The Advanced Encryption Standard (Rijndael)
|
|
- Derrick Parsons
- 6 years ago
- Views:
Transcription
1 The Advanced Encryption Standard (Rijndael)
2 AES: Why a new Standard?. Old standard insecure against brute-force attacks 2. Straightforward fixes lead to inefficient Triple DES 3. implementations 4. New trends in fast software encryption use of basic instructions of the microprocessor 5. New ways of assessing cipher strength differential cryptanalysis linear cryptanalysis
3 AES: Why a Contest? Speed-up the acceptance of the standard Small number of specialists in the open research Focus the effort of cryptographic community Stimulate the research on methods of constructing secure ciphers Avoid backdoor theories
4 AES: General Form
5 AES: Rules of the Game Each team submits: Detailed cipher description Justification of design decisions Tentative results of cryptanalysis Source code in C Source code in Java Test vectors
6 AES: Candidates Round, June 998: 5 Candidates from USA, Canada, Belgium, France, Germany, Norway, UK, Isreal, Korea, Japan, Australia, Costa Rica. Security, Software efficiency Round 2, August 999: 5 final candidates Mars, RC6, Rijndael, Serpent, Twofish Security, Hardware efficiency October 2 winner: Rijndael Belgium
7 AES: Candidates USA: Mars, RC6, Twofish, Safer+, HPC Canada: CAST-256, Deal Costa Rica: Frog Australia: LOKI97 Japan: E2 Korea: Crypton Belgium: Rijndael France: DFC Germany: Magenta Israel, GB, Norway: Serpent America (8) Europe (4) Asia (2) Australia ()
8 AES: Candidates Survey filled by 4 participants of the Second AES Conference in Rome, March 999 Middle-of-the-Road 7. CAST Safer DFC -5 Mild NO. Crypton -5 Overwhelming NO. DEAL HPC Magenta Loki Frog -85
9 AES: Candidates Survey filled by 4 participants of the Second AES Conference in Rome, March 999 Overwhelming YES:. Rijndael RC Twofish Mars Serpent +45 Mild YES 6. E2 +4
10 AES: Final 5 USA Mars - IBM C. Burwick, D. Coppersmith, E. D Avignon, R. Gennaro, S. Halevi, C. Jutla, S. M. Matyas, L. O Connor, M. Peyravian, D. Safford, N. Zunic RC6 - RSA Data Security, Inc. R. Rivest - MIT M. Robshaw, R. Sidney, Y. L. Yin - RSA Twofish - Counterpane Systems B. Schneier, J. Kelsey, C. Hall, N. Ferguson - Counterpane, D.Whiting - Hi/fn, D. Wagner - Berkeley
11 AES: Final 5 Europe Rijndael - J. Daemen, V. Rijmen Katholieke Universiteit Leuven Belgium Serpent - R. Anderson, Cambridge, England E. Biham - Technion, Israel L. Knudsen, University of Bergen, Norway AES Finalists (2)
12 RC6 The elegant AES choice Ron Rivest Matt Robshaw Yiqun Lisa Yin
13 RC6 is the right AES choice Security Performance Ease of implementation Simplicity Flexibility
14 RC6 is simple: only 2 lines B = B + S[ ] D = D + S[ ] for i = to 2 do { t = ( B x ( 2B + ) ) <<< 5 u = ( D x ( 2D + ) ) <<< 5 A = ( ( A t ) <<< u ) + S[ 2i ] C = ( ( C u ) <<< t ) + S[ 2i + ] (A, B, C, D) = (B, C, D, A) } A = A + S[ 42 ] C = C + S[ 43 ]
15 Simplicity Facilitates and encourages analysis allows rapid understanding of security makes direct analysis straightforward (contrast with Mars and Twofish) Enables easy implementation allows compilers to produce high-quality code obviates complicated optimizations provides good performance with minimal effort
16 RC6 key schedule is rock-solid Studied for more than six years Secure thorough mixing one-way function no key separation (cf. Twofish) no related-key attacks (cf. Rijndael)
17 Original analysis still accurate RC6 meets original design criteria Security estimates from 998 still good today; independent analyses supportive. Secure, even in theory, even with analysis improvements far beyond those seen for DES during its lifetime RC6 provides a solid, well-tuned margin for security
18 How do we grade candidates? Security (corroborated) Performance (speed+memory) 32-bit (3%) Java (2%) DSP (5%) 64-bit (5%) Hardware (5%) 8-bit (5%) Ease of implementation Simplicity Flexibility Overall: 4/25/5//
19 Conclusions RC6 is a simple yet remarkably strong cipher good performance on most important platforms simple to code for good performance excellent flexibility the most studied finalist the best understood finalist RC6 is the secure and elegant choice for the AES
20 (The End)
21 AES: Performance Evaluation
22 AES: Performance Evaluation
23 AES: Performance Evaluation
24 AES: Performance Evaluation
25 AES: Performance Evaluation
26 AES: Performance Evaluation
27 AES: Performance Evaluation
28 AES: Performance Evaluation
29 AES: Performance Evaluation
30 AES: Performance Evaluation
31 AES: Performance Evaluation
32 AES: Performance Evaluation
33 AES: Performance Evaluation
34 AES: Performance Evaluation
35 AES: Summary of Final-5 Evaluation Serpent [2] Pluses: large security margin cryptanalytical reputation of authors conservative construction very fast in hardware Minuses: slow in software moderate flexibility
36 AES: Summary of Final-5 Evaluation Rijndael [] Pluses: fastest in hardware close to the fastest in software security margin novel ideas very high flexibility Minuses: security margin
37 AES: Summary of Final-5 Evaluation Twofish Pluses: good security margin fast encryption/decryption in software US strongly advertized Minuses: moderately fast in hardware slow key setup in software moderate flexibility
38 Rijndael OverView Designed by Joan Daemen and Vincent Rijmen (from Leuven Belgium) Based upon the Square Cipher 3 Design Goals:. Resistance against known attacks 2. Speed and code compactness on a variety of platforms 3. Design simplicity
39 Rijndael OverView Rijndael/AES Designed by: Joan Daemen, Proton World International Vincent Rijmen, Katholique Universiteit Lueven Block cypher Symmetric key Arithmetic based in the Galois Field GF(2 8 ) Fast and scalable Resistant to all known cryptanalysis attacks
40 Dr. Vincent Rijmen
41 Rijndael The block cipher Rijndael is designed to use only simple whole-byte operations. Also, it provides extra flexibility over that required of an AES candidate, in that both the key size and the block size may be chosen to be any of 28, 92, or 256 bits.
