A '''cipher''' is an [algorithm] for [encryption%|%encrypting] data. ** Description ** A cipher uses a value called '''the encryption key''' to transform a value called '''plain text''' into a second value called '''ciphertext''', such that a third value called '''the decryption key''' is needed to derive the plain text from the ciphertext. Without the key, even knowledge of the cipher is of no use in '''deciphering''' ('''decrypting''') the ciphertext. A '''symmetric cipher''' uses the same key for both encryption and decryption. An '''asymmetric cipher''' uses a pair of related keys: A value encrypted using one key may be decrypted using the other key. If one key is kept secret, and the other made public, they can be used for various purposes: : A value encrypted using the secret key can be decrypted using the public key, proving that the message originated from the possessor of the secret key. : A value encrypted using the public key can be decrypted using the secret key, making it possible to transmit a message that only the possessor of the secret key can read. : A value encrypted using the secret key of party A and then encrypted again using the public key of Party B makes it possible to transmit a message that only party B can read, and that party B knows originated from party A. Furthermore, party A can encrypt only the cryptographic hash of the message, rather than the complete message, in order to prove its the origin. This is called a '''digital signature''': Party B can decrypt the message which includes the encrypted hash of the message, decrypt that hash, take the hash of the message, and compare the two hashes. For most asymmetric encryption systems, encrypting your data with key A and then encrypting the result with key B is effectively equivalent to encrypting your data with key C, where key C has the property of being much less secure than either key A or key B. Governments have historically attempted to limit the use of encryption because the authorities like to be able to inspect information and monitor communications. They have however been less averse to the wide deloymnet of assymetric encryption which has proven essential to everyday individual communication over the Internet. ** Secure Ciphers ** [aes%|%AES] (Rijndael): Widely used. [blowfish]: One of the competitors for AES. Superceded by [Twofish]. [Twofish]: The successor to blowfish. ** Insecure Ciphers ** [des]: [rc4]: Simple substitution algorithms, such as [Caesar] and [rot13]: These are trivial to break, and there is a page devoted to [solving cryptograms]. Other (insecure) algorithms of historical interest, such as [vignere] (a misspelling of Vigenere) and [Matrix multiplication and encryption]: The page entitled [Encryption and decryption] has another implementation of Vigenere. ** Comparison of pure-Tcl cipher implementations ** The following table shows a comparison of the pure-Tcl cipher implementations from [tcllib] Each was used to encipher and decipher 16 bytes for a timing test. The first table gives aggregated times. In the second table we ignore the key scheduling phase and only time core data encryption. DES(0.8) DES 3DES AES-128 AES-192 AES-256 Blowfish RC4 2967 505 1039 874 1004 1184 38783 584 2769 409 865 2389 2856 3379 38735 572 - 275 609 703 - - 143 56 - 190 423 2246 - - 139 53 From this we can see that the [blowfish] cipher is the fastest block cipher but is crippled by the cost of generating the sub-keys. [AES] and [DES] both have cheap key scheduling. For [AES] decryption is significantly slower than encryption while for [DES] the reverse is true. [RC4] is currently fastest. Tests were done using a tclkit 8.4 executable. DES 0.8 is the one in tcllib 1.7 while the columns listed as DES and 3DES are using a sightly modified version of TclDES. Tests look something like: ====== time {rc4::rc4 -key $key $plaintext} 500 ====== or ====== time {aes::aes -mode ecb -dir encrypt -key $key $plaintext} 500 ====== <> cryptography