ECE 646 Lecture 12. Cryptographic Standards. Secret-key cryptography standards
|
|
- Antony Collins
- 5 years ago
- Views:
Transcription
1 ECE 646 Lecture 12 Cryptographic Standards Secret-key cryptography Federal Banking International NIST FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES X3.92 DES ANSI X3.106 DES modes of operation X9.52 Modes of operation of Triple DES ISO ISO Modes of operation of an n-bit cipher ISO/IEC AES, Camellia, SEED, TDEA, MISTY1, CAST-128, MUGI, SNOW NIST FIPS National Institute of Standards and Technology Federal Information Processing Standards American Federal Standards Required in the government institutions Original algorithms developed in cooperation with the National Security Agency (NSA), and algorithms developed in the open research adapted and approved by NIST.
2 Public-Key Cryptography Standards unofficial industry RSA Labs PKCS PKCS industry IEEE P1363 bank ANSI ANSI X9 international ISO ISO federal NIST FIPS PKCS Public-Key Cryptography Standards Informal Industry Standards developed by RSA Laboratories in cooperation with Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun First, except PGP, formal specification of RSA and formats of messages. IEEE P1363 Working group of IEEE including representatives of major cryptographic companies and university centers from USA, Canada and other countries Part of the Microprocessors Standards Committee Modern, open style Quarterly meetings + multiple teleconferences + + discussion list + very informative web page with the draft versions of
3 IEEE P1363 Combined standard including the majority of modern public key cryptography Several algorithms for implementation of the same function Tool for constructing other, more specific Specific applications or implementations may determine a profile (subset) of the standard ANSI X9 American National Standards Institute Work in the subcommittee X9F developing for financial institutions Standards for the wholesale (e.g., interbank) and retail transactions (np. bank machines, smart card readers) ANSI represents U.S.A. in ISO ISO International Organization for Standardization International Common with IEC - International Electrotechnical Commission ISO/IEC JTC1 SC 27 Joint Technical Committee 1, Subcommitte 27 Full members: Australia, Belgium, Brazil, Canada, China, Denmark, Finland, France, Germany, Italy, Japan, Korea, Holland, Norway, Poland, Russia, Spain, Sweden, Switzerland, UK, USA
4 ISO: International Organization for Standardization Long and laborious process of the standard development Minimum 3 years Study period NP - New Proposal WD - Working Draft CD - Committee Draft DIS - Draft International Standard IS - International Standard Review of the standard after 5 years = ratification, corrections or revocation Public-key Cryptography Standards unofficial industry RSA Labs PKCS PKCS industry IEEE P1363 bank ANSI ANSI X9 international ISO ISO federal NIST FIPS IEEE P Factorization Discrete Elliptic curve discrete encryption RSA with OAEP signature key agreement RSA & R-W with ISO or ISO 9796 DSA, NR with ISO 9796 DH1 DH2 and MQV EC-DSA, EC-NR with ISO 9796 EC-DH1, EC-DH2 and EC-MQV
5 IEEE P1363a-2004 Factorization Discrete Elliptic curve discrete encryption RSA with OAEP new scheme new scheme signature RSA & R-W with ISO or ISO 9796 DSA, NR with ISO-9796 EC-DSA, EC-NR with ISO 9796 key agreement DH1 DH2 & MQV EC-DH1 EC-DH2 & EC-MQV IEEE P1363a factorization discrete elliptic curve discrete encryption RSA with OAEP new scheme new scheme signature RSA & R-W with ISO or ISO 9796 DSA, NR with ISO-9796 EC-DSA, EC-NR with ISO 9796 key agreement new scheme DH1 DH2 & MQV EC-DH1 EC-DH2 & EC-MQV ANSI X9 Standards factorization discrete elliptic curve discrete encryption X9.44 RSA signature X9.31 (RSA & R-W) X9.30 DSA X9.62 EC-DSA key agreement X9.42 DH1, DH2, MQV X9.63 EC-DH1, 2 EC-MQV
6 Industry - PKCS factorization discrete elliptic curve discrete encryption PKCS #1 RSA PKCS #13 new scheme signature PKCS #1 (RSA & R-W) PKCS #13 EC-DSA key agreement PKCS #2 DH PKCS #13 EC-DH1, 2 EC-MQV NIST - FIPS factorization discrete elliptic curve discrete encryption signature FIPS RSA FIPS DSA FIPS EC-DSA key agreement International ISO factorization discrete elliptic curve discrete encryption signature ISO ISO ISO ISO ISO ISO key agreement ISO ISO
