Federal standards NIST FIPS 46-1 DES FIPS 46-2 DES. FIPS 81 Modes of. operation. FIPS 46-3 Triple DES FIPS 197 AES. industry.
|
|
- Geoffrey Sims
- 5 years ago
- Views:
Transcription
1 ECE 646 Lecture 12 Federal Secret- cryptography Banking International Cryptographic Standards NIST FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES X3.92 DES ANSI X3.106 DES modes of operation X9.52 Modes of operation of Triple DES Modes of operation of an n-bit cipher /IEC AES, Camellia, SEED, TDEA, MISTY1, CAST-128, MUGI, SNOW NIST FIPS National Institute of Standards and Technology Federal Information Processing Standards American Federal Standards Required in the government institutions Original algorithms developed in cooperation with the National Security Agency (NSA), and algorithms developed in the open research adapted and approved by NIST. unofficial industry RSA Labs PKCS PKCS Public-Key Cryptography Standards industry IEEE P1363 bank ANSI ANSI X9 international federal NIST FIPS PKCS Public-Key Cryptography Standards Informal Industry Standards developed by RSA Laboratories in cooperation with Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun First, except PGP, formal specification of RSA and formats of messages. IEEE P1363 Working group of IEEE including representatives of major cryptographic companies and university centers from USA, Canada and other countries Part of the Microprocessors Standards Committee Modern, open style Quarterly meetings + multiple teleconferences + + discussion list + very informative web page with the draft versions of
2 IEEE P1363 Combined standard including the majority of modern public cryptography Several algorithms for implementation of the same function Tool for constructing other, more specific Specific applications or implementations may determine a profile (subset) of the standard ANSI X9 American National Standards Institute Work in the subcommittee X9F developing for financial institutions Standards for the wholesale (e.g., interbank) and retail transactions (np. bank machines, smart card readers) ANSI represents U.S.A. in International Organization for Standardization International Common with IEC - International Electrotechnical Commission /IEC JTC1 SC 27 Joint Technical Committee 1, Subcommitte 27 Full members: Australia, Belgium, Brazil, Canada, China, Denmark, Finland, France, Germany, Italy, Japan, Korea, Holland, Norway, Poland, Russia, Spain, Sweden, Switzerland, UK, USA : International Organization for Standardization Long and laborious process of the standard development Minimum 3 years Study period NP - New Proposal WD - Working Draft CD - Committee Draft DIS - Draft International Standard IS - International Standard Review of the standard after 5 years = ratification, corrections or revocation Public- Cryptography Standards IEEE P unofficial industry RSA Labs PKCS PKCS industry IEEE P1363 bank ANSI ANSI X9 international federal Factorization RSA with OAEP RSA & R-W with or 9796 Discrete DSA, NR with 9796 Elliptic curve EC-DSA, EC-NR with 9796 NIST FIPS DH1 DH2 and MQV EC-DH1, EC-DH2 and EC-MQV
3 IEEE P1363a-2004 IEEE P1363a Factorization Discrete Elliptic curve factorization elliptic curve RSA with OAEP RSA with OAEP RSA & R-W with or 9796 DSA, NR with EC-DSA, EC-NR with 9796 RSA & R-W with or 9796 DSA, NR with EC-DSA, EC-NR with 9796 DH1 DH2 & MQV EC-DH1 EC-DH2 & EC-MQV DH1 DH2 & MQV EC-DH1 EC-DH2 & EC-MQV ANSI X9 Standards Industry - PKCS factorization elliptic curve factorization elliptic curve X9.44 RSA PKCS #1 RSA PKCS #13 X9.31 (RSA & R-W) X9.30 DSA X9.62 EC-DSA PKCS #1 (RSA & R-W) PKCS #13 EC-DSA X9.42 DH1, DH2, MQV X9.63 EC-DH1, 2 EC-MQV PKCS #2 DH PKCS #13 EC-DH1, 2 EC-MQV NIST - FIPS International factorization elliptic curve factorization elliptic curve FIPS RSA FIPS DSA FIPS EC-DSA
