128 bit and 256 bit encryption

[bhaazee]

Can anyone please explain me what's 128-bit and 256-bit encryption in layman's word (but bit in detail please). (I am a mechanical Engg. and have least knowledge on security aspects of IT).

Thnx.

 

[jobsism]

To define 128 or 256-bit encryption, first a "key" is created. In computer cryptography, a key is a long sequence of bits used by encryption / decryption algorithms.

For example, the following represents a hypothetical 40-bit key:
00001010 01101001 10011110 00011100 01010101

A given encryption algorithm takes the original message, and a key, and alters the original message mathematically based on the key's bits to create a new encrypted message. Likewise, a decryption algorithm takes an encrypted message and restores it to its original form using one or more keys.

Using a 40-bit key(the above has 40 0's and 1's) is referred to as 40-bit encryption. 128 and 256-bit keys are keys with 128 and 256 number of 0's and 1's respectively.

 

[jhae2.718]

Also, if you look at the key sizes, there are 2¹²⁸ possible keys for a 128-bit encryption algorithm. For 256-bit keys, this is a keyspace of 2²⁵⁶ = 2¹²⁸2¹²⁸.

Now, the actual encryption depends on the algorithm. Key sizes of 128 bits/256 bits will be for symmetric ciphers. For SSL, common algorithms are RC4 (a 128-bit stream cipher) and AES-128 and AES-256 in a mode like CFB (cipher feedback). Asymmetric key cryptography (e.g. RSA, DSA, El-Gamal) will typically have key sizes on the order of 2048 bits and up.

Symmetric ciphers are generally either stream ciphers, which produce a long stream of bits that are XORed with the plaintext, or block ciphers, which encrypt the message in blocks of a fixed number of bits. Block ciphers have different modes of operation; the most common include ECB (Electronic code book, in which blocks are encrypted independently--this is a weak mode and should be avoided), CBC (cipher block chaining, where the previous block is XORed with the plaintext of the next block and then encrypted) and CFB (cipher feedback, cipher output is XORed with plain text to get the ciphertext, previous block ciphertext is XORed with cipher output to link blocks).

For symmetric ciphers, both the sender and receiver must have the same key. By contrast, in asymmetric key cryptography, Alice and Bob each have a public and private key. If Alice wants to send a message to Bob, she looks up his private key, encrypts the message with it, signs it with her public key, and sends it to Bob. Bob receives the message and decrypts it with his private key. He can also decrypt the signature using Alice's public key and verify that the message has not been tampered with. Asymmetric key crypto usually involves "one way functions", which are easy to compute but computationally hard to compute the inverse.

 

[DaleSwanson]

A bit (binary digit) is either a 0 or 1. Since there are only two possible states the total number of combinations of an x bit number is 2^x. In terms of encryption, the bits determine how many possible keys there could be. More possible keys means it will take longer for an attacker to try them all (called a brute force attack). It's important to note that a 256 bit key doesn't have twice as many possibilities as an 128 bit one. Each bit doubles the number of possibilities. Meaning that an 129 bit key would have twice the possibilities as an 128. A 256 bit key has 2¹²⁸ times as many possibilities as an 128 bit one.
2¹²⁸ = 3x10³⁸
2²⁵⁶ = 1x10⁷⁷

To use an analogy: a common Master Lock pad lock has 40 digits on its face. This gives 40 * 40 * 40 = 64,000 possible combinations. This is similar to a 16 bit number; 2¹⁶ = 65,536. So one could say a common pad lock is roughly 16 bit. 16 bit is very low for encryption standards, however it is adequate for physical security because trying a combination will take a few seconds each. Compare this to a computer where one might be able to try anything from thousands to billions of possibilities per second and it becomes clear why the possibilities must be so much larger.

AES is a common modern encryption standard. If you have an interest in encryption this guide might be a good place to learn more. It does a good job of starting quite basic and progressing through four level of more complex and accurate descriptions.
http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html"

 

[bhaazee]

Oh! thanks a lot guys for ur patient replies. understood very easily.