7 IX.1997 X.2000 AES Cryptographic Standard Contests NESSIE I.2000 XII.2002 CRYPTREC 34 stream 4 HW winners ciphers + 4 SW winners 15 block ciphers 1 winner XI.2004 estream 51 hash functions 1 winner V.2008 XI.2007 X.2012 SHA-3 57 authenticated ciphers multiple winners IV.2013 XII.2017 CAESAR time Why a Contest for a Cryptographic Standard? Avoid back-door theories Speed-up the acceptance of the standard Stimulate non-classified research on methods of designing a specific cryptographic transformation Focus the effort of a relatively small cryptographic community Cryptographic Contests - Evaluation Criteria Security Software Efficiency Hardware Efficiency µprocessors µcontrollers ASICs FPGAs Flexibility Simplicity Licensing 21
8 Specific Challenges of Evaluations in Cryptographic Contests Very wide range of possible applications, and as a result performance and cost targets speed: cost: tens of Mbits/s to hundreds Gbits/s single cents to thousands of dollars Winner in use for the next years, implemented using technologies not in existence today Large number of candidates Limited time for evaluation The results are final Mitigating Circumstances Performance of competing algorithms tend to very significantly (sometimes as much as 500 times) Only relatively large differences in performance matter (typically at least 20%) Multiple groups independently implement the same algorithms (catching mistakes, comparing best results, etc.) Second best may be good enough AES Contest
9 Rules of the Contest Each team submits Detailed cipher specification Justification of design decisions Tentative results of cryptanalysis Source code in C Source code in Java Test vectors AES: Candidate Algorithms Canada: CAST-256 Deal USA: Mars RC6 Twofish Safer+ HPC Costa Rica: Frog Germany: Magenta Belgium: Rijndael France: DFC Israel, UK, Norway: Serpent Korea: Crypton Japan: E2 1 Australia: LOKI97 AES Contest Timeline June Candidates CAST-256, Crypton, Deal, DFC, E2, Frog, HPC, LOKI97, Magenta, Mars, RC6, Rijndael, Safer+, Serpent, Twofish, August 1999 October final candidates Mars, RC6, Twofish (USA) Rijndael, Serpent (Europe) 1 winner: Rijndael Belgium Round 1 Security Software efficiency Round 2 Security Software efficiency Hardware efficiency
10 NIST Report: Security & Simplicity Security High MARS Twofish Serpent Adequate Rijndael RC6 Complex Simple Simplicity Efficiency in software: NIST-specified platform 200 MHz Pentium Pro, Borland C++ Throughput [Mbits/s] 128-bit key 192-bit key bit key Rijndael RC6 Twofish Mars Serpent NIST Report: Software Efficiency Encryption and Decryption Speed 32-bit processors 64-bit processors DSPs high RC6 Rijndael Twofish Rijndael Twofish medium Rijndael Mars Twofish Mars RC6 Mars RC6 low Serpent Serpent Serpent
11 Throughput [Mbit/s] Serpent x8 Efficiency in FPGAs: Speed 353 Xilinx Virtex XCV George Mason University University of Southern California Worcester Polytechnic Institute 149 Rijndael Twofish Serpent RC6 Mars x Throughput [Mbit/s] Efficiency in ASICs: Speed MOSIS 0.5µm, NSA Group 128-bit key scheduling 3-in-1 (128, 192, 256 bit) key scheduling Rijndael Serpent Twofish RC6 Mars x1 Lessons Learned Results for ASICs matched very well results for FPGAs, and were both very different than software FPGA ASIC x8 x1 x1 GMU+USC, Xilinx Virtex XCV-1000 NSA Team, ASIC, 0.5µm MOSIS Serpent fastest in hardware, slowest in software
12 Lessons Learned Hardware results matter! Final round of the AES Contest, 2000 Speed in FPGAs GMU results Votes at the AES 3 conference SHA-3 Contest NIST SHA-3 Contest - Timeline 51 candidates Round 1 Round 2 Round Oct July 2009 Dec Oct. 2012
13 SHA-3 Round 2 37 Performance Metrics Primary Secondary 1. Throughput 2. Area 3. Throughput / Area 4. Hash Time for Short Messages (up to 1000 bits) 38 Overall Normalized Throughput: 256-bit variants of algorithms Normalized to SHA-256, Averaged over 10 FPGA families Keccak ECHO Luffa Groestl BMW JH CubeHash Fugue SHAvite-3 Hamsi SIMD BLAKE Skein Shabal
14 BLAKE BMW CubeHash ECHO Fugue Groestl Hamsi JH Keccak Luffa Shabal SHAvite-3 SIMD Skein 256-bit variants 512-bit variants Thr/Area Thr Area Short msg. Thr/Area Thr Area Short msg. 40 SHA-3 Round 3 41 SHA-3 Contest Finalists
15 Benchmarking of the SHA-3 Finalists by CERG GMU 6 algorithms (BLAKE, Groestl, JH, Keccak, Skein, SHA-2) 2 variants (with a 256-bit and a 512-bit output) 7 to 12 different architectures per algorithm 4 modern FPGA families (Virtex 5, Virtex 6, Stratix III, Stratix IV) Total: ~ 120 designs ~ 600+ results 43 BLAKE-256 in Virtex 5 x1 basic iterative architecture /k(h) horizontal folding by a factor of k xk unrolling by a factor of k /k(v) vertical folding by a factor of k xk-ppln unrolling by a factor of k with n pipeline stages bit variants in Virtex 5 45
