Lecture 13. Modern Cryptographic Algorithms. Key Sizes. Cryptographic Standards
|
|
- Magdalen Anderson
- 5 years ago
- Views:
Transcription
1 Lecture 13 Modern Cryptographic Algorithms Key Sizes Cryptographic Standards
2 Secret-Key Cryptography
3 Modern Secret-Key Ciphers American standards DES 56 bit key AES contest 2002 Triple DES 112, 168 bit 168 bit only AES - Rijndael 128, 192, and 256 bit keys Other popular algorithms IDEA RC5 Blowfish CAST Serpent Twofish RC6 Mars
4 IX.1997 X.2000 AES Cryptographic Standard Contests NESSIE I.2000 XII.2002 CRYPTREC 34 stream 4 HW winners ciphers + 4 SW winners 15 block ciphers 1 winner XI.2004 estream 51 hash functions 1 winner V.2008 XI.2007 X.2012 SHA-3 57 authenticated ciphers multiple winners IV.2013 XII.2017 CAESAR time
5 Why a Contest for a Cryptographic Standard? Avoid back-door theories Speed-up the acceptance of the standard Stimulate non-classified research on methods of designing a specific cryptographic transformation Focus the effort of a relatively small cryptographic community
6 Cryptographic Contests - Evaluation Criteria Security Software Efficiency Hardware Efficiency μprocessors μcontrollers ASICs FPGAs Flexibility Simplicity Licensing 6
7 Specific Challenges of Evaluations in Cryptographic Contests Very wide range of possible applications, and as a result performance and cost targets speed: cost: tens of Mbits/s to hundreds Gbits/s single cents to thousands of dollars Winner in use for the next years, implemented using technologies not in existence today Large number of candidates Limited time for evaluation The results are final
8 Mitigating Circumstances Performance of competing algorithms tend to very significantly (sometimes as much as 500 times) Only relatively large differences in performance matter (typically at least 20%) Multiple groups independently implement the same algorithms (catching mistakes, comparing best results, etc.) Second best may be good enough
9 AES Contest
10 Each team submits Rules of the Contest Detailed cipher specification Justification of design decisions Tentative results of cryptanalysis Source code in C Source code in Java Test vectors
11 AES: Candidate Algorithms Canada: CAST-256 Deal USA: Mars RC6 Twofish Safer+ HPC Costa Rica: Frog Germany: Magenta Belgium: Rijndael France: DFC Israel, UK, Norway: Serpent Korea: Crypton Japan: E2 1 Australia: LOKI97
12 AES Contest Timeline June Candidates CAST-256, Crypton, Deal, DFC, E2, Frog, HPC, LOKI97, Magenta, Mars, RC6, Rijndael, Safer+, Serpent, Twofish, August 1999 October final candidates Mars, RC6, Twofish (USA) Rijndael, Serpent (Europe) 1 winner: Rijndael Belgium Round 1 Security Software efficiency Round 2 Security Software efficiency Hardware efficiency
13 NIST Report: Security & Simplicity Security High MARS Twofish Serpent Adequate Rijndael RC6 Complex Simple Simplicity
14 Efficiency in software: NIST-specified platform Throughput [Mbits/s] MHz Pentium Pro, Borland C bit key 192-bit key 256-bit key 0 Rijndael RC6 Twofish Mars Serpent
15 NIST Report: Software Efficiency Encryption and Decryption Speed 32-bit processors 64-bit processors DSPs high RC6 Rijndael Twofish Rijndael Twofish medium Rijndael Mars Twofish Mars RC6 Mars RC6 low Serpent Serpent Serpent
16 Throughput [Mbit/s] Efficiency in FPGAs: Speed Xilinx Virtex XCV George Mason University University of Southern California Worcester Polytechnic Institute Serpent x8 Rijndael Twofish Serpent RC6 Mars x1
17 Throughput [Mbit/s] Efficiency in ASICs: Speed MOSIS 0.5μm, NSA Group bit key scheduling in-1 (128, 192, 256 bit) key scheduling Rijndael Serpent Twofish RC6 Mars x1
18 Lessons Learned Results for ASICs matched very well results for FPGAs, and were both very different than software FPGA ASIC x8 x1 x1 GMU+USC, Xilinx Virtex XCV-1000 NSA Team, ASIC, 0.5μm MOSIS Serpent fastest in hardware, slowest in software
19 Lessons Learned Hardware results matter! Final round of the AES Contest, 2000 Speed in FPGAs GMU results Votes at the AES 3 conference