4 IX.1997 X.2000 AES Cryptographic Standard Contests NESSIE I.2000 XII.2002 CRYPTREC 34 stream 4 HW winners ciphers + 4 SW winners 15 block ciphers 1 winner XI.2004 estream 51 hash functions 1 winner V.2008 XI.2007 X.2012 SHA-3 57 authenticated ciphers multiple winners IV.2013 XII.2017 CAESAR Why a Contest for a Cryptographic Standard? Avoid back-door theories Speed-up the acceptance of the standard Stimulate non-classified research on methods of designing a specific cryptographic transformation Focus the effort of a relatively small cryptographic community time Cryptographic Contests - Evaluation Criteria Security Software Efficiency Hardware Efficiency µprocessors µcontrollers ASICs FPGAs Flexibility Simplicity Licensing Specific Challenges of Evaluations in Cryptographic Contests Very wide range of possible applications, and as a result performance and cost targets speed: cost: tens of Mbits/s to hundreds Gbits/s single cents to thousands of dollars Winner in use for the next years, implemented using technologies not in existence today Large number of candidates Limited time for evaluation The results are final 21 Mitigating Circumstances Performance of competing algorithms tend to very significantly (sometimes as much as 500 times) Only relatively large differences in performance matter (typically at least 20%) Multiple groups independently implement the same algorithms (catching mistakes, comparing best results, etc.) Second best may be good enough AES Contest
5 Each team submits Rules of the Contest AES: Candidate Algorithms Detailed cipher specification Source code in C Justification of design decisions Source code in Java Tentative results of cryptanalysis Test vectors Canada: CAST-256 Deal USA: Mars Safer+ HPC Costa Rica: Frog Germany: Magenta Belgium: France: DFC Israel, UK, Norway: Korea: Crypton Japan: E2 1 Australia: LOKI97 June 1998 AES Contest Timeline 15 Candidates CAST-256, Crypton, Deal, DFC, E2, Frog, HPC, LOKI97, Magenta, Mars,,, Safer+,,, August 1999 October final candidates Mars,, (USA), (Europe) 1 winner: Belgium Round 1 Security Software efficiency Round 2 Security Software efficiency Hardware efficiency NIST Report: Security & Simplicity Security High MARS Adequate Complex Simple Simplicity Efficiency in software: NIST-specified platform 200 MHz Pentium Pro, Borland C++ Throughput [Mbits/s] 128-bit 192-bit bit Mars high medium low NIST Report: Software Efficiency Encryption and Decryption Speed 32-bit processors Mars 64-bit processors Mars DSPs Mars
6 Throughput [Mbit/s] x8 Efficiency in FPGAs: Speed 353 Xilinx Virtex XCV George Mason University University of Southern California Worcester Polytechnic Institute 149 Mars x Efficiency in ASICs: Speed MOSIS 0.5µm, NSA Group Throughput [Mbit/s] bit scheduling in-1 (128, 192, 256 bit) scheduling Mars x Results for ASICs matched very well results for FPGAs, and were both very different than software FPGA Lessons Learned x8 ASIC Lessons Learned Hardware results matter! Final round of the AES Contest, 2000 Speed in FPGAs Votes at the AES 3 conference GMU results x1 x1 GMU+USC, Xilinx Virtex XCV-1000 NSA Team, ASIC, 0.5µm MOSIS fastest in hardware, slowest in software NIST SHA-3 Contest - Timeline SHA-3 Contest candidates Oct Round 1 Round 2 Round July 2009 Dec Oct. 2012
7 Performance Metrics Primary Secondary SHA-3 Round 2 1. Throughput 3. Throughput / Area 2. Area 4. Hash Time for Short Messages (up to 1000 bits) Overall Normalized Throughput: 256-bit variants of algorithms Normalized to SHA-256, Averaged over 10 FPGA families Keccak ECHO Luffa Groestl BMW JH CubeHash Fugue SHAvite-3 Hamsi SIMD BLAKE Skein Shabal 39 BLAKE BMW CubeHash ECHO Fugue Groestl Hamsi JH Keccak Luffa Shabal SHAvite-3 SIMD Skein 256-bit variants 512-bit variants Thr/Area Thr Area Short msg. Thr/Area Thr Area Short msg. 40 SHA-3 Contest Finalists SHA-3 Round 3 41
8 Benchmarking of the SHA-3 Finalists by CERG GMU BLAKE-256 in Virtex 5 6 algorithms (BLAKE, Groestl, JH, Keccak, Skein, SHA-2) 2 variants (with a 256-bit and a 512-bit output) 7 to 12 different architectures per algorithm 4 modern FPGA families (Virtex 5, Virtex 6, Stratix III, Stratix IV) Total: ~ 120 designs ~ 600+ results 43 x1 basic iterative architecture /k(h) horizontal folding by a factor of k xk unrolling by a factor of k /k(v) vertical folding by a factor of k xk-ppln unrolling by a factor of k with n pipeline stages bit variants in Virtex bit variants in Virtex bit variants in 4 high-performance FPGA families 512-bit variants in 4 high-performance FPGA families 47 48
