Advanced Encryption Guide: AES, RSA, ECC & Post-Quantum Cryptography

This comprehensive guide explores advanced encryption concepts, algorithms, and protocols used in modern secure communication systems. Ideal for developers and security professionals.

Symmetric Encryption Algorithms

AES (Advanced Encryption Standard)

The gold standard for symmetric encryption, adopted by the U.S. government in 2001.

Key Features

• Key sizes: 128, 192, or 256 bits
• Block size: 128 bits
• Rounds: 10, 12, or 14 depending on key size
• Performance: Highly optimized, hardware acceleration available

Common Modes

• GCM (Galois/Counter Mode): Authenticated encryption, recommended for most use cases
• CBC (Cipher Block Chaining): Traditional mode, requires separate MAC
• CTR (Counter): Parallelizable, used in some protocols

ChaCha20

Modern stream cipher designed by Daniel J. Bernstein, increasingly popular as AES alternative.

Advantages

• Faster than AES on devices without hardware acceleration
• Constant-time implementation (resistant to timing attacks)
• Simple design, easier to implement securely
• Used with Poly1305 for authenticated encryption

Asymmetric Encryption

RSA (Rivest-Shamir-Adleman)

Widely used for key exchange and digital signatures.

Key Considerations

• Minimum key size: 2048 bits (4096 bits recommended for long-term security)
• Performance: Computationally expensive compared to symmetric encryption
• Padding schemes: Use OAEP for encryption, PSS for signatures
• Quantum threat: Vulnerable to quantum computers (Shor's algorithm)

Elliptic Curve Cryptography (ECC)

More efficient alternative to RSA with equivalent security at smaller key sizes.

Popular Curves

• Curve25519: Designed for ECDH key exchange, widely adopted
• Ed25519: For digital signatures, used in SSH, GPG
• P-256 (secp256r1): NIST standard, widely supported
• P-384, P-521: Higher security levels

Advantages Over RSA

• 256-bit ECC ≈ 3072-bit RSA security
• Faster computation
• Smaller keys and signatures
• Lower bandwidth and storage requirements

Key Exchange Protocols

Diffie-Hellman (DH)

Allows two parties to establish a shared secret over an insecure channel.

Variants

• Classic DH: Original implementation
• ECDH: Elliptic Curve version (more efficient)
• X25519: Modern ECDH using Curve25519

Perfect Forward Secrecy (PFS)

Ensures past communications remain secure even if long-term keys are compromised.

Implementation

• Generate ephemeral key pairs for each session
• Destroy session keys after use
• Used in TLS 1.3, Signal Protocol, etc.

Hash Functions

SHA-2 Family

• SHA-256: 256-bit output, widely used
• SHA-384, SHA-512: Higher security levels
• Applications: Digital signatures, certificate validation, password hashing (with proper techniques)

SHA-3 (Keccak)

• Different construction than SHA-2 (sponge function)
• Resistant to length extension attacks
• Suitable for applications requiring high security margins

BLAKE2/BLAKE3

• Faster than SHA-2 and SHA-3
• Cryptographically secure
• BLAKE3: Highly parallelizable, excellent for large data

Key Derivation Functions (KDFs)

PBKDF2 (Password-Based Key Derivation Function 2)

• Purpose: Derive cryptographic keys from passwords
• Iterations: Minimum 100,000 (OWASP recommendation)
• Use case: Password storage, key derivation

Argon2

Winner of the Password Hashing Competition (2015), recommended for new applications.

Variants

• Argon2id: Hybrid (recommended for most use cases)
• Argon2i: Optimized against side-channel attacks
• Argon2d: Maximum resistance to GPU attacks

scrypt

• Memory-hard function (resistant to hardware attacks)
• Used by Litecoin, Tarsnap
• Good balance of security and compatibility

Message Authentication Codes (MACs)

HMAC (Hash-based MAC)

• Combines hash function with secret key
• Provides authentication and integrity
• Common: HMAC-SHA256, HMAC-SHA512

Poly1305

• One-time authenticator
• Used with ChaCha20 for authenticated encryption
• Fast and constant-time

Authenticated Encryption

Why It's Important

Encryption alone doesn't guarantee integrity. An attacker could modify ciphertext without detection. Authenticated encryption solves this.