20 Conclusion of the AES contest 2 October 2000 Winner announced November 2001 FIPS-197: AES announced May 2002 Standard becomes effective
21 External format of the AES algorithm plaintext block 128 bits AES key 128, 192, 256 bits 128 bits ciphertext block
22 Iterative cipher Round Key[0] Initial transformation i:=1 Round Key[i] Cipher Round i<#rounds? i:=i+1 #rounds times Round Key[#rounds+1] Final transformation
23 One round of a Substitution-Linear Transformation Network cipher 128 S-boxes K[i] Linear Transformation
24 Input, internal state, and output 128 bits = 16 bytes a 0,0 a 1,0 a 2,0 a 3,0 a 0,1 a 1,1 a 2,1 a 3,1 a 0,2 a 1,2 a 2,2 a 3,2 a 0,3 a 1,3 a 2,3 a 3,3 column 0 column 1 column 2 column 3 a 0,0 a 0,1 a 0,2 a 0,3 a 1,0 a 1,1 a 1,2 a 1,3 a 2,0 a 2,1 a 2,2 a 2,3 a 3,0 a 3,1 a 3,2 a 3,3
25 Variable block size Allowed only in the initial specification of Rijndael a 0,0 a 1,0 a 2,0 a 3,0 a 0,1 a 1,1 a 2,1 a 3,1 a 0,2 a 1,2 a 2,2 a 3,2 a 0,3 a 1,3 a 2,3 a 3, bits 192 bits 256 bits a 0,0 a 0,1 a 0,2 a 0,3 a 0,4 a 0,5 a 0,6 a 0,7 a 1,0 a 1,1 a 1,2 a 1,3 a 1,4 a 1,5 a 1,6 a 1,7 a 2,0 a 2,1 a 2,2 a 2,3 a 2,4 a 2,5 a 2,6 a 2,7 a 3,0 a 3,1 a 3,2 a 3,3 a 3,4 a 3,5 a 3,6 a 3, Nb columns = Nb 32-bit words Nb=4, 6 or 8
26 Variable key size Key, Internal keys k 0,0 k 1,0 k 2,0 k 3,0 k 0,1 k 1,1 k 2,1 k 3,1 k 0,2 k 1,2 k 2,2 k 3,2 k 0,3 k 1,3 k 2,3 k 3, bits 192 bits 256 bits k 0,0 k 0,1 k 0,2 k 0,3 k 0,4 k 0,5 k 0,6 k 0,7 k 1,0 k 1,1 k 1,2 k 1,3 k 1,4 k 1,5 k 1,6 k 1,7 k 2,0 k 2,1 k 2,2 k 2,3 k 2,4 k 2,5 k 2,6 k 2,7 k 3,0 k 3,1 k 3,2 k 3,3 k 3,4 k 3,5 k 3,6 k 3, Nk columns = Nk 32-bit words Nk=4, 6 or 8
27 Pseudocode for AES encryption
28 Pseudocode for AES decryption
29 SubBytes S-box a 0,0 a 0,1 a 0,2 a 0,3 a 1,0 a 1,1 a 1,2 a 1,3 i,j a 2,0 a 2,1 a 2,2 a 2,3 a 3,0 a 3,1 a 3,2 a 3,3 b 0,0 b 0,1 b 0,2 b 0,3 b 1,0 b 1,1 ba 1,2 b 1,3 i,j b 2,0 b 2,1 b 2,2 b 2,3 b 3,0 b 3,1 b 3,2 b 3,3 Bytes are transformed by applying an invertible S-box One single S-box for the complete cipher
30 S-box: substitution values for the byte xy (in hexadecimal notation)
31 ShiftRows a b c d e f g h i j k l m n o p no shift cyclic shift left by C1=1 cyclic shift left by C2=2 cyclic shift left by C3=3 a b c d f g h e k l i j p m n o C1 C2 C3 Block size 128 bits 192 bits 256 bits only in the initial specification, not supported by the standard
32 MixColumns a 0,0 a 0,1 a 0,2 0,j a 0,3 a 1,0 a 1,1 a 1,2 a 1,3 1,j b 0,0 b b 0,1 a 0,j 0,2 b 0,3 b 1,0 b 1,1 ba 1,2 b 1,3 1,j a 2,0 a 2,1 a 2,2 a a 2,3 a 3,0 a 3,1 a 2,j 3,2 a 3,3 a 3,j b 2,0 b 2,1 a 2,2 b b 2,3 b 3,0 b 3,1 a 2,j 3,2 b 3,3 b 3,j High diffusion A difference in 1 input byte propagates to all 4 output bytes A difference in 2 input bytes propagates to at least 3 output bytes Any linear relation between input and output bits involves bits from at least 5 different bytes (branch number = 5)
33 AddRoundKey a 0,0 a 0,1 a 0,2 a 0,3 a 1,0 a 1,1 a 1,2 a 1,3 a 2,0 a 2,1 a 2,2 a 2,3 a 3,0 a 3,1 a 3,2 a 3,3 k 0,0 k 0,1 k 0,2 k 0,3 k 1,0 k 1,1 k 1,2 k 1,3 + = k 2,0 k 2,1 k 2,2 k 2,3 k 3,0 k 3,1 k 3,2 k 3,3 b 0,0 b 0,1 b 0,2 b 0,3 b 1,0 b 1,1 b 1,2 b 1,3 b 2,0 b 2,1 b 2,2 b 2,3 b 3,0 b 3,1 b 3,2 b 3,3 simple bitwise addition (xor) of round keys
34 Number of rounds Key length Block length 128 bits Nk=4 192 bits Nk=6 256 bits Nk=8 128 bits Nb=4 192 bits Nb=6 256 bits Nb= required by the standard non-standard extensions
35 Secret-key cryptography standards Federal standards Banking standards International standards NIST FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES X3.92 DES ANSI X3.106 DES modes of operation X9.52 Modes of operation of Triple DES ISO ISO Modes of operation of an n-bit cipher ISO/IEC AES, Camellia, SEED, TDEA, MISTY1, CAST-128, MUGI, SNOW
36 NIST FIPS National Institute of Standards and Technology Federal Information Processing Standards American Federal Standards Required in the government institutions Original algorithms developed in cooperation with the National Security Agency (NSA), and algorithms developed in the open research adapted and approved by NIST.
