https://blog.netwrix.com/2019/03/26/the-cia-triad-and-its-real-world-application/ 5/28
use it for downloading torrent files. Many providers limit the download of those files, but
using RC4 to obfuscate the header and the stream makes it more difficult for the service
provider to realize that it’s torrent files that are being moved about.
Blowfish and Twofish. Blowfish is an encryption system invented by a team led by Bruce
Schneier that performs a 64-bit block cipher at very fast speeds. It is a symmetric block
cipher that can use variable-length keys (from 32 bits to 448 bits). Twofish is quite similar
but it works on 128-bit blocks. Its distinctive feature is that it has a complex key schedule.
International Data Encryption Algorithm (IDEA). IDEA was developed by a Swiss
consortium and uses a 128-bit key. This product is similar in speed and capability to DES,
but it’s more secure. IDEA is used in Pretty Good Privacy (PGP), a public domain encryption
system many people use for email.
One-time pads. One-time pads are the only truly completely secure cryptographic
implementations. They are so secure for two reasons. First, they use a key that is as long as
a plain-text message. This means that there is no pattern in the key application for an
attacker to use. Second, one-time pad keys are used only once and then discarded. So even
if you could break a one-time pad cipher, that same key would never be used again, so
knowledge of the key would be useless.
Asymmetric Algorithms
Asymmetric algorithms use two keys: a public key and a private key. The sender uses the public
key to encrypt a message, and the receiver uses the private key to decrypt it. The public key can
be truly public or it can be a secret between the two parties. The private key, however, is kept
private; only the owner (receiver) knows it. If someone wants to send you an encrypted message,
they can use your public key to encrypt the message and then send you the message. You can use
your private key to decrypt the message. If both keys become available to a third party, the
encryption system won’t protect the privacy of the message. The real “magic” of these systems is
that the public key cannot be used to decrypt a message. If Bob sends Alice a message encrypted
with Alice’s public key, it does not matter if everyone else on Earth has Alice’s public key, since
that key cannot decrypt the message. Here are some of the common standards for asymmetric
algorithms:
RSA. RSA is named after its inventors, Ron Rivest, Adi Shamir and Leonard Adleman. The
RSA algorithm is an early public key encryption system that uses large integers as the basis
for the process. It’s widely implemented, and it has become a de facto standard. RSA works
with both encryption and digital signatures. RSA is used in many environments, including
Secure Sockets Layer (SSL), and it can be used for key exchange.
Diffie-Hellman. Whitfield Diffie and Martin Hellman are considered the founders of the
public/private key concept. Their Diffie-Hellman algorithm is used primarily to generate a
shared secret key across public networks. The process isn’t used to encrypt or decrypt
i d l f h i f i k b i