The Internet is built on top of IP and TCP protocols. All the devices connected to the Internet rely on the protocols called SSL and TLS to protect the information.
SSL and TLS are cryptographic protocols designed to provide secure communication over insecure infrastructure.
To prevent impersonation attacks, SSL and TLS rely on PKI.
The security of ciphertext depends entirely on the key. If the key is selected from a large keyspace and the breaking encryption requires iterating through a prohibitively large number of possible keys, then we say that a cipher is computationally secure.
The common way to measure encryption strength is via key length; the assumption is that keys are essentially random, which means that the keyspace is defined by the number of bits in a key. As an example, a 128-bit key (which is considered very secure) is one of 340 billion billion billlion billion possible combinations.
Ciphers can be divided into two groups: stream and block ciphers.
RC4 is the best-known stream cipher, but it’s no longer considered secure.
- Only use them to encrypt data lengths equal to the size of the encryption block, always need a scheme to handle of arbitary length and data that is not the exact multiple of the block size.
- Block ciphers always produce the same output for the same input that opens up a number of attacks.
The world’s most popular block cipher is AES(Advanved Encryption Standard), which is available in strengths of 128, 192, and 256 bits.