37 ANSI X9 American National Standards Institute Work in the subcommittee X9F developing standards for financial institutions Standards for the wholesale (e.g., interbank) and retail transactions (np. bank machines, smart card readers) ANSI represents U.S.A. in ISO
38 ISO International Organization for Standardization International standards Common standards with IEC - International Electrotechnical Commission ISO/IEC JTC1 SC 27 Joint Technical Committee 1, Subcommitte 27
39 ISO: International Organization for Standardization Long and laborious process of the standard development Minimum 3 years Study period NP - New Proposal WD - Working Draft CD - Committee Draft DIS - Draft International Standard IS - International Standard Review of the standard after 5 years = ratification, corrections or revocation
40 Public-Key Cryptography
41 Public-Key Cryptography Standards unofficial industry standards industry standards bank standards ANSI international standards ISO ISO RSA Labs PKCS PKCS IEEE P1363 ANSI X9 federal standards NIST FIPS
42 PKCS Public-Key Cryptography Standards Informal Industry Standards developed by RSA Laboratories in cooperation with Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun First, except PGP, formal specification of RSA and formats of messages.
43 IEEE P1363 Working group of IEEE including representatives of major cryptographic companies and university centers from USA, Canada and other countries Part of the Microprocessors Standards Committee Modern, open style Quarterly meetings + multiple teleconferences + + discussion list + very informative web page with the draft versions of standards
44 IEEE P1363 Combined standard including the majority of modern public key cryptography Several algorithms for implementation of the same function Tool for constructing other, more specific standards Specific applications or implementations may determine a profile (subset) of the standard
45 Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm Given: N = p q y = g x mod p = = g g g... g Q = x P = = P+P+ +P x times x times constants p, g P - point of an elliptic curve Unknown: p, q x x
46 Elliptic Curve over GF(p) y 2 =x 3 +x
47 Elliptic Curve Addition over GF(p) Y 2 = X 3 + X mod 23 Y 25 Points fullfiling the equation of the curve P=(3,13) P=(6,19) Q=(7,12) A D 2P=P+P=(7,11) Doubling Addition R=P+Q=(13,7) + special point ϑ (point at infinity) such that: P+ ϑ = ϑ+ P = P X
48 Scalar Multiplication Q = k. P = P + P + P P point number (scalar) point k- times
49 Elliptic Curve Cryptosystems - ECC Advantages a family of public key cryptosystems, rather than a single cryptosystem strong alternative for RSA several times shorter keys fast and compact implementations, in particular in hardware
50 Elliptic Curve Cryptosystems - ECC Disdvantages complex mathematical description shorter period of research on the cryptanalysis
51 Best known attacks Basis of the cryptosystem security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm Best known attack General Number Field Sieve 1. General Number Field Sieve 2. Parallel collision search 2. Parallel collision search Complexity of the attack: subexponential 1. subexponential 2. exponential exponential
52 Best Algorithm to Factor Large Numbers NUMBER FIELD SIEVE Complexity: Sub-exponential time and memory Execution time N = Number to factor, k = Number of bits of N Exponential function, e k Sub-exponential function, e k1/3 (ln k) 2/3 Polynomial function, a k m k = Number of bits of N
53 Factoring 1024-bit RSA keys using Number Field Sieve (NFS) Polynomial Selection Relation Collection Sieving 200 bit & 350 bit smooth numbers Minifactoring (Cofactoring, Norm Factoring) ECM, p-1 method, rho method Linear Algebra Square Root
54 number decimal digits Factorization records date time (phase 1) algorithm C MIPS years mpqs RSA VI MIPS years mpqs RSA IV MIPS years mpqs RSA IV MIPS years gnfs RSA II MIPS years gnfs RSA VIII MIPS years gnfs C I Pentium 1GHz CPU years gnfs RSA III Pentium 1GHz CPU years gnfs RSA XII Pentium 1GHz CPU years gnfs C V Pentium 1GHz CPU years gnfs RSA V Pentium 1GHz CPU years gnfs RSA XII ,400 Opteron 1 GHz CPU years gnfs
55 When? Who? Factoring RSA bits = 232 decimal digits Aug Dec Multiple researchers from EPFL, NTT, Bonn University, INRIA, MS Research, CWI Effort? Sieving time Total time 3,300 Opteron 1 GHz CPU years 4,400 Opteron 1 GHz CPU years
56 Factorization records He who has absolute confidence in linear regression will expect a 1024-bit RSA number to be factored on December 17, 2028
57 For the most recent records see Factorization Announcements & Records at
