Lecture 13 Secure Multimedia Coding (I)
|
|
- Barnard Andrews
- 5 years ago
- Views:
Transcription
1 Shujun LI (李树钧): INF Multimedia Coding Lecture 13 Secure Multimedia Coding (I) July 15, 2009
2 Outline Coding for Security: Cryptology Fundamentals Symmetric/Private-Key Ciphers Cryptographic Hash Functions Asymmetric/Public-Key Ciphers 1
3 Fundamentals
4 Cryptology Cryptology = Cryptography + Cryptanalysis Cryptography = The art of designing cryptosystems Cryptanalysis = The art of analyzing (often breaking) cryptosystems Cryptosystems = Ciphers + Cryptographic hash functions + Digital signatures + Security protocols + Cryptography Cryptology, Cryptosystems Ciphers (in many scenarios) 3
5 Models of evaluating security Unconditional security Complexity-theoretical security Provable security Computable/Practical security The minimal computational effort (time and space) an attacker needs to break a cryptosystem Often related to mathematical hard problems 4
6 Ciphers Cipher = Encipher + Decipher An encipher encodes/encrypts a message P (called plaintext) into another message C (called ciphertext), under the control of an encryption key K E. A decipher decodes/decrypts a ciphertext C back into a plaintext P (in most case =P), under the control of a decryption key K D. Plaintext P Encipher Encryption Key K E Ciphertext C Decryption Key K D Decipher Recovered Plaintext P 5
7 Kerckhoffs principle (1883) Kerckhoffs principle/assumption/law/axiom A cipher should be secure even if everything about the cryptosystem, except the key, is public knowledge. Spies, reverse engineering, = The security of a cipher should depend only on the key, but not on the secrecy of any other part of the system. = Shannon s maxim: The enemy knows the system. 6
8 Cryptanalysis of ciphers Ciphertext-only attack The attacker can see C only: C P and/or K D and/or K E? Known-plaintext attack The attacker can see/guess P and C: (P,C) K D and/or K E? Chosen-plaintext attack The attacker has temporary access to the encipher, so that he can choose P and see C: (P,C) K E and perhaps then K D? Chosen-ciphertext attack The attacker has temporary access to the decipher, so that he can choose C and see P : (P,C) K D and perhaps then K E? Related-key attack The attacker can see the encryption results of several related keys. 7
9 More types of cryptanalysis Brute-force attack Exhaustively search for the key in the key space Side-channel attack Try to break a cryptosystem based on information gained from physical implementation of the system Social engineering attack Try to get the key from the owner by deception Black-bag cryptanalysis Try to steal the key from the owner (e.g., via a keylogger) Rubber-hose cryptanalysis Get the key from the owner by force 8
10 Two important cryptanalytic techniques Differential cryptanalysis Given two different inputs of a cryptosystem, P 1 and P 2, the attacker tries to (partially) break the key by exploiting the relationship between Diff(C 1,C 2 ) and Diff(P 1,P 2 ), where Diff= or modular subtraction in most scenarios. Linear cryptanalysis Given an input of a cryptosystem, P, the attacker tries to (partially) break some key bits by exploiting the linear relationship between different bits in P, C and K. 9
11 Ciphers Formal definitions as codes Plaintext: P=(P 1 Pm), where Pi P Ciphertext: C={C 1 Cm}, where Ci C=B* (B={0,1} in most cases) Encryption: C=E(P, K E )={E i (P i, K E )} Decryption: P =D(C, K D )={D i (C i, K D )} Classification K D K E (often K D =K E )? Symmetric/Private-key ciphers ( ) vs. Asymmetric/Public-key ciphers (PKC) ( ) i j E i =E j? Block ciphers (Yes) vs. Stream ciphers (No) P 1 =P 2 E(P 1, K E )=E(P 2, K E ) with probability 1? Deterministic ciphers (Yes) vs. Probabilistic ciphers (No) 10
12 Symmetric vs. Asymmetric ciphers Symmetric/Private-key ciphers: The key has to be shared between the encipher and the decipher. A key distribution problem exists: n users need C(n,2)=n(n-1)/2 keys and those keys have to be distributed to users in advance. Asymmetric/Publick-key ciphers: The encryption key K E is published somewhere, but the decryption key K D is kept secret. No key distribution problem: n users need 2n keys n public keys for encryption and n private keys for decryption. 11
13 Symmetric/Private-Key Ciphers
14 Stream ciphers How to make E i time-varying? A pseudorandom number (bit) generator (PRNG/PRBG) is needed to produce a key-stream {k 1 k m } from the encryption key K E. Then, C i =f(p i,k i ), where f is often bitwise XOR operation P i k i, or modular addition (P i +k i ) mod 2 n. Types of stream ciphers Synchronous Stream Ciphers (SSC): K E {k 1 k m } Self-Synchronous Stream Ciphers (SSSC): (C i-l C i-1,k E ) k i One-Time Pad (OTP): {k 1 k m } is the encryption/decryption key and used only once. If {k 1 k m } is perfectly random, the stream cipher provide perfect secrecy in the sense that no additional information about P is leaked from C. (Shannon, 1949) 13
