Secret key cryptography is the type of encryption that is familiar to most people. In this type of cryptography, the sender and receiver both know a secret key.
The sender encrypts the plaintext message with the secret key, and the receiver decrypts the message with the same secret key. Obviously, the challenge is to make the secret key available to both the sender and receiver without compromising it.
For increased security, the secret key should be changed at frequent intervals. Ideally, a particular secret key should only be used once.
A secret key cryptographic system is comprised of information that is public and private.
The public information usually consists of the following:
The algorithm for enciphering the plaintext copy of the enciphered message
Possibly, a copy of the plaintext and an associated ciphertext
Possibly, an encipherment of the plaintext that was chosen by an unintended receiver
Private information is:
The key or cryptovariable
One particular cryptographic transformation out of many possible transformations
An important property of any secret key cryptographic system is that the same key can encipher and decipher the message.
If large key sizes (> 128 bits) are used, secret key systems are very difficult to break.
These systems are also relatively fast and are used to encrypt large volumes of data.
There are many symmetric key algorithms available because of this feature. One problem with using a symmetric key system is that because the sender and receiver must share the same secret key, the sender requires a different key for each intended receiver. One commonly used approach is to use public key cryptography to transmit a symmetric session key that can be used for a session between the sender and receiver. Time stamps can be associated with this session key so that it is valid only for a specified period of time. Time stamping is a counter to replay, wherein a session key is somehow intercepted and used at a later time. Symmetric key systems, however, do not provide mechanisms for authentication and non-repudiation.
The best-known symmetric key system is probably the Data Encryption Standard (DES). DES evolved from the IBM Lucifer cryptographic system in the early 1970s for commercial use.