Also known as: symmetric encryption, secret-key cryptography
Symmetric-key cryptography uses the same secret key to encrypt and to decrypt, so the sender and receiver must both hold that key and keep it secret.1 It underlies the fast bulk ciphers such as AES, DES, and RC4.
How it works
A single cryptographic key parameterises both directions of the cipher. Encryption transforms plaintext to ciphertext under the key; decryption is the inverse transform under the same key. Because there is only one key and no public-key mathematics, symmetric ciphers are extremely fast and are used for nearly all bulk data encryption.
Symmetric ciphers come in two main shapes:
- Stream ciphers generate a keystream and combine it with the data, usually by XOR — for example RC4.
- Block ciphers transform fixed-size blocks under the key — for example AES (128-bit blocks) and DES (64-bit blocks).
The central weakness is key distribution: every pair of parties needs a shared secret, delivered over some channel that an eavesdropper cannot read. Public-key cryptography was developed largely to solve this problem. Per Kerckhoffs’s principle, the algorithm may be public; only the key must stay secret.
Relevance to SDR
Most trunked-radio voice encryption is symmetric. DMR “Enhanced Privacy” uses RC4; P25 voice protection uses DES-OFB or AES-256. In every case GopherTrunk can detect and follow the encrypted traffic but cannot recover the audio without the shared key — that is the whole point of a symmetric cipher. This is distinct from reversible scrambling or whitening, which use a publicly known sequence and so can be undone without any secret.
Sources
-
Symmetric-key algorithm — Wikipedia, for the shared-secret-key model and its key-distribution trade-off. ↩