15 Block ciphers How is encryption achieved? The same encryption function E i is applied to each n-bit block of P. n-bit block ciphers Types of block ciphers Substitution ciphers: each block is substituted by another one. Transposition ciphers: the positions of plaintext blocks/bits are permuted. Product ciphers: combination of different simpler ciphers Most modern ciphers are product ciphers. Modes of operation Running in certain mode of operation, a block cipher can work exactly like a stream cipher. 14
16 Confusion and diffusion (Shannon, 1949) Confusion: The relationship between P/K E and C should be as complex as possible. Ideally, for any P and any K E, the statistics of C is/looks the same. = Good pseudorandomness of C for any P/K E Ergodicity of chaotic systems? Diffusion: The dependence of C on P/K E should be very complex. Strict avalanche criterion (SAC): One bit changes in P/K E, each bit in C changes with probability ½. Sensitivity to initial condition/control parameter of chaotic systems? 15
17 Block cipher design: SPN SPN = SP network = n rounds of Substitution + Permutation + Substitution-box (S-box) Confusion w.r.t plaintext Permutation-box (P-box) Diffusion w.r.t plaintext Confusion/Diffusion w.r.t. key Multiple rounds Confusion & diffusion 16
18 Block cipher design: Feistel network A Feistel network/cipher = n rounds of and a round function F. P i =(L i (0),R i (0)), P i =(L i (n+1),r i (n+1)) K E =K D {K(0),,K(n)} Encryption: L i (j+1)=r i (j), R i (j+1)=l i (j) F(R i (j),k(j)) Decryption: R i (j)=l i (j+1), L i (j)=r i (j+1) F(L i (j+1),k(j)) The same structure for encryption/decryption 17
19 Block ciphers: Modes of operation Electronic codebook (ECB) Encryption: C i =E i (P i, K E ) Decryption: P i =D i (C i, K D ) Cipher-block chaining (CBC) Encryption: C i =E i (P i C i-1, K E ), C 0 =IV (Initial Vector) Decryption: P i =D i (C i, K D ) C i-1, C 0 =IV Propagating/Plaintext cipher-block chaining (PCBC) Encryption: C i =E i (P i C i-1 P i-1, K E ), P 0 C 0 =IV Decryption: P i =D i (C i, K D ) C i-1 P i-1, P 0 C 0 =IV 18
20 Block ciphers Stream ciphers Cipher feedback (CFB) Encryption: C i =E i (C i-1, K E ) P i, C 0 =IV Decryption: P i =E i (C i-1, K D ) C i, C 0 =IV Output feedback (OFB) Internal state: O i =E i (O i-1, K E ), O 0 =IV Encryption: C i =O i P i Decryption: P i =O i C i Counter (CTR) = OFB when O i is replaced by a random number (a counter) 19
21 Some classical ciphers Vernam cipher Stream ciphers Encryption: C i =P i k i Caesar cipher Substitution ciphers Encryption: C i =(P i +K) mod 26, where P i, C i, K { A =0,, Z =25} Vigenère cipher Polyalphabetic ciphers Encryption: C i =(P i +K i ) mod 26, where P i, C i, K i { A =0,, Z =25} Example: {K i }=konstanzkonstanzkonstanz Scytale/Skytale cipher Transposition ciphers Encryption: {P 1,,P m } {P i(1),,p i(m) } 20
22 Some modern block ciphers DES (Data Encryption Standard, NIST, 1977-) 64-bit 16-round Feistel cipher with 56-bit key AES (Advanced Encryption Standard, NIST, 2001-) / Rijndael 128-bit 10/12/14-round SPN cipher with 128/192/256-bit key IDEA (International Data Encryption Algorithm, Xuejia Lai and James Massey, 1991) 64-bit 8.5-round SPN cipher with 128-bit key Blowfish (Bruce Schneier, 1993) 64-bit 16-round Feistel cipher with 33~448-bit key Twofish (Bruce Schneier, 1998) = 128-bit 16-round Feistel cipher with 128/192/256-bit key Serpent (Ross Anderson, Eli Biham, Lars Knudsen, 1998) 128-bit 32-round SPN with 128/192/256-bit key 21
23 An visual demonstration of 128-bit AES Developed by Enrique Zabala as part of the CrypTool project 22
24 LSFR-based stream ciphers (PRNGs) LFSR = Linear Feedback Shift Register Non-linear combining functions Clock-controlled generators Nonlinear filter generators 23
25 More stream ciphers (PSNRs) NLFSR = Nonlinear feedback shift register SEAL (Software-optimized Encryption Algorithm, Phillip Rogaway and Don Coppersmith, 1993/1997) Based on a cryptographic hash function. The key K + a 32-bit number n A pseudorandom number k(n) RC4 = Rivest Cipher 4 = Ron s Code 4 (Ron Rivest, 1987, initially a trade secret, revealed in 1994) A permutation of and two pointers Key-stream estream ciphers (2008) 24
26 Cryptographic Hash Functions
