The world of computing didn't start with encryption being built into it, we could easily say that computing started in the late 1940s. So from the 1940s, up until the late 1970s, the idea of encrypting a mainframe computer just didn't make any sense whatsoever. Well, over time, we began to recover, you know, with the Cold War and things like that, that our computers, we didn't want people looking into them and figuring out the data, or we were moving data from one computer to another via phone lines or something. And we didn't want people to see that information. So we had to go about the process of encryption. Now, when you're encrypted in the IT world, you have to develop algorithms.
Now, these algorithms, if you've been watching other episodes, number one, they have to be known to everybody. Everybody understands the algorithm, and they have to have a key of different links. And then that key has to be kept secret. So the first generation of encryptions and we still see these today. Use what we're known is a symmetric key algorithm. symmetric key simply means that the person who encrypts it needs the key.
And then you take that key and the person who decrypts it uses the same key. It's the same key for encrypting and decrypting. Now that may seem obvious to you, but if you watch other episodes, you'll see there's other ways to do it. Anyway. So what we're going to be talking about are symmetric encryption algorithms. And what I want to stress is the idea of something called a block.
Now, a symmetric block algorithm simply means that I don't care how much data you have, it takes off a chunk of data. So if it's a huge Word document, it takes off X amount of bytes at the beginning, it encrypts that sends it off to the side then grabs another block, encrypts that sends it off to the side, and keeps going like that until it's all the way done. There's other ways to do it. So the first type of popular symmetric block encryption ever created was known as the Data Encryption Standard or d s. This was invented primarily by IBM, but other people contributed as well. And it developed as the first open standard used heavily by the United States government and it's still in use today. Now, in other episodes, we've seen Caesar Cipher envision a and even a simple XOR encryption.
Let me show you how hairy a typical encryption is done using DDS. The first step of DDS encryption is to grab a 64 bit chunk of plain text from the data stream we wish to encrypt, we perform what's known as an initial permutation, a very specific stirring of the data. Okay, let's go ahead now that we've done the initial permutation and set the data aside for a moment, and let's look at the key. So here's our key. Now the first thing we're going to do is drop the last eight bits off the key without split that key into 228 bit chunks. We then grabbed the first 24 bits from each half and put them together and we created what's known as a sub key, which is 48 bits.
Cool. All right, now let's get back to our data. We're going to perform what's known as a feistel function, it works kind of like this, we're going to take the 64 bits and split it into 232 bit halves, we then set one of the halves aside, and we're only going to work on this one right here. So we're going to expand this half into a 48 bit chunk of data using an expansion function. We're then going to apply an XOR function to this using the sub key we've already generated. Next, we're going to use what are called s boxes.
In D s x boxes take in 64 bits and output four bits, there are eight different s boxes and each one gives a different four bit output. So we apply the A s box to the data creating a 32 bit output. And then we're going to do what we call a final permutation. We then put the 232 bit chunks back together, but backwards, and that completes a single feistel function. That was fun. So let's do it again.
We'll shift a few bits on the sub key. We'll split the data set one aside We go ahead and expand it, we XOR the sub key, we've applied this s boxes one more time we throw in a permutation we put the data back together, get the idea. Great. Let's do it 14 more times. Wow, seems a little complicated right? Now keep in mind that what you just looked at was a very, very simplified overview of death itself.
It's actually a lot more complicated than that. But that'll at least get you to the idea that they cool that we can go through this wildly complicated process and using the same key, we can decrypt, basically reverse the process and, and encrypt, we can go either direction. It's absolutely fascinating. Now, as wildly complicated as that was, there were a couple of issues with Dez. Number one, the big problem with does more than anything else was its short key. Now 56 bits sounds like a long key to you and me, but in reality, it's actually kind of short and it allowed it to become exposed to certain types.
Of attacks. So by the early 1990s, people were saying that we could hack Dez. And now in the post 2010 2020, not that far away, does can be hacked in certain circumstances. So even way back in the 90s, they started to come up with alternatives to the alternatives you may see. One of them is called blowfish, and the other one is called triple Dez. Now, the thing I want to stress to you is that when we're talking about symmetric block encryptions, there are three things we tend to talk about more than anything else.