16 512-bit variants in Virtex bit variants in 4 high-performance FPGA families bit variants in 4 high-performance FPGA families 48
17 SHA-3 in ASICs 49 GMU/ETH Zurich ASIC standard-cell CMOS 65nm UMC ASIC process 256-bit variants of algorithms Taped-out in Oct. 2011, successfully tested in Feb Correlation Between ASIC Results and FPGA Results ASIC Stratix III FPGA 51
18 Correlation Between ASIC Results and FPGA Results ASIC Stratix III FPGA 52 CAESAR Contest Authenticated Ciphers Bob Alice IV Message IV Ciphertext Tag K AB Authenticated Cipher K AB Authenticated Cipher valid IV Ciphertext Tag Message K AB - Secret key of Alice and Bob IV Initialization Vector
19 Authenticated Ciphers with Associated Data Bob Alice IV AD Message IV AD Ciphertext Tag K AB Authenticated Cipher K AB Authenticated Cipher valid IV AD Ciphertext Tag Message K AB - Secret key of Alice and Bob IV Initialization Vector, AD Associated Data Contest Timeline : Deadline for first-round submissions : Deadline for first-round software : Announcement of second-round candidates : Deadline for second-round Verilog/VHDL : Announcement of third-round candidates : Announcement of finalists : Announcement of final portfolio Notes for users of cryptographic products (1) Agreement with a standard does not guarantee the security of a cryptographic product! Security = secure algorithms (guaranteed by ) proper choice of parameters secure implementation proper use
20 Notes for users of cryptographic products (2) Agreement with the same standard does not guarantee the compatibility of two cryptographic products! compatibility = the same algorithm (guaranteed by ) the same protocol the same subset of algorithms the same range of parameters
Federal standards NIST FIPS 46-1 DES FIPS 46-2 DES. FIPS 81 Modes of. operation. FIPS 46-3 Triple DES FIPS 197 AES. industry.
ECE 646 Lecture 12 Federal Secret- cryptography Banking International Cryptographic Standards NIST FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES X3.92 DES ANSI
More informationLecture 13. Modern Cryptographic Algorithms. Key Sizes. Cryptographic Standards
Lecture 13 Modern Cryptographic Algorithms Key Sizes Cryptographic Standards Secret-Key Cryptography Modern Secret-Key Ciphers American standards 1980 1990 2000 2010 2020 2030 1977 1999 DES 56 bit key
More informationLecture 13. Modern Cryptographic Algorithms. Key Sizes. Cryptographic Standards. Secret-Key Cryptography. Modern Secret-Key Ciphers
Lecture 13 Modern Cryptographic Algorithms Key Sizes Cryptographic Standards Secret-Key Cryptography Modern Secret-Key Ciphers American standards 1980 1990 2000 2010 2020 2030 1977 1999 DES 56 bit key
More informationHardware Architectures
Hardware Architectures Secret-key Cryptography Public-key Cryptography Cryptanalysis AES & AES candidates estream candidates Hash Functions SHA-3 Montgomery Multipliers ECC cryptosystems Pairing-based
More informationUse of Embedded FPGA Resources in Implementa:ons of 14 Round 2 SHA- 3 Candidates
Use of Embedded FPGA Resources in Implementa:ons of 14 Round 2 SHA- 3 Candidates Kris Gaj, Rabia Shahid, Malik Umar Sharif, and Marcin Rogawski George Mason University U.S.A. Co-Authors Rabia Shahid Malik
More informationFast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays
Kris Gaj and Pawel Chodowiec Electrical and Computer Engineering George Mason University Fast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable
More informationLecture 9. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography
Lecture 9 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography 1 Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationLecture 9. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography. Elliptic Curve over GF(p) y 2 =x 3 +x
Lecture 9 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationComparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware
Comparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware Master s Thesis Pawel Chodowiec MS CpE Candidate, ECE George Mason University Advisor: Dr. Kris Gaj, ECE George
More informationFast implementations of secret-key block ciphers using mixed inner- and outer-round pipelining
Pawel Chodowiec, Po Khuon, Kris Gaj Electrical and Computer Engineering George Mason University Fast implementations of secret-key block ciphers using mixed inner- and outer-round pipelining http://ece.gmu.edu/crypto-text.htm
More informationECE 646 Lecture 8. Modes of operation of block ciphers
ECE 646 Lecture 8 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5 th and 6 th Edition, Chapter 6 Block Cipher Operation II. A. Menezes, P.
