๐
Cryptography Cheat Sheet
Encryption algorithms, hashing, and key exchange methods
| Algorithm | Type | Key Size | Use Case | Speed | Notes |
|---|---|---|---|---|---|
| AES | Symmetric | 128/192/256 bits | Data encryption, disk encryption | Fast | Current standard, replaces DES |
| DES | Symmetric | 56 bits | Legacy (insecure) | Fast | Deprecated, easily cracked |
| 3DES | Symmetric | 168 bits (effective 112) | Legacy financial systems | Slow | Apply DES 3 times, deprecated |
| Blowfish | Symmetric | 32-448 bits | Password hashing, legacy apps | Fast | Replaced by Twofish |
| Twofish | Symmetric | 128/192/256 bits | Disk encryption, TrueCrypt | Fast | AES finalist |
| ChaCha20 | Symmetric | 256 bits | TLS, mobile devices | Very fast | Alternative to AES, no hardware needed |
| RSA | Asymmetric | 2048-4096 bits | Key exchange, digital signatures | Slow | Based on prime factorization |
| ECC | Asymmetric | 256-521 bits | TLS, mobile, IoT | Faster than RSA | Smaller keys = same security |
| Diffie-Hellman (DH) | Key Exchange | 2048+ bits | Key agreement over insecure channel | Medium | Vulnerable to MITM without auth |
| ECDH | Key Exchange | 256-521 bits | TLS key exchange | Fast | ECC-based Diffie-Hellman |
| MD5 | Hash | 128-bit output | Checksums only (insecure) | Fast | Collision attacks, never for security |
| SHA-1 | Hash | 160-bit output | Legacy (deprecated) | Fast | Collision found 2017, avoid |
| SHA-256 | Hash | 256-bit output | Digital signatures, SSL certs | Fast | Current standard, SHA-2 family |
| SHA-384/512 | Hash | 384/512-bit output | High-security applications | Fast | SHA-2 family, longer output |
| SHA-3 | Hash | 224-512-bit output | Next-gen hashing | Medium | Keccak algorithm, different design |
| bcrypt | Password Hash | 184-bit output | Password storage | Intentionally slow | Adaptive cost factor |
| scrypt | Password Hash | Configurable | Password storage, crypto | Memory-hard | Resistant to GPU attacks |
| Argon2 | Password Hash | Configurable | Modern password storage | Memory-hard | Winner of PHC, recommended |
| HMAC | MAC | Varies | Message authentication | Fast | Hash + secret key |
| PBKDF2 | Key Derivation | Configurable | Derive keys from passwords | Configurable iterations | NIST recommended |
๐ Symmetric vs Asymmetric
Symmetric: Same key encrypts/decrypts. Fast. (AES)
Asymmetric: Public/private key pair. Slower. (RSA, ECC)
โ Current Standards
- โข Encryption: AES-256
- โข Hashing: SHA-256+
- โข Passwords: Argon2 or bcrypt