9 GMU/ETH Zurich ASIC SHA-3 in ASICs standard-cell CMOS 65nm UMC ASIC process 256-bit variants of algorithms Taped-out in Oct. 2011, successfully tested in Feb Correlation Between ASIC Results and FPGA Results Correlation Between ASIC Results and FPGA Results ASIC Stratix III FPGA ASIC Stratix III FPGA Authenticated Ciphers Bob Alice IV Message IV Ciphertext Tag CAESAR Contest K AB Authenticated Cipher K AB Authenticated Cipher valid IV Ciphertext Tag Message K AB - Secret of Alice and Bob IV Initialization Vector
10 Bob K AB IV AD IV AD Authenticated Ciphers with Associated Data Message Authenticated Cipher Ciphertext Tag IV K AB AD Ciphertext Authenticated Cipher Message Alice Tag valid Contest Timeline : Deadline for first-round submissions : Deadline for first-round software : Announcement of second-round candidates : Deadline for second-round Verilog/VHDL : Announcement of third-round candidates : Announcement of finalists : Announcement of final portfolio K AB - Secret of Alice and Bob IV Initialization Vector, AD Associated Data Notes for users of cryptographic products (1) Agreement with a standard does not guarantee the security of a cryptographic product! Security = secure algorithms (guaranteed by ) proper choice of parameters secure implementation proper use Notes for users of cryptographic products (2) Agreement with the same standard does not guarantee the compatibility of two cryptographic products! compatibility = the same algorithm (guaranteed by ) the same protocol the same subset of algorithms the same range of parameters
ECE 646 Lecture 12. Cryptographic Standards. Secret-key cryptography standards
ECE 646 Lecture 12 Cryptographic Standards Secret-key cryptography Federal Banking International NIST FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES X3.92 DES
More informationLecture 13. Modern Cryptographic Algorithms. Key Sizes. Cryptographic Standards
Lecture 13 Modern Cryptographic Algorithms Key Sizes Cryptographic Standards Secret-Key Cryptography Modern Secret-Key Ciphers American standards 1980 1990 2000 2010 2020 2030 1977 1999 DES 56 bit key
More informationLecture 13. Modern Cryptographic Algorithms. Key Sizes. Cryptographic Standards. Secret-Key Cryptography. Modern Secret-Key Ciphers
Lecture 13 Modern Cryptographic Algorithms Key Sizes Cryptographic Standards Secret-Key Cryptography Modern Secret-Key Ciphers American standards 1980 1990 2000 2010 2020 2030 1977 1999 DES 56 bit key
More informationUse of Embedded FPGA Resources in Implementa:ons of 14 Round 2 SHA- 3 Candidates
Use of Embedded FPGA Resources in Implementa:ons of 14 Round 2 SHA- 3 Candidates Kris Gaj, Rabia Shahid, Malik Umar Sharif, and Marcin Rogawski George Mason University U.S.A. Co-Authors Rabia Shahid Malik
More informationHardware Architectures
Hardware Architectures Secret-key Cryptography Public-key Cryptography Cryptanalysis AES & AES candidates estream candidates Hash Functions SHA-3 Montgomery Multipliers ECC cryptosystems Pairing-based
More informationLecture 9. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography
Lecture 9 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography 1 Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationLecture 9. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography. Elliptic Curve over GF(p) y 2 =x 3 +x
Lecture 9 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationFast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays
Kris Gaj and Pawel Chodowiec Electrical and Computer Engineering George Mason University Fast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable
More informationComparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware
Comparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware Master s Thesis Pawel Chodowiec MS CpE Candidate, ECE George Mason University Advisor: Dr. Kris Gaj, ECE George
More informationECE 646 Lecture 8. Modes of operation of block ciphers
ECE 646 Lecture 8 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5 th and 6 th Edition, Chapter 6 Block Cipher Operation II. A. Menezes, P.
