Symmetric encryption uses one key to both encrypt and decrypt the plain text. A ciphertext is called the encrypted text while a decrypted text is called the plain text.
The first form of symmetric encryption was the Caesar Cipher. With the Caesar Cipher, users only have to know one key to encrypt and decrypt the message. This can be called the secret key; since no one should know it besides the parties involved in the communication. In its basic form, it changes the letters of a word by a constant in the alphabet. All participants have to know is the constant to encrypt and decrypt messages. For example, the encryption key could be “change all letters by a constant of four.” Resulting, “Eden Block” would be “Ihir Fpsgo.” The E becomes the I and so on. Similarly, if users want to decrypt the message, they would go four letters backwards.
Note. This method is not secure nor reliable. Attackers can easily guess the plain text by the frequency of which certain letters occur in every language. Participants have to know the constant, by which letters shift in the alphabet, beforehand. This necessitates sending this information in an unencrypted format which can be intercepted.
A more advanced symmetric encryption would be the Vigenere Cipher. Whereby users have a table stating the key. Users have a message ‘AttackAtDawn’ and a key: Lemon. They then map the key to the length of the plaintext to generate a key letter for every letter of the plaintext. To obtain the ciphertext, users have to use the table. First, one has to find the letter of the plaintext e.g. the ‘C’ in attack on the x-axis. Then one takes the appropriate letter in the key — in this case an ‘N’ — and lastly, the user has to go down on the y-axis, resulting in a ‘P.’ The ciphertext is shown above.
The Vigenere Cipher has the same drawbacks as the Caesar Cipher. Participants have to know the encryption table beforehand. In addition, it is highly time consuming to decrypt and encrypt any information.
Diffie Hellman Encryption
Diffie Hellman encryption is used to establish a secret key between two parties. Its security relies on the difficulty to compute discrete algorithms.
Looking at the following scenario, A wants to send a message to B. However, A and B never know if C will also receive the message. Therefore, they have to encrypt it in such a way that C cannot decrypt the message without knowing the private key. Remember: A and B don’t meet; they are communicating with each other over a network. To establish a private key, they first have to decide on two prime numbers y and x. Usually, one of these prime numbers is small while the other one is huge – between 2000 and 4000 bits. A, B, and C will all know these numbers x and y. Then A decides by itself on a third number m, and B determines by itself on another third number n. Neither A nor B send these numbers to anyone else. Instead, they compute the following equation:
y^m mod x = A output
y^n mod x = B output
A sends A output to B, and B send B output to A.
A then computes:
B output^m mod x
And B computes:
A output^m mod x
Both computations result in the same number. Thus, A and B will have a shared key. In order for C to know the shared private key, C would either have to find m or n. This would be highly time consuming.
Ultimately, the Diffie Hellman Encryption is the most advanced form of symmetric encryption. The main problem with the above discussed examples of symmetric encryption is that users have to set up a communication channel to share messages before they are able to share the encrypted data. In other words, they have to first send the secret key before they can send the encrypted message. This is time consuming and inefficient in comparison to the security provided by each. The initial “secret key message” inherently cannot be encrypted. Therefore, malicious actors intercepting the message will know that the participants A and B are communicating on an encryption key. They can then use that encryption key to decrypt the future messages.
In general, symmetric encryption uses one key: a secret key to decrypt and encrypt the messages. This key has to be kept private between the parties involved in the communication; if the parties change, a new secret key must be generated and shared. Otherwise, parties to whom the information are not addressed will be able to decrypt these.