42 Rijndael OverView Rijndael is not a Feistel cipher 3 distinct invertible layers per round Encryption and decryption algorithms are different Rijndael uses the Wide Trail Strategy. Non-linear layer (confusion) 2. Linear mixing layer (diffusion) 3. Key addition layer
43 Rijndael OverView State and Round Key representations The State is the intermediate cipher result Both the State and the Round Key are interpreted as rectangular arrays of bytes Number of columns in the State and Round Key arrays depend on block and key sizes, respectively
44 Rijndael OverView Rijndael is a block cipher that encrypts and decrypts 28, 92, and 256 bit blocks, using 28, 92, and 256 byte keys in any combination. The block is considered to be structured as 4, 6, or 8 columns of 4 bytes, depending on block size.
45 Rijndael During an early stage of the AES process, a draft version of the requirements would have required each algorithm to have three versions, with both the key and block sizes equal to each of 28, 92, and 256 bits. This was later changed to make the three required versions have those three key sizes, but only a block size of 28 bits, which is more easily accommodated by many types of block cipher design.
46 Rijndael The original description of Rijndael is available at: However, the variations of Rijndael which act on larger block sizes apparently will not be included in the actual standard, on the basis that the cryptanalytic study of Rijndael during the standards process primarily focused on the version with the 28-bit block size. Rijndael is a relatively simple cipher in many respects.
47 Rijndael: Number of Rounds Rijndael has a variable number of rounds. The number of rounds in Rijndael is:. if both the block and the key are 28 bits long if either the block or the key is 92 bits long, and neither of them is longer than that if either the block or the key is 256 bits long.
48 Rijndael OverView Each round consists of 4 steps Step : ByteSub Transformation (Confusion) Step 2: ShiftRow Transformation (Diffusion) Step 3: MixColumn Transformation (Diffusion) Step 4: Round Key Addition Final round slightly different from other rounds
49 Rijndael OverView The basic operations applied to the block are: ) ByteSub: Applying an S-box (substituting each byte with another, based on an equation in GF(2^8)); 2) ShiftRow: Shifting the rows in a circular way, the amount of shift (,, 2, 3, or 4 bytes) depending on the position from the top and on the block size,
50 Rijndael OverView 3) MixColumn: Mixing the 4, 6, or 8 columns vertically by taking invertible linear combinations (in GF(2^8) of the elements in each column and; 4) Round Key Addition: XORing each byte with a round key (done before the first round for whitening, and again at the end of each round),
51 Rijndael: Algorithm Rijndael CypherAES(data_block, key) {in State, RoundKeys State  State xor RoundKey for Round = to Nr SubBytes(State) ShiftRow (State) If not(last Round) then MixColumn(State) State  State xor RoundKey Round out State }
52 Rijndael: Sequence of Operations The extra final round omits the Mix Column step, but is otherwise the same as a regular round. Thus, the sequence of steps in Rijndael is: ARK BSB, SR, MC, ARK; BSB, SR, MC, ARK; BSB, SR, MC, ARK;... BSB, SR, MC, ARK; BSB, SR, ARK; 9 of them
53 Rijndael: Sequence of Operations Where: ARK = Add Round Key BSB = Byte Sub Block SR = Shift Row MC = Mix Column
54 Rijndael
55 Rijndael: two-dimensions Scheme
56 Rijndael: Block Representation Rijndael considers a 28-bit block grouped into 6 bytes of 8 bits each. Let us call each of these 6 bytes as, b 5 b 4 b 3 b 2 b b. Rijndael deals with this block as bytes arranged into a 4*4 matrix, & b b b % b 2 3 b b b b b b b b 8 9 b b b b # "
57 Rijndael: Round s Steps In the Byte Sub step each byte of the block is replaced by its substitute in an S-box. ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) " # % & ' " # % & b S b S b S b S b S b S b S b S b S b S b S b S b S b S b S b S b b b b b b b b b b b b b b b b
58 S-Box: Look-up Table method Write a byte as 8 bits: x 7 x 6 x 5 x 4 x 3 x 2 x x. Look for the entry in the x 7 x 6 x 5 x 4 row and x 3 x 2 x x column.
59 Rijndael: S-Box Códigos 6 y 37 Criptografía Francisco 5 76 Rodríguez Henríquez 22
60 Rijndael: Round s Steps The specification for Rijndael only provided an explanation of how the S-box was calculated: the first step was to replace each byte with its reciprocal in the same GF(2 8 ) as used below in the Mix Column step, except that, which has no reciprocal, is replaced by itself (since it isn't anything's reciprocal either, it is the only value not used, so that makes sense) then a bitwise modulo-two matrix multiply was used, and finally the hexadecimal number 63 is XORed with the result.
61 Rijndael: ByteSub Step S-Box ArithmeticElements in G := GF(2 8, +a+a 3 +a 4 +a 8 ) n hex Þ n bin Þ (polynomial with nõs bits for coeffs) Arithmetic in Z 2 (+/*), then mod by +a+a 3 +a 4 +a 8 polynomial Þ n bin Þ n hex ByteSub(x) = A «Mx hex Precompute and use look-up table
62 The Construction of the S-Box Although the S-box is implemented as a lookup table, it has a simple mathematical description. Start with a byte x 7 x 6 x 5 x 4 x 3 x 2 x x, where each x i is a binary bit. Compute its inverse in GF(2 8 ). If the byte is, use the same as its inverse.