58 TWIRL February 2003 Adi Shamir & Eran Tromer, Weizmann Institute of Science Hardware implementation of the sieving phase of Number Field Sieve (NFS) Assumed technology: CMOS, 0.13 µm clock 1 GHz 30 cm semiconductor wafers at the cost of $5,000 each
59 Tentative estimations (no experimental data): TWIRL A. Shamir, E. Tromer Crypto bit RSA: < 10 minutes $ 10 k 1024-bit RSA: < 1 year $ 10 million
60 Theoretical Designs for Sieving (1) TWINKLE ( Shamir, CHES 1999; Shamir & Lenstra, Eurocrypt 2000) - based on optoelectronic devices (fast LEDs) - not even a small prototype built in practice - not suitable for 1024 bit numbers 2003 TWIRL (Shamir & Tromer, Crypto 2003) - semiconductor wafer design - requires fast communication between chips located on the same 30 cm diameter wafer - difficult to realize using current fabrication technology
61 Theoretical Designs for Sieving (2) Mesh Based Sieving / YASD (Geiselmann & Steinwandt, PKC 2003 Geiselmann & Steinwandt, CT-RSA 2004) - not suitable for 1024 bit numbers 2005 SHARK (Franke et al., SHARCS & CHES 2005) - relies on an elaborate butterfly switch connecting large number of chips - difficult to realize using current technology
62 2007 Theoretical Designs for Sieving (3) Non-Wafer-Scale Sieving Hardware (Geiselmann & Steinwandt, Eurocrypt 2007) - based on moderate size chips (2.2 x 2.2 cm) - communication among chips seems to be realistic - 2 to 3.5 times slower than TWIRL - supports only linear sieving, and not more optimal lattice sieving
63 Estimated recurring costs with current technology (US$ year) by Eran Tromer, May 2005 Traditional PC-based 768-bit 1024-bit TWINKLE TWIRL Mesh-based SHARK But: non-recurring costs, chip size, chip transport networks
64 However None of the theoretical designs ever built. Just analytical estimations, no real implementations, no concrete numbers
65 First Practical Implementation of the Relation Collection Step in Hardware 2007 Japan Tetsuya Izu and Jun Kogure and Takeshi Shimoyama (Fujitsu) CHES CAIRN 2 machine, September 2007 SHARCS 2007 CAIRN 3 machine, September 2007
66 First large number factored using FPGA support Factored number: N = P Q 423-bits 205 bits 218 bits Time of computations: One month of computations using a PC supported by CAIRN 2 for a 423-bit number Problems: CAIRN 3 about 40 times faster than CAIRN 2 Time of sieving with CAIRN 3 for a 768-bit key estimated at 270 years - Speed up vs. one PC (AMD Opteron): only about 4 times - Limited scalability
67 Workshop Series SHARCS - Special-purpose Hardware for Attacking Cryptographic Systems 1 st edition: Paris, Feb , nd edition: Cologne, Apr. 3-4, rd edition: Vienna, Sep. 9-10, th edition: Lausanne, Sep. 9-10, th edition: Washington, Mar , 2012 See
68 CERG Team Organizing SHARCS 2012 in Washington D.C., Mar , 2012
69 Keylengths in public key cryptosystems that provide the same level of security as AES and other secret-key ciphers Arjen K. Lenstra, Eric R. Verheul Selecting Cryptographic Key Sizes Journal of Cryptology, 2001 Arjen K. Lenstra Unbelievable Security: Matching AES Security Using Public Key Systems ASIACRYPT 2001
70 Keylengths in RSA providing the same level of security as selected secret-key cryptosystems 0 DES The same cost The same number of operations DES (2 keys) 3 DES (3 keys) AES-128 AES-192 AES-256
71 18000 Keylengths in RSA providing the same level of security as selected secret-key cryptosystems AES-256 AES AES DES (3K) 3 DES (2K) DES year
72 Recommendations of RSA Security Inc. May 6, 2003 Validity period Minimal RSA key length (bits) Equivalent symmetric key length (bits)
73 Five security levels allowed by American government NIST SP Level RSA / DH ECC Symmetric ciphers I II III IV V
74 Most known public key cryptosystems Based on the difficulty of Factorization Discrete logarithm Elliptic curve discrete logarithm Signature RSA DSA, N-R EC-DSA Encryption RSA El-Gamal EC-El-Gamal Key agreement RSA Diffie-Hellman (DH) EC-DH
75 IEEE P Factorization Discrete logarithm Elliptic curve discrete logarithm encryption RSA with OAEP signature RSA & R-W with ISO or ISO 9796 DSA, NR with ISO 9796 EC-DSA, EC-NR with ISO 9796 key agreement DH1 DH2 and MQV EC-DH1, EC-DH2 and EC-MQV
76 IEEE P1363a factorization discrete logarithm elliptic curve discrete logarithm encryption RSA with OAEP new scheme new scheme signature RSA & R-W with ISO or ISO 9796 DSA, NR with ISO-9796 EC-DSA, EC-NR with ISO 9796 key agreement new scheme DH1 DH2 & MQV EC-DH1 EC-DH2 & EC-MQV
77 ANSI X9 Standards factorization discrete logarithm elliptic curve discrete logarithm encryption X9.44 RSA signature X9.31 (RSA & R-W) X9.30 DSA X9.62 EC-DSA key agreement X9.42 DH1, DH2, MQV X9.63 EC-DH1, 2 EC-MQV
78 Notes for users of cryptographic products (1) Agreement with a standard does not guarantee the security of a cryptographic product! Security = secure algorithms (guaranteed by standards) proper choice of parameters secure implementation proper use
