encryption-pattern
Encryption Security Pattern
Encrypt a message (data elements and/or action requests) to ensure its confidentiality with respect to entities that do not possess the correct decryption key.
Core Components
| Role | Type | Responsibility |
|---|---|---|
| EntityA | Entity | Wants to encrypt one or more data elements and/or action requests |
| EntityB | Entity | Wants to decrypt received ciphertext (may be same as EntityA) |
| Encrypter | Cryptographic Primitive | Library providing encryption action |
| Decrypter | Cryptographic Primitive | Library providing decryption action |
Note: Encrypter and Decrypter roles can be performed by a single library instance. Similarly, EntityA and EntityB can be the same entity.
Data Elements
- plaintext: Original data to be encrypted
- ciphertext: Encrypted data {plaintext}_k
- keyInfo: Information on cryptographic key (identifier or key material)
- config: Cipher configuration (algorithm, mode, parameters) - optional
Actions
- encrypt: Request to encrypt plaintext using identified key and configuration
- decrypt: Request to decrypt ciphertext using identified key and configuration
Pattern Flow
Encryption
EntityA → [encrypt(plaintext, keyInfo, config)] → Encrypter
Encrypter → [ciphertext] → EntityA
Decryption
EntityB → [decrypt(ciphertext, keyInfo, config)] → Decrypter
Decrypter → [plaintext] → EntityB
Symmetric vs. Asymmetric Encryption
Symmetric Ciphers
- Same secret key for encryption and decryption
- Fast performance
- Use for bulk data encryption
- Key distribution challenge
Asymmetric Ciphers
- Public key encrypts, private key decrypts
- Slower performance (significantly slower decryption)
- Use only for small amounts of data
- Better for key negotiation, digital signatures
Recommendation: Use symmetric ciphers for encrypting data. Use asymmetric ciphers only where appropriate (key exchange, small data).
Algorithm Recommendations
Symmetric Ciphers
| Algorithm | Key Length | Status |
|---|---|---|
| AES | 128 bits | Minimum recommended |
| AES | 256 bits | Recommended for long-term (30-50 years) |
| DES | 56 bits | Deprecated - never use |
| 3DES/TDEA | 168 bits | Deprecated - decrypt legacy only |
| Salsa/ChaCha | Variable | Use with caution (less studied than AES) |
Preferred: AES with minimum 128-bit key length. Use AES-256 for long-term protection.
Cipher Modes (for AES)
| Mode | Status | Notes |
|---|---|---|
| GCM | Recommended | Authenticated encryption |
| CCM | Recommended | Authenticated encryption |
| CBC | Acceptable | Requires separate MAC |
| CTR | Acceptable | Stream mode, needs MAC |
| ECB | Never use | Reveals patterns in plaintext |
Critical: Always use authenticated encryption modes (GCM, CCM) when possible. They provide both confidentiality AND integrity.
Asymmetric Ciphers
| Algorithm | Key Length | Status |
|---|---|---|
| RSA | 3072 bits | Recommended (≈ AES-128 security) |
| RSA | 2048 bits | Minimum acceptable |
| RSA-PKCS#1 v1.5 | Any | Avoid (padding oracle attacks) |
Note: RSA-3072 provides security strength comparable to AES-128.
Security Considerations
Reuse Existing Libraries
Specialization of Cryptographic action.Reuse existing libraries:
- Use well-known cryptographic libraries
- Verify library supports recommended ciphers
- Avoid libraries supporting only deprecated ciphers
- Consult library documentation
Use Keys for Single Purpose
Specialization of Cryptographic action.Use keys for single purpose:
- Never use encryption keys for other purposes (e.g., signing)
- Use different keys for different data types
- Symmetric key: one kind of plaintext only
- Asymmetric: public key for one kind of plaintext, private key for corresponding ciphertexts
Design for Change
Specialization of Cryptographic action.Design for change:
- Algorithms may become deprecated
- Key lengths may need to increase
- Design for easy cipher/library transitions
Authenticated Encryption
General consensus: Use authenticated encryption modes for symmetric ciphers.
Benefits:
- Provides integrity guarantees in addition to confidentiality
- Detects if ciphertext was modified after encryption (e.g., by attacker during transmission)
- Most libraries provide authenticated encryption modes for AES
Random Value Generation (Nonces/IVs)
If Entity must provide random values (nonces, initialization vectors):
- Always use cryptographically-secure generator
- OWASP provides overview of secure generators by language
- Never reuse nonce/IV with same key
Plaintext Leakage
Since plaintext needed encryption, it is likely sensitive:
- Analyze entire plaintext flow for potential leaks
- Check for caching before encryption
- Ensure plaintext doesn't leak through logs, errors, or side channels
Implementation Checklist
- Using AES with minimum 128-bit keys
- Using authenticated encryption mode (GCM/CCM)
- No ECB mode
- No deprecated ciphers (DES, 3DES for new data)
- RSA minimum 2048 bits (prefer 3072)
- No RSA-PKCS#1 v1.5
- Keys used for single purpose only
- Nonces/IVs from cryptographically-secure generator
- Plaintext flow analyzed for leaks
- Library supports recommended ciphers
- Designed for algorithm/key transitions
Related Patterns
- Cryptographic action (parent pattern)
- Cryptographic key management (key handling)
- Selective encrypted transmission (encryption in transit)
- Encrypted tunnel (channel-level encryption)
- Selective encrypted storage (encryption at rest)
- Transparent encrypted storage (storage-level encryption)
References
- Source: https://securitypatterns.distrinet-research.be/patterns/99_01_002__encryption/
- Bundesamt für Sicherheit in der Informationstechnik, 'Cryptographic Mechanisms: Recommendations and Key Lengths', BSI TR-02102-1, Mar. 2020
- N. P. Smart et al., 'Algorithms, Key size and parameters report', ENISA, Nov. 2014
- E. Barker, 'Recommendation for Key Management: Part 1 – General', NIST SP 800-57 Part 1, May 2020
- E. Barker, 'Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms', NIST SP 800-175B, Mar. 2020
- E. Barker and A. Roginsky, 'Transitioning the Use of Cryptographic Algorithms and Key Lengths', NIST SP 800-131A rev 2, Mar. 2019
- W. Breyha et al., 'Applied Crypto Hardening', bettercrypto.org, Dec. 2018
- P. C. van Oorschot, Computer Security and the Internet - Tools and Jewels, 2020
- awesome-cryptography: https://github.com/sobolevn/awesome-cryptography
More from igbuend/grimbard
tikz
LaTeX TikZ/PGF package for programmatic vector graphics and diagrams. Use when helping users draw flowcharts, trees, graphs, automata, circuits, geometric figures, or any custom diagram in LaTeX.
94latex
Comprehensive LaTeX reference for document creation, formatting, mathematics, tables, figures, bibliographies, and compilation. Use when helping users write, edit, debug, or compile LaTeX documents.
38pgfplots
LaTeX pgfplots package for data visualization and plotting. Use when helping users create line plots, bar charts, scatter plots, histograms, 3D surfaces, or any scientific/data plot in LaTeX.
33biblatex
LaTeX biblatex/biber packages for modern bibliography management. Use when helping users cite references, manage .bib files, choose citation styles, or troubleshoot bibliography compilation.
24ethical-hacking-ethics
Legal and ethical guidelines for bug bounties, pentesting, and security research. Use when conducting authorized security testing.
12amsmath
LaTeX amsmath/amssymb/mathtools packages for mathematical typesetting. Use when helping users write equations, align math, use mathematical symbols, matrices, theorems, or any advanced math formatting.
12