63 The Construction of the S-Box The resulting byte y 7 y 6 y 5 y 4 y 3 y 2 y y represents an 8-dimensional column vector, with the rightmost bit y in the top position. Multiply by a matrix and add the column vector (,,,,,, ) to obtain a vector z 7 z 6 z 5 z 4 z 3 z 2 z z as shown in the next slide:
64 The Construction of the S-Box " # % & = " # % & + " # % & " # % & z z z z z z z z y y y y y y y y
65 The Construction of the S-Box For example, start with the byte = CB. Its inverse in GF(2 8 ) is = 4, then: " # % & = " # % & + " # % & " # % &
66 The Construction of the S-Box This yields the byte = F. Note that the input vector was. The 4 MSBs of the input vector are thus and this gives us the 3 th row in the S-Box. Similarly, yields us the 4 th column in the S-Box. By checking the S-box we see that indeed 3 = F is the corresponding entry in the S- Box as claimed.
67 Rijndael: Shift Row Step Next is the Shift Row step. Considering the 28-bit block grouped into 6 bytes of 8 bits each, call them, b 5 b 4 b 3 b 2 b b. these bytes are arranged into a 4*4 matrix, and shifted as follows:
68 Rijndael: Shift Row Step Blocks that are 92 and 256 bits long are shifted like this: from to from to Códigos y 2 Criptografía
69 Rijndael: Mix Column step Next comes the Mix Column step. Matrix multiplication is performed: each column, in the arrangement we have seen above, is multiplied by the matrix: However, this multiplication is done over GF(2 8 ). This means that the bytes being multiplied are treated as polynomials rather than numbers.
70 Rijndael: Mix Column step GF(2 8 )The Galois Field with 2 8 elements is the Finite Field GF(2 8 )=Z 2 [x]/m(x) where m is irreducible in Z 2 [x] and has degree 8. Rijndael chooses m(x) = + x + x 3 + x 4 + x 8
71 Rijndael: Mix Column step If the result has more than 8 bits, the extra bits are not simply discarded: instead, they're cancelled out by XORing the binary 9-bit string with the result (shifted right if necessary). This string stands for the generating polynomial of the particular version of GF(2^8) used by Rijndael.
72 Rijndael: Mix Column step For example, multiplying the binary string by 3 within this Galois Field works like this: (XOR instead of addition) (this is XORed, instead of subt. 256)
73 Rijndael: Mix Column step MixColumn ArithmeticMixColumn is equivalent to with arithmetic in GF( 2 8 ).
74 Rijndael: Add Round Key The final step is Add Round Key. This simply XORs in the subkey for the current round.
75 Rijndael: Key Schedule Round keys extracted from the cipher key in two steps:. Initial key expansion First bits of the expanded key are set to the bits of the cipher key Remaining bits calculated recursively as a non-linear function of the previous bits of the expanded key 2. Round key selection from expanded key
76 Rijndael: Key Schedule The original key consists of 28 bits, which are arranged into a 4*4 matrix of bytes. This matrix is expanded by adjoining 4 more columns, as follows. Label the first four columns W(), W(), W(2), W(3). The new columns are generated recursively. Suppose columns up through W(i-) have been defined. If i is not a multiple of 4, then form the new column as, W(i) = W(i-4) W(i-).
77 Rijndael: Key Schedule If i is a multiple of 4, then W(i) = W(i-4) T(W(i-)), Where T(W(i-)) is the transformation of W(i-) as follows. Let the elements of the columns are w w w 2 w 3. Shift these cyclically to obtain w w 2 w 3 w. Then replace each of these bytes with the corresponding element in the S-box from the ByteSub step, to get 4 bytes y y y 2 y 3.
78 Rijndael: Key Schedule Finally compute the round constant r i 4 ( i) = 4 In GF(2 8 ). Recall that we are in the case where i is a multiple of 4. Then T(W(i-)) is the column vector (y r(i), y y 2 y 3 )
79 Rijndael: Key Schedule In this way, columns W(4),,W(43) are generated from the initial four columns. The round key for the ith round consists of the columns: W(4i), W(4i+), W(4i+2), W(4i+3.)
80 Rijndael: Key Schedule Because it begins and ends with an ARK (Add Round Key) step, there is no wasted unkeyed step at the beginning or end. The sequence of operations is important for facilitating decipherment, as well. Although the sequence is not symmetrical, the order of some of the steps in Rijndael could be changed without affecting the cipher. The Byte Sub step could just as easily be done after the Shift Row step as before it.
81 Rijndael: Key Schedule For keys 28 and 92 bits in length, the subkey material, which consists of all the round keys in order, consists of the original key, followed by stretches, each the length of the original key, consisting of four-byte words such that each word is the XOR of the preceding four-byte word and either the corresponding word in the previous stretch or a function of it.
82 Rijndael: Key Schedule For the first word in a stretch, the word is first rotated one byte to the left, and then its bytes are transformed using the S-box from the Byte Sub step, and then a round-dependent constant is XORed to its first byte.
83 Rijndael: Key Schedule The round constants are:
84 Rijndael: Decryption Inverse Cypher: Reverse Steps Use Keys in Reverse Order ByteSub and ShiftRow Commute MixColumn Matrix is Invertible
85 Rijndael: Decryption. The inverse of ByteSub is another lookup table, called InvByteSub. 2. The inverse of ShiftRow is obtained by shifting the rows to the right instead of to the left, yielding InvShiftRow.