We talked about the key size, how long the key is. We talked about the number of rounds, how many rounds does it go through its encryption process. And then we also talk about the block size. So let's go through blowfish and triple DES as compared to d s. Okay, so let's go ahead and put d s and we know d s is a block cipher. Now it uses a 64 bit block size, it runs 16 rounds with a key size of 56 bits. It's like why do we say 64 but we take eight bits off for overhead, so it's really 56 bits.
Now, triple Dez was also a block encryption. Also with the 64 bit block size. It also had 16 rounds, but basically what it did is it repeated the dess process three times. So you had 356 bit key. So in essence, he had 168 bit key blowfish had a 64 bit block size, it ran 16 rounds, and the key size was variable it could be as low as 32 bits as high as 448 bits. By the early 1990s.
It was obvious to the United States federal government that Dez wasn't very good. blowfish wasn't under their control, and triple Dez was really just kind of a patch together. And so the National Institute of Standards in the very late 1990s and continued into the early 2000s started a big company Competition. They called it a competition. But it was really almost more of a like a, like a conference like a big get together because we'd have people from the private sector in the public sector and from academia all submitting these new symmetric block encryptions, which we're going to replace all this stuff. And they kind of work together.
So they called it a competition, but there was a lot of teamwork. And we started off with a few hundred submissions, and they got it down to like 12. Then they got it down to five. And then from the top five, they basically took a vote because all of the top five were very, very good. And one particular algorithm called rain doll became the new what's now known as the Advanced Encryption Standard in the early 2000s. Now, the Advanced Encryption Standard or as Yes, of course, it's a symmetric block encryption.
But what's most important about it is that it is even though it's well over 10 years old, in fact, maybe getting closer to 20 these days. It is in essence still unhackable knock on wood on that and it is an incredible A powerful symmetric encryption. Now I'm not even going to bother to try to show you the details of how ABS works on the inside. So let's just put that on our chart so that we know the key sizes. And we know the block sizes and we know the number of rounds. So yes, obviously this is a block algorithm, it has a block size of 128 bits.
Now let's jump over to the key size because you could have three different key sizes, you can have 128 192 or 256 bit keys, basically, the bigger the key, the more secure you are. And now going back to rounds, we would have either 1012 or 14 rounds, depending on whether you had 128 192 or 256 bit key sizes. Now, there is one exception to the world that sounds pretty much dominated by symmetric block ciphers. There is another way to do it using what we call streaming ciphers. So instead of taking a chunk, encrypting that and send it off taking a chunk encrypted and sending it off, you can do what's known as streaming. In a streaming scenario, what you'll do is you'll have as each bit comes out of your through a wire, something like that.
So we use this in communication a lot, it literally will encrypt one bit at a time randomly making it a one or a zero. Well, it's not random. It's called pseudo random. But it will create it in such a way that it literally encrypts one bit at a time. So to make this easy for us, there really is only one type of streaming symmetric encryption out there. And that's known as RC four.
So let's throw him on the list too. So, RC four, is a streaming type of encryption. It really doesn't use block sizes. It's one bit at a time. And because it only gets to see that bit once there's only one round when you're using that streaming and Kip, encryption and the key size and this is awesome. In the case, if you don't have a lot of rounds, you often want to use really big keys.
So the key size can be as small as 40 bits, and can go up to 2048 bits. You have gone through a lot of different types of symmetric encryptions here. Now, the thing about algorithms you need to understand is that at no time are you going to have to set these things up. Really, we live in a world where we have these already programmed in, and we're going to cover this in other episodes. But to give you one example, we've probably all done wireless networks. If you set up your wireless access point to use WPA encryption, you're actually using RC four.
Whereas if you set up for WPA two, you're actually using AES encryption. So it's not so terribly important to me that you know, the real complete detailed difference between say Dez and triple DES is what is important is that you have a rough understanding of these types of encryptions. You need to understand that they are all symmetric. They also share the same key. And then also, they can either be blocked, most of them are blocked, and with the exception of RC for can be streaming. So you're gonna want to take a moment to memorize that type of stuff.
But the cool part is, is that while we understand that we take advantage of systems that are pre built in, so when we make choices at a higher level, it's going to help determine the type of encryption that we're going to use.