What are the different kinds of algorithms that encryption software programs utilize?

The complexity of these algorithms prevents us from describing their workings in-depth in a guide intended for readers with limited technical knowledge of encryption, but here are some links and names that may be useful if you want to know more about the technical aspects of encryption software. You can always find more information on each algorithm (including ones that are not listed here) simply by searching for the algorithm's name on your favorite Internet search engine.

One interesting read is the PGP Diffie-Hellman vs. RSA FAQ, which discusses the effectiveness of various algorithms.

AES is the block cipher being developed as a successor to DES. (AES was not completed at the time this guide was published.) It operates under the symmetric key model. Some of the other encryption algorithms listed in this section were submitted as candidates to become AES. The selected algorithm is one called Rijndael (one suggested pronunciation: "rain doll"), a variant of an algorithm called Square.

- AES (Rijndael) (mathematical analysis)
- The AES Candidates
- The Block Cipher Rijndael (a newbie's introduction to Rijndael)
- Computer Security Resource Center: AES; FAQ
- The History of AES
- PGP Diffie-Hellman vs.RSA FAQ: What is AES?

Blowfish is a block cipher that employs the asymmetric key model. "Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. Since then it has been analyzed considerably, and it is slowly gaining acceptance as a strong encryption algorithm. Blowfish is un-patented and license-free, and is available free for all uses." (Counterpane Internet Security: The Blowfish Encryption Algorithm)

CAST is a group of ciphers. "CAST-128 belongs to the class of encryption algorithms known as Feistel ciphers; overall operation is thus similar to the Data Encryption Standard (DES)." (C. Adams, Entrust Technologies: The CAST-128 Encryption Algorithm) It operates under the symmetric key model.

"It is resistant to both linear and differential cryptanalysis. Currently, there is no known way of breaking CAST short of brute force. There are no known attacks on CAST with reduced rounds – it looks incredibly secure. CAST is now the default cipher in PGP." (PGP Diffie-Hellman vs. RSA FAQ: What is CAST?)

"CAST is a family of ciphers. Some of the other 'CAST' ciphers have succumbed to advanced attack. (Rijmen and Preneel have attacked some CAST designs and so have Kelsey, Schneier & Wagner.) The same attacks have been tried against the implementation of CAST used in PGP and have, thus far, failed." (PGP Diffie-Hellman vs. RSA FAQ: What is CAST?)

- C. Adams, Entrust Technologies: The CAST-128 Encryption Algorithm
- C. Adams, J. Gilchrist, Entrust Technologies: The CAST-256 Encryption Algorithm
- PGP Diffie-Hellman vs. RSA FAQ: What is CAST?

DES is the current standard encryption algorithm. "DES was developed in the 1970s by the National Bureau of Standards with the help of the National Security Agency" with an algorithm submitted by IBM. (The Next Wave: What is DES?) It operates under the symmetric key model.

"Unfortunately, over time various shortcut attacks were found that could significantly reduce the amount of time needed to find a DES key by brute force. And as computers became progressively faster and more powerful, it was recognized that a 56-bit key was simply not large enough for high security applications." (Tropical Software: DES Encryption (DES)

" On July 17, 1998 the Electronic Frontier Foundation (EFF) announced the construction of a DES brute-force hardware cracker (http://www.eff.org/descracker/). This $220,000 device can break a DES key in an average of 4.5 days." (Dr. Dobb's Journal: The Current State of DES)

Triple-DES is only a third as fast as DES, but uses three keys to effectively triple the key length to 168 bits, making the algorithm "billions of times more secure [than DES] if used properly." (Tropical Software: Triple DES Encryption [Triple DES])

- Dr. Dobb's Journal: The Current State of DES
- The Next Wave: What is DES? (DES)
- PGP Diffie-Hellman vs.RSA FAQ: What is 3DES?
- SearchSecurity: Data Encryption Standard (DES)
- Tropical Software: DES Encryption (DES)
- Tropical Software: Triple DES Encryption (Triple DES)

Diffie-Hellman is an encryption algorithm that employs the asymmetric key model.

"In 1976, Diffie and Hellman started an explosion of open research in cryptology when they first introduced the notion of public-key cryptography, which allows for new electronic means to handle key distribution in conventional cryptographic systems and for digital signatures in electronic messages." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)

"The Stanford patent on the Diffie-Hellman technique... expired in 1997 and [the technique] is now in the public domain." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)

- Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS (if the link is down; see Google's cached copy)
- PGP Diffie-Hellman vs. RSA FAQ: What is DH / ElGamal?
- RSA Security: What is Diffie-Hellman?

GOST is the U.S.S.R. 28147-89 standard protection algorithm, analogous to the U.S.'s DES. "The algorithms are similar in that both operate on 64-bit blocks by successively modifying half of the bits with a function of the other half." (GOST encryption algorithm: Russian analogue to US Standard?)

- GOST encryption algorithm: Russian analogue to US Standard?
- Soviet Encryption Algorithm (GOST 28147-89)

IDEA is a block cipher used in PGP. "IDEA, unlike the other block cipher algorithms discussed in this section, is patented by the Swiss firm of Ascom. They have, however, been generous in allowing, with permission, free noncommercial use of their algorithm, with the result that IDEA is best known as the block cipher algorithm used within the popular encryption program PGP." (IDEA (International Data Encryption Algorithm)

- IDEA (International Data Encryption Algorithm) (a mathematical analysis)
- Naval Postgraduate School / Department of Computer Science: IDEA (mathematical overview)
- PGP Diffie-Hellman vs. RSA FAQ: What is IDEA?

See "Data Encryption Standard (DES) and Triple-DES (3DES)"

"Twofish is a block cipher by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists. Twofish is unpatented, and the source code is uncopyrighted and license-free; it is free for all uses." (Counterpane Internet Security: Twofish: A New Block Cipher) It operates under the symmetric key model.

- PGP Diffie-Hellman vs. RSA FAQ: What is Twofish? (discusses concerns that Twofish is new and unproven)
- Counterpane Internet Security: Twofish: A New Block Cipher
- The Twofish Encryption Algorithm: Block Encryption for the 21st Century

RSA is a family of algorithms that employ the asymmetric key model. There are actually multiple incarnations of this algorithm; RC5 is one of the most common in use, and RC6 was a finalist algorithm for AES. Searching for how RSA works often yields a host of pages about how it works mathematically, because the U.S. patent on the RSA algorithm expired on September 21, 2000. (RSA Security, Inc. actually began offering the algorithm to the public before the 17-year-old patent expired.)

- Tom Davis' notes on RSA Encryption
- RSA Algorithm JavaScript Page (illustrates mathematical principles with web-based code)

Back to Guide