Security relies on encryption, the process of encoding information so that only the intended recipient can decode it using a key (Lee). Computer encryption systems fall in two categories; private key encryption (symmetric) and public key encryption (asymmetric). Symmetric encryption uses three broad steps; key generation, encryption and decryption. Computers using symmetric-key encryption must share a single key generated by a security parameter. That secret key that is used to encrypt plaintext input known as a packet and output the ciphertext that will be sent to a destination over the internet. The sender must know who he will be communicating with so that each destination can set up the key. Destinations must have the key in order to decrypt the message once it is received. A popular early algorithm used for symmetric encryption was the Data Encryption Standard. DES is based on the Feistel Structure and was the worldwide standard for symmetric encryption for more than 20 years (Menezes 252). However, DES only had a 56-bit keyspace that, today, could easily be defeated by a brute force attack. It has since been replaced by the Advanced Encryption Standard (AES) which uses 128-, 192- or 256-bit keys.
PUBLIC-KEY ENCRYPTION Symmetric-key encryption is fast. However, key distribution can cause issues. In order to communicate, the two (or more) participants must agree on a key and keep it secret. Anyone who intercepts the key while in transit can examine and even change information that the key encrypted. How do you share the key without it being learned by an eavesdropper? Although it is slower, public-key encryption can fix this issue.
Public-key encryption is a two key system made up of a public key and a private key. The public key can be given out freely to any other computer that wants to communicate and the private key is kept on the user’s computer and not shared with anyone. The sending computer encrypts using the public key of the destination. To decrypt the receiver uses his private key. The big benefit of public-key encryption is that the sender and receiver can send and receive encrypted data without having to set anything up beforehand. One well known early public-key cryptosystem was RSA. RSA consists of generating a key pair and encrypting with one and decrypting with the other. Alfred J. Menezes et. al. explain the process in the textbook Applied Cryptography. In key generation, you choose two large prime numbers, p and q, and compute n=p*q and .