Cryptographic competitions
Introduction
Secret-key cryptography
Disasters
Features
Focused competitions:
AES
eSTREAM
SHA-3
PHC
CAESAR
Broader evaluations:
CRYPTREC
NESSIE
CAESAR details:
Submissions
Call for submissions
Call draft 5
Call draft 4
Call draft 3
Call draft 2
Call draft 1
Committee
Frequently asked questions

Secret-key cryptography

The most fundamental promise made by cryptography is that a sender and receiver, starting from nothing more than shared knowledge of a secret key, can securely exchange messages. Secret-key cryptography protects the confidentiality and integrity of the messages against any possible misbehavior by the intermediate network. The advent of public-key cryptography (1976 Diffie–Hellman) introduced new ways to share secrets and to protect messages, but secret-key cryptography remains the high-performance workhorse of cryptography: the vast bulk of encrypted and authenticated data is protected either by a hybrid of public-key and secret-key cryptography or by secret-key cryptography alone.

Message length

Encrypts

Authenticates

Block cipher

Fixed

Yes

No

Stream cipher

Variable

Yes

No

Message-authentication code

Variable

No

Yes

Authenticated cipher

Variable

Yes

Yes

A block cipher encrypts a short fixed-length message using a secret key shared by the sender and receiver. For example, AES is a block cipher that encrypts a 128-bit (16-byte) block using a 128-bit, 192-bit, or 256-bit key.

A stream cipher encrypts a variable-length message using a public nonce (a message number used only once) and a secret key shared by the sender and receiver. For example, all of the ciphers in the eSTREAM portfolio expand the nonce into a long random-looking keystream, which is then xor'ed with the message to produce a ciphertext. There are also several ways to build stream ciphers from block ciphers such as AES: for example, AES-CTR expands a nonce n into AES(n,0), AES(n,1), AES(n,2), etc.

A message-authentication code produces an authenticator of a variable-length message using a secret key shared by the sender and receiver; some message-authentication codes also use nonces. Sending the authenticator together with the message protects the message against corruption. Message-authentication codes are often built from block ciphers or from cryptographic hash functions such as SHA-3.

An authenticated cipher, also known as an authenticated-encryption scheme or AE scheme, encrypts and authenticates messages, using a public nonce and a secret key shared by the sender and receiver. Authenticated ciphers are often built as various combinations of block ciphers, stream ciphers, message-authentication codes, and hash functions.

Version: This is version 2014.01.27 of the secret.html web page.