Difference between symmetric crypto algorithms [closed]

Question

C# looks to have 4 different symmetric crypto algorithms: RijndaelManaged, DESCryptoServiceProvider, RC2CryptoServiceProvider, and TripleDESCryptoServiceProvider.

I am looking for more information between them. Mainly what is the differences between each of them. MSDN isn't being much help, or I am just tired. ;) I am sure there is pro and cons between each of them, just like anything where there are multiple ways of doing something.

Thank you for any enlightenment.
Tony

Answer 1

This the Ranking (for year 2015) the strongest algorithm appears on top:

• Rijndael (more commonly referred to as AES)
• Triple DES
• DES
• RC2

Use AES.

In more details:

• DES is the old "data encryption standard" from the seventies. Its key size is too short for proper security (56 effective bits; this can be brute-forced, as has been demonstrated more than ten years ago). Also, DES uses 64-bit blocks, which raises some potential issues when encrypting several gigabytes of data with the same key (a gigabyte is not that big nowadays).

• 3DES is a trick to reuse DES implementations, by cascading three instances of DES (with distinct keys). 3DES is believed to be secure up to at least "2¹¹²" security (which is quite a lot, and quite far in the realm of "not breakable with today's technology"). But it is slow, especially in software (DES was designed for efficient hardware implementation, but it sucks in software; and 3DES sucks three times as much).

• AES is the successor of DES as standard symmetric encryption algorithm for US federal organizations (and as standard for pretty much everybody else, too). AES accepts keys of 128, 192 or 256 bits (128 bits is already very unbreakable), uses 128-bit blocks (so no issue there), and is efficient in both software and hardware. It was selected through an open competition involving hundreds of cryptographers during several years. Basically, you cannot have better than that.

So, when in doubt, use AES.

Note that a block cipher is a box which encrypts "blocks" (128-bit chunks of data with AES). When encrypting a "message" which may be longer than 128 bits, the message must be split into blocks, and the actual way you do the split is called the mode of operation or "chaining". The naive mode (simple split) is called ECB and has issues. Using a block cipher properly is not easy, and it is more important than selecting between, e.g., AES or 3DES.

http://en.wikipedia.org/wiki/EFF_DES_cracker

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

Answer 2

Short answer: use Rijndael.

What the various options are:

RC2 is a weak, broken cipher built in the late 80s for export, because at the time American companies were restricted from exporting 'strong' encryption. It has a key length of 40 bits, which makes brute forcing it on today's hardware trivial (it is, after all, 20 years later).

It's name stands for Rivest Cipher No. 2, after it's creator Ron Rivest (a world-renown crpytographer, the 'R' in RSA).

DES was the Data Encryption Standard, and was termed strong crpytography. With a key length of 56 bits, however, it is now within range of brute-force decryption.

3DES is running DES three times. Just running DES twice doesn't make it much stronger, actually, but the third time does. It is effectively 116 bit encrpytion (with a 196-bit key).

3DES is a very good, strong encrpytion by today's standard.

So RC2, DES and 3DES are in the cipher suite to provide compatibility with business systems that use those ciphers.

Rijndael is however the modern cipher of choice. It is the official replacement for DES, termed the Advanced Encryption Standard (AES).

It comes in a range of keysizes, but it is important to use 128-bit. Only use other key lengths (including the longest, 256-bit) for compatibility reasons.

Answer 3

Indeed As Stated DES is not very strong. Triple DES is strong (there haven't AFAIK been any proper attacks against it) but it is somewhat slower.

Rijndael is the same as AES (Advanced Encryption Standard - approved by NSA, very strong) but with more choice about the size of your key.

Unfortunately I also know little about RC2. Unless it is significantly faster that Rijndael I wouldn't see much reason not to go for Rijndael (and even then I'd want to look at how secure it was.)

The following is speculation... RC2 is an ancestor by a few generations of RC6, which was one of the finalists for the selection of a cipher to be named as AES. Rijndael was chosen over RC6 so one would assume that Rijndael is better by several degrees than RC2.