27 Cryptographic hash functions An unkeyed hash function h maps a message of any size to an output of a fixed size. Input: x=(x 1 xm), where xi X Output: y=h(x) B n, where n is an integer Hashing Lossy compression Types of cryptographic hash functions Modification detection codes (MDCs) Unkeyed hash functions Message authentication codes (MACs) Keyed hash functions: h(x) h(x,k) 26
28 Security of cryptographic hash functions Security against preimage attack Given any hash value y, it is computationally infeasible to find x such that h(x)=y. Complexity = O(2 n ). Security against 2 nd -preimage attack Given any message x, it is computationally infeasible to find x such that h(x ) =h(x). Complexity = O(2 n ). Security against collision/birthday attack It is computationally infeasible to find any two messages x and x such that h(x ) =h(x). Complexity = O(2 n/2 ). Security against MAC forgery Given a number of MAC-pairs (x,h(x,k)), it is computationally infeasible to find a new pair (x,h(x,k). Complexity = O(2 n ). 27
29 Applications of hash functions Message integrity verification / Error detection (MDC) Message authentication (MAC) One-way function used in digital certificates and security protocols (MDC/MAC) Password storing (MDC) A password P is stored on the server as its hash value h(p) or its salted hash value h(p Salt). An attacker who has read access to the server cannot get P from the hash value ( security against preimage attack) or another P with the same hash value ( security against 2 nd - preimage attack). 28
30 How to build hash functions? Merkle-Damgård construction (1979, 1989) All popular hash functions follow this construction. 1-bit + 0-bits + Message Length 29
31 Some MDCs and their applications MD5 = Message-Digest algorithm 5 (Ron Rivest, 1991; IETF RFC 1321, 1992) 128-bit hash function 2 64 is not enough against brute-force collusion attack nowadays Collusion reported by Xiaoyun Wang et al. in Collusions of real documents and digital certificates were found afterwards. MD5 has been broken in terms of collusion resistance! SHA (Secure Hash Algorithm) family SHA-0 (FIPS PUB 180 Secure Hash Standard, 1993) and SHA-1 (FIPS PUB 180-1, 1995): 160-bit hash function SHA-2 (FIPS PUB 180-2, 2000/2002/2004) SHA-256 (truncated version SHA-224), SHA-512 (truncated edition SHA-384) SHA-3 (in development, 2012?) 30
32 Shujun LI (李树钧): INF Multimedia Coding Asymmetric/Public-Key Cryptography
33 Public-key cryptography (PKC) Public-key encryption (ciphers) Encryption: C=E(P,K E ), where K E is public Decryption: P=D(C,K D ), where K D is private Digital signatures Signing: (P, S=E(h(P),K S )), where K S is private Verification: check if h(p)=d(s,k V ), where K V is public 32
34 Special attacks to PKC Chosen-plaintext attacks are always possible! The encryption key K E is public. A new attack: K E K D. Impersonation attack An attacker may impersonate a user by distributing a wrong public-key. A reliable public-key distribution scheme is needed. 33
35 How to construct public-key ciphers? One-way functions A function f that is easy to compute in one direction, but hard from the opposite direction. Trapdoor (one-way) functions A function f that is one-way without the knowledge of some trapdoor information. Trapdoor functions can be constructed on mathematically hard problems. Two mathematically hard problems Prime factorization: n=pq p and q (which are large primes) Discrete logarithm problem: g x x (over a finite cyclic group) 34
36 RSA Public-key cipher Named after Ron Rivest, Adi Shamir and Leonard Adleman (1978) Key generation (Alice) Choose two distinct primes p and q Compute n=pq and φ=(p-1)(q-1) Select a random positive integer e<φ, such that gcd(e,φ)=1 Compute the inverse of e mod φ, i.e., another integer d such that de 1 (mod φ). K E =(n,e), K D =d and publish K E Encryption (Bob) C=(P e mod n), where P, C {0,,n-1} Decryption (Alice) P=(C d mod n)=(p de mod n) 35
37 Security of RSA The RSA problem (corresponding to ciphertext-only attack) (n=pq,e) and C P such that P e C (mod n) It is believed that the RSA problem is as hard as the prime factorization problem The trapdoor information is p and q. The prime factorization problem n=pq p and q φ=(p-1)(q-1) d (Bob can do the same thing exactly as Alice did, if he gets the values of p and q) The trapdoor information is p and q. 36
38 References
39 References of Further Reading A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996, fulltext of all chapters are available at Bruce Schneier, Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C, 2nd Edition, John Wiley & Sons, Inc., 1996 National Technical Information Service (NTIS), Specification for the Advanced Encryption Standard (AES), Federal Information Processing Standards Publication (FIPS PUB) 197, 2001, available online at pdf 38
Cryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard
Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationCRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext
CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationChapter 3 Block Ciphers and the Data Encryption Standard
Chapter 3 Block Ciphers and the Data Encryption Standard Last Chapter have considered: terminology classical cipher techniques substitution ciphers cryptanalysis using letter frequencies transposition
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More information7. Symmetric encryption. symmetric cryptography 1
CIS 5371 Cryptography 7. Symmetric encryption symmetric cryptography 1 Cryptographic systems Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) M, plaintext message space C, ciphertext message space K, K, encryption
More informationCS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES
CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES PREPARED BY R.CYNTHIA PRIYADHARSHINI AP/IT/SREC Block Ciphers A block cipher is an encryption/decryption scheme in which a block of plaintext is treated
More informationNetwork Security Essentials Chapter 2
Network Security Essentials Chapter 2 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Encryption What is encryption? Why do we need it? No, seriously, let's discuss this. Why do we need
More informationCryptography III: Symmetric Ciphers
Cryptography III: Symmetric Ciphers Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 14th February 2008 Outline Stream ciphers Block ciphers DES and Rijndael Summary
More informationStudy Guide to Mideterm Exam
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #7 Professor M. J. Fischer February 20, 2012 Study Guide to Mideterm Exam For the exam, you are responsible
More informationModern Symmetric Block cipher
Modern Symmetric Block cipher 81 Shannon's Guide to Good Ciphers Amount of secrecy should determine amount of labour appropriate for encryption and decryption The set of keys and enciphering algorithm
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationA SIMPLIFIED IDEA ALGORITHM
A SIMPLIFIED IDEA ALGORITHM NICK HOFFMAN Abstract. In this paper, a simplified version of the International Data Encryption Algorithm (IDEA) is described. This simplified version, like simplified versions
More informationJaap van Ginkel Security of Systems and Networks
Jaap van Ginkel Security of Systems and Networks November 5, 2012 Part 3 Modern Crypto SSN Week 2 Hashes MD5 SHA Secret key cryptography AES Public key cryptography DES Book Chapter 1 in full Chapter 2
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationAppendix A: Introduction to cryptographic algorithms and protocols
Security and Cooperation in Wireless Networks http://secowinet.epfl.ch/ Appendix A: Introduction to cryptographic algorithms and protocols 2007 Levente Buttyán and Jean-Pierre Hubaux symmetric and asymmetric
More informationLecture IV : Cryptography, Fundamentals
Lecture IV : Cryptography, Fundamentals Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University Spring 2012 Basic Principles
More informationIntroduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell
Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell 1 Cryptography Merriam-Webster Online Dictionary: 1. secret writing 2. the enciphering and deciphering
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationCIT 380: Securing Computer Systems. Symmetric Cryptography
CIT 380: Securing Computer Systems Symmetric Cryptography Topics 1. Modular Arithmetic 2. What is Cryptography? 3. Transposition Ciphers 4. Substitution Ciphers 1. Cæsar cipher 2. Vigènere cipher 5. Cryptanalysis:
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationCSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography
CSCI 454/554 Computer and Network Security Topic 2. Introduction to Cryptography Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationOutline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing
Outline CSCI 454/554 Computer and Network Security Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues Topic 2. Introduction to Cryptography 2 Cryptography Basic Concepts
More informationComputer and Data Security. Lecture 3 Block cipher and DES
Computer and Data Security Lecture 3 Block cipher and DES Stream Ciphers l Encrypts a digital data stream one bit or one byte at a time l One time pad is example; but practical limitations l Typical approach
More informationEEC-484/584 Computer Networks
