|
| Diffie-Hellman key exchange algorithm | First published public key algorithm,
can be used only for exchanging keys | Uses recipient’s public key to generate a secret key; public data is then sent to recipient who can now generate the secret key |
|
DSA
(digital signature algorithm) | Does not encrypt data, but produces a signature that can be verified
A public key (of 3 parts) is calculated from a private key | Signing: input is data to be signed, private key, a random number; output is a signature, comprising 2 numbers called r & s
Verifying: input is data to be verified, public key & s; output is a number called v; if v = r then signature is verified |
|
SHA
(secure hash algorithm) | US government standard produced by NIST
Based on MD4 algorithm. Revised version of 1995 called SHA-1 | Takes a message of less than 264 bits and produces a message digest/fingerprint of 160 bits |
|
DSS
(digital signature standard) | US government standard method | Uses DSA to sign a message digest/fingerprint produced by SHA |
|
ElGamal
(T ElGamal’s algorithm) | Variant of Diffie-Hellman for encryption and decryption as well as key exchanges | Sometimes known as Diffie-Hellman in earlier versions of PGP |
|
RSA
(Rivest-Shamir-Adleman algorithm) | First main, and still, the most widely used general purpose public-key encryption algorithm | Encrypt message with public key to obtain confidentiality
Encrypt message with private key to obtain authentication, integrity, and nonrepudiation |
|
3DES
triple DES (data enrcyption standard) | DES was the first widespread symmetric key encryption algorithm
3DES applies the algorithm 3 times for additional security | DES is a 56-bit key, 64-bit block cypher using multiple rounds of permutations and substitutions
Now considered necessary to apply 3 times with 3 keys |
|
CAST-128
(developed by Carlisle Adams and Stafford Tavares) | Modern symmetric key encryption algorithm
CAST-128 is an implementation of the CAST design procedure | Uses key sizes of 40 to 128 bits (in 8-bit increments) with 16 rounds of 64-bit blocks of plaintext
Has been extensively reviewed by cryptologists |
|
IDEA
(international data encryption algorithm) | Modern symmetric key encryption algorithm, designed as a replacement for DES | 128-bit key block cypher encrypting 64-bit blocks of plaintext |
|
AES/Rijndael
(Daemen and Rijmen’s algorithm) | Selected for the new “Advanced Encryption Standard” by NIST to replace DES | High performance and very secure algorithm, using key sizes of 128, 192, and 256 bits |
|
| RSA | Selected for the new “Advanced Encryption Standard” by NIST | High performance and very secure algorithm |
|
