Symmetric Key Ciphers

Symmetric Encryption / Decryption

When the input data is encrypted, it is transformed to **encrypted ciphertext** and when the ciphertext is decrypted, it is transformed back to the original input data.

Symmetric Encryption Uses a Set of Algorithms

It is important to know as a concept that symmetric-key encryption algorithms usually do not work standalone. They work together with other related crypto algorithms, into a **symmetric encryption scheme** / **symmetric encryption construction**.

In most encryption schemes an **encryption** is combined with password to **key derivation** algorithm and **message authentication** scheme (see authenticated encryption). Typically a symmetric encryption procedure uses a sequence of steps, involving different crypto algorithms:

**Password-to-key derivation**algorithm (like Scrypt or Argon2): to allow using a password instead of a key and to make password cracking hard and slow to be performed.**Block to stream cipher transformation**algorithm (block cipher mode like**CBC**or**CTR**) +**message padding**algorithm like**PKCS7**(in some modes): to allow encrypting data of arbitrary size using a block cipher algorithm (like**AES**).**Block cipher algorithm**(like**AES**): to securely encrypt data blocks of fixed length using a secret key.**Message authentication**algorithm (like**HMAC**): to check whether after decryption the obtained result matches the original message before the encryption.

Later in this section we shall give **more details and examples** about how to configure and use symmetric block ciphers (like AES) along with the all above described algorithms to securely encrypt and decrypt messages of arbitrary size.

Last modified 7mo ago