79 Notes for users of cryptographic products (2) Agreement with the same standard does not guarantee the compatibility of two cryptographic products! compatibility = the same algorithm (guaranteed by standards) the same protocol the same subset of algorithms the same range of parameters
80 Modern Cryptography RSA DH DSA ECC
Lecture 9. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography
Lecture 9 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography 1 Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationLecture 9. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography. Elliptic Curve over GF(p) y 2 =x 3 +x
Lecture 9 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationLecture 13. Modern Cryptographic Algorithms. Key Sizes. Cryptographic Standards. Secret-Key Cryptography. Modern Secret-Key Ciphers
Lecture 13 Modern Cryptographic Algorithms Key Sizes Cryptographic Standards Secret-Key Cryptography Modern Secret-Key Ciphers American standards 1980 1990 2000 2010 2020 2030 1977 1999 DES 56 bit key
More informationECE 646 Lecture 12. Cryptographic Standards. Secret-key cryptography standards
ECE 646 Lecture 12 Cryptographic Standards Secret-key cryptography Federal Banking International NIST FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES X3.92 DES
More informationFederal standards NIST FIPS 46-1 DES FIPS 46-2 DES. FIPS 81 Modes of. operation. FIPS 46-3 Triple DES FIPS 197 AES. industry.
ECE 646 Lecture 12 Federal Secret- cryptography Banking International Cryptographic Standards NIST FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES X3.92 DES ANSI
More informationHardware Architectures
Hardware Architectures Secret-key Cryptography Public-key Cryptography Cryptanalysis AES & AES candidates estream candidates Hash Functions SHA-3 Montgomery Multipliers ECC cryptosystems Pairing-based
More informationLecture 10. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography. Elliptic Curve over GF(p) y 2 =x 3 +x
Lecture 10 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationComparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware
Comparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware Master s Thesis Pawel Chodowiec MS CpE Candidate, ECE George Mason University Advisor: Dr. Kris Gaj, ECE George
More informationFast implementations of secret-key block ciphers using mixed inner- and outer-round pipelining
Pawel Chodowiec, Po Khuon, Kris Gaj Electrical and Computer Engineering George Mason University Fast implementations of secret-key block ciphers using mixed inner- and outer-round pipelining http://ece.gmu.edu/crypto-text.htm
More informationFast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays
Kris Gaj and Pawel Chodowiec Electrical and Computer Engineering George Mason University Fast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable
More informationWeek 5: Advanced Encryption Standard. Click
Week 5: Advanced Encryption Standard Click http://www.nist.gov/aes 1 History of AES Calendar 1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty
More informationData Encryption Standard
ECE 646 Lecture 6 Data Encryption Standard Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationData Encryption Standard
ECE 646 Lecture 7 Data Encryption Standard Required Reading W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 4 The Advanced Encryption Standard (AES) Israel Koren ECE597/697 Koren Part.4.1
More informationECE 646 Lecture 7. Secret-Key Ciphers. Data Encryption Standard DES
ECE 646 Lecture 7 Secret-Key Ciphers Data Encryption Standard DES 1 NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationCryptography Trends: A US-Based Perspective. Burt Kaliski, RSA Laboratories IPA/TAO Cryptography Symposium October 20, 2000
Cryptography Trends: A US-Based Perspective Burt Kaliski, RSA Laboratories IPA/TAO Cryptography Symposium October 20, 2000 Outline Advanced Encryption Standard Dominant design Thoughts on key size Advanced
More informationNIST Cryptographic Toolkit
Cryptographic Toolkit Elaine Barker ebarker@nist.gov National InformationSystem Security Conference October 16, 2000 Toolkit Purpose The Cryptographic Toolkit will provide Federal agencies, and others
More informationIntroduction to Post-Quantum Cryptography
Introduction to Post-Quantum Cryptography CERG @ GMU http://cryptography.gmu.edu 10 PhD students 3 MS students Features Required from Today s Ciphers STRENGTH PERFORMANCE software hardware FUNCTIONALITY
More informationIntroduction to Post-Quantum Cryptography
Introduction to Post-Quantum Cryptography CERG @ GMU http://cryptography.gmu.edu 10 PhD students 3 MS students 1 Features Required from Today s Ciphers STRENGTH PERFORMANCE software hardware FUNCTIONALITY
