Implementing-cryptography-using-python
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
36 Chapter 2 ■ Cryptographic Protocols and Perfect Secrecy
solutions, and applications. You may also see the model referred to as the AIC Triad
(availability, integrity, and confidentiality) to avoid confusion with the United States
Central Intelligence Agency. The three elements of the triad are considered the most
crucial components of security, although you may see other elements introduced. The
CIA Triad, in this context, defines confidentiality as a set of rules that limit who has
access to information, integrity as the assurance that the information is accurate and
trustworthy, and availability as the guarantee that the data can be reliably accessed
when needed by authorized personnel or systems.
Symmetric Algorithms
Symmetric algorithms are the simplest and fastest way to encrypt and decrypt
messages. They typically involve two parties, with each member having an
identical key. As a memory mnemonic, think of the “S” in symmetric as the
word same.
We will be diving into many of the symmetric key algorithms such as DES,
3DES, IDEA, Blowfish, Skipjack, and AES in Chapter 6, but we mention them
now to help prepare you for our discussion on historical ciphers later in this
chapter. Other examples of symmetric algorithms include IPSec, Kerberos, and
Point to Point.
Asymmetric Algorithms
Asymmetric algorithms are more complex and typically slower. In fact, many
systems use asymmetric algorithms simply to swap symmetric keys and then
use symmetric algorithms for the rest of the encryption operation. The key point
to take away for now is that the asymmetric algorithm requires the use of two
different keys: one public and one private. Messages that are encrypted with
one key can only be decrypted with the other. This offers many advantages,
such as nonrepudiation and the use of digital certificates.
We will explore asymmetric algorithms and the use of public and private keys
using Python in Chapter 7. An example of an asymmetric encryption algorithm
is ElGamal, which is used in OpenPGP. Other examples include Elliptic curve
cryptography, RSA, Diffie-Hellman key exchange, and DSA.
The Needham-Schroeder Protocols
In 1978, Roger Needham and Michael Schroeder invented two protocols. The first
is their symmetric key protocol, which later formed the basis for the Kerberos
protocol invented by MIT. This protocol aims to establish a session key between
two parties on a network to protect communications.
The second protocol was their public-key protocol, which is based on publickey
cryptography. The goal of the second Needham-Schroeder protocol is to