path: root/doc/tex/ciphers.tex

\section{Symmetric encryption algorithms}
\par
Confidentiality is provided by using block encryption algorithms like {\bf 3DES}, 
{\bf AES\footnote{AES or Advanced Encryption Standard is actually the RIJNDAEL algorithm. This is the
algorithm that will replace DES.}}, or
stream algorithms like {\bf ARCFOUR\footnote{ARCFOUR is a compatible
algorithm with RSA's RC4 algorithm.}} See \hyperref{fig:ciphers}{figure }{}{fig:ciphers} for a complete list. 
Ciphers are encryption algorithms that use a single (secret) key
to encrypt and decrypt data. Block algorithms in TLS also provide protection
against statistical analysis of the data. \gnutls makes use of this property
thus, if you're operating in \tlsI mode, a random number of blocks will be
appended to the data. This will prevent eavesdroppers from guessing the 
actual data size.

\begin{figure}[hbtp]
\begin{tabular}{|l|p{9cm}|}

\hline
3DES\_CBC & 3DES\_CBC is the DES block cipher algorithm used with multiple (triple)
encryption (EDE). Has 64 bits block size and is used in CBC mode.
\\
\hline
ARCFOUR & ARCFOUR\footnote{A compatible cipher with RC4 of RSADSI} is a
fast stream cipher.
\\
\hline
AES\_CBC & AES or RIJNDAEL is the block cipher algorithm that replaces the old 
(and insecure\footnote{due to small key length}) DES algorithm. Has
128 bits block size and is used in CBC mode. This is not officially
supported in TLS (yet).
\\
\hline
TWOFISH\_CBC & TWOFISH is a block cipher algorithm by Counterpane. Has
128 bits block size and is used in CBC mode. This algorithm is not
part of TLS. It is a \gnutls extension.
\\
\hline
\end{tabular}
\caption{Supported cipher algorithms}
\label{fig:ciphers}
\end{figure}



\addvspace{1.5cm}

\begin{figure}[hbtp]
\begin{tabular}{|l|p{9cm}|}

\hline
MAC\_MD5 & MD5 is a hash algorithm by Ron Rivest. Outputs 128 bits of data.
\\
\hline
MAC\_SHA & SHA is a hash algorithm by NSA. Outputs 160 bits of data.
\\
\hline
\end{tabular}
\caption{Supported MAC algorithms}
\label{fig:mac}
\end{figure}