More informationFast implementations of secret-key block ciphers using mixed inner- and outer-round pipelining
Pawel Chodowiec, Po Khuon, Kris Gaj Electrical and Computer Engineering George Mason University Fast implementations of secret-key block ciphers using mixed inner- and outer-round pipelining http://ece.gmu.edu/crypto-text.htm
More informationVivado HLS Implementation of Round-2 SHA-3 Candidates
Farnoud Farahmand ECE 646 Fall 2015 Vivado HLS Implementation of Round-2 SHA-3 Candidates Introduction NIST announced a public competition on November 2007 to develop a new cryptographic hash algorithm,
More informationLecture 11. Security Protocols. Cryptographic Standards. Companies Developing Cryptographic Hardware
Lecture 11 Security Protocols Cryptographic Standards Companies Developing Cryptographic Hardware Secure Communication Systems (e.g., DMS) Security protocols (e.g., S-MIME, SSL, IPSec) Security mechanisms
More informationEnvironment for Fair and Comprehensive Performance Evalua7on of Cryptographic Hardware and So=ware. ASIC Status Update
Environment for Fair and Comprehensive Performance Evalua7on of Cryptographic Hardware and So=ware ASIC Status Update ECE Department, Virginia Tech Faculty - Patrick Schaumont, Leyla Nazhandali Students
More informationBenchmarking of Cryptographic Algorithms in Hardware. Ekawat Homsirikamol & Kris Gaj George Mason University USA
Benchmarking of Cryptographic Algorithms in Hardware Ekawat Homsirikamol & Kris Gaj George Mason University USA 1 Co-Author Ekawat Homsirikamol a.k.a Ice Working on the PhD Thesis entitled A New Approach
More informationHash functions & MACs
ECE 646 Lecture 11 Hash functions & MACs Required Reading W. Stallings, "Cryptography and Network-Security, Chapter 11 Cryptographic Hash Functions Appendix 11A Mathematical Basis of Birthday Attack Chapter
More information!"#$%&'()*+%&,-%&.*/.&0"&#%(1.*"0* 2+345*!%(,',%6.7*87'()*9/:37* :."&).*A%7"(*8('B.&7'6=* 8C2C3C*
!"#$%&'()*+%&,-%&.*/.&0"&#%(1.*"0* 2+345*!%(,',%6.7*87'()*9/:37* ;&
More informationC vs. VHDL: Benchmarking CAESAR Candidates Using High- Level Synthesis and Register- Transfer Level Methodologies
C vs. VHDL: Benchmarking CAESAR Candidates Using High- Level Synthesis and Register- Transfer Level Methodologies Ekawat Homsirikamol, William Diehl, Ahmed Ferozpuri, Farnoud Farahmand, and Kris Gaj George
More informationECE 545. Digital System Design with VHDL
ECE 545 Digital System Design with VHDL Course web page: ECE web page Courses Course web pages ECE 545 http://ece.gmu.edu/coursewebpages/ece/ece545/f10/ Kris Gaj Research and teaching interests: Contact:
More informationECE 646 Lecture 12. Hash functions & MACs. Digital Signature. Required Reading. Recommended Reading. m message. hash function hash value.
ECE 646 Lecture 12 Required Reading W. Stallings, "Cryptography and Network-Security, Chapter 11 Cryptographic Hash Functions & MACs Appendix 11A Mathematical Basis of Birthday Attack Chapter 12 Message
More informationGroestl Tweaks and their Effect on FPGA Results
Groestl Tweaks and their Effect on FPGA Results Marcin Rogawski and Kris Gaj George Mason University {kgaj, mrogawsk}@gmu.edu Abstract. In January 2011, Groestl team published tweaks to their specification
More informationImplementation & Benchmarking of Padding Units & HMAC for SHA-3 candidates in FPGAs & ASICs
Implementation & Benchmarking of Padding Units & HMAC for SHA-3 candidates in FPGAs & ASICs Ambarish Vyas Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu Department of ECE,
More informationNIST Cryptographic Toolkit
Cryptographic Toolkit Elaine Barker ebarker@nist.gov National InformationSystem Security Conference October 16, 2000 Toolkit Purpose The Cryptographic Toolkit will provide Federal agencies, and others
More informationJaap van Ginkel Security of Systems and Networks
Jaap van Ginkel Security of Systems and Networks November 17, 2016 Part 3 Modern Crypto SSN Modern Cryptography Hashes MD5 SHA Secret key cryptography AES Public key cryptography DES Presentations Minimum
More informationCryptography Trends: A US-Based Perspective. Burt Kaliski, RSA Laboratories IPA/TAO Cryptography Symposium October 20, 2000
Cryptography Trends: A US-Based Perspective Burt Kaliski, RSA Laboratories IPA/TAO Cryptography Symposium October 20, 2000 Outline Advanced Encryption Standard Dominant design Thoughts on key size Advanced
More informationECE 646 Lecture 7. Secret-Key Ciphers. Data Encryption Standard DES
ECE 646 Lecture 7 Secret-Key Ciphers Data Encryption Standard DES 1 NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely
More informationIntroduction to Post-Quantum Cryptography
Introduction to Post-Quantum Cryptography CERG @ GMU http://cryptography.gmu.edu 10 PhD students 3 MS students Features Required from Today s Ciphers STRENGTH PERFORMANCE software hardware FUNCTIONALITY
More informationIntroduction to Post-Quantum Cryptography
