Question

I’m trying to learn more about encryption and would like a comprehensive list of the encryption algorithms currently in use. Could someone also explain which ones are most commonly used for securing sensitive data?

Answer 1

Here's a list of current encryption algorithms, categorized by type, along with an explanation of the most commonly used ones for securing sensitive data:

Symmetric Key Encryption Algorithms

• AES (Advanced Encryption Standard): Most widely used, considered secure, and recommended by NSA. Key sizes: 128, 192, and 256 bits.
• ChaCha20: Stream cipher, used in Google's TLS implementation and considered secure. Key size: 256 bits.
• Blowfish: Older, still used in some legacy systems, but not recommended for new applications. Key size: 32-448 bits.
• Twofish: AES finalist, still used in some systems, but not as widely adopted as AES. Key size: 128, 192, and 256 bits.
• CAST-128/256: Used in some legacy systems, but not recommended for new applications. Key size: 128 and 256 bits.
• RC4: Not recommended due to security vulnerabilities. Key size: variable.

Asymmetric Key Encryption Algorithms (Public-Key Cryptography)

• RSA (Rivest-Shamir-Adleman): Widely used for key exchange, digital signatures, and encryption. Key sizes: 2048, 3072, and 4096 bits (recommended).
• Elliptic Curve Cryptography (ECC):
  • ECDSA (Elliptic Curve Digital Signature Algorithm): Used for digital signatures. Key sizes: 256, 384, and 521 bits.
  • ECDH (Elliptic Curve Diffie-Hellman): Used for key exchange. Key sizes: 256, 384, and 521 bits.
  • Ed25519: A specific type of ECC, used for digital signatures. Key size: 256 bits.
• Diffie-Hellman (DH): Used for key exchange, but not recommended for new applications without ECC. Key sizes: variable.

Hash Functions

• SHA-256: Widely used, considered secure. Output size: 256 bits.
• SHA-3: Newest standard, considered secure. Output sizes: 224, 256, 384, and 512 bits.
• BLAKE2: Considered secure, used in some cryptographic protocols. Output sizes: 224, 256, 384, and 512 bits.

Most Commonly Used Algorithms for Securing Sensitive Data

1. AES-256 (symmetric key):
   • Full disk encryption (e.g., BitLocker, FileVault)
   • Data at rest encryption (e.g., encrypted databases, cloud storage)
2. RSA-2048/3072/4096 (asymmetric key):
   • Secure web browsing (HTTPS/TLS)
   • Email encryption (e.g., PGP, S/MIME)
   • Code signing and digital certificates
3. ECDSA/Ed25519 (asymmetric key):
   • Secure shell (SSH) connections
   • Code signing and digital certificates
   • Some secure messaging apps (e.g., Signal, WhatsApp)