Network Encryption Algorithms ============================= .. toctree:: :maxdepth: 1 :hidden: :includehidden: AES DES 3DES RSA ECC ChaCha20 Blowfish TwoFish Network encryption algorithms protect data confidentiality and integrity during transit and storage. These algorithms are essential for securing modern network communications. .. list-table:: :widths: 20 60 20 :header-rows: 1 * - Algorithm - Description - Use Case * - AES (Advanced Encryption Standard) - Symmetric block cipher with 128-, 192-, or 256-bit keys. Fast, secure, and widely adopted across many applications. *Used in VPNs, TLS, and encrypted storage.* - VPN encryption, HTTPS/TLS, disk encryption * - DES (Data Encryption Standard) - Older symmetric cipher using 56-bit keys. Now considered insecure due to brute-force vulnerabilities. *Primarily in legacy systems.* - Legacy system compatibility * - 3DES (Triple DES) - Applies DES encryption three times for added security. More secure than DES but slower and deprecated. - Legacy financial systems, ATM networks * - RSA (Rivest–Shamir–Adleman) - Asymmetric encryption based on large integer factorization. Used for secure key exchange and digital signatures. - SSL/TLS handshakes, email signing, SSH authentication * - ECC (Elliptic Curve Cryptography) - Asymmetric algorithm using elliptic curves for smaller keys and faster operations. - Mobile encryption, digital signatures, IoT devices * - ChaCha20 - Fast stream cipher optimized for software, especially on constrained devices. - TLS (Google Chrome), VPNs, SSH * - Blowfish - Block cipher with variable-length key up to 448 bits. Mostly replaced by AES. - Password hashing (bcrypt), file encryption * - TwoFish - AES finalist cipher with strong security and flexibility. - Disk encryption, open-source secure apps .. tab-set:: .. tab-item:: AES (Advanced Encryption Standard) **RFC:** FIPS PUB 197 **Main Features:** - Symmetric block cipher (128-bit blocks) - Key sizes: 128, 192, or 256 bits - Extremely fast and secure - Widely used in TLS, IPsec, WPA2/WPA3 **Use Cases:** - VPN traffic encryption - HTTPS/TLS communication - Encrypted file and disk storage **Alternative Algorithms:** - ChaCha20 – Better performance on mobile devices - TwoFish – Flexible alternative for disk encryption .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about AES:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`AES Version&RFC Details ` * :ref:`AES Basic Setup on Ubuntu using IPv4 ` * :ref:`AES Basic Setup on Ubuntu using IPv6 ` * :ref:`AES Protocol Packet Details ` * :ref:`AES Usecases ` * :ref:`AES Basic Features ` * :ref:`AES Feature : Symmetric Key Cipher ` * :ref:`AES Feature : Block Cipher ` * :ref:`AES Feature : Key Sizes ` * :ref:`AES Feature : Number of Rounds ` * :ref:`AES Feature : Substitution-Permutation Network (SPN) ` * :ref:`AES Feature : Fast and Efficient ` * :ref:`AES Feature : Strong Security ` * :ref:`AES Feature : Widely Adopted ` * :ref:`AES Feature : Flexible Modes of Operation ` * :ref:`Reference links ` .. button-link:: ./AES.html :color: primary :shadow: :expand: Jump to "AES" .. tab-set:: .. tab-item:: DES (Data Encryption Standard) **RFC:** FIPS PUB 46-3 **Main Features:** - 56-bit symmetric key - 64-bit block size - Vulnerable to brute-force attacks - Considered obsolete **Use Cases:** - Legacy systems only - Cryptography education and reference **Alternative Algorithms:** - AES – Modern secure replacement - 3DES – Transitional stronger variant .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about DES:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`DES Version&RFC Details ` * :ref:`DES Basic Setup on Ubuntu using IPv4 ` * :ref:`DES Basic Setup on Ubuntu using IPv6 ` * :ref:`DES Protocol Packet Details ` * :ref:`DES Usecases ` * :ref:`DES Basic Features ` * :ref:`DES Feature : Symmetric Key Cipher ` * :ref:`DES Feature : Block Cipher ` * :ref:`DES Feature : Key Size ` * :ref:`DES Feature : Feistel Structure ` * :ref:`DES Feature : Initial & Final Permutations ` * :ref:`DES Feature : Subkeys Generation ` * :ref:`DES Feature : S-Boxes ` * :ref:`DES Feature : Fast in Hardware ` * :ref:`DES Feature : Vulnerable to Brute Force ` * :ref:`DES Feature : Superseded by AES ` * :ref:`Reference links ` .. button-link:: ./DES.html :color: primary :shadow: :expand: Jump to "DES" .. tab-set:: .. tab-item:: 3DES (Triple DES) **RFC:** NIST SP 800-67 **Main Features:** - Encrypts data three times using DES - 112- or 168-bit key length - Slower than AES - Used mainly in legacy financial systems **Use Cases:** - ATM and banking security - Legacy enterprise encryption **Alternative Algorithms:** - AES – Faster and more secure - TwoFish – Modern alternative cipher .