In conventional cryptography, also called secret-key or symmetric-key encryption, one key is used both for encryption and decryption. Figure 1-2 is an illustration of the conventional encryption process.
Figure 1-2. Conventional encryption
A substitution cipher is an extremely simple example of conventional cryptography. A substitution cipher substitutes one piece of information for another. This is most frequently done by offsetting letters of the alphabet. In Julius Caesar's cipher, the algorithm is to offset the alphabet and the key is the number of characters to offset it.
For example, if we encode the word "SECRET" using Caesar's key value of 3, we offset the alphabet so that the 3rd letter down (D) begins the alphabet.
Plain Text ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher Text DEFGHIJKLMNOPQRSTUVWXYZABC
Conventional encryption has benefits. It is very fast. It is especially useful for encrypting data that is not going anywhere. However, conventional encryption alone as a means for transmitting secure data can be quite expensive simply due to the difficulty of secure key distribution. The expense of secure channels and key distribution relegated its use only to those who could afford it, such as governments and large banks (or small children with secret decoder rings).
Recall a character from your favorite spy movie: the person with a locked briefcase handcuffed to his or her wrist. What is in the briefcase, anyway? It's probably not the missile launch code/ biotoxin formula/ invasion plan itself. It's the key that will decrypt the secret data.
For a sender and recipient to communicate securely using conventional encryption, they must agree upon a key and keep it secret between themselves. If they are in different physical locations, they must trust a courier, the Bat Phone, or some other secure communication medium to prevent the disclosure of the secret key during transmission. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all information encrypted or authenticated with that key. The persistent problem with conventional encryption is key distribution: how do you get the key to the recipient without someone intercepting it?
And the minor problem with it is the storage of keys: when you want to communicate with a lot of people and you have one key for each partner, how do you manage so many keys?