86 Rijndael: Decryption 3. The inverse of MixColumn exists because the 4*4 matrix used in MixColumn is invertible. The transformation InvMixColumn is given by multiplication by the matrix " # % & E D B B E D D B E D B E
87 Rijndael: Sequence of Operations for Encryption The extra final round omits the Mix Column step, but is otherwise the same as a regular round. Thus, the sequence of steps in Rijndael is: ARK BSB, SR, MC, ARK; BSB, SR, MC, ARK; BSB, SR, MC, ARK;... BSB, SR, MC, ARK; BSB, SR, ARK; 9 of them
88 Rijndael: Sequence of Operations Where: ARK = Add Round Key BSB = Byte Sub Block SR = Shift Row MC = Mix Column
89 Rijndael: Decryption 4. AddRoundKey is its own inverse. Hence to decrypt we have to perform the following steps: ARK, ISR, IBS ARK, IMC, ISR, IBS; ARK, IMC, ISR, IBS;... ARK, IMC, ISR, IBS; ARK;
90 Rijndael: Decryption However, we would like to rewrite this decryption in order to make it look more like encryption. We make the following observations: I. The order of BS and the SR operations are exchangable (why??). II. We also would like to reverse the order of ARK and IMC but this is not possible.instead we proceed as follows:
91 Rijndael: Decryption ( c )" ( m )( c )" ( e ) = ( m )( c ) ( k ). i, j i, j i, j i, j i, j i, j i, j Where (m i,j ) is the 4*4 matrix in MixColumn and (k i,j ) i j is the round key matrix. The inverse is obtained by solving (e i,j ), namely, ( ) ( e ) = ( m )( c ) ( k ). i, j i, j i, j i, j e, for (c i,j ) in terms of ( c ) = ( m ) ( e )" ( m ) ( k ). i, j i, j i, j i, j i, j
92 Rijndael: Decryption Therefore the decryption process to follow is: The first arrow is simply InvMixColumn applied to (e i,j ). If we let InvAddRoundKey be XORing with (k i,j ), then we have that the inverse of MC then ARK is IMC then IARK. ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) ( ) j i j i j i j i j i j i j i j i j i k m k k e m e m e,,,,,,,,, Where, = " " #
93 Rijndael: Decryption We now see that decryption is given by: ARK, IBS, ISR IMC, IARK, IBS, ISR; IMC, IARK, IBS, ISR;... IMC, IARK, IBS, ISR; ARK. Summarizing we have the following procedures to perform encryption/decryption with Rijndael algorithm:
94 Rijndael: Encryption. ARK using the th key. 2. Nine rounds of BS, SR, MC, ARK using round keys to A final round: BS, SR, ARK, using the th round key.
95 Rijndael: Decryption. ARK using the th key. 2. Nine rounds of IBS, ISR, IMC, IARK using round keys 9 to. 3. A final round: IBS, ISR, ARK, using the th round key.
96 Rijndael: Why MixColumn is omitted in the last round? Suppose MixColumn had been left in. Then the encryption would start ARK, BS, SR, MC, ARK,, and it would end ARK, BS, SR, MC, ARK. Therefore, the beginning o fthe decryption would be (after the reorderings) IMC, IARK, IBS, ISR,. This means the decryption would have an unnecessary IMC at the beginning.
97 Rijndael: Why MixColumn is omitted in the last round? Another way to look at encryption is that there is an initialark, then a sequence of alternating half rounds (BS, SR), (MC, ARK), (BS, SR),, (MC, ARK), (BS, SR), followed by a final ARK. The decryption is ARK, followed by a sequence of alternating half rounds: (IBS, ISR), (IMC, IARK), (IBS, ISR),, (IMC, IARK), (IBS, ISR)
98 Rijndael: Why MixColumn is omitted in the last round? Followed by a final ARK. From this point of view, we see that a final MC would not fit naturally into any of the half rounds, and it results natural to leave it out.
99 Rijndael: SOme design consideration comments. On 8-bit processors, decryption is not quite as fast as encryption. This is because the entriesof the 4*4 matrix for InvMixColumn are more complex than those for MixColumn, and this is enough to make decryption take around 3% longer than encryption for those processors.
100 Rijndael: SOme design consideration comments. The fact that encryption and decryption are not identical processes leads to the expectation that there are no weak keys in Rijndael, in contrast to DES and several other algorithms. In Rijndael all the bits are treated uniformly. This has the effect of diffusing the input bits faster.
101 Rijndael: SOme design consideration comments. It can be shown that two rounds are enough to obtain full difussion, namely, each of the 28 output bits depends on each of the 28 input bits. The Rijndael S-box is highly nonlinear, since it is based on the mapping x x - in GF(2 8 ). This means that Rijndael is excellent resisting differential and linear cryptoanalysis attacks.
102 Rijndael: SOme design consideration comments. The ShiftRow step was added to resist two recently developed attacks, namely truncated differentials and the Square attack (Square is a predecessor of Rijndael). The MixColumn causes diffusion among the bytes. A change in one input byte in this step always results in all four output bytes changing. If two input bytes are changed, at least three output bytes are changed.
103 Rijndael: SOme design consideration comments. The Key Schedule involves nonlinear mixing of the key bits, since it uses the S-box. The mixing is designed to resist attacks where the cryptoanalyst knows part of the key and tries to deduce the remaining bits. The round constants are used to eliminate symmetries in the encryption process by making each round different.
104 Rijndael: SOme design consideration comments. The number of rounds was chosen to be because there are attacks that are better than brute force up to six rounds. No known attack beats brute force for seven or more rounds. It was felt that four extra rounds provide a large enough margin of safety. Of course, the number of rounds could easily be increased if needed.