More informationLecture 11. Security Protocols. Cryptographic Standards. Companies Developing Cryptographic Hardware
Lecture 11 Security Protocols Cryptographic Standards Companies Developing Cryptographic Hardware Secure Communication Systems (e.g., DMS) Security protocols (e.g., S-MIME, SSL, IPSec) Security mechanisms
More informationVivado HLS Implementation of Round-2 SHA-3 Candidates
Farnoud Farahmand ECE 646 Fall 2015 Vivado HLS Implementation of Round-2 SHA-3 Candidates Introduction NIST announced a public competition on November 2007 to develop a new cryptographic hash algorithm,
More information!"#$%&'()*+%&,-%&.*/.&0"&#%(1.*"0* 2+345*!%(,',%6.7*87'()*9/:37* :."&).*A%7"(*8('B.&7'6=* 8C2C3C*
!"#$%&'()*+%&,-%&.*/.&0"&#%(1.*"0* 2+345*!%(,',%6.7*87'()*9/:37* ;&
More informationCryptography Trends: A US-Based Perspective. Burt Kaliski, RSA Laboratories IPA/TAO Cryptography Symposium October 20, 2000
Cryptography Trends: A US-Based Perspective Burt Kaliski, RSA Laboratories IPA/TAO Cryptography Symposium October 20, 2000 Outline Advanced Encryption Standard Dominant design Thoughts on key size Advanced
More informationECE 545. Digital System Design with VHDL
ECE 545 Digital System Design with VHDL Course web page: ECE web page Courses Course web pages ECE 545 http://ece.gmu.edu/coursewebpages/ece/ece545/f10/ Kris Gaj Research and teaching interests: Contact:
More informationEnvironment for Fair and Comprehensive Performance Evalua7on of Cryptographic Hardware and So=ware. ASIC Status Update
Environment for Fair and Comprehensive Performance Evalua7on of Cryptographic Hardware and So=ware ASIC Status Update ECE Department, Virginia Tech Faculty - Patrick Schaumont, Leyla Nazhandali Students
More informationBenchmarking of Cryptographic Algorithms in Hardware. Ekawat Homsirikamol & Kris Gaj George Mason University USA
Benchmarking of Cryptographic Algorithms in Hardware Ekawat Homsirikamol & Kris Gaj George Mason University USA 1 Co-Author Ekawat Homsirikamol a.k.a Ice Working on the PhD Thesis entitled A New Approach
More informationHash functions & MACs
ECE 646 Lecture 11 Hash functions & MACs Required Reading W. Stallings, "Cryptography and Network-Security, Chapter 11 Cryptographic Hash Functions Appendix 11A Mathematical Basis of Birthday Attack Chapter
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationNIST Cryptographic Toolkit
Cryptographic Toolkit Elaine Barker ebarker@nist.gov National InformationSystem Security Conference October 16, 2000 Toolkit Purpose The Cryptographic Toolkit will provide Federal agencies, and others
More informationECE 646 Lecture 7. Secret-Key Ciphers. Data Encryption Standard DES
ECE 646 Lecture 7 Secret-Key Ciphers Data Encryption Standard DES 1 NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely
More informationC vs. VHDL: Benchmarking CAESAR Candidates Using High- Level Synthesis and Register- Transfer Level Methodologies
C vs. VHDL: Benchmarking CAESAR Candidates Using High- Level Synthesis and Register- Transfer Level Methodologies Ekawat Homsirikamol, William Diehl, Ahmed Ferozpuri, Farnoud Farahmand, and Kris Gaj George
More informationECE 646 Lecture 12. Hash functions & MACs. Digital Signature. Required Reading. Recommended Reading. m message. hash function hash value.
