How are ciphers related to cryptographic algorithms like DES or AES?

A cryptographic algorithm can be any specific mathematical description (the algorithm) related to cryptography. There are specific types of algorithms such as hash algorithms, block ciphers, stream ciphers, signature algorithms, pseudo-random number generators etc.

Cryptographic algorithms may be used to perform encryption / decryption. In that case the algorithm would be called a cipher. This could be a stream cipher, a block cipher or an asymmetric cipher such as RSA. The block cipher generally has to be used in a mode of operation to be secure, i.e. to comply with the properties we normally associate with a full cipher. Modes of operation include CBC mode and GCM mode.

AES is a block cipher and yes, it is certainly in the family of block ciphers. It is special in the sense that it has been standardized by NIST as the main cipher to use in the US, succeeding DES. It's original name is Rijndael after the authors, Vincent Rijmen and Joan Daemen (although AES only uses a specific subset of the Rijndael specification).

Rijndael became the Advanced Encryption Standard after it won the AES competition; if another cipher had won then that cipher would have become AES - and there were algorithms such as Serpent that would have be considered more secure. Rijndael is however also rather efficient to implement in both hardware and software - at least compared to the other algorithms in the competition, at that time.

Note that block ciphers are not just used for encryption / decryption. Like hash algorithms they are often used as primitive to build other functions. Block ciphers can for instance be used to build modes of authentication. Examples are AES-CMAC, AES-GMAC and AES in Poly1305. This is an advantage they have over stream ciphers, which are more limited: block ciphers are (keyed) Pseudo Random Permutations that have specific properties required by such schemes.

Stream ciphers are generally rather efficient in software. However, they also often require a larger state (more memory). You can use a block cipher in a stream mode of operation such as counter (CTR) mode, the underlying mode used by AES-GCM and many other authenticated modes of encryption. That way they have similar properties as stream ciphers, such as being able to encrypt each byte separately (and therefore they don't need a padding mode of operation).


A cipher is a cryptographic algorithm.

Stream ciphers generate keystream by x-oring the plaintext to encrypt. They are very fast compared to block ciphers. A benchmark comparison can be seen at WolfSSL website, compare AES-128 vs ChaCha.

Block ciphers operate on blocks as Advanced Encryption Standard (AES) is 128-bit block-size.

AES is one of the Block ciphers as the current standard by NIST (before AES, there were Data Encryption Standard (DES) as the previous standard). Twofish, Speck and Simon (last two from NSA), etc. are other members of block ciphers.

There is an interesting relation between block ciphers and stream ciphers. That is; you can convert any block cipher into stream cipher by using an appropriate block cipher mode of operation, as OFB and CTR. AES in CTR mode of operation is used in AES-GCM mode, and it is currently used in the standard cipher suites in TLS 1.3;

  • {0x13,0x01} - TLS_AES_256_GCM_SHA384
  • {0x13,0x02} - TLS_CHACHA20_POLY1305_SHA256
  • {0x13,0x03} - TLS_AES_128_GCM_SHA256
  • {0x13,0x04} - TLS_AES_128_CCM_8_SHA256
  • {0x13,0x05} - TLS_AES_128_CCM_SHA256

Tags:

Terminology

Cryptography

Ciphers

Related

Is it possible to take an image of the firmware of HDD and SSD? If I know the CPU architecture of a target, can I send instructions embedded in an image? How does a polymorphic virus identify whether it's already infected a file? How should source code security be checked? Why do companies not give root access to employees on their desktop machines? Why is some meta data not encrypted in Proton Mail? How do services with high uptime apply patches without rebooting? Should admin users confirm their password before changing a user password? Why do we use Oauth2 instead of Basic Auth in server to server communication using SSL? Does incognito/private browsing prevent XSS attacks? Can "Accept cookie" button in a website be malicious? I don't understand what's wrong with just using cookies for authentication?

Recent Posts