Week 5: Advanced Encryption Standard. Click
Week 5: Advanced Encryption Standard Click http://www.nist.gov/aes 1 History of AES Calendar 1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty
More informationAES Advanced Encryption Standard
AES Advanced Encryption Standard AES is iterated block cipher that supports block sizes of 128-bits and key sizes of 128, 192, and 256 bits. The AES finalist candidate algorithms were MARS, RC6, Rijndael,
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 6: Advanced Encryption Standard (AES) Ion Petre Department of IT, Åbo Akademi University 1 Origin of AES 1999: NIST
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 4 The Advanced Encryption Standard (AES) Israel Koren ECE597/697 Koren Part.4.1
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5 January 23, 2012 CPSC 467b, Lecture 5 1/35 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationUnderstanding Cryptography by Christof Paar and Jan Pelzl. Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 2009
Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 29 These slides were prepared by Daehyun Strobel, Christof
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5a January 29, 2013 CPSC 467b, Lecture 5a 1/37 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 5 Advanced Encryption Standard Advance Encryption Standard Topics Origin of AES Basic AES Inside Algorithm Final Notes Origins
More informationImplementation of the block cipher Rijndael using Altera FPGA
Regular paper Implementation of the block cipher Rijndael using Altera FPGA Piotr Mroczkowski Abstract A short description of the block cipher Rijndael is presented. Hardware implementation by means of
More informationCryptographic Algorithms - AES
Areas for Discussion Cryptographic Algorithms - AES CNPA - Network Security Joseph Spring Department of Computer Science Advanced Encryption Standard 1 Motivation Contenders Finalists AES Design Feistel
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 7 September 23, 2015 CPSC 467, Lecture 7 1/1 Advanced Encryption Standard AES Alternatives CPSC 467,
More informationLecture 5. Encryption Continued... Why not 2-DES?
Lecture 5 Encryption Continued... 1 Why not 2-DES? 2DES: C = DES ( K1, DES ( K2, P ) ) Seems to be hard to break by brute force, approx. 2 111 trials Assume Eve is trying to break 2DES and has a single
More informationECE 646 Lecture 7. Secret-Key Ciphers. Data Encryption Standard DES
ECE 646 Lecture 7 Secret-Key Ciphers Data Encryption Standard DES 1 NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Secret Key Cryptography Block cipher DES 3DES
More informationBlock Ciphers Introduction
Technicalities Block Models Block Ciphers Introduction Orr Dunkelman Computer Science Department University of Haifa, Israel March 10th, 2013 Orr Dunkelman Cryptanalysis of Block Ciphers Seminar Introduction
More informationBlock Ciphers. Lucifer, DES, RC5, AES. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk Block Ciphers 1
Block Ciphers Lucifer, DES, RC5, AES CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk Block Ciphers 1 ... Block Ciphers & S-P Networks Block Ciphers: Substitution ciphers
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationin a 4 4 matrix of bytes. Every round except for the last consists of 4 transformations: 1. ByteSubstitution - a single non-linear transformation is a
Cryptanalysis of Reduced Variants of Rijndael Eli Biham Λ Nathan Keller y Abstract Rijndael was submitted to the AES selection process, and was later selected as one of the five finalists from which one
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationLecture 4. Encryption Continued... Data Encryption Standard (DES)
Lecture 4 Encryption Continued... 1 Data Encryption Standard (DES) 64 bit input block 64 bit output block 16 rounds 64 (effective 56) bit key Key schedule computed at startup Aimed at bulk data >16 rounds
More informationECE 646 Lecture 7. Data Encryption Standard DES. Secret-Key Ciphers. Secret agreement between IBM & NSA, 1974
C 646 Lecture 7 Secret-Key Ciphers Data Standard DS NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely specified -
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationDIFFUSION AND TIME ANALYSIS FOR AES CANDIDATES
International Journal of Mathematics and Computer Applications Research (IJMCAR) ISSN 2249-6955 Vol. 3, Issue 2, Jun 2013, 281-288 TJPRC Pvt. Ltd. DIFFUSION AND TIME ANALYSIS FOR AES CANDIDATES MOHAN.H.S
More informationComparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware
Comparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware Master s Thesis Pawel Chodowiec MS CpE Candidate, ECE George Mason University Advisor: Dr. Kris Gaj, ECE George
More informationSymmetric Key Cryptography
Symmetric Key Cryptography Michael Huth M.Huth@doc.ic.ac.uk www.doc.ic.ac.uk/~mrh/430/ Symmetric Key Cryptography (3.1) Introduction Also known as SECRET KEY, SINGLE KEY, PRIVATE KEY Sender and Receiver
More informationLecture 2: Secret Key Cryptography
T-79.159 Cryptography and Data Security Lecture 2: Secret Key Cryptography Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi 1 Reminder: Communication Model Adversary Eve Cipher, Encryption
More informationIntroduction to Cryptology. Lecture 17
Introduction to Cryptology Lecture 17 Announcements HW7 due Thursday 4/7 Looking ahead: Practical constructions of CRHF Start Number Theory background Agenda Last time SPN (6.2) This time Feistel Networks
More informationOptimized AES Algorithm Using FeedBack Architecture Chintan Raval 1, Maitrey Patel 2, Bhargav Tarpara 3 1, 2,
Optimized AES Algorithm Using FeedBack Architecture Chintan Raval 1, Maitrey Patel 2, Bhargav Tarpara 3 1, 2, Pursuing M.Tech., VLSI, U.V.Patel college of Engineering and Technology, Kherva, Mehsana, India
More informationArea Optimization in Masked Advanced Encryption Standard
IOSR Journal of Engineering (IOSRJEN) ISSN (e): 2250-3021, ISSN (p): 2278-8719 Vol. 04, Issue 06 (June. 2014), V1 PP 25-29 www.iosrjen.org Area Optimization in Masked Advanced Encryption Standard R.Vijayabhasker,