More informationBlock Ciphers. Lucifer, DES, RC5, AES. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk Block Ciphers 1
Block Ciphers Lucifer, DES, RC5, AES CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk Block Ciphers 1 ... Block Ciphers & S-P Networks Block Ciphers: Substitution ciphers
More information8/30/17. Introduction to Post-Quantum Cryptography. Features Required from Today s Ciphers. Secret-key (Symmetric) Ciphers
CERG @ GMU http://cryptography.gmu.edu Introduction to Post-Quantum Cryptography 10 PhD students 3 MS students Features Required from Today s Ciphers Secret-key (Symmetric) Ciphers STRENGTH PERFORMANCE
More informationLecture 11. Security Protocols. Cryptographic Standards. Companies Developing Cryptographic Hardware
Lecture 11 Security Protocols Cryptographic Standards Companies Developing Cryptographic Hardware Secure Communication Systems (e.g., DMS) Security protocols (e.g., S-MIME, SSL, IPSec) Security mechanisms
More informationA Brief Outlook at Block Ciphers
A Brief Outlook at Block Ciphers Pascal Junod École Polytechnique Fédérale de Lausanne, Suisse CSA 03, Rabat, Maroc, 10-09-2003 Content Generic Concepts DES / AES Cryptanalysis of Block Ciphers Provable
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationUnderstanding Cryptography by Christof Paar and Jan Pelzl. Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 2009
Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 29 These slides were prepared by Daehyun Strobel, Christof
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationEfficient Hardware Design and Implementation of AES Cryptosystem
Efficient Hardware Design and Implementation of AES Cryptosystem PRAVIN B. GHEWARI 1 MRS. JAYMALA K. PATIL 1 AMIT B. CHOUGULE 2 1 Department of Electronics & Telecommunication 2 Department of Computer
More informationECE 646 Lecture 8. Modes of operation of block ciphers
ECE 646 Lecture 8 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5 th and 6 th Edition, Chapter 6 Block Cipher Operation II. A. Menezes, P.
More informationCryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.
Telling Secrets Secret Writing Through the Ages William Turner Department of Mathematics & Computer Science Wabash College Crawfordsville, IN 47933 Tuesday 4 February 2014 W. J. Turner Telling Secrets
More informationAnalysis, demands, and properties of pseudorandom number generators
Analysis, demands, and properties of pseudorandom number generators Jan Krhovják Department of Computer Systems and Communications Faculty of Informatics, Masaryk University Brno, Czech Republic Jan Krhovják
More informationComp527 status items. Crypto Protocols, part 2 Crypto primitives. Bart Preneel July Install the smart card software. Today
Comp527 status items Crypto Protocols, part 2 Crypto primitives Today s talk includes slides from: Bart Preneel, Jonathan Millen, and Dan Wallach Install the smart card software Bring CDs back to Dan s
More informationAES Java Technology Comparisons
February 7, 1999 AES Java Technology Comparisons Alan Folmsbee, Sun Microsystems, Inc. Advanced Encryption Standard candidate algorithm comparisons based on the Java technology implementations. 1.0 Introduction
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationPresented by: Kevin Hieb May 2, 2005
Presented by: Kevin Hieb May 2, 2005 Governments National Finances National Security Citizens Companies Data Loss Monetary Loss Individuals Identity Theft Data Loss Networks Firewalls Intrusion Detection
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationElliptic Curve Cryptosystem
UDC 681.8 Elliptic Curve Cryptosystem VNaoya Torii VKazuhiro Yokoyama (Manuscript received June 6, 2000) This paper describes elliptic curve cryptosystems (ECCs), which are expected to become the next-generation
More informationIntroduction to Modern Symmetric-Key Ciphers
Introduction to Modern Symmetric-Key Ciphers 1 Objectives Review a short history of DES. Define the basic structure of DES. List DES alternatives. Introduce the basic structure of AES. 2 Data Encryption
More informationOptimized AES Algorithm Using FeedBack Architecture Chintan Raval 1, Maitrey Patel 2, Bhargav Tarpara 3 1, 2,
Optimized AES Algorithm Using FeedBack Architecture Chintan Raval 1, Maitrey Patel 2, Bhargav Tarpara 3 1, 2, Pursuing M.Tech., VLSI, U.V.Patel college of Engineering and Technology, Kherva, Mehsana, India
More informationEncryption Details COMP620
Encryption Details COMP620 Encryption is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government It s hard to think of a more
More informationLecture 5. Encryption Continued... Why not 2-DES?