EEC-484/584 Computer Networks Lecture 23 wenbing@ieee.org (Lecture notes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of last lecture Introduction to
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationLecture 2: Secret Key Cryptography
T-79.159 Cryptography and Data Security Lecture 2: Secret Key Cryptography Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi 1 Reminder: Communication Model Adversary Eve Cipher, Encryption
More informationSome Stuff About Crypto
Some Stuff About Crypto Adrian Frith Laboratory of Foundational Aspects of Computer Science Department of Mathematics and Applied Mathematics University of Cape Town This work is licensed under a Creative
More informationChapter 3 Traditional Symmetric-Key Ciphers 3.1
Chapter 3 Traditional Symmetric-Key Ciphers 3.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Objectives To define the terms and the concepts of symmetric
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationThe Rectangle Attack
The Rectangle Attack and Other Techniques for Cryptanalysis of Block Ciphers Orr Dunkelman Computer Science Dept. Technion joint work with Eli Biham and Nathan Keller Topics Block Ciphers Cryptanalysis
More informationECE 646 Lecture 8. Modes of operation of block ciphers
ECE 646 Lecture 8 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5 th and 6 th Edition, Chapter 6 Block Cipher Operation II. A. Menezes, P.
More informationBasic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline
CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationHomework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING
UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING ENEE 457 Computer Systems Security Instructor: Charalampos Papamanthou Homework 2 Out: 09/23/16 Due: 09/30/16 11:59pm Instructions
More informationOutline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Department of Electrical and Computer Engineering Cleveland State University wenbing@ieee.org Outline Review
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5a January 29, 2013 CPSC 467b, Lecture 5a 1/37 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationSymmetric Encryption Algorithms
Symmetric Encryption Algorithms CS-480b Dick Steflik Text Network Security Essentials Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Symmetric Cipher Model Plaintext Encryption Algorithm
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationEEC-682/782 Computer Networks I
EEC-682/782 Computer Networks I Lecture 23 Wenbing Zhao wenbingz@gmail.com http://academic.csuohio.edu/zhao_w/teaching/eec682.htm (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 7 September 23, 2015 CPSC 467, Lecture 7 1/1 Advanced Encryption Standard AES Alternatives CPSC 467,
More informationIntroduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu
Introduction to Cryptographic Systems Asst. Prof. Mihai Chiroiu Vocabulary In cryptography, cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Decryption
More informationGlenda Whitbeck Global Computing Security Architect Spirit AeroSystems
Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems History 2000 B.C. Egyptian Hieroglyphics Atbash - Hebrew Original alphabet mapped to different letter Type of Substitution Cipher
More informationPublic Key Cryptography
graphy CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L07, Steve/Courses/2011/S2/CSS322/Lectures/rsa.tex,
More informationMaking and Breaking Ciphers
Making and Breaking Ciphers Ralph Morelli Trinity College, Hartford (ralph.morelli@trincoll.edu) Smithsonian Institute October 31, 2009 2009 Ralph Morelli You are free to reuse and remix this presentation
More informationWeek 5: Advanced Encryption Standard. Click
Week 5: Advanced Encryption Standard Click http://www.nist.gov/aes 1 History of AES Calendar 1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5 January 23, 2012 CPSC 467b, Lecture 5 1/35 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's code, principally with
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationLECTURE 4: Cryptography
CSC 519 Information Security LECTURE 4: Cryptography Dr. Esam A. Alwagait alwagait@ksu.edu.sa Recap form previous Lecture We discussed more symmetric encryption. Books? Security Engineering, Ross Anderson
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 14: Folklore, Course summary, Exam requirements Ion Petre Department of IT, Åbo Akademi University 1 Folklore on
More informationLecture 6: Symmetric Cryptography. CS 5430 February 21, 2018
Lecture 6: Symmetric Cryptography CS 5430 February 21, 2018 The Big Picture Thus Far Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures.