More informationPGP: An Algorithmic Overview
PGP: An Algorithmic Overview David Yaw 11/6/2001 VCSG-482 Introduction The purpose of this paper is not to act as a manual for PGP, nor is it an in-depth analysis of its cryptographic algorithms. It is
More informationCHAPTER 1 INTRODUCTION
1 CHAPTER 1 INTRODUCTION 1.1 Advance Encryption Standard (AES) Rijndael algorithm is symmetric block cipher that can process data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256
More informationKey Separation in Twofish
Twofish Technical Report #7 Key Separation in Twofish John Kelsey April 7, 2000 Abstract In [Mur00], Murphy raises questions about key separation in Twofish. We discuss this property of the Twofish key
More informationComputer and Data Security. Lecture 3 Block cipher and DES
Computer and Data Security Lecture 3 Block cipher and DES Stream Ciphers l Encrypts a digital data stream one bit or one byte at a time l One time pad is example; but practical limitations l Typical approach
More informationIntroduction to the new AES Standard: Rijndael
Introduction to the new AES Standard: Rijndael Paul Donis This paper will explain how the Rijndael Cipher Reference Code in C works. Rijndael is a block cipher that encrypts and decrypts 128, 192, and
More informationCSc 466/566. Computer Security. 6 : Cryptography Symmetric Key
1/56 CSc 466/566 Computer Security 6 : Cryptography Symmetric Key Version: 2012/02/22 16:14:16 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg
More informationImplementation and Performance analysis of Skipjack & Rijndael Algorithms. by Viswnadham Sanku ECE646 Project Fall-2001
Implementation and Performance analysis of Skipjack & Rijndael Algorithms by Viswnadham Sanku ECE646 Project Fall-2001 TABLE OF CONTENTS TABLE OF CONTENTS 2 1. OBJECTIVE 3 2. SKIPJACK CIPHER 3 2.1 CIPHER
More informationFPGA CAN BE IMPLEMENTED BY USING ADVANCED ENCRYPTION STANDARD ALGORITHM
FPGA CAN BE IMPLEMENTED BY USING ADVANCED ENCRYPTION STANDARD ALGORITHM P. Aatheeswaran 1, Dr.R.Suresh Babu 2 PG Scholar, Department of ECE, Jaya Engineering College, Chennai, Tamilnadu, India 1 Associate
More informationDesign of an Efficient Architecture for Advanced Encryption Standard Algorithm Using Systolic Structures
Design of an Efficient Architecture for Advanced Encryption Standard Algorithm Using Systolic Structures 1 Suresh Sharma, 2 T S B Sudarshan 1 Student, Computer Science & Engineering, IIT, Khragpur 2 Assistant
More informationAES Java Technology Comparisons
February 7, 1999 AES Java Technology Comparisons Alan Folmsbee, Sun Microsystems, Inc. Advanced Encryption Standard candidate algorithm comparisons based on the Java technology implementations. 1.0 Introduction
More informationFew Other Cryptanalytic Techniques
Few Other Cryptanalytic Techniques Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Boomerang Attack
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationMARS Attacks! Preliminary Cryptanalysis of Reduced-Round MARS Variants
MARS Attacks! Preliminary Cryptanalysis of Reduced-Round MARS Variants John Kelsey and Bruce Schneier Counterpane Internet Security, Inc., 3031 Tisch Way, San Jose, CA 95128 {kelsey,schneier}@counterpane.com
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationComp527 status items. Crypto Protocols, part 2 Crypto primitives. Bart Preneel July Install the smart card software. Today
Comp527 status items Crypto Protocols, part 2 Crypto primitives Today s talk includes slides from: Bart Preneel, Jonathan Millen, and Dan Wallach Install the smart card software Bring CDs back to Dan s
More informationCSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms
CSCI 454/554 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms? Security by
More informationChapter 7 Advanced Encryption Standard (AES) 7.1
Chapter 7 Advanced Encryption Standard (AES) 7.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 7 Objectives To review a short history of AES To define
More informationA High-Performance VLSI Architecture for Advanced Encryption Standard (AES) Algorithm
A High-Performance VLSI Architecture for Advanced Encryption Standard (AES) Algorithm N. M. Kosaraju, M. Varanasi & Saraju P. Mohanty VLSI Design and CAD Laboratory Homepage: http://www.vdcl.cse.unt.edu
More informationCourse Business. Midterm is on March 1. Final Exam is Monday, May 1 (7 PM) Allowed to bring one index card (double sided) Location: Right here
Course Business Midterm is on March 1 Allowed to bring one index card (double sided) Final Exam is Monday, May 1 (7 PM) Location: Right here 1 Cryptography CS 555 Topic 18: AES, Differential Cryptanalysis,
More informationUNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan
UNIT - II Traditional Symmetric-Key Ciphers 1 Objectives To define the terms and the concepts of symmetric key ciphers To emphasize the two categories of traditional ciphers: substitution and transposition
More informationEfficient Hardware Design and Implementation of AES Cryptosystem
Efficient Hardware Design and Implementation of AES Cryptosystem PRAVIN B. GHEWARI 1 MRS. JAYMALA K. PATIL 1 AMIT B. CHOUGULE 2 1 Department of Electronics & Telecommunication 2 Department of Computer
More informationCryptanalysis of FROG
Cryptanalysis of FROG David Wagner Niels Ferguson Bruce Schneier October 23, 1999 Abstract We examine some attacks on the FROG cipher. First we give a differential attack which uses about 2 58 chosen plaintexts
More informationFAULT DETECTION IN THE ADVANCED ENCRYPTION STANDARD. G. Bertoni, L. Breveglieri, I. Koren and V. Piuri
FAULT DETECTION IN THE ADVANCED ENCRYPTION STANDARD G. Bertoni, L. Breveglieri, I. Koren and V. Piuri Abstract. The AES (Advanced Encryption Standard) is an emerging private-key cryptographic system. Performance
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 3.1 Secret Key Cryptography Algorithms Instructor: Dr. Kun Sun Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms?
