very large key will increase the robustness of the algorithm but will slow down calculations and therefore encryption times. In fact, it takes six to seven times longer to perform the calculations if the key size is doubled.
See also: Encryption - Definition and use
