Modern Cryptography Part 1: From TEA to Real-World Encryption

Learning Cryptography Through TEA

Cryptography’s mathematical complexity can intimidate. This series uses Tiny Encryption Algorithm (TEA) as an accessible entry point, then builds to production-grade algorithms and post-quantum cryptography.

Part 1 of a 3-part series from fundamentals to cutting-edge applications.

Source Code: github.com/LarsenClose/tea

Why TEA?

TEA is one of the simplest serious block ciphers:

Small enough to understand completely (~10 lines per round)
Uses only basic operations (XOR, shifts, addition)
Demonstrates fundamental principles
Not secure for production (perfect for learning)

Goal: Grok cryptography - understand so thoroughly it becomes intuitive.

TEA Fundamentals

Operates on: 64-bit blocks • 128-bit key • 32+ rounds recommended

Core operations:

XOR: Reversible (A ⊕ B ⊕ B = A), fast, uniform distribution
Logical shifts: Provide diffusion (one input bit affects many output bits)
Addition mod 2³²: Wrap-around addition handled by CPU overflow

Encryption process: Each round takes right half (R) into three branches (R<<4, R>>5, R), adds keys to each, XORs all together, adds to left half, swaps L and R.

Decryption: Reverse the process, subtract instead of add.

Why TEA Is Not Secure

Despite elegance, TEA has critical weaknesses:

Related-key attacks: Vulnerable when related keys used (2²³ chosen plaintexts)
Equivalent keys: Each key is equivalent to three others (groups of 4), reducing effective security from 2¹²⁸ to 2¹²⁶
Weak diffusion: Some input patterns don’t affect all output bits uniformly
Simple key schedule: Directly uses key blocks, no complex expansion

Result: Educational value high, production value zero.

Modern Cryptography: Production Algorithms

AES (Advanced Encryption Standard)

Adopted: 2001 by NIST after international competition

Why secure:

Larger blocks (128-bit vs TEA’s 64-bit)
Flexible key sizes (128, 192, 256 bits)
Complex round function (SubBytes, ShiftRows, MixColumns, AddRoundKey)
Proper key schedule (Rijndael expansion)
20+ years cryptanalysis, no practical breaks

Variants: AES-128 (10 rounds, most common) • AES-192 (12 rounds) • AES-256 (14 rounds, highest security)

ChaCha20

Created: 2008 by Daniel J. Bernstein • Adopted: Google Chrome, TLS 1.3, WireGuard VPN

Why ChaCha20:

AES requires hardware acceleration (AES-NI) for speed and timing-attack resistance
ChaCha20: fast, constant-time on any CPU
~2× faster than AES without hardware
Stream cipher (no block padding)
Simple ARX operations (Add, Rotate, XOR)

Usage: ChaCha20-Poly1305 (authenticated encryption), TLS 1.3 (preferred for mobile/embedded), WireGuard VPN (exclusive cipher)

Symmetric vs. Asymmetric Encryption

Symmetric (TEA, AES, ChaCha20)

Single shared key for encryption and decryption.

Pros: Fast (100-1000× faster than asymmetric) • Simple to implement • Quantum-resistant (with larger keys)

Cons: Key distribution problem • N participants need O(N²) keys

Use cases: Bulk data, disk encryption, VPNs, data at rest

Asymmetric (RSA, ECC)

Public/private key pair: Encrypt with public, decrypt with private.

Pros: No key distribution problem • Digital signatures • N participants need N key pairs

Cons: 100-1000× slower • Large key sizes (RSA 2048+ bits) • Quantum vulnerable (Shor’s algorithm)

Use cases: Key exchange, signatures, certificates, blockchain

Hybrid Approach (TLS, SSH, PGP)

Real systems combine both:

Asymmetric encryption exchanges symmetric session key
Symmetric encryption for actual data
Digital signatures for authentication

Modern Best Practices

Algorithm selection:

Symmetric: AES-256-GCM (default with hardware) • ChaCha20-Poly1305 (mobile/embedded without AES-NI)
Asymmetric (until post-quantum): Ed25519 (signatures) • X25519 (key exchange) • RSA-4096 (legacy only)
Hashing: SHA-256/SHA-3 (general) • BLAKE3 (maximum performance) • Argon2 (password hashing)

Don’t: Roll your own crypto • Use ECB mode • Reuse nonces/IVs • Use MD5 or SHA-1 (broken) • Hardcode keys • Encrypt without authentication

Do: Use established libraries (libsodium, OpenSSL) • Use authenticated encryption (GCM, Poly1305) • Generate cryptographically random keys • Implement constant-time comparisons • Plan for post-quantum migration

The Post-Quantum Threat

Timeline: Now (~100-1000 qubits, can’t break crypto) → 2030-2040 (cryptographically relevant quantum computers) → Store-now-decrypt-later attacks

Quantum impact:

Shor’s Algorithm: Breaks RSA, ECC (public-key crypto)
Grover’s Algorithm: Square root speedup for brute force (128-bit keys → effective 64-bit security)

Symmetric encryption: Quantum-resistant!

Adjustment: Use 256-bit keys instead of 128-bit
AES-256 maintains ~128-bit quantum security
No algorithm changes needed

NIST post-quantum standards:

Key encapsulation: CRYSTALS-Kyber (lattice-based, efficient)
Digital signatures: CRYSTALS-Dilithium (lattice-based, general purpose) • Falcon (compact) • SPHINCS+ (hash-based, conservative)

Key Takeaways

TEA taught: Fundamental operations (XOR, shifts, modular addition) • Why simplicity ≠ security • Importance of diffusion and confusion

Production cryptography requires: Complex round functions (AES) • Proper key schedules • Extensive cryptanalysis (20+ years) • Authenticated encryption (GCM, Poly1305)

Post-quantum preparation: Symmetric crypto (use 256-bit keys) • Asymmetric crypto (migrate to NIST standards) • Timeline (act before 2030)

Resources

Books: “Cryptography Engineering” (Ferguson, Schneier, Kohno) • “Serious Cryptography” (Aumasson)

Online: Cryptopals Challenges • NIST Post-Quantum Cryptography • libsodium

Part 1 (this post): TEA to Real-World Encryption
Part 2: Zero-Knowledge Proofs and ZK-SNARKs
Part 3: Cryptocurrency Security and Quantum Threats

Cryptography isn’t just about hiding information - it’s about building trustworthy systems in an adversarial world. The landscape has shifted toward post-quantum preparedness and authenticated encryption, but the principles remain fundamental.