More informationEncryption Details COMP620
Encryption Details COMP620 Encryption is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government It s hard to think of a more
More informationCS Network Security. Module 6 Private Key Cryptography
CS 393 - Network Security Module 6 Private ey Cryptography Data Encryption Encryption is the process of encoding a message such that its meaning is not obvious. Decryption is the reverse process, ie, transforming
More information6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 6 Block Ciphers 6.1 Block Ciphers Block Ciphers Plaintext is divided into blocks of fixed length and every block is encrypted one at a time. A block cipher is a
More informationCENG 520 Lecture Note III
CENG 520 Lecture Note III Symmetric Ciphers block ciphers process messages in blocks, each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process
More informationComparing Software Implementations of the Rijndel Cipher
Comparing Software Implementations of the Rijndel Cipher Submitted by: Paul Donis To: Professor Kris Gaj To satisfy requirements for: Course ECE 543/646 at George Mason University, Fall 2000 Rijndael is
More informationECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #7 Analysis of DES and the AES Standard Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we analyze the security properties of DES and
More informationBlock Ciphers and Stream Ciphers. Block Ciphers. Stream Ciphers. Block Ciphers
Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2... M N. Then, each block M i is encrypted to the ciphertext block C i = K (M i ), and
More informationAttacks on Advanced Encryption Standard: Results and Perspectives
Attacks on Advanced Encryption Standard: Results and Perspectives Dmitry Microsoft Research 29 February 2012 Design Cryptanalysis history Advanced Encryption Standard Design Cryptanalysis history AES 2
More informationEnhanced Cryptanalysis of Substitution Cipher Chaining mode (SCC-128)
Enhanced Cryptanalysis of Substitution Cipher Chaining mode (SCC-128) Mohamed Abo El-Fotouh and Klaus Diepold Institute for Data Processing (LDV) Technische Universität München (TUM) 80333 Munich Germany
More informationHOST Cryptography III ECE 525 ECE UNM 1 (1/18/18)
AES Block Cipher Blockciphers are central tool in the design of protocols for shared-key cryptography What is a blockcipher? It is a function E of parameters k and n that maps { 0, 1} k { 0, 1} n { 0,
More informationLinear Cryptanalysis of Reduced Round Serpent
Linear Cryptanalysis of Reduced Round Serpent Eli Biham 1, Orr Dunkelman 1, and Nathan Keller 2 1 Computer Science Department, Technion Israel Institute of Technology, Haifa 32000, Israel, {biham,orrd}@cs.technion.ac.il,
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationFPGA Based Design of AES with Masked S-Box for Enhanced Security
International Journal of Engineering Science Invention ISSN (Online): 2319 6734, ISSN (Print): 2319 6726 Volume 3 Issue 5ǁ May 2014 ǁ PP.01-07 FPGA Based Design of AES with Masked S-Box for Enhanced Security
More informationSymmetric Cryptography CS461/ECE422
Symmetric Cryptography CS461/ECE422 1 Outline Overview of Cryptosystem design Commercial Symmetric systems DES AES Modes of block and stream ciphers 2 Reading Section 2.4-2.6 and 12.2 in Security in Computing
More informationU-II BLOCK CIPHER ALGORITHMS
U-II BLOCK CIPHER ALGORITHMS IDEA: Idea is block cipher similar to DES Works on 64 bit plaintext block Key is longer and consist of 128 bits Idea is reversible like DES i.e. same algorithm can be used
More informationDesign and Implementation of Rijndael Encryption Algorithm Based on FPGA
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 2, Issue. 9, September 2013,
More informationOn Boolean and Arithmetic Masking against Differential Power Analysis
On Boolean and Arithmetic Masking against Differential Power Analysis [Published in Ç.K. Koç and C. Paar, Eds., Cryptographic Hardware and Embedded Systems CHES 2000, vol. 1965 of Lecture Notes in Computer
More informationCrypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion
Crypto Basics Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion 1 What is a cryptosystem? K = {0,1} l P = {0,1} m C = {0,1} n, C C E: P K C D: C
More informationAnalysis of the Use of Whirlpool s S-box, S1 and S2 SEED s S- box in AES Algorithm with SAC Test Novita Angraini, Bety Hayat Susanti, Magfirawaty
Information Systems International Conference (ISICO), 2 4 December 2013 Analysis of the Use of Whirlpool s S-box, S1 and S2 SEED s S- box in AES Algorithm with SAC Test Novita Angraini, Bety Hayat Susanti,
More informationCCproc: A custom VLIW cryptography co-processor for symmetric-key ciphers
CCproc: A custom VLIW cryptography co-processor for symmetric-key ciphers Dimitris Theodoropoulos, Alexandros Siskos, and Dionisis Pnevmatikatos ECE Department, Technical University of Crete, Chania, Greece,
More informationFPGA Can be Implemented Using Advanced Encryption Standard Algorithm
FPGA Can be Implemented Using Advanced Encryption Standard Algorithm Shahin Shafei Young Researchers and Elite Club, Mahabad Branch, Islamic Azad University, Mahabad, Iran Email:Shahin_shafei@yahoo.com
More informationThe Encryption Standards
The Encryption Standards Appendix F Version 1.0 Computer Security: Art and Science, 2 nd Edition Slide F-1 Outline Data Encryption Standard Algorithm Advanced Encryption Standard Background mathematics
More informationL3: Basic Cryptography II. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L3: Basic Cryptography II Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 8/29/2016 CSCI 451 -Fall 2016 1 Acknowledgement Many slides are from or
More informationPiret and Quisquater s DFA on AES Revisited
Piret and Quisquater s DFA on AES Revisited Christophe Giraud 1 and Adrian Thillard 1,2 1 Oberthur Technologies, 4, allée du doyen Georges Brus, 33 600 Pessac, France. c.giraud@oberthur.com 2 Université
More informationLecture 8: AES: The Advanced Encryption Standard. Lecture Notes on Computer and Network Security. by Avi Kak
Lecture 8: AES: The Advanced Encryption Standard Lecture Notes on Computer and Network Security by Avi Kak (kak@purdue.edu) February 4, 2017 7:16am c 2017 Avinash Kak, Purdue University Goals: To review
More informationCS 392/681 Computer Security. Module 1 Private Key Cryptography
CS 392/681 Computer Security Module 1 Private Key Cryptography Logistics Office hours Thursday 3 to 5 (tentative). Lab 0 due today. Lab 1 assigned. Due next Thursday!! ISIS is still unstable. Will fix
More informationA NOVEL 256-BIT BLOCK CIPHER
5 A NOVEL 256-BIT BLOCK CIPHER Mohamed Fahmy Tolba mtolba@geganet.com. Mohamed Saeed Abdel Wahab wahabms@hotmail.com. Ashraf Saad Hussien ahrafh@acm.org. Mohamed Ahmed Abo El-Fotouh midono1@hotmail.com.