Lecture 5 Encryption Continued... 1 Why not 2-DES? 2DES: C = DES ( K1, DES ( K2, P ) ) Seems to be hard to break by brute force, approx. 2 111 trials Assume Eve is trying to break 2DES and has a single
More informationUse of Embedded FPGA Resources in Implementa:ons of 14 Round 2 SHA- 3 Candidates
Use of Embedded FPGA Resources in Implementa:ons of 14 Round 2 SHA- 3 Candidates Kris Gaj, Rabia Shahid, Malik Umar Sharif, and Marcin Rogawski George Mason University U.S.A. Co-Authors Rabia Shahid Malik
More informationLecture 2: Secret Key Cryptography
T-79.159 Cryptography and Data Security Lecture 2: Secret Key Cryptography Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi 1 Reminder: Communication Model Adversary Eve Cipher, Encryption
More informationImplementation of the block cipher Rijndael using Altera FPGA
Regular paper Implementation of the block cipher Rijndael using Altera FPGA Piotr Mroczkowski Abstract A short description of the block cipher Rijndael is presented. Hardware implementation by means of
More informationTABLE OF CONTENTS CHAPTER NO. TITLE PAGE NO.
vii TABLE OF CONTENTS CHAPTER NO. TITLE PAGE NO. ABSTRACT LIST OF TABLES LIST OF FIGURES LIST OF SYMBOLS AND ABBREVIATION iii xii xiv xvii 1 INTRODUCTION 1 1.1 GENERAL 1 1.2 TYPES OF WIRELESS COMMUNICATION
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationASIC Performance Comparison for the ISO Standard Block Ciphers
ASIC Performance Comparison for the ISO Standard Block Ciphers Takeshi Sugawara 1, Naofumi Homma 1, Takafumi Aoki 1, and Akashi Satoh 2 1 Graduate School of Information Sciences, Tohoku University Aoba
More informationAES Advanced Encryption Standard
AES Advanced Encryption Standard AES is iterated block cipher that supports block sizes of 128-bits and key sizes of 128, 192, and 256 bits. The AES finalist candidate algorithms were MARS, RC6, Rijndael,
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationECE 297:11 Reconfigurable Architectures for Computer Security
ECE 297:11 Reconfigurable Architectures for Computer Security Course web page: http://mason.gmu.edu/~kgaj/ece297 Instructors: Kris Gaj (GMU) Tarek El-Ghazawi (GWU) TA: Pawel Chodowiec (GMU) Kris Gaj George
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationDelineation of Trivial PGP Security
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 20, Issue 3, Ver. I (May. - June. 2018), PP 17-23 www.iosrjournals.org Delineation of Trivial PGP Security Mr.
More informationSecret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34
Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used for both encryption and decryption.
More informationJaap van Ginkel Security of Systems and Networks
Jaap van Ginkel Security of Systems and Networks November 4, 2013 Part 4 Modern Crypto Block Ciphers (Iterated) Block Cipher Plaintext and ciphertext consist of fixed-sized blocks Ciphertext obtained from
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 6: Advanced Encryption Standard (AES) Ion Petre Department of IT, Åbo Akademi University 1 Origin of AES 1999: NIST
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5 January 23, 2012 CPSC 467b, Lecture 5 1/35 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationThis chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest
1 2 3 This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest PKCS, Diffie- Hellman key exchange. This first published
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5a January 29, 2013 CPSC 467b, Lecture 5a 1/37 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationSecret Key Algorithms (DES)
Secret Key Algorithms (DES) G. Bertoni L. Breveglieri Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used
More informationFast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays
Fast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays Kris Gaj and Pawel Chodowiec George Mason University, Electrical and
More informationBlock Ciphers. Secure Software Systems
1 Block Ciphers 2 Block Cipher Encryption function E C = E(k, P) Decryption function D P = D(k, C) Symmetric-key encryption Same key is used for both encryption and decryption Operates not bit-by-bit but
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationFPGA CAN BE IMPLEMENTED BY USING ADVANCED ENCRYPTION STANDARD ALGORITHM
FPGA CAN BE IMPLEMENTED BY USING ADVANCED ENCRYPTION STANDARD ALGORITHM P. Aatheeswaran 1, Dr.R.Suresh Babu 2 PG Scholar, Department of ECE, Jaya Engineering College, Chennai, Tamilnadu, India 1 Associate
More informationECE 646 Lecture 7. Data Encryption Standard DES. Secret-Key Ciphers. Secret agreement between IBM & NSA, 1974
C 646 Lecture 7 Secret-Key Ciphers Data Standard DS NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely specified -
More informationWeek 4. : Block Ciphers and DES
Week 4. : Block Ciphers and DES Model of Symmetric Cryptosystem Cryptanalyst Adversary M K E Insecure Channel D Plaintext M Ciphertext C Secure Channel Plaintext M Key K Shared Secret Key C = E K (M) D
More informationSecurity against Timing Analysis Attack
International Journal of Electrical and Computer Engineering (IJECE) Vol. 5, No. 4, August 2015, pp. 759~764 ISSN: 2088-8708 759 Security against Timing Analysis Attack Deevi Radha Rani 1, S. Venkateswarlu
More informationNIST Post- Quantum Cryptography Standardiza9on
NIST Post- Quantum Cryptography Standardiza9on Lily Chen Cryptographic Technology Group Computer Security Division, Informa9on Technology Lab Na9onal Ins9tute of Standards and Technology (NIST) NIST Crypto
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationCrypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion
Crypto Basics Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion 1 What is a cryptosystem? K = {0,1} l P = {0,1} m C = {0,1} n, C C E: P K C D: C
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationIntroduction to information Security
First lecture Introduction to information Security Why Computer and information Security Cryptography Secret key algorithms: DES/AES Public key algorithms: RSA One-way hash functions & message digests:
More informationImplementation of Full -Parallelism AES Encryption and Decryption
Implementation of Full -Parallelism AES Encryption and Decryption M.Anto Merline M.E-Commuication Systems, ECE Department K.Ramakrishnan College of Engineering-Samayapuram, Trichy. Abstract-Advanced Encryption
More informationFPGA Can be Implemented Using Advanced Encryption Standard Algorithm
FPGA Can be Implemented Using Advanced Encryption Standard Algorithm Shahin Shafei Young Researchers and Elite Club, Mahabad Branch, Islamic Azad University, Mahabad, Iran Email:Shahin_shafei@yahoo.com
More informationCryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain
Cryptography Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar Submitted by:- Hardeep Gaurav Jain Cryptography Cryptography, a word with Greek origins, means "secret writing." However, we use the term
More informationSymmetric Key Encryption. Symmetric Key Encryption. Advanced Encryption Standard ( AES ) DES DES DES 08/01/2015. DES and 3-DES.