More information2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography
CS 472 Network and System Security Mohammad Almalag malmalag@cs.odu.edu Lecture 2 January 22, 2013 Introduction To Cryptography 1 Definitions Cryptography = the science (art) of encryption Cryptanalysis
More informationCryptographic Hash Functions. William R. Speirs
Cryptographic Hash Functions William R. Speirs What is a hash function? Compression: A function that maps arbitrarily long binary strings to fixed length binary strings Ease of Computation: Given a hash
More informationData Encryption Standard
ECE 646 Lecture 6 Data Encryption Standard Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationL2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015
L2. An Introduction to Classical Cryptosystems Rocky K. C. Chang, 23 January 2015 This and the next set of slides 2 Outline Components of a cryptosystem Some modular arithmetic Some classical ciphers Shift
More informationChannel Coding and Cryptography Part II: Introduction to Cryptography
Channel Coding and Cryptography Part II: Introduction to Cryptography Prof. Dr.-Ing. habil. Andreas Ahrens Communications Signal Processing Group, University of Technology, Business and Design Email: andreas.ahrens@hs-wismar.de
More informationCPS2323. Block Ciphers: The Data Encryption Standard (DES)
Block Ciphers: The Data Encryption Standard (DES) Content Block Ciphers: Constructing Pseudo Random Permutations using confusion/diffusion A call for an industry standard... and the NSA Lucifer and Feistel
More informationSymmetric Cryptography. CS4264 Fall 2016
Symmetric Cryptography CS4264 Fall 2016 Correction: TA Office Hour Stefan Nagy (snagy2@vt.edu) Office hour: Thursday Friday 10-11 AM, 106 McBryde Hall 2 Slides credit to Abdou Illia RECAP AND HIGH-LEVEL
More informationIDEA, RC5. Modes of operation of block ciphers
C 646 - Lecture 8 IDA, RC5 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th dition, Chapter 6 Block Cipher Operation II. A. Menezes, P. van
More informationClassical Cryptography. Thierry Sans
Classical Cryptography Thierry Sans Example and definitions of a cryptosystem Caesar Cipher - the oldest cryptosystem A shift cipher attributed to Julius Caesar (100-44 BC) MEET ME AFTER THE TOGA PARTY
More informationPublic Key Algorithms
Public Key Algorithms 1 Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular
More informationCS Network Security. Module 6 Private Key Cryptography
CS 393 - Network Security Module 6 Private ey Cryptography Data Encryption Encryption is the process of encoding a message such that its meaning is not obvious. Decryption is the reverse process, ie, transforming
More informationCryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.