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about 3DES:** * :ref:`Learnings in this section <3DES_step1>` * :ref:`Terminology <3DES_step2>` * :ref:`Version Info <3DES_step3>` * :ref:`3DES Version&RFC Details <3DES_step5>` * :ref:`3DES Basic Setup on Ubuntu using IPv4 <3DES_step20>` * :ref:`3DES Basic Setup on Ubuntu using IPv6 <3DES_step21>` * :ref:`3DES Protocol Packet Details <3DES_step6>` * :ref:`3DES Usecases <3DES_step7>` * :ref:`3DES Basic Features <3DES_step8>` * :ref:`3DES Feature : Symmetric Key Cipher <3DES_step9>` * :ref:`3DES Feature : Block Cipher <3DES_step10>` * :ref:`3DES Feature : Keying Options <3DES_step11>` * :ref:`3DES Feature : Triple Encryption <3DES_step12>` * :ref:`3DES Feature : Backward Compatibility <3DES_step13>` * :ref:`3DES Feature : Feistel Structure <3DES_step14>` * :ref:`3DES Feature : Stronger than DES <3DES_step15>` * :ref:`3DES Feature : Slower than AES <3DES_step16>` * :ref:`3DES Feature : Systems <3DES_step17>` * :ref:`3DES Feature : Being Phased Out <3DES_step18>` * :ref:`Reference links <3DES_step19>` .. button-link:: ./3DES.html :color: primary :shadow: :expand: Jump to "3DES" .. tab-set:: .. tab-item:: RSA (Rivest–Shamir–Adleman) **RFC:** RFC 8017 (PKCS #1 v2.2) **Main Features:** - Asymmetric encryption using public/private keys - Key sizes: 1024, 2048, 4096 bits - High computational overhead - Used for digital signatures and secure key exchange **Use Cases:** - TLS handshakes and certificates - Email encryption and signing - SSH key authentication **Alternative Algorithms:** - ECC – Faster with smaller keys - Diffie–Hellman – Secure key exchange .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about RSA:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`RSA Version&RFC Details ` * :ref:`RSA Basic Setup on Ubuntu using IPv4 ` * :ref:`RSA Basic Setup on Ubuntu using IPv6 ` * :ref:`RSA Protocol Packet Details ` * :ref:`RSA Usecases ` * :ref:`RSA Basic Features ` * :ref:`RSA Feature : Asymmetric Key Algorithm ` * :ref:`RSA Feature : Key Pair Generation ` * :ref:`RSA Feature : Public Key Distributuion ` * :ref:`RSA Feature : Digital Signatures ` * :ref:`RSA Feature : Encryption & Decryption ` * :ref:`RSA Feature : Key sizes ` * :ref:`RSA Feature : Slower than Symmetric Ciphers ` * :ref:`RSA Feature : Widely Used in Protocols ` * :ref:`RSA Feature : Standardized ` * :ref:`Reference links ` .. button-link:: ./RSA.html :color: primary :shadow: :expand: Jump to "RSA" .. tab-set:: .. tab-item:: ECC (Elliptic Curve Cryptography) **RFC:** RFC 7748, RFC 4492 **Main Features:** - Asymmetric cryptography using elliptic curves - Smaller key sizes with equivalent security to RSA - Efficient CPU and memory usage **Use Cases:** - Mobile and IoT device encryption - VPN encryption (e.g., Curve25519) - Digital signatures **Alternative Algorithms:** - RSA – More established but heavier - EdDSA – ECC-based signature scheme .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about ECC:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`ECC Version&RFC Details ` * :ref:`ECC Basic Setup on Ubuntu using IPv4 ` * :ref:`ECC Basic Setup on Ubuntu using IPv6 ` * :ref:`ECC Protocol Packet Details ` * :ref:`ECC Usecases ` * :ref:`ECC Basic Features ` * :ref:`ECC Feature : Asymmetric Key Algorithm ` * :ref:`ECC Feature : Elliptic Curve Mathematics ` * :ref:`ECC Feature : Smaller Key Sizes ` * :ref:`ECC Feature : Efficient Computation ` * :ref:`ECC Feature : Digital Signatures (ECDSA) ` * :ref:`ECC Feature : Key Exchange (ECDH) ` * :ref:`ECC Feature : Low Bandwidth & Storage ` * :ref:`ECC Feature : Ideal for Mobile & IoT ` * :ref:`ECC Feature : Widely Standardized ` * :ref:`ECC Feature : Used in Modern Protocols ` * :ref:`Reference links ` .. button-link:: ./ECC.html :color: primary :shadow: :expand: Jump to "ECC" .. tab-set:: .. tab-item:: ChaCha20 **RFC:** RFC 8439 **Main Features:** - Stream cipher optimized for software performance - 256-bit key with nonce-based encryption - Resistant to timing attacks **Use Cases:** - TLS in Google Chrome and Android - VPNs like WireGuard - SSH encryption **Alternative Algorithms:** - AES – Better hardware support - Salsa20 – Predecessor stream cipher .