Ernesto Guisado's Website  » Articles  » Secure Random Numbers  » Sidebar on Cryptographic Algorithms Articles | Miscellanea |

Sidebar on Cryptographic Algorithms

DES, AES (Rijndael) and RC4 are all examples of symmetric encryption algorithms. They are also called "secret key algorithms", because they use a secret key to both encrypt and decrypt the message. For any strong algorithm, the security increases with the key size. DES initially had a 56-bit key. Triple-DES (3DES) an evolution of DES uses 3 DES keys to give a security equivalent to a 112-bit key. The exported version of RC4 used 40-bit keys. Rijndael supports keys of 128-bits and longer. Nowadays 40-bit keys are considered bad, 56 weak, 128 secure and 256 very secure.

MD4, MD5 and SHA are examples of a cryptographic hash. They take a long message and turn it into a short "fingerprint" value. The fingerprint is also called "message digest", "cryptographic checksum", or "cryptographic hash". They are designed so that:

  1. Given the hash of a message it is very hard to find out which message generated that hash.
  2. Given a message it is very hard to find another message with the same hash.

How hard these things are depends on the size of the generated fingerprint. MD4 and MD5 are considered suspicious already. They generate a 128-bit hash. SHA is considered okay and generates a 160-bit hash. Some people are already recommending moving to 256-bit hashes. Bigger hashes are also much slower.