Telling Secrets Secret Writing Through the Ages William Turner Department of Mathematics & Computer Science Wabash College Crawfordsville, IN 47933 Tuesday 4 February 2014 W. J. Turner Telling Secrets
More informationCryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi
Cryptographic Primitives A brief introduction Ragesh Jaiswal CSE, IIT Delhi Cryptography: Introduction Throughout most of history: Cryptography = art of secret writing Secure communication M M = D K (C)
More informationUNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan
UNIT - II Traditional Symmetric-Key Ciphers 1 Objectives To define the terms and the concepts of symmetric key ciphers To emphasize the two categories of traditional ciphers: substitution and transposition
More informationMore on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017
More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017 Page 1 Outline Desirable characteristics of ciphers Stream and block ciphers Cryptographic modes Uses of cryptography Symmetric
More informationCSCE 813 Internet Security Symmetric Cryptography
CSCE 813 Internet Security Symmetric Cryptography Professor Lisa Luo Fall 2017 Previous Class Essential Internet Security Requirements Confidentiality Integrity Authenticity Availability Accountability
More informationCryptography III: Symmetric Ciphers
Cryptography III: Symmetric Ciphers Computer Security Lecture 4 David Aspinall School of Informatics University of Edinburgh 26th January 2012 Outline Stream ciphers Block ciphers DES and Rijndael Summary
More informationCryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL
Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E
More informationCS 392/681 Computer Security. Module 1 Private Key Cryptography
CS 392/681 Computer Security Module 1 Private Key Cryptography Logistics Office hours Thursday 3 to 5 (tentative). Lab 0 due today. Lab 1 assigned. Due next Thursday!! ISIS is still unstable. Will fix
More informationAnalysis, demands, and properties of pseudorandom number generators
Analysis, demands, and properties of pseudorandom number generators Jan Krhovják Department of Computer Systems and Communications Faculty of Informatics, Masaryk University Brno, Czech Republic Jan Krhovják
More informationCS682 Advanced Security Topics
CS682 Advanced Security Topics Lecture 2 Applied Cryptography Elias Athanasopoulos eliasathan@cs.ucy.ac.cy 2 The Need for Cryptography People had always secrets Ordinary applications are based on secrecy
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationSecurity: Cryptography
Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity
More informationPRNGs & DES. Luke Anderson. 16 th March University Of Sydney.
PRNGs & DES Luke Anderson luke@lukeanderson.com.au 16 th March 2018 University Of Sydney Overview 1. Pseudo Random Number Generators 1.1 Sources of Entropy 1.2 Desirable PRNG Properties 1.3 Real PRNGs
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.5 Public Key Algorithms CSC 474/574 Dr. Peng Ning 1 Public Key Algorithms Public key algorithms covered in this class RSA: encryption and digital signature
More informationSome Aspects of Block Ciphers
Some Aspects of Block Ciphers Palash Sarkar Applied Statistics Unit Indian Statistical Institute, Kolkata India palash@isical.ac.in CU-ISI Tutorial Workshop on Cryptology, 17 th July 2011 Palash Sarkar
More informationLecture 5. Cryptographic Hash Functions. Read: Chapter 5 in KPS
Lecture 5 Cryptographic Hash Functions Read: Chapter 5 in KPS 1 Purpose CHF one of the most important tools in modern cryptography and security CHF-s are used for many authentication, integrity, digital
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA
More informationSymmetric key cryptography
The best system is to use a simple, well understood algorithm which relies on the security of a key rather than the algorithm itself. This means if anybody steals a key, you could just roll another and
More informationCENG 520 Lecture Note III
CENG 520 Lecture Note III Symmetric Ciphers block ciphers process messages in blocks, each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process
More informationA hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 8 Hash Functions 8.1 Hash Functions Hash Functions A hash function is an efficient function mapping binary strings of arbitrary length to binary strings of fixed
More informationCryptography and Network Security
Cryptography and Network Security CRYPTOGRAPHY AND NETWORK SECURITY PRAKASH C. GUPTA Former Head Department of Information Technology Maharashtra Institute of Technology Pune Delhi-110092 2015 CRYPTOGRAPHY
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationIntroduction to Symmetric Cryptography
Introduction to Symmetric Cryptography Tingting Chen Cal Poly Pomona 1 Some slides are from Dr. Cliff Zou. www.cs.ucf.edu/~czou/cis3360-12/ch08-cryptoconcepts.ppt Basic Cryptography Private Key Cryptography
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationPrivate-Key Encryption
Private-Key Encryption Ali El Kaafarani Mathematical Institute Oxford University 1 of 50 Outline 1 Block Ciphers 2 The Data Encryption Standard (DES) 3 The Advanced Encryption Standard (AES) 4 Attacks
More informationSUMMARY OF INFORMATION ON EACH COURSE
1. Name of Course Applied Cryptography 2. Course Code TAC 3121 3. Status of Course Specialisation Core for B.IT Security Technology [Applies to (cohort) ] 4. MQF Level/Stage Note : Certificate MQF Level
More information