ECE 646 Lecture 12 Required Reading W. Stallings, "Cryptography and Network-Security, Chapter 11 Cryptographic Hash Functions & MACs Appendix 11A Mathematical Basis of Birthday Attack Chapter 12 Message
More informationAES Java Technology Comparisons
February 7, 1999 AES Java Technology Comparisons Alan Folmsbee, Sun Microsystems, Inc. Advanced Encryption Standard candidate algorithm comparisons based on the Java technology implementations. 1.0 Introduction
More informationFast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays
Fast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays Kris Gaj and Pawel Chodowiec George Mason University, Electrical and
More informationData Encryption Standard
ECE 646 Lecture 6 Data Encryption Standard Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationImplementation & Benchmarking of Padding Units & HMAC for SHA-3 candidates in FPGAs & ASICs
Implementation & Benchmarking of Padding Units & HMAC for SHA-3 candidates in FPGAs & ASICs Ambarish Vyas Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu Department of ECE,
More informationGroestl Tweaks and their Effect on FPGA Results
Groestl Tweaks and their Effect on FPGA Results Marcin Rogawski and Kris Gaj George Mason University {kgaj, mrogawsk}@gmu.edu Abstract. In January 2011, Groestl team published tweaks to their specification
More informationJaap van Ginkel Security of Systems and Networks
Jaap van Ginkel Security of Systems and Networks November 5, 2012 Part 3 Modern Crypto SSN Week 2 Hashes MD5 SHA Secret key cryptography AES Public key cryptography DES Book Chapter 1 in full Chapter 2
More informationData Encryption Standard
ECE 646 Lecture 7 Data Encryption Standard Required Reading W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationJaap van Ginkel Security of Systems and Networks
Jaap van Ginkel Security of Systems and Networks November 17, 2016 Part 3 Modern Crypto SSN Modern Cryptography Hashes MD5 SHA Secret key cryptography AES Public key cryptography DES Presentations Minimum
More informationWeek 5: Advanced Encryption Standard. Click
Week 5: Advanced Encryption Standard Click http://www.nist.gov/aes 1 History of AES Calendar 1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty
More informationIntroduction to Modern Symmetric-Key Ciphers
Introduction to Modern Symmetric-Key Ciphers 1 Objectives Review a short history of DES. Define the basic structure of DES. List DES alternatives. Introduce the basic structure of AES. 2 Data Encryption
More informationIntroduction to Post-Quantum Cryptography
Introduction to Post-Quantum Cryptography CERG @ GMU http://cryptography.gmu.edu 10 PhD students 3 MS students Features Required from Today s Ciphers STRENGTH PERFORMANCE software hardware FUNCTIONALITY
More informationIntroduction to Post-Quantum Cryptography
Introduction to Post-Quantum Cryptography CERG @ GMU http://cryptography.gmu.edu 10 PhD students 3 MS students 1 Features Required from Today s Ciphers STRENGTH PERFORMANCE software hardware FUNCTIONALITY
More information8/30/17. Introduction to Post-Quantum Cryptography. Features Required from Today s Ciphers. Secret-key (Symmetric) Ciphers
CERG @ GMU http://cryptography.gmu.edu Introduction to Post-Quantum Cryptography 10 PhD students 3 MS students Features Required from Today s Ciphers Secret-key (Symmetric) Ciphers STRENGTH PERFORMANCE
More informationFair and Comprehensive Methodology for Comparing Hardware Performance of Fourteen Round Two SHA-3 Candidates using FPGAs
Fair and Comprehensive Methodology for Comparing Hardware Performance of Fourteen Round Two SHA-3 Candidates using FPGAs Kris Gaj, Ekawat Homsirikamol, and Marcin Rogawski ECE Department, George Mason
More informationLow-Area Implementations of SHA-3 Candidates
Jens-Peter Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu Department of ECE, Volgenau School of IT&E, George Mason University, Fairfax, VA, USA SHA-3 Project Review Meeting
More informationFrequently Asked Questions
December 2001 Introduction International Standard ISO/IEC 17799:2000 Information Security Management, Code of Practice for Information Security Management Frequently Asked Questions The National Institute
More informationECE 545 Lecture 8b. Hardware Architectures of Secret-Key Block Ciphers and Hash Functions. George Mason University
ECE 545 Lecture 8b Hardware Architectures of Secret-Key Block Ciphers and Hash Functions George Mason University Recommended reading K. Gaj and P. Chodowiec, FPGA and ASIC Implementations of AES, Chapter
More informationLightweight Implementations of SHA-3 Candidates on FPGAs
Lightweight of SHA-3 Candidates on FPGAs Jens-Peter Kaps Panasayya Yalla Kishore Kumar Surapathi Bilal Habib Susheel Vadlamudi Smriti Gurung John Pham Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu
More informationUse of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates
Use of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates Malik Umar Sharif, Rabia Shahid, Marcin Rogawski and Kris Gaj George Mason University, USA Agenda SHA-3 High Speed
More informationECE 646 Lecture 7. Data Encryption Standard DES. Secret-Key Ciphers. Secret agreement between IBM & NSA, 1974
C 646 Lecture 7 Secret-Key Ciphers Data Standard DS NBS public request for a standard cryptographic algorithm May 15, 1973, August 27, 1974 The algorithm must be: secure public - completely specified -
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationLecture 10. Public Key Cryptography: Algorithms, Key Sizes, & Standards. Public-Key Cryptography. Elliptic Curve over GF(p) y 2 =x 3 +x
Lecture 10 Public Key Cryptography: Algorithms, Key Sizes, & Standards Public-Key Cryptography Bases of the public cryptosystems security Factorization Discrete Logarithm Elliptic Curve Discrete Logarithm
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 4 The Advanced Encryption Standard (AES) Israel Koren ECE597/697 Koren Part.4.1
