Symmetric Encryption

Scapi implements three main categories of symmetric encryption:

  1. An encryption based on modes of operation using a pseudo-random permutation and a randomized IV. The randomized IV is crucial for security. CBCEnc and CTREnc belong to this category.
  2. An authenticated encryption where the message gets first encrypted and then mac-ed. EncryptThenMac belongs to this category.
  3. Homomorphic encryption. Even though we do not currently implement any concrete homomorphic encryption, we provide the interfaces for future possible implementations.

The symmetric encryption family of classes implements three main functionalities that correspond to the cryptographer’s language in which an encryption scheme is composed of three algorithms:

  1. Generation of the key.
  2. Encryption of the plaintext.
  3. Decryption of the ciphertext.


We note that for authenticated encryption, two secret keys will be used, one for the encryption and one for the authentication.

The SymmetricEnc Interface

public interface SymmetricEnc extends Eav, Indistinguishable

This is the main interface for the Symmetric Encryption family. Any symmetric encryption scheme belongs by default at least to the Eavsdropper Security Level and to the Indistinguishable Security Level.

Encryption and Decryption

public SymmetricCiphertext encrypt(Plaintext plaintext)

Encrypts a plaintext. It lets the system choose the random IV.

  • plaintext

an IVCiphertext, which contains the IV used and the encrypted data.

public SymmetricCiphertext encrypt(Plaintext plaintext, byte[] iv)

This function encrypts a plaintext. It lets the user choose the random IV.

  • plaintext
  • iv – random bytes to use in the encryption pf the message.

an IVCiphertext, which contains the IV used and the encrypted data.

public Plaintext decrypt(SymmetricCiphertext ciphertext)

This function performs the decryption of a ciphertext returning the corresponding decrypted plaintext.

  • ciphertext – The Ciphertext to decrypt.

the decrypted plaintext.

Key Generation

public SecretKey generateKey(AlgorithmParameterSpec keyParams)

Generates a secret key to initialize this symmetric encryption.

  • keyParams – algorithmParameterSpec contains parameters for the key generation of this symmetric encryption.
  • InvalidParameterSpecException – if the given keyParams does not match this symmetric encryption.

the generated secret key.

public SecretKey generateKey(int keySize)

Generates a secret key to initialize this symmetric encryption.

  • keySize – is the required secret key size in bits.

the generated secret key.

Key Handling

public boolean isKeySet()

An object trying to use an instance of symmetric encryption needs to check if it has already been initialized.

Returns:true if the object was initialized by calling the function setKey.
public void setKey(SecretKey secretKey)

Sets the secret key for this symmetric encryption. The key can be changed at any time.

  • secretKey – secret key.
  • InvalidKeyException – if the given key does not match this encryption scheme.

The CBCEnc Interface

These is a marker interface, for the CBC method:

CBC Mode
public interface CBCEnc extends SymmetricEnc, Cpa

The CTREnc Interface

These is a marker interface, for the CTR method:

CTR mode
public interface CTREnc extends SymmetricEnc, Cpa

Basic Usage

Sender usage:

//Create an encryption object. The created object is a CTR-AES encryption scheme object.
SymmetricEnc encryptor = new ScCTREncRandomIV("AES");

//Generate a SecretKey using the created object and set it.
SecretKey key = encryptor.generateKey(128);

//Get a plaintext to encrypt, and encrypt the plaintext.
SymmetricCiphertext cipher = Encryptor.encrypt(plaintext);

//Send the cipher to the decryptor.

Receiver usage:

//Create the same SymmetricEnc object as the sender’s encryption object, and set the key.
//Get the ciphertext and decrypt it to get the plaintext.
Plaintext plaintext = decryptor.decrypt(cipher);

The AuthenticatedEnc Interface

public interface AuthenticatedEnc extends SymmetricEnc, Cca2
public class ScEncryptThenMac implements AuthenticatedEnc

This class implements a type of authenticated encryption: encrypt then mac.

The encryption algorithm first encrypts the message and then calculates a mac on the encrypted message.

The decrypt algorithm receives an encrypted message and a tag. It first verifies the encrypted message with the tag. If verifies, then it proceeds to decrypt using the underlying decrypt algorithm, if not returns a null response.

This encryption scheme achieves Cca2 and NonMalleable security level.

Basic Usage

//Create the PRP that is used by the encryption object.
AES aes = new BcAES();

//Create encryption object.
SymmetricEnc enc = new ScCTREncRandomIV(aes);

//Create the PRP that is used by the Mac object.
TripleDES tripleDes = new BcTripleDES();

//Create Mac object.
Mac cbcMac = new ScCbcMacPrepending(tripleDes);

//Create the encrypt-then-mac object using encryption and authentication objects.
ScEncryptThenMac encThenMac = new ScEncryptThenMac(enc, cbcMac);

// prepare the plaintext
Plaintext plaintext;

// encrypt
SymmetricCiphertext cipher = encThenMac.encrypt(plaintext);

// decrypt
Plaintext decrypted = encThenMac.decrypt(cypher);