Introduction to Post-Quantum Cryptography CERG @ GMU http://cryptography.gmu.edu 10 PhD students 3 MS students 1 Features Required from Today s Ciphers STRENGTH PERFORMANCE software hardware FUNCTIONALITY
More information8/30/17. Introduction to Post-Quantum Cryptography. Features Required from Today s Ciphers. Secret-key (Symmetric) Ciphers
CERG @ GMU http://cryptography.gmu.edu Introduction to Post-Quantum Cryptography 10 PhD students 3 MS students Features Required from Today s Ciphers Secret-key (Symmetric) Ciphers STRENGTH PERFORMANCE
More informationLow-Area Implementations of SHA-3 Candidates
Jens-Peter Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu Department of ECE, Volgenau School of IT&E, George Mason University, Fairfax, VA, USA SHA-3 Project Review Meeting
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationFast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays
Fast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays Kris Gaj and Pawel Chodowiec George Mason University, Electrical and
More informationFair and Comprehensive Methodology for Comparing Hardware Performance of Fourteen Round Two SHA-3 Candidates using FPGAs
Fair and Comprehensive Methodology for Comparing Hardware Performance of Fourteen Round Two SHA-3 Candidates using FPGAs Kris Gaj, Ekawat Homsirikamol, and Marcin Rogawski ECE Department, George Mason
More informationData Encryption Standard
ECE 646 Lecture 6 Data Encryption Standard Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationJaap van Ginkel Security of Systems and Networks
Jaap van Ginkel Security of Systems and Networks November 5, 2012 Part 3 Modern Crypto SSN Week 2 Hashes MD5 SHA Secret key cryptography AES Public key cryptography DES Book Chapter 1 in full Chapter 2
More informationUse of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates
Use of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates Malik Umar Sharif, Rabia Shahid, Marcin Rogawski and Kris Gaj George Mason University, USA Agenda SHA-3 High Speed
More informationData Encryption Standard
ECE 646 Lecture 7 Data Encryption Standard Required Reading W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationLightweight Implementations of SHA-3 Candidates on FPGAs
Lightweight of SHA-3 Candidates on FPGAs Jens-Peter Kaps Panasayya Yalla Kishore Kumar Surapathi Bilal Habib Susheel Vadlamudi Smriti Gurung John Pham Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu
More informationAES Java Technology Comparisons
February 7, 1999 AES Java Technology Comparisons Alan Folmsbee, Sun Microsystems, Inc. Advanced Encryption Standard candidate algorithm comparisons based on the Java technology implementations. 1.0 Introduction
More informationECE 545 Lecture 8b. Hardware Architectures of Secret-Key Block Ciphers and Hash Functions. George Mason University
ECE 545 Lecture 8b Hardware Architectures of Secret-Key Block Ciphers and Hash Functions George Mason University Recommended reading K. Gaj and P. Chodowiec, FPGA and ASIC Implementations of AES, Chapter
More informationFrequently Asked Questions
December 2001 Introduction International Standard ISO/IEC 17799:2000 Information Security Management, Code of Practice for Information Security Management Frequently Asked Questions The National Institute
More informationTwo Hardware Designs of BLAKE-256 Based on Final Round Tweak
Two Hardware Designs of BLAKE-256 Based on Final Round Tweak Muh Syafiq Irsyadi and Shuichi Ichikawa Dept. Knowledge-based Information Engineering Toyohashi University of Technology, Hibarigaoka, Tempaku,
More informationLecture 10. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography. Elliptic Curve over GF(p) y 2 =x 3 +x
Lecture 10 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationIntroduction to Modern Symmetric-Key Ciphers
Introduction to Modern Symmetric-Key Ciphers 1 Objectives Review a short history of DES. Define the basic structure of DES. List DES alternatives. Introduce the basic structure of AES. 2 Data Encryption
More informationA Zynq-based Testbed for the Experimental Benchmarking of Algorithms Competing in Cryptographic Contests
A Zynq-based Testbed for the Experimental Benchmarking of Algorithms Competing in Cryptographic Contests Farnoud Farahmand, Ekawat Homsirikamol, and Kris Gaj George Mason University Fairfax, Virginia 22030
More informationA High-Speed Unified Hardware Architecture for AES and the SHA-3 Candidate Grøstl
A High-Speed Unified Hardware Architecture for AES and the SHA-3 Candidate Grøstl Marcin Rogawski Kris Gaj Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu Department of ECE,
More informationCryptographic Hash Functions
Cryptographic Hash Functions Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 34 Cryptographic Hash Functions A hash function provides message integrity and authentication
More informationWeek 5: Advanced Encryption Standard. Click
Week 5: Advanced Encryption Standard Click http://www.nist.gov/aes 1 History of AES Calendar 1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty
More informationECE 646 Lecture 11. Hash functions & MACs. Digital Signature. message. hash. function. Alice. Bob. Alice s public key. Alice s private key
ECE 646 Lecture 11 Hash functions & MACs Digital Signature Alice Message Signature Message Signature Bob Hash function Hash function Hash value Public key algorithm yes Hash value 1 Hash value 2 no Public
More informationRevisiting the IDEA Philosophy
Revisiting the IDEA Philosophy Pascal Junod 1,2 Marco Macchetti 2 1 University of Applied Sciences Western Switzerland (HES-SO) 2 Nagracard SA, Switzerland FSE 09 Leuven (Belgium), February 24, 2009 Outline
More informationECE 297:11 Reconfigurable Architectures for Computer Security
ECE 297:11 Reconfigurable Architectures for Computer Security Course web page: http://mason.gmu.edu/~kgaj/ece297 Instructors: Kris Gaj (GMU) Tarek El-Ghazawi (GWU) TA: Pawel Chodowiec (GMU) Kris Gaj George
More informationEvaluation of Hardware Performance for the SHA-3 Candidates Using SASEBO-GII
Evaluation of Hardware Performance for the SHA-3 Candidates Using SASEBO-GII Kazuyuki Kobayashi 1, Jun Ikegami 1, Shin ichiro Matsuo 2, Kazuo Sakiyama 1 and Kazuo Ohta 1 1 The University of Electro-Communications,
More informationINTERNATIONAL ELECTROTECHNICAL COMMISSION. IEC TC57 WG15 Data and Communication Security Status & Roadmap. May, Frances Cleveland.
INTERNATIONAL ELECTROTECHNICAL COMMISSION IEC TC57 WG15 Data and Communication Security Status & Roadmap May, 2013 Frances Cleveland Convenor WG15 Mission and Scope of WG15 on Cybersecurity Undertake the
More informationECE 646 Lecture 7. Data Encryption Standard DES. Secret-Key Ciphers. Secret agreement between IBM & NSA, 1974
C 646 Lecture 7 Secret-Key Ciphers Data Standard DS NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely specified -
More informationHardware Benchmarking of Cryptographic Algorithms Using High-Level Synthesis Tools: The SHA-3 Contest Case Study
Hardware Benchmarking of Cryptographic Algorithms Using High-Level Synthesis Tools: The SHA-3 Contest Case Study Ekawat Homsirikamol and Kris Gaj Volgenau School of Engineering George Mason University
More informationUNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE
INFORMATION TECHNOLOGY SECURITY GUIDANCE CRYPTOGRAPHIC ALGORITHMS FOR UNCLASSIFIED, PROTECTED A, AND PROTECTED B INFORMATION ITSP.40.111 August 2016 FOREWORD The Cryptographic Algorithms for UNCLASSIFIED,
More informationElaine Barker and Allen Roginsky NIST June 29, 2010
Elaine Barker and Allen Roginsky NIST June 29, 2010 Background: Cryptography is used to protect sensitive information Attackers are becoming smarter, and computers are becoming more powerful Many commonly
More informationUse of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates
Use of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates Malik Umar Sharif, Rabia Shahid, Marcin Rogawski, Kris Gaj Abstract In this paper, we present results of the comprehensive
More informationECE 646 Cryptography and Computer Network Security. Course web page: Kris Gaj Research and teaching interests: Contact: ECE web page Courses ECE 646
646 Cryptography and Computer Network Security Course web page: web page Courses 646 Kris Gaj Research and teaching interests: cryptography network security computer arithmetic FPGA & ASIC design and testing
More informationIEC TC57 WG15 - Cybersecurity Status & Roadmap
INTERNATIONAL ELECTROTECHNICAL COMMISSION IEC TC57 WG15 - Cybersecurity Status & Roadmap June, 2012 Frances Cleveland Convenor WG15 Mission and Scope of WG15 on Cybersecurity Undertake the development
More informationStatus of the ISO-STEP Initiative for CGNS-Based Fluid Dynamics Standard
Status of the ISO-STEP Initiative for CGNS-Based Fluid Dynamics Standard Presented to the AIAA CGNS Subcommittee January 9, 2001 Raymond R. Senior Technical Fellow Boeing, Phantom Works St. Louis, MO (314)
More informationECC1 Core. Elliptic Curve Point Multiply and Verify Core. General Description. Key Features. Applications. Symbol
General Description Key Features Elliptic Curve Cryptography (ECC) is a public-key cryptographic technology that uses the mathematics of so called elliptic curves and it is a part of the Suite B of cryptographic
More informationSHA-3 interoperability
SHA-3 interoperability Daniel J. Bernstein Department of Computer Science (MC 152) The University of Illinois at Chicago Chicago, IL 60607 7053 djb@cr.yp.to 1 Introduction: You thought software upgrades
More informationKris Gaj Research and teaching interests: ECE 646 Cryptography and Computer Network Security. Course web page: Contact: ECE 646
646 and Computer Network Security Course web page: web page Courses 646 Kris Gaj Research and teaching interests: cryptography network security computer arithmetic FPGA & ASIC design and testing Contact:
More informationSecurity Evaluation of Hash Functions: Gröbner Basis Based Cryptanalysis of SHA-1. Makoto Sugita IPA Security Center