More informationSecret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design:
Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design: Secret Key Systems (block encoding) Encrypting a small block of text (say 64
More informationIntroduction to Modern Symmetric-Key Ciphers
Introduction to Modern Symmetric-Key Ciphers 1 Objectives Review a short history of DES. Define the basic structure of DES. List DES alternatives. Introduce the basic structure of AES. 2 Data Encryption
More informationComparison of Performance of AES Standards Based Upon Encryption /Decryption Time and Throughput
Comparison of Performance of AES Standards Based Upon Encryption /Decryption Time and Throughput Miss Navraj Khatri Mr Jagtar Singh Mr Rajeev dhanda NCCE,Israna,K.U Senior lecturer,ncce,israna,k.u Assistant
More informationEfficient Area and High Speed Advanced Encryption Standard Algorithm
International Journal of Emerging Engineering Research and Technology Volume 3, Issue 7, July 2015, PP 140-146 ISSN 2349-4395 (Print) & ISSN 2349-4409 (Online) Efficient Area and High Speed Advanced Encryption
More informationA Meet-in-the-Middle Attack on 8-Round AES
A Meet-in-the-Middle Attack on 8-Round AES Hüseyin Demirci 1 and Ali Aydın Selçuk 2 1 Tübitak UEKAE, 41470 Gebze, Kocaeli, Turkey huseyind@uekae.tubitak.gov.tr 2 Department of Computer Engineering Bilkent
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.2 Secret Key Cryptography CSC 474/574 Dr. Peng Ning 1 Agenda Generic block cipher Feistel cipher DES Modes of block ciphers Multiple encryptions Message
More informationSymmetric Cryptography. CS4264 Fall 2016
Symmetric Cryptography CS4264 Fall 2016 Correction: TA Office Hour Stefan Nagy (snagy2@vt.edu) Office hour: Thursday Friday 10-11 AM, 106 McBryde Hall 2 Slides credit to Abdou Illia RECAP AND HIGH-LEVEL
More informationCryptography and Network Security
Cryptography and Network Security CRYPTOGRAPHY AND NETWORK SECURITY PRAKASH C. GUPTA Former Head Department of Information Technology Maharashtra Institute of Technology Pune Delhi-110092 2015 CRYPTOGRAPHY
More informationENHANCED AES ALGORITHM FOR STRONG ENCRYPTION
ENHANCED AES ALGORITHM FOR STRONG ENCRYPTION V. Sumathy & C. Navaneethan Assistant Professor, Department of CSE, Kingston Engineering College, Vellore, Tamil Nadu, India ABSTRACT In this paper we present
More informationSymmetric Cryptography. Chapter 6
Symmetric Cryptography Chapter 6 Block vs Stream Ciphers Block ciphers process messages into blocks, each of which is then en/decrypted Like a substitution on very big characters 64-bits or more Stream
More informationElastic Block Ciphers: The Feistel Cipher Case
Elastic Block Ciphers: The Feistel Cipher Case Debra L. Cook Moti Yung Angelos D. Keromytis Department of Computer Science Columbia University, New York, NY dcook,moti,angelos @cs.columbia.edu Technical
More informationGoals for Today. Substitution Permutation Ciphers. Substitution Permutation stages. Encryption Details 8/24/2010
Encryption Details COMP620 Goals for Today Understand how some of the most common encryption algorithms operate Learn about some new potential encryption systems Substitution Permutation Ciphers A Substitution
More informationImplementation and Performance analysis of Skipjack & Rijndael Algorithms
Implementation and Performance analysis of Skipjack & Rijndael Algorithms By Viswanadham Sanku 1 Topics Skipjack cipher operations Design principles & cryptanalysis Implementation & optimization Results
More informationAn Improved Truncated Differential Cryptanalysis of KLEIN
An Improved Truncated Differential Cryptanalysis of KLEIN hahram Rasoolzadeh 1, Zahra Ahmadian 2, Mahmoud almasizadeh 3, and Mohammad Reza Aref 3 1 imula Research Laboratory, Bergen, Norway, 2 hahid Beheshti
More informationChap. 3. Symmetric Key Crypto (Block Ciphers)
Introduction to SW Security Chap. 3. Symmetric Key Crypto (Block Ciphers) Spring, 28 Cho, Seong-je ( 조성제 ) sjcho at dankook.ac.kr Many slides taken from Textbook (Its site), and Web sites Textbook M. T.
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationIMPROVEMENT KEYS OF ADVANCED ENCRYPTION STANDARD (AES) RIJNDAEL_M
IMPROVEMENT KEYS OF ADVANCED ENCRYPTION STANDARD (AES) RIJNDAEL_M 1,2 MOHANAAD SHAKIR, 2 ASMIDAR BIT ABUBAKAR, 2 YOUNUS BIN YOUSOFF, 3 MUSTEFA SHEKER 1 Alburaimi University Collage(BUC), Oman, 2 University
More informationDifferential-Linear Cryptanalysis of Serpent
Differential-Linear Cryptanalysis of Serpent Eli Biham 1, Orr Dunkelman 1, and Nathan Keller 2 1 Computer Science Department, Technion, Haifa 32000, Israel {biham,orrd}@cs.technion.ac.il 2 Mathematics
More information