The most fundamental promise made by cryptography is that a sender and receiver, starting from nothing more than shared knowledge of a secret key, can securely exchange messages. Secret-key cryptography protects the confidentiality and integrity of the messages against any possible misbehavior by the intermediate network. The advent of public-key cryptography (1976 Diffie–Hellman) introduced new ways to share secrets and to protect messages, but secret-key cryptography remains the high-performance workhorse of cryptography: the vast bulk of encrypted and authenticated data is protected either by a hybrid of public-key and secret-key cryptography or by secret-key cryptography alone.
A block cipher encrypts a short fixed-length message using a secret key shared by the sender and receiver. For example, AES is a block cipher that encrypts a 128-bit (16-byte) block using a 128-bit, 192-bit, or 256-bit key.
A stream cipher encrypts a variable-length message using a public nonce (a message number used only once) and a secret key shared by the sender and receiver. For example, all of the ciphers in the eSTREAM portfolio expand the nonce into a long random-looking keystream, which is then xor'ed with the message to produce a ciphertext. There are also several ways to build stream ciphers from block ciphers such as AES: for example, AES-CTR expands a nonce n into AES(n,0), AES(n,1), AES(n,2), etc.
A message-authentication code produces an authenticator of a variable-length message using a secret key shared by the sender and receiver; some message-authentication codes also use nonces. Sending the authenticator together with the message protects the message against corruption. Message-authentication codes are often built from block ciphers or from cryptographic hash functions such as SHA-3.
An authenticated cipher, also known as an authenticated-encryption scheme or AE scheme, encrypts and authenticates messages, using a public nonce and a secret key shared by the sender and receiver. Authenticated ciphers are often built as various combinations of block ciphers, stream ciphers, message-authentication codes, and hash functions.
Version: This is version 2014.01.27 of the secret.html web page.