More informationECE 297:11 Reconfigurable Architectures for Computer Security
ECE 297:11 Reconfigurable Architectures for Computer Security Course web page: http://mason.gmu.edu/~kgaj/ece297 Instructors: Kris Gaj (GMU) Tarek El-Ghazawi (GWU) TA: Pawel Chodowiec (GMU) Kris Gaj George
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationA Brief Outlook at Block Ciphers
A Brief Outlook at Block Ciphers Pascal Junod École Polytechnique Fédérale de Lausanne, Suisse CSA 03, Rabat, Maroc, 10-09-2003 Content Generic Concepts DES / AES Cryptanalysis of Block Ciphers Provable
More informationPKI Knowledge Dissemination Program. PKI Standards. Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore
PKI Standards Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore Under the Aegis of Controller of Certifying Authorities (CCA) Government of India 1 PKCS Why PKCS? Even
More informationTwo Hardware Designs of BLAKE-256 Based on Final Round Tweak
Two Hardware Designs of BLAKE-256 Based on Final Round Tweak Muh Syafiq Irsyadi and Shuichi Ichikawa Dept. Knowledge-based Information Engineering Toyohashi University of Technology, Hibarigaoka, Tempaku,
More informationCryptographic Hash Functions
Cryptographic Hash Functions Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 34 Cryptographic Hash Functions A hash function provides message integrity and authentication
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationFIPS Security Policy
FIPS 140-2 Security Policy BlackBerry Cryptographic Library Version 2.0.0.10 Document Version 1.2 BlackBerry Certifications, Research In Motion This document may be freely copied and distributed provided
More informationIEC TC57 WG15 - Cybersecurity Status & Roadmap
INTERNATIONAL ELECTROTECHNICAL COMMISSION IEC TC57 WG15 - Cybersecurity Status & Roadmap June, 2012 Frances Cleveland Convenor WG15 Mission and Scope of WG15 on Cybersecurity Undertake the development
More informationUnderstanding Cryptography by Christof Paar and Jan Pelzl. Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 2009
Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 29 These slides were prepared by Daehyun Strobel, Christof
More informationECE 646 Lecture 11. Hash functions & MACs. Digital Signature. message. hash. function. Alice. Bob. Alice s public key. Alice s private key
ECE 646 Lecture 11 Hash functions & MACs Digital Signature Alice Message Signature Message Signature Bob Hash function Hash function Hash value Public key algorithm yes Hash value 1 Hash value 2 no Public
More informationWeek 4. : Block Ciphers and DES
Week 4. : Block Ciphers and DES Model of Symmetric Cryptosystem Cryptanalyst Adversary M K E Insecure Channel D Plaintext M Ciphertext C Secure Channel Plaintext M Key K Shared Secret Key C = E K (M) D
More informationAnalysis, demands, and properties of pseudorandom number generators
Analysis, demands, and properties of pseudorandom number generators Jan Krhovják Department of Computer Systems and Communications Faculty of Informatics, Masaryk University Brno, Czech Republic Jan Krhovják
More informationBlock Ciphers. Lucifer, DES, RC5, AES. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk Block Ciphers 1
Block Ciphers Lucifer, DES, RC5, AES CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk Block Ciphers 1 ... Block Ciphers & S-P Networks Block Ciphers: Substitution ciphers
More informationRevisiting the IDEA Philosophy
Revisiting the IDEA Philosophy Pascal Junod 1,2 Marco Macchetti 2 1 University of Applied Sciences Western Switzerland (HES-SO) 2 Nagracard SA, Switzerland FSE 09 Leuven (Belgium), February 24, 2009 Outline
More informationA High-Speed Unified Hardware Architecture for AES and the SHA-3 Candidate Grøstl
A High-Speed Unified Hardware Architecture for AES and the SHA-3 Candidate Grøstl Marcin Rogawski Kris Gaj Cryptographic Engineering Research Group (CERG) http://cryptography.gmu.edu Department of ECE,
More informationA Zynq-based Testbed for the Experimental Benchmarking of Algorithms Competing in Cryptographic Contests
A Zynq-based Testbed for the Experimental Benchmarking of Algorithms Competing in Cryptographic Contests Farnoud Farahmand, Ekawat Homsirikamol, and Kris Gaj George Mason University Fairfax, Virginia 22030
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD This is a preview - click here to buy the full publication ISO/IEC 29192-4 First edition 2013-06-01 Information technology Security techniques Lightweight cryptography Part 4: Mechanisms
More informationReport on Evaluation of Symmetric-Key Cryptographic Techniques
Report on Evaluation of Symmetric-Key Cryptographic Techniques May 22, 2003 Toshinobu Kaneko Chair, Symmetric-Key Cryptography Subcommittee (Science University of Tokyo) 1 Symmetric-Key Cryptography Subcommittee(2002)
More informationElaine Barker and Allen Roginsky NIST June 29, 2010
Elaine Barker and Allen Roginsky NIST June 29, 2010 Background: Cryptography is used to protect sensitive information Attackers are becoming smarter, and computers are becoming more powerful Many commonly
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationInformation technology Security techniques Cryptographic algorithms and security mechanisms conformance testing
INTERNATIONAL STANDARD ISO/IEC 18367 First edition 2016-12-15 Information technology Security techniques Cryptographic algorithms and security mechanisms conformance testing Technologie de l information
More informationKris Gaj. Research and teaching interests: cryptography computer arithmetic FPGA design and verification
Kris Gaj Research and teaching interests: Contact: cryptography computer arithmetic FPGA design and verification Engineering Bldg., room 3225 kgaj@gmu.edu (703) 993-1575 Office hours: Monday, 3:00-4:00
More informationLecture 5. Encryption Continued... Why not 2-DES?
