Cryptographic Algorithms

This page lists commonly used cryptographic algorithms and methods, and tries to give references to implementations and textbooks. Where available, comments are also made about the usefulness or other aspects of the algorithms. The comments should be interpreted as the author's subjective opinion and should not be considered authoritative in any way.

Public Key Algorithms

Public key algorithms use a different key for encryption and decryption, and the decryption key cannot (practically) be derived from the encryption key. Public key methods are important because they can be used to transmit encryption keys or other data securely even when the parties have no opportunity to agree on a secret key in private. All known methods are quite slow, and they are usually only used to encrypt session keys (randomly generated "normal" keys), that are then used to encrypt the bulk of the data using a symmetric cipher (see below).

Secret Key Algorithms (Symmetric Ciphers)

Secret key algorithms use a the same key for both encryption and decryption (or the other is easily derivable from the other).

These and a number of other ciphers are available from .

Block Cipher Modes

Many commonly used ciphers (e.g., IDEA, DES, BLOWFISH) are block ciphers. This means that they take a fixed-size block of data (usually 64 bits), an transform it to another 64 bit block using a function selected by the key. The cipher basically defines a one-to-one mapping from 64-bit integers to another permutation of 64-bit integers.

If the same block is encrypted twice with the same key, the resulting ciphertext blocks are the same (this method of encryption is called Electronic Code Book mode, or ECB). This information could be useful for an attacker.

In practical applications, it is desirable to make identical plaintext blocks encrypt to different ciphertext blocks. Two methods are commonly used for this:

The previous ciphertext block is usually stored in an Initialization Vector (IV). An initialization vector of zero is commonly used for the first block, though other arrangements are also in use.

More information on cipher modes can be found e.g. in Bruce Schneier: Applied Cryptography, John Wiley & Sons, 1994.

Cryptographic Hash Functions

Random Number Generators

Cryptographic systems need cryptographically strong random numbers that cannot be guessed by an attacker. Random numbers are typically used to generate session keys, and their quality is critical for the quality of the resulting systems. The random number generator is easily overlooked, and becomes the weakest point of the system.

Some machines may have special purpose hardware noise generators. Noise from the leak current of a diode or transistor, least significant bits of audio inputs, times between interrupts, etc. are all good sources of randomness when processed with a suitable hash function. It is a good idea to acquire true environmental noise whenever possible.

Examples of cryptographic random number generators can be found e.g. in PGP source code, Noiz, and Ssh source code.

Please send updates and additions to Tatu Ylönen <>
Disclaimer: Any opinions and evaluations presented here are speculative, and the author cannot be held responsible for their correctness.