Symmetric Key Encryption Symmetric Key Encryption and 3- Tom Chothia Computer Security: Lecture 2 Padding Block cipher modes Advanced Encryption Standard ( AES ) AES is a state-of-the-art block cipher.
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationUnderstanding Cryptography by Christof Paar and Jan Pelzl. Chapter 9 Elliptic Curve Cryptography
Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 9 Elliptic Curve Cryptography ver. February 2nd, 2015 These slides were prepared by Tim Güneysu, Christof Paar
More informationCryptography and Network Security
Cryptography and Network Security CRYPTOGRAPHY AND NETWORK SECURITY PRAKASH C. GUPTA Former Head Department of Information Technology Maharashtra Institute of Technology Pune Delhi-110092 2015 CRYPTOGRAPHY
More informationPGP: An Algorithmic Overview
PGP: An Algorithmic Overview David Yaw 11/6/2001 VCSG-482 Introduction The purpose of this paper is not to act as a manual for PGP, nor is it an in-depth analysis of its cryptographic algorithms. It is
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA
More informationSymmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.
Symmetric Key Algorithms Definition A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting. 1 Block cipher and stream cipher There are two main families
More informationOutline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Department of Electrical and Computer Engineering Cleveland State University wenbing@ieee.org Outline Review
More informationIntroduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu
Introduction to Cryptographic Systems Asst. Prof. Mihai Chiroiu Vocabulary In cryptography, cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Decryption
More informationPublic Key Cryptography
graphy CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L07, Steve/Courses/2011/S2/CSS322/Lectures/rsa.tex,
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 5 Advanced Encryption Standard Advance Encryption Standard Topics Origin of AES Basic AES Inside Algorithm Final Notes Origins
More informationECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #7 Analysis of DES and the AES Standard Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we analyze the security properties of DES and
More informationRSA. Public Key CryptoSystem
RSA Public Key CryptoSystem DIFFIE AND HELLMAN (76) NEW DIRECTIONS IN CRYPTOGRAPHY Split the Bob s secret key K to two parts: K E, to be used for encrypting messages to Bob. K D, to be used for decrypting
More informationDataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.
Submitted by SPYRUS, Inc. Contents DT5000 and DT6000 Technology Overview...2 Why DT5000 and DT6000 Encryption Is Different...3 Why DT5000 and DT6000 Encryption Is Different - Summary...4 XTS-AES Sector-Based
More informationBlock Ciphers and Stream Ciphers. Block Ciphers. Stream Ciphers. Block Ciphers
Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2... M N. Then, each block M i is encrypted to the ciphertext block C i = K (M i ), and
More informationComputational Security, Stream and Block Cipher Functions
Computational Security, Stream and Block Cipher Functions 18 March 2019 Lecture 3 Most Slides Credits: Steve Zdancewic (UPenn) 18 March 2019 SE 425: Communication and Information Security 1 Topics for
More informationNetwork Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Encryption/Decryption using Public Key Cryptography Network Security Chapter 4 Public Key Cryptography However,
More informationSymmetric Encryption. Thierry Sans
Symmetric Encryption Thierry Sans Design principles (reminder) 1. Kerkoff Principle The security of a cryptosystem must not rely on keeping the algorithm secret 2. Diffusion Mixing-up symbols 3. Confusion
More informationPOST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK DR. DANIEL SLAMANIG
POST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK 2018 02.02.2018 DR. DANIEL SLAMANIG WHAT IS POST-QUANTUM CRYPTOGRAPHY? Also called quantum safe/resistant cryptography NOT quantum cryptography (= quantum
More informationElaine Barker and Allen Roginsky NIST June 29, 2010
Elaine Barker and Allen Roginsky NIST June 29, 2010 Background: Cryptography is used to protect sensitive information Attackers are becoming smarter, and computers are becoming more powerful Many commonly
More informationAdvanced Encryption Standard
Advanced Encryption Standard Vincent Rijmen Institute for Applied Information Processing and Communications (IAIK) - Krypto Group Faculty of Computer Science Graz University of Technology Outline Modern
More information