Lecture 5 Encryption Continued... 1 Why not 2-DES? 2DES: C = DES ( K1, DES ( K2, P ) ) Seems to be hard to break by brute force, approx. 2 111 trials Assume Eve is trying to break 2DES and has a single
More informationASIC Performance Comparison for the ISO Standard Block Ciphers
ASIC Performance Comparison for the ISO Standard Block Ciphers Takeshi Sugawara 1, Naofumi Homma 1, Takafumi Aoki 1, and Akashi Satoh 2 1 Graduate School of Information Sciences, Tohoku University Aoba
More informationEfficient Hardware Design and Implementation of AES Cryptosystem
Efficient Hardware Design and Implementation of AES Cryptosystem PRAVIN B. GHEWARI 1 MRS. JAYMALA K. PATIL 1 AMIT B. CHOUGULE 2 1 Department of Electronics & Telecommunication 2 Department of Computer
More informationINTERNATIONAL ELECTROTECHNICAL COMMISSION. IEC TC57 WG15 Data and Communication Security Status & Roadmap. May, Frances Cleveland.
INTERNATIONAL ELECTROTECHNICAL COMMISSION IEC TC57 WG15 Data and Communication Security Status & Roadmap May, 2013 Frances Cleveland Convenor WG15 Mission and Scope of WG15 on Cybersecurity Undertake the
More informationUNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE
INFORMATION TECHNOLOGY SECURITY GUIDANCE CRYPTOGRAPHIC ALGORITHMS FOR UNCLASSIFIED, PROTECTED A, AND PROTECTED B INFORMATION ITSP.40.111 August 2016 FOREWORD The Cryptographic Algorithms for UNCLASSIFIED,
More informationStatus of the ISO-STEP Initiative for CGNS-Based Fluid Dynamics Standard
Status of the ISO-STEP Initiative for CGNS-Based Fluid Dynamics Standard Presented to the AIAA CGNS Subcommittee January 9, 2001 Raymond R. Senior Technical Fellow Boeing, Phantom Works St. Louis, MO (314)
More informationNIST Post- Quantum Cryptography Standardiza9on
NIST Post- Quantum Cryptography Standardiza9on Lily Chen Cryptographic Technology Group Computer Security Division, Informa9on Technology Lab Na9onal Ins9tute of Standards and Technology (NIST) NIST Crypto
More informationECE 646 Cryptography and Computer Network Security. Course web page: Kris Gaj Research and teaching interests: Contact: ECE web page Courses ECE 646
646 Cryptography and Computer Network Security Course web page: web page Courses 646 Kris Gaj Research and teaching interests: cryptography network security computer arithmetic FPGA & ASIC design and testing
More informationSecurity Evaluation of Hash Functions: Gröbner Basis Based Cryptanalysis of SHA-1. Makoto Sugita IPA Security Center
Security Evaluation of Hash Functions: Gröbner Basis Based Cryptanalysis of SHA-1 Makoto Sugita IPA Security Center 1 Part I Japanese Standardization Effort (CRYPTREC) 2 Security evaluation methods and
More informationECC1 Core. Elliptic Curve Point Multiply and Verify Core. General Description. Key Features. Applications. Symbol
General Description Key Features Elliptic Curve Cryptography (ECC) is a public-key cryptographic technology that uses the mathematics of so called elliptic curves and it is a part of the Suite B of cryptographic
More informationEvaluation of Hardware Performance for the SHA-3 Candidates Using SASEBO-GII
Evaluation of Hardware Performance for the SHA-3 Candidates Using SASEBO-GII Kazuyuki Kobayashi 1, Jun Ikegami 1, Shin ichiro Matsuo 2, Kazuo Sakiyama 1 and Kazuo Ohta 1 1 The University of Electro-Communications,
More informationLecture 2: Secret Key Cryptography
T-79.159 Cryptography and Data Security Lecture 2: Secret Key Cryptography Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi 1 Reminder: Communication Model Adversary Eve Cipher, Encryption
More informationInformation technology - Security techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher
INCITS/ISO/IEC 9797-1:2011[2014] (ISO/IEC 9797-1:2011, IDT) Information technology - Security techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher INCITS/ISO/IEC 9797-1:2011[2014]
More informationKris Gaj Research and teaching interests: ECE 646 Cryptography and Computer Network Security. Course web page: Contact: ECE 646
