InfoSec Notes
Complete guide to symmetric key cryptography covering block ciphers, stream ciphers, modes of operation, key management, and practical implementations with AES and ChaCha20.
Overview
Symmetric key cryptography uses the same key for both encryption and decryption. It is the workhorse of modern encryption — fast, efficient, and used for bulk data protection. The primary challenge is secure key distribution: both parties must possess the shared secret without it being intercepted.
Block Ciphers vs Stream Ciphers
| Feature | Block Cipher | Stream Cipher |
|---|---|---|
| Unit of encryption | Fixed-size blocks (64/128 bits) | One bit/byte at a time |
| Speed | Fast for bulk data | Fast for real-time streaming |
| Padding required | Yes (unless using stream mode) | No |
| Error propagation | Depends on mode | Typically single bit |
| Examples | AES, DES, Blowfish | ChaCha20, RC4 (deprecated) |
| Common use | File encryption, disk encryption | VPN, wireless, TLS |
Modes of Operation
Block ciphers alone only encrypt fixed-size blocks. Modes of operation define how to encrypt messages longer than one block:
Cipher Modes Comparison
==========================
ECB (Electronic Codebook) - NEVER USE FOR REAL DATA
P1 → [Encrypt(K)] → C1
P2 → [Encrypt(K)] → C2 (identical blocks → identical ciphertext!)
P3 → [Encrypt(K)] → C3
Problem: Patterns in plaintext visible in ciphertext
CBC (Cipher Block Chaining)
IV → XOR with P1 → [Encrypt(K)] → C1
C1 → XOR with P2 → [Encrypt(K)] → C2
C2 → XOR with P3 → [Encrypt(K)] → C3
Each block depends on previous (no pattern leakage)
CTR (Counter Mode) - Turns block cipher into stream cipher
Nonce||Counter0 → [Encrypt(K)] → Keystream0 XOR P0 → C0
Nonce||Counter1 → [Encrypt(K)] → Keystream1 XOR P1 → C1
Parallelizable, random access, no padding needed
GCM (Galois/Counter Mode) - RECOMMENDED
CTR mode + Authentication tag (GMAC)
Provides: Confidentiality + Integrity + Authenticity
Used in TLS 1.3, IPSec, SSH
Python Implementation
Key Management Challenges
Key Lifecycle Management
===========================
Generation → Distribution → Storage → Use → Rotation → Destruction
| | | | | |
v v v v v v
CSPRNG Secure channel HSM Minimize Schedule Secure
adequate (DH, RSA, or or KMS exposure regular wiping
entropy physical) rotation
Key Distribution Problem
N users need pairwise keys = N(N-1)/2 keys total
10 users = 45 keys
100 users = 4,950 keys
1000 users = 499,500 keys
Solution: Key Distribution Center (KDC) or Public Key Infrastructure
Comparison of Symmetric Algorithms
| Algorithm | Key Size | Block Size | Status | Speed | Use Case |
|---|---|---|---|---|---|
| DES | 56 bits | 64 bits | BROKEN | Slow | None (legacy only) |
| 3DES | 168 bits | 64 bits | Deprecated | Very slow | Legacy banking |
| AES-128 | 128 bits | 128 bits | Secure | Fast | General purpose |
| AES-256 | 256 bits | 128 bits | Secure | Fast | High security, post-quantum |
| ChaCha20 | 256 bits | Stream | Secure | Very fast | Mobile, low-power devices |
| Blowfish | 32-448 | 64 bits | Aging | Fast | Legacy systems |
| Twofish | 128-256 | 128 bits | Secure | Fast | AES alternative |
Interview Questions
- Why is ECB mode insecure for encrypting images or structured data?
- ECB encrypts each block independently with the same key, so identical plaintext blocks produce identical ciphertext blocks. This preserves patterns — an encrypted image still shows the outline because similar pixel blocks encrypt the same way. CBC, CTR, and GCM modes solve this.
- What is the advantage of AES-GCM over AES-CBC?
- AES-GCM provides authenticated encryption — it ensures both confidentiality AND integrity/authenticity in a single operation. AES-CBC only provides confidentiality; you need a separate MAC for integrity. GCM is also parallelizable and doesn't require padding.
- How does the key distribution problem affect symmetric cryptography?
- Both parties need the same secret key, but exchanging it securely is difficult — you need a secure channel that doesn't yet exist. Solutions include physical exchange, Diffie-Hellman key agreement, or using asymmetric crypto to exchange symmetric keys (hybrid approach used in TLS).
- What is a nonce/IV and why must it never be reused with the same key?
- A nonce (number used once) or IV (initialization vector) ensures the same plaintext encrypts differently each time. Reusing a nonce with the same key in CTR/GCM modes allows XOR of two ciphertexts to cancel out the keystream, revealing XOR of two plaintexts — a catastrophic failure.
- Compare AES-256 and ChaCha20 for modern applications.
- AES-256 benefits from hardware acceleration (AES-NI instructions) making it fastest on x86/ARM with AES support. ChaCha20 is faster in software without hardware acceleration (mobile, IoT) and has simpler constant-time implementation, reducing side-channel risk.
Summary
Symmetric cryptography remains the primary method for bulk data encryption due to its speed and efficiency. Modern best practice uses AES-GCM or ChaCha20-Poly1305 for authenticated encryption, proper key management through KMS/HSM, and unique nonces for every encryption operation. The key distribution challenge is typically solved through hybrid schemes combining asymmetric and symmetric cryptography.
Exam Focus
Revise definitions, diagrams, examples, and short-answer points for Symmetric Key Cryptography.
Interview Use
Prepare one clear explanation, one practical example, and one common mistake for this Information Security topic.
Search Terms
information-security, information security, information, security, cryptography, symmetric, key, symmetric key cryptography
Related Information Security Topics