Security Evaluation of Hash Functions: Gröbner Basis Based Cryptanalysis of SHA-1 Makoto Sugita IPA Security Center 1 Part I Japanese Standardization Effort (CRYPTREC) 2 Security evaluation methods and
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationFIPS Security Policy
FIPS 140-2 Security Policy BlackBerry Cryptographic Library Version 2.0.0.10 Document Version 1.2 BlackBerry Certifications, Research In Motion This document may be freely copied and distributed provided
More informationNIST Post- Quantum Cryptography Standardiza9on
NIST Post- Quantum Cryptography Standardiza9on Lily Chen Cryptographic Technology Group Computer Security Division, Informa9on Technology Lab Na9onal Ins9tute of Standards and Technology (NIST) NIST Crypto
More informationPKI Knowledge Dissemination Program. PKI Standards. Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore
PKI Standards Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore Under the Aegis of Controller of Certifying Authorities (CCA) Government of India 1 PKCS Why PKCS? Even
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationHardware Performance Evaluation of SHA-3 Candidate Algorithms
Journal of Information Security, 2012, 3, 69-76 http://dx.doi.org/10.4236/jis.2012.32008 Published Online April 2012 (http://www.scirp.org/journal/jis) Hardware Performance Evaluation of SHA-3 Candidate
More informationThe Role of SANAS in Support of South African Regulatory Objectives. Mr. Mpho Phaloane South African National Accreditation System
The Role of SANAS in Support of South African Regulatory Objectives Mr. Mpho Phaloane South African National Accreditation System Outline of Presentation INTRODUCTION STATUS OF SANAS TECHNICAL INFRASTRUCTURE
More informationSecret Key Algorithms (DES)
Secret Key Algorithms (DES) G. Bertoni L. Breveglieri Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used
More informationASIC Performance Comparison for the ISO Standard Block Ciphers
ASIC Performance Comparison for the ISO Standard Block Ciphers Takeshi Sugawara 1, Naofumi Homma 1, Takafumi Aoki 1, and Akashi Satoh 2 1 Graduate School of Information Sciences, Tohoku University Aoba
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD This is a preview - click here to buy the full publication ISO/IEC 29192-4 First edition 2013-06-01 Information technology Security techniques Lightweight cryptography Part 4: Mechanisms
More informationReport on Evaluation of Symmetric-Key Cryptographic Techniques
Report on Evaluation of Symmetric-Key Cryptographic Techniques May 22, 2003 Toshinobu Kaneko Chair, Symmetric-Key Cryptography Subcommittee (Science University of Tokyo) 1 Symmetric-Key Cryptography Subcommittee(2002)
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationUpdate on NIST Post-Quantum Cryptography Standardization. Lily Chen National Institute of Standards and Technology USA
Update on NIST Post-Quantum Cryptography Standardization Lily Chen National Institute of Standards and Technology USA Where we are? Dec 2016 NIST Announcement of Call for Proposals on post-quantum cryptography
More informationDataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.
Submitted by SPYRUS, Inc. Contents DT5000 and DT6000 Technology Overview...2 Why DT5000 and DT6000 Encryption Is Different...3 Why DT5000 and DT6000 Encryption Is Different - Summary...4 XTS-AES Sector-Based
More informationSMPTE Standards Transition Issues for NIST/FIPS Requirements
SMPTE Standards Transition Issues for NIST/FIPS Requirements Contents 2010.5.20 DRM inside Taehyun Kim 1 Introduction NIST (National Institute of Standards and Technology) published a draft special document
More informationHashes, MACs & Passwords. Tom Chothia Computer Security Lecture 5
Hashes, MACs & Passwords Tom Chothia Computer Security Lecture 5 Today s Lecture Hashes and Message Authentication Codes Properties of Hashes and MACs CBC-MAC, MAC -> HASH (slow), SHA1, SHA2, SHA3 HASH
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 4 The Advanced Encryption Standard (AES) Israel Koren ECE597/697 Koren Part.4.1
More informationInformation technology - Security techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher
INCITS/ISO/IEC 9797-1:2011[2014] (ISO/IEC 9797-1:2011, IDT) Information technology - Security techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher INCITS/ISO/IEC 9797-1:2011[2014]
More informationCryptography. Summer Term 2010
Summer Term 2010 Chapter 2: Hash Functions Contents Definition and basic properties Basic design principles and SHA-1 The SHA-3 competition 2 Contents Definition and basic properties Basic design principles
More informationReport on ISO/IEC/JTC1/SC27 Activities in Digital Identities
International Telecommunication Union ITU-T Report on ISO/IEC/JTC1/SC27 Activities in Digital Identities Dick Brackney ISO/SC27 Liaison Officer to ITU-T SG17 Standards Program Manager, U.S. Dept of Defense
More informationTABLE OF CONTENTS CHAPTER NO. TITLE PAGE NO.
