AES and Encryption Keys

image.png

image.png

Usage :

Asymmetric encryption is preferred when you want someone to be able to send you encrypted data, but you don’t want to share your private key.

Symmetric encryption is preferred when you are encrypting only for yourself.

Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S National Institute of Standards and Technology (NIST) in 2001. uses the Rijndael cipher as its symmetric key ciphering algorithm

Usecase : good use-case for AES-256 is encrypting all the data on the hard drive of a computer when it’s not in use.

AES is a block cipher. The key size can be 128/192/256 bits. Encrypts data in blocks of 128 bits each. That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as output

Implement a simple AES-256 cipher using aes and crypto packages from the Go.

What is a Cipher? In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption, Ciphers are simply a series of computational steps that result in the scrambling and de-scrambling of a message.

Elliptic Curve Cryptography (ECC) is a modern public-key encryption technique famous for being smaller, faster, and more efficient than incumbents. Bitcoin, for example, uses ECC as its asymmetric cryptosystem because it is so lightweight. The mathematical entity that makes all of this possible is the elliptic curve

A common use of ECC is to encrypt data so that only authorized parties can decrypt it. This has several obvious use cases, but is most commonly used to encrypt Internet traffic.

ECC is public-key cryptography

image.png

We create two keys, a public key, and a private key. The public key is given freely, and any party can encrypt data by using it. However, the private key is kept secret and only those who hold it will have the ability to decrypt data.

An example of public-key cryptography

Let’s pretend that company A is going to receive a private post from Prime minister . company A needs to be able to ensure that when the Prime minister sends his post over the internet, no one in the middle (Like the Minister or an internet service provider) can read the message. The entire exchange using public-key cryptography would go like this:

Prime minister notifies company A that he wants to send them a private post company A sends Prime minister their public key Prime minister uses the public key to encrypt his post: "I love Fox and Friends" + Public Key = "s80s1s9sadjds9s"

Prime minister sends only the encrypted message to company A company A uses its private key to decrypt the message: "s80s1s9sadjds9s" + Private Key = "I love Fox and Friends"

As you can see, this form of encryption can be quite useful. Here are some key points:

The public key can safely be sent to anyone. It’s public. The private key must be kept safe because if someone in the middle were to get the private key, they could decrypt messages. Computers can quickly use the public key to encrypt a message, and quickly use the private key to decrypt a message. Computers require a very long time (millions of years) to derive the original data from the encrypted message if they don’t have the private key.

What Makes Elliptic Curve Cryptography Different? You would use ECC for the same reasons as RSA. ECC and RSA both generate a public and private key and allow two parties to communicate securely. One advantage to ECC however, is that a 256-bit key in ECC offers about the same security as a 3072-bit key using RSA. ECC allows resource-constrained systems like smartphones, embedded computers, and cryptocurrency networks to use ~10% of the storage space and bandwidth required by RSA.

ECC is used as the cryptographic key algorithm in Bitcoin because it potentially can save ~90% of the resources used by a similar RSA system. It seems that each year we see more systems moving from RSA to a more modern elliptic curve approach.

Cryptology --> Study of cryptography and cryptanalysis

cryptography - Cryptography is the practice and study of techniques for secure communication in the presence of third parties called adversaries. cryptography focuses only on creating secure cryptosystems. For example, the design of RSA. It deals with creating secure crypto systems.

Cryptanalysis is the inverse of cryptography, this is, in contrast, the study of how to break secret codes, not make them. You use Cryptanalysis to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown. It deals with breaking crytpo systems.

Encryption vs encoding

Encryption is a specific subset of encoding where the encoded messages can only be accessed by authorized parties (the ones holding the decryption keys).

Encoding is simply a way of representing data in a specific format. For example, raw binary data can be encoded and decoded using the ASCII format as shown in the table below.

A brute-force attack in cryptography is when an attacker guesses many passwords in succession hoping to eventually get one right.

How would an attacker know they found the key to an AES-256-GCM system? When we get the correct password, the authentication tag will check out. How would an attacker likely know they found the key to a Web API? Brute forcing your way through the front door of a web application will prove difficult if not impossible. The cryptosystem lives on a server you don’t have control over. Due to this, they can lock you out after a number of failed guesses.

However, if the server doesn’t have these kinds of protections in place, then it is easy to tell when you have the right password because you will likely be given an HTTP 200 response OK, and perhaps some form of login token.

Did you find this article valuable?

Support Ashok V by becoming a sponsor. Any amount is appreciated!