A formula used to turn ordinary data, or "plaintext," into a secret code known as "ciphertext." Each algorithm uses a string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making it harder to break the code and descramble the contents.
Most encryption algorithms use the block cipher method, which codes fixed blocks of input that are typically from 64 to 128 bits in length. Some use the stream method, which works with the continuous stream of input.
The dialog box below from the ScramDisk encryption program shows the various algorithms offered to encrypt data on your hard disk. The free, open source, legacy version of ScramDisk is available at www.samsimpson.com. The accompanying descriptions and performance comparisons from the ScramDisk documentation manual are provided because they provide a brief and clear summary of current-day secret key encryption algorithms.
The following is reproduced with permission, courtesy of Sam Simpson and Aman. See mode of operation, cryptography, security protocol, stream cipher, block cipher and algorithm.
ScramDisk encrypts data on the hard disk, and this dialog box allows for the selection of the encryption algorithm. "Mouse entropy" is the amount of randomness introduced into the creation of the key. The more the mouse is moved around in a random pattern, the more randomness.
This is far better than DES; it uses three applications of the DES cipher in EDE (Encipher-Decipher-Encipher) mode with totally independent keys. Outer-CBC is used. This algorithm is thought to be very secure (major banks use it to protect valuable transactions), but it is also very, very slow.
Blowfish is a high security encryption alogorithm designed by Bruce Schneier, the author of Applied Cryptography and owner of the company Counterpane. It is very fast, is considered secure and is resistant to linear and differential analysis. This is my personal cipher of choice.
Data Encryption Standard was designed in the early 1970s by IBM with input from NSA. It is OK, but a single key can be broken in three days by the Electronic Frontier Foundation, a poorly funded organization. This algorithm was provided for completeness.
International Data Encryption Algorithm was produced by Xuejia Lai and James Massey. It is fairly fast, is considered secure, and it is also resistant to both linear and differential analysis. To use this for anything other than personal use, a royalty must be paid to Ascom-Systec Ltd.
Misty1 was designed by M. Matsui of Mitsubishi. It is a reasonably fast cipher that is resistant to both linear and differential analysis. It is fairly new though, so use it with caution.
Square is a very fast and reasonably secure block cipher produced by John Daemen and Vincent Rijmen. It hasn't been subject to as much peer review as Blowfish, 3DES, IDEA, etc., so it may be susceptible to attacks.
This is a proprietary stream cipher constructed by the author and is designed for speed alone. It is supplied for backward compatibility with Version 1 of ScramDisk and is not recommended for use on newly created disks. Instead, use TEA or Blowfish, which are both reasonably fast.
Tiny Encryption Algorithm is a very fast and moderately secure cipher produced by David Wheeler and Roger Needham of Cambridge Computer Laboratory. There is a known weakness in the key schedule, so it is not recommended if utmost security is required. TEA is provided in 16 and 32 round versions. The more rounds (iterations), the more secure, but slower.
Encryption Size Size
Type Author Bits Bits Time**
3DES Diffie-Hellman 64 168 4:05
Blowfish Schneier 64 256 0:55
DES IBM-NSA 64 56 1:42
IDEA Lai-Massey 64 128 1:07
Misty1 Matsui 64 128 2:50
Square Daemon-Rijmen 128 128 0:39
Summer Aman (stream) 128 0:46
TEA 16 Wheeler-Needham 64 128 0:46
TEA 32 Wheeler-Needham 64 128 1:03
**Minutes/seconds to encrypt a 50MB file.
Although times are based on an older
166 MHz Pentium, the list serves as an
algorithm speed comparison.