Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What symmetric cypher to use for encrypting messages?

I haven't a clue about encryption at all. But I need it. How?

Say you have a system of nodes communicating with each other on a network via asynchronous messages. The nodes do not maintain session information about other nodes (this is a design restriction).

Say you want to make sure only your nodes can read the messages being sent. I believe encryption is the sollution to that.

Since the nodes are not maintaining a session and communication must work in a stateless, connectionless fashion, I am guessing that asymmetric encryption is ruled out.

So here is what I would like to do:

  • messages are sent as UDP datagrams
  • each message contains a timestamp to make messages differ (counter replay attacks)
  • each message is encrypted with a shared secret symmetric key and sent over the network
  • other end can decrypt with shared secret symmetric key

Keys can obviously be compromised by compromising any single node. At the same time, in this scenario, access to any single compromised node reveals all interesting information anyway, so the key is not the weakest link.

What cypher should I use for this encryption? What key length?

I would prefer to use something supported by ezPyCrypto.

Assuming, as most point out, I go with AES. What modes should I be using?

I couldn't figure out how to do it with ezPyCrypto, PyCrypto seems to be hung on a moderator swap and googles keyczar does not explain how to set this up - I fear if I don't just get it, then I run a risk of introducing insecurity. So barebones would be better. This guy claims to have a nice module for AES in python, but he also asserts that this is his first python project - Allthough he is probably loads smarter than I, maybe he got tripped up?

EDIT: I moved the search for the python implementation to another question to stop clobber...

like image 940
Daren Thomas Avatar asked Oct 05 '08 18:10

Daren Thomas


People also ask

Which is the best encryption technique for encrypting messages?

AES. The Advanced Encryption Standard (AES) is the trusted standard algorithm used by the United States government, as well as other organizations. Although extremely efficient in the 128-bit form, AES also uses 192- and 256-bit keys for very demanding encryption purposes.

What method of encryption does symmetric encryption use?

Symmetric encryption uses one key to encrypt and decrypt. If you encrypt a zip file, and then decrypt with the same key, you are using symmetric encryption. Symmetric encryption is also called “secret key” encryption, as the key must be kept secret from third parties.

What are the two types of symmetric encryption ciphers?

Symmetric-key encryption can use either stream ciphers or block ciphers. Stream ciphers encrypt the digits (typically bytes), or letters (in substitution ciphers) of a message one at a time. An example is ChaCha20. Substitution ciphers are well-known ciphers, but can be easily decrypted using a frequency table.

What is the strongest encryption cypher?

AES 256-bit encryption is the strongest and most robust encryption standard that is commercially available today.


1 Answers

I haven't a clue about encryption at all. But I need it. How?

DANGER! If you don't know much about cryptography, don't try to implement it yourself. Cryptography is hard to get right. There are many, many different ways to break the security of a cryptographic system beyond actually cracking the key (which is usually very hard).

If you just slap a cipher on your streaming data, without careful key management and other understanding of the subtleties of cryptographic systems, you will likely open yourself up to all kinds of vulnerabilities. For example, the scheme you describe will be vulnerable to man-in-the-middle attacks without some specific plan for key distribution among the nodes, and may be vulnerable to chosen-plaintext and/or known-plaintext attacks depending on how your distributed system communicates with the outside world, and the exact choice of cipher and mode of operation.

So... you will have to read up on crypto in general before you can use it securely.

like image 185
Dan Lenski Avatar answered Oct 09 '22 17:10

Dan Lenski