Mainly two types of cryptography encryption are there namely Symmetric and Asymmetric.
Symmetric :
Symmetric – both client and server will agree and will have a common secret key, by using that key they will encrypt and decrypt the data and sends each other. Apart from these two people know one knows that secret key, also they should keep that as secret. If that secret key got leaked then it will be easy to hack the communication.
Asymmetric :
Asymmetric – Here 2 keys plays the role public key and private key. Server will share a public key to the client, by using that client will encrypt the data and send to server. And server will use the private key to decrypt it. Here, public key is created from the private key, so both like key value pair. In this, public key will be openly exposed to all, but private key will be confidential and used only within the server.
Symmetric Types:
In this post, we are going to see mainly the types of symmetric encryption, some of them are explained below.
Transposition Cipher:
Order of the plain text will be arranged and shifted based on the key value.
Secret key : 312
Plain Text : dravid
Plain text in plain order :
1 | 2 | 3 |
d | r | a |
v | i | d |
Text in shifted order based on the secret key :
3 | 1 | 2 |
a | d | r |
d | v | i |
In this, once the order has been shifted based on the secret key, the cipher text will be “adrdvi”.
Substitution Cipher :
Arrange the alphabets available in the secret key in front and remaining alphabets will be in order sequentially.
Secret Key : DHONI
Plain Order : ABCDEFGHIJKLMNOPQRSTUVWXYZ
Shifted Order : DHONIABCEFGJKLMPQRSTUVWXYZ
Plain text : chennai
Cipher text : OCILLDE
Caesar Cipher :
It’s kind of Substitution Cipher called as ROT13, where alphabets rotated in length of 13.
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 |
a | b | c | d | e | f | g | h | i | j | k | l | m |
n | o | p | q | r | s | t | u | v | w | x | y | z |
In this chart, get the opposite alphabet of the current alphabet.
Plain text : dhoni
Cipher text : qubav
Block Cipher :
Apart from these ther are many algorithms are ther called AES, RSA, DES. Using these algorithms along with the secret key, salt will make the data secured. Note, DES is not anymore secured, that algorithm has been cracked, so please avoid using it.
Mostly in REST web services, data will be encrypted and decrypted using the AES algorithm to secure the data.
Mode of Operation:
ECB (Electronic Code Book) – Where each and every data block will get encrypted and returns as Cipher text. This will happen in parallel. If there are multiple blocks having same data, then for all those Cipher text will be same, which is a drawback of this mode.
CBC (Cipher Block Chaining) – Where each and every data block XORed with previous block’s Cipher text and then encrypted which will produce the Cipher text. This will happen in sequential not in parallel. And the first data block will get XORed with IV (Initialization Vector), and this IV is not a private key. Since, data block is XORed with the previous cipher text, none of the Cipher text will be same though the data is same. Due to this sequential activity, parallel encrypting is not possible which leads slow while processing big data and this will be a drawback.
Counter Mode – Encrypting the nonce and XORed with data block, following for all the data block gives the Cipher text. This can be done in parallel, and for decrypting we can again follow the same encrypt the cipher text which will produce the plain text. This mode is getting used widely.
Apart from the above, there are many modes are there.
Padding : In Block cipher, the data should be equally match with the multiples of a block. If there is a shortage of bit in a block then encryption won’t happen properly. So, to overcome this we need to add some dummy values called padding then encrypting needs to be done. Common padding which is widely in use is PKCS5Padding.
In java, while encrypting any plain text, 3 things needed, Algorithm name, Mode of Operation and Padding type. Apart from these Secret key and IV may needed. With these we can encrypt or decrypt the value.