AEAD (Authenticated Encryption with Associated Data)

• AES-GCM: Most widely supported
• ChaCha20-Poly1305: Better on mobile devices
• AES-CCM: Used in some wireless protocols

Digital Signatures

RSA Signatures

• Padding: Use PSS (Probabilistic Signature Scheme)
• Hash function: SHA-256 or higher
• Key size: 2048 bits minimum

ECDSA (Elliptic Curve Digital Signature Algorithm)

• Smaller signatures than RSA
• Requires careful nonce generation (weak RNG = compromised key)
• Deterministic variant (RFC 6979) recommended

Ed25519

• Deterministic (no RNG required)
• Fast signature generation and verification
• Small signatures (64 bytes)
• Resistant to side-channel attacks

Modern Protocols

Signal Protocol

State-of-the-art end-to-end encryption protocol used by Signal, WhatsApp, Facebook Messenger.

Key Features

• Double Ratchet: Continuously updates keys
• Perfect Forward Secrecy: Past messages remain secure
• Post-Compromise Security: Recovers from key compromise
• Asynchronous: Works even when recipient is offline

TLS 1.3

Latest version of Transport Layer Security protocol.

Improvements

• Removed weak algorithms and cipher suites
• Always provides forward secrecy
• Faster handshake (1-RTT, 0-RTT option)
• Encrypted Server Hello

Noise Protocol Framework

Modern cryptographic protocol framework for building secure communication systems.

Applications

• WireGuard VPN
• Lightning Network
• I2P messaging

Post-Quantum Cryptography

The Threat

Quantum computers can break RSA and ECC using Shor's algorithm. Symmetric algorithms are less affected but require larger keys.

NIST Post-Quantum Candidates

• Kyber: Lattice-based key encapsulation
• Dilithium: Lattice-based digital signatures
• SPHINCS+: Hash-based signatures

Transition Strategy

• Hybrid approach: Combine classical and post-quantum algorithms
• Increase symmetric key sizes to 256 bits
• Monitor NIST standardization process
• Plan for algorithm agility

Implementation Best Practices

Don't Roll Your Own Crypto

Use established, peer-reviewed libraries:

• libsodium: High-level, easy to use
• OpenSSL: Comprehensive, widely supported
• BoringSSL: Google's OpenSSL fork
• Ring: Rust cryptography library

Key Management

• Use hardware security modules (HSMs) for critical keys
• Implement key rotation policies
• Never hardcode keys in source code
• Use key derivation for multiple purposes
• Securely delete keys from memory after use

Secure Random Number Generation

• Use cryptographically secure RNG (CSPRNG)
• Never use standard rand() functions
• Operating system RNGs: /dev/urandom (Linux), CryptGenRandom (Windows)
• Language-specific: crypto.randomBytes (Node.js), secrets module (Python)

Timing Attack Prevention

• Use constant-time comparison for secrets
• Avoid branching based on secret data
• Be aware of cache timing attacks
• Use libraries designed with timing attack resistance

Testing and Validation

Security Audits

• Regular penetration testing
• Code reviews by security experts
• Third-party security audits
• Bug bounty programs

Compliance

• FIPS 140-2/3: U.S. government standard
• Common Criteria: International security certification
• PCI DSS: Payment card industry requirements

Resources for Further Learning

Books

• "Cryptography Engineering" by Ferguson, Schneier, and Kohno
• "Serious Cryptography" by Jean-Philippe Aumasson
• "Applied Cryptography" by Bruce Schneier

Online Resources

• Cryptopals Crypto Challenges
• Stanford's Cryptography courses (Coursera)
• IACR ePrint Archive
• Crypto Stack Exchange