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about ChaCha20:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`ChaCha20 Version&RFC Details ` * :ref:`ChaCha20 Basic Setup on Ubuntu using IPv4 ` * :ref:`ChaCha20 Basic Setup on Ubuntu using IPv6 ` * :ref:`ChaCha20 Protocol Packet Details ` * :ref:`ChaCha20 Usecases ` * :ref:`ChaCha20 Basic Features ` * :ref:`ChaCha20 Feature : Symmetric Stream Cipher ` * :ref:`ChaCha20 Feature : 256-bit Key ` * :ref:`ChaCha20 Feature : 96-bit Nonce ` * :ref:`ChaCha20 Feature : 20 rounds of Mixing ` * :ref:`ChaCha20 Feature : No Padding Required ` * :ref:`ChaCha20 Feature : Constant-Time Execution ` * :ref:`ChaCha20 Feature : High Performance in Software ` * :ref:`ChaCha20 Feature : Design ` * :ref:`ChaCha20 Feature : AEAD Support (with poly1305) ` * :ref:`ChaCha20 Feature : Cross-Platform Compatibility ` * :ref:`Reference links ` .. button-link:: ./ChaCha20.html :color: primary :shadow: :expand: Jump to "ChaCha20" .. tab-set:: .. tab-item:: Blowfish **RFC:** Not standardized by RFC (Published by Schneier) **Main Features:** - 64-bit block cipher - Variable key length up to 448 bits - Fast in software but limited block size **Use Cases:** - Password hashing (bcrypt) - Embedded system encryption **Alternative Algorithms:** - AES – Modern replacement - TwoFish – Larger blocks and stronger design .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about Blowfish:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`Blowfish Version&RFC Details ` * :ref:`Blowfish Basic Setup on Ubuntu using IPv4 ` * :ref:`Blowfish Basic Setup on Ubuntu using IPv6 ` * :ref:`Blowfish Protocol Packet Details ` * :ref:`Blowfish Usecases ` * :ref:`Blowfish Basic Features ` * :ref:`Blowfish Feature : Symmetric Block Cipher ` * :ref:`Blowfish Feature : Variable Key Length ` * :ref:`Blowfish Feature : 16-Round Feistel Network ` * :ref:`Blowfish Feature : Key-Dependent S-boxes ` * :ref:`Blowfish Feature : Fast in Software ` * :ref:`Blowfish Feature : No Licensing Required ` * :ref:`Blowfish Feature : Security Design ` * :ref:`Blowfish Feature : Lightweight Implementation ` * :ref:`Blowfish Feature : Legacy Compatibility ` * :ref:`Blowfish Feature : Basis for bcrypt ` * :ref:`Reference links ` .. button-link:: ./Blowfish.html :color: primary :shadow: :expand: Jump to "Blowfish" .. tab-set:: .. tab-item:: TwoFish **RFC:** AES competition finalist (no formal RFC) **Main Features:** - 128-bit block cipher - Variable key lengths up to 256 bits - Strong and efficient design **Use Cases:** - Disk encryption (e.g., VeraCrypt) - Open-source cryptographic apps **Alternative Algorithms:** - AES – Widely used standard - Serpent – Another AES finalist .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about TwoFish:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`TwoFish Version&RFC Details ` * :ref:`TwoFish Basic Setup on Ubuntu using IPv4 ` * :ref:`TwoFish Basic Setup on Ubuntu using IPv6 ` * :ref:`TwoFish Protocol Packet Details ` * :ref:`TwoFish Usecases ` * :ref:`TwoFish Basic Features ` * :ref:`TwoFish Feature : Block Cipher ` * :ref:`TwoFish Feature : Variable Key Length ` * :ref:`TwoFish Feature : Feistel Network ` * :ref:`TwoFish Feature : Key-Dependent S-boxes ` * :ref:`TwoFish Feature : MDS Matrix ` * :ref:`TwoFish Feature : Whitening steps ` * :ref:`TwoFish Feature : High Performance ` * :ref:`TwoFish Feature : Unpatented and Open ` * :ref:`TwoFish Feature : AES Finalist ` * :ref:`Reference links ` .. button-link:: ./TwoFish.html :color: primary :shadow: :expand: Jump to "TwoFish"