646 and Computer Network Security Course web page: web page Courses 646 Kris Gaj Research and teaching interests: cryptography network security computer arithmetic FPGA & ASIC design and testing Contact:
More informationHardware Benchmarking of Cryptographic Algorithms Using High-Level Synthesis Tools: The SHA-3 Contest Case Study
Hardware Benchmarking of Cryptographic Algorithms Using High-Level Synthesis Tools: The SHA-3 Contest Case Study Ekawat Homsirikamol and Kris Gaj Volgenau School of Engineering George Mason University
More informationAdvanced Crypto. 2. Public key, private key and key exchange. Author: Prof Bill Buchanan
Advanced Crypto 2. Public key, private key and key exchange. Bob Alice Key Entropy. Key generators. Private key (AES, Twofish, CAST, IDEA, Blowfish, DES, 3DES, RC2, RC4/RC5, Skipjack, Camellia, Affine).
More informationSymmetric-Key Cryptographic Technique Evaluation Policy
Symmetric-Key Cryptographic Technique Evaluation Policy Toshinobu Kaneko Chair, Symmetric-Key Subcommittee (Science University of Tokyo) Symmetric-Key Cryptography Subcommittee K.Araki (TIT) T.Kaneko (SUT)
More informationUse of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates
Use of Embedded FPGA Resources in Implementations of Five Round Three SHA-3 Candidates Malik Umar Sharif, Rabia Shahid, Marcin Rogawski, Kris Gaj Abstract In this paper, we present results of the comprehensive
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationLecture 4. Encryption Continued... Data Encryption Standard (DES)
Lecture 4 Encryption Continued... 1 Data Encryption Standard (DES) 64 bit input block 64 bit output block 16 rounds 64 (effective 56) bit key Key schedule computed at startup Aimed at bulk data >16 rounds
More informationThis document is a preview generated by EVS
INTERNATIONAL STANDARD ISO/IEC 18033-4 Second edition 2011-12-15 Information technology Security techniques Encryption algorithms Part 4: Stream ciphers Technologies de l'information Techniques de sécurité
More informationECE 646 Cryptography and Computer Network Security. Kris Gaj Research and teaching interests:
646 Cryptography and Computer Network Security Course web page: web page Courses 646 Kris Gaj Research and teaching interests: cryptography network security computer arithmetic FPGA & ASIC design and testing
More informationHardware Performance Evaluation of SHA-3 Candidate Algorithms
Journal of Information Security, 2012, 3, 69-76 http://dx.doi.org/10.4236/jis.2012.32008 Published Online April 2012 (http://www.scirp.org/journal/jis) Hardware Performance Evaluation of SHA-3 Candidate
More informationSHA-3 interoperability
SHA-3 interoperability Daniel J. Bernstein Department of Computer Science (MC 152) The University of Illinois at Chicago Chicago, IL 60607 7053 djb@cr.yp.to 1 Introduction: You thought software upgrades
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationReport on ISO/IEC/JTC1/SC27 Activities in Digital Identities
International Telecommunication Union ITU-T Report on ISO/IEC/JTC1/SC27 Activities in Digital Identities Dick Brackney ISO/SC27 Liaison Officer to ITU-T SG17 Standards Program Manager, U.S. Dept of Defense
More informationNetwork Working Group Request for Comments: 4162 Category: Standards Track KISA August 2005
Network Working Group Request for Comments: 4162 Category: Standards Track H.J. Lee J.H. Yoon J.I. Lee KISA August 2005 Addition of SEED Cipher Suites to Transport Layer Security (TLS) Status of This Memo
More informationCubeHash parameter tweak: 10 smaller MAC overhead
CubeHash parameter tweak: 10 smaller MAC overhead Daniel J. Bernstein Department of Computer Science University of Illinois at Chicago Chicago, IL 60607 7045 cubehash@box.cr.yp.to 1 Introduction CubeHashi+r/b+f
More informationUpdate on NIST Post-Quantum Cryptography Standardization. Lily Chen National Institute of Standards and Technology USA
Update on NIST Post-Quantum Cryptography Standardization Lily Chen National Institute of Standards and Technology USA Where we are? Dec 2016 NIST Announcement of Call for Proposals on post-quantum cryptography
More information