vii TABLE OF CONTENTS CHAPTER NO. TITLE PAGE NO. ABSTRACT LIST OF TABLES LIST OF FIGURES LIST OF SYMBOLS AND ABBREVIATION iii xii xiv xvii 1 INTRODUCTION 1 1.1 GENERAL 1 1.2 TYPES OF WIRELESS COMMUNICATION
More informationA Brief Outlook at Block Ciphers
A Brief Outlook at Block Ciphers Pascal Junod École Polytechnique Fédérale de Lausanne, Suisse CSA 03, Rabat, Maroc, 10-09-2003 Content Generic Concepts DES / AES Cryptanalysis of Block Ciphers Provable
More informationEfficient Hardware Implementations of High Throughput SHA-3 Candidates Keccak, Luffa and Blue Midnight Wish for Single- and Multi-Message Hashing
Efficient Hardware Implementations of High Throughput SHA-3 Candidates Keccak, Luffa and Blue Midnight Wish for Single- and Multi-Message Hashing Abdulkadir Akın, Aydın Aysu, Onur Can Ulusel, and Erkay
More informationInformation technology Security techniques Cryptographic algorithms and security mechanisms conformance testing
INTERNATIONAL STANDARD ISO/IEC 18367 First edition 2016-12-15 Information technology Security techniques Cryptographic algorithms and security mechanisms conformance testing Technologie de l information
More informationECE 646 Cryptography and Computer Network Security. Kris Gaj Research and teaching interests:
646 Cryptography and Computer Network Security Course web page: web page Courses 646 Kris Gaj Research and teaching interests: cryptography network security computer arithmetic FPGA & ASIC design and testing
More informationSHA Core, Xilinx Edition. Core Facts
SHA Core, Xilinx Edition May 3, 2017 Product Specification Algotronix 130-10 Calton Road Edinburgh, Scotland United Kingdom, EH8 8JQ Phone: +44 131 556 9242 E-mail: cores@algotronix.com URL: www.algotronix.com
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationNetwork Working Group Request for Comments: 4162 Category: Standards Track KISA August 2005
Network Working Group Request for Comments: 4162 Category: Standards Track H.J. Lee J.H. Yoon J.I. Lee KISA August 2005 Addition of SEED Cipher Suites to Transport Layer Security (TLS) Status of This Memo
More informationGeneral Overview & Annex 1: Global Smart Grid Inventory
General Overview & Annex 1: Global Smart Grid Inventory 2 nd EU-US Workshop on Smart Grid Assessment Methodologies Washington DC, 7 th November 2011 Michele de Nigris, RSE, ISGAN Chair Russ Conklin, U.S.
More informationSecret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34
Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used for both encryption and decryption.
More informationWeek 4. : Block Ciphers and DES
Week 4. : Block Ciphers and DES Model of Symmetric Cryptosystem Cryptanalyst Adversary M K E Insecure Channel D Plaintext M Ciphertext C Secure Channel Plaintext M Key K Shared Secret Key C = E K (M) D
More informationCubeHash parameter tweak: 10 smaller MAC overhead
CubeHash parameter tweak: 10 smaller MAC overhead Daniel J. Bernstein Department of Computer Science University of Illinois at Chicago Chicago, IL 60607 7045 cubehash@box.cr.yp.to 1 Introduction CubeHashi+r/b+f
More informationGoals of Modern Cryptography
Goals of Modern Cryptography Providing information security: Data Privacy Data Integrity and Authenticity in various computational settings. Data Privacy M Alice Bob The goal is to ensure that the adversary
More informationService withdrawal: Selected IBM ServicePac offerings
Announcement ZS09-0086, dated April 21, 2009 Service withdrawal: Selected IBM offerings Table of contents 1 Overview 9 Announcement countries 8 Withdrawal date Overview Effective April 21, 2009, IBM will
More informationIDEA, RC5. Modes of operation of block ciphers
C 646 - Lecture 8 IDA, RC5 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th dition, Chapter 6 Block Cipher Operation II. A. Menezes, P. van
More information