CSC574: Computer & Network Security
|
|
- Rudolph Chapman
- 6 years ago
- Views:
Transcription
1 CSC574: Computer & Network Security Lecture 3 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr, Patrick McDaniel, and Peng Ning)
2 Modern Cryptography 2
3 Kerckhoffs Principles Modern cryptosystems use a key to control encryption and decryption Ciphertext should be undecipherable without the correct key Encryption key may be different from decryption key. Kerckhoffs principles [1883]: Assume Eve knows cipher algorithm Security should rely on choice of key If Eve discovers the key, a new key can be chosen 3
4 Kerckhoffs Principles Kerckhoffs Principles are contrary to the principle of security by obscurity, which relies only upon the secrecy of the algorithm/ cryptosystem If security of a keyless algorithm compromised, cryptosystem becomes permanently useless (and unfixable) Algorithms relatively easy to reverse engineer 4
5 Symmetric and Asymmetric Crypto M C M E D Alice K1 K2 Bob Symmetric crypto: (also called private key crypto) Alice and Bob share the same key (K=K1=K2) K used for both encrypting and decrypting Doesn't imply that encrypting and decrypting are the same algorithm Also called private key or secret key cryptography, since knowledge of the key reveals the plaintext Asymmetric crypto: (also called public key crypto) Alice and Bob have different keys Alice encrypts with K1 and Bob decrypts with K2 Also called public key cryptography, since Alice and Bob can publicly post their public keys 5
6 Secret Key Crypto M C M E D Alice K K Bob Without K, Eve cannot decrypt C Eve 6
7 Crypto Confidentiality: Encryption and Decryption Functions Private Key Public Key Stream Ciphers Block Ciphers? 7
8 Block ciphers vs. Stream ciphers Stream Ciphers Combine (e.g., XOR) plaintext with pseudorandom stream of bits Pseudorandom stream generated based on key XOR with same bit stream to recover plaintext E.g., RC4, FISH Block Ciphers Fixed block size Encrypt block-sized portions of plaintext Combine encrypted blocks (more on this later) E.g., DES, 3DES, AES 8
9 Stream Ciphers Useful when plaintext arrives as a stream (e.g., 's WEP) Vulnerable if used incorrectly 9
10 Stream Ciphers Key reuse: [C(K) = pseudorandom stream produced using key K] E(M1) = M1 C(K) E(M2) = M2 C(K) Suppose Eve knows ciphertexts E(M1) and E(M2) E(M1) E(M2) = M1 C(K) M2 C(K) = M1 M2 M1 and M2 can be derived from M1 M2 using frequency analysis Countermeasure is to use IV (initialization vector) IV sent in clear and is combined with K to produce pseudorandom sequence E.g., replace C(K) with C(K IV) IVs should never be reused and should be sufficiently large WEP broken partly because IVs were insufficiently large modern stream ciphers take IVs, but it's up to the programmer to generate them 10
11 Stream Ciphers Substitution Attack: M = Pay me $ E(M) = M C(K) Suppose Eve knows M and E(M) but doesn't know K She can substitute M for M' by replacing E(M) with: E'(M) = E(M) M M' = M C(K) M M' = C(K) M' Eve can then replace E(M) with E'(M), which Bob will decrypt message as M' ( Pay me $ ) Countermeasure is to include message authentication code (more on this later) that helps detect manipulation (i.e., provides integrity and authenticity) 11
12 Generic Block Encryption Converts one input plaintext block of fixed size b bits to an output ciphertext block also of b bits Benefits of large b? of short b? plaintext block 0 block 1 block 2 key Encryption ciphertext block 0 block 1 block 2 12
13 Two Principles for Cipher Design Confusion: Make the relationship between the <plaintext, key> input and the <ciphertext> output as complex (non-linear) as possible Mainly accomplished by substitution Diffusion: Spread the influence of each input bit across many output bits Mainly accomplished by permutation Idea: use multiple, alternating permutations and subsitutions S P S P S... or P S P S P... Does it have to alternate?, e.g., S S S P P P S S... 13
14 Basic Form of Modern Block Ciphers Plaintext block Key Preprocessing Sub-Key Generation Rounds of Encryption i=1,2,,n Sub-Key #1 Sub-Key #2 Sub-Key #3 Sub-Key #n Postprocessing Ciphertext block 14
15 Feistel Cipher Very influential template for designing block ciphers Major benefit: do encryption and decryption w/ same hardware One round of Feistel Encryption 1. Break input block i into left and right halves L i and R i 2. Copy R i to create output half block L i+1 3. Half block R i and key K i are scrambled by function f 4. XOR result with input half-block L i to create output half-block R i+1 L i Input block i f R i K i L i+1 R i+1 Output block i+1 15
16 One Round of Feistel Decryption Output block i+1 L i R i f K i Just reverse the arrows! L i+1 R i+1 Input block i 16
17 Complete Feistel Cipher: Encryption Plaintext (2w bits) L 0 R 0 K 1 Round 1 f K 2 Round i f L 2 R 2 Round n f K n note this final swap! L n L n+1 R n+1 R n Ciphertext 17 (2w bits)
18 Feistel Cipher: Decryption Ciphertext (2w bits) L 0 R 0 K n Round 1 f K n-1 Round i f L 2 R 2 Round n f K 1 note this final swap! L n L n+1 R n+1 R n Plaintext (2w bits) 18 CSC 474
19 Data Encryption Standard (DES) Introduced by the US NBS (now NIST) in 1972 Signaled the beginning of the modern area of cryptography Basics Feistel Cipher 8-byte (64 bit) input 8-byte (64 bit) output 8-byte key (56 bits + 8 parity bits) 16 rounds 64-bit Input Initial Permutation Round 1 Round 2 Round 16 Swap Halves 48-bit K 1 48-bit K 2 48-bit K bit Key Generate round keys Final Permutation bit Output
20 DES Round: f (Mangler) Function function f = Mangler Input block i 32-bit half block L i R i Expansion f K i S-Box (substitution) 48 bits K i L i+1 R i+1 Output block i+1 Permutation 32-bit half block 20
21 Substitution Box (S-Box) A substitution box (or S-box) is used to obscure the relationship between the plaintext and the ciphertext Shannon s property of confusion: the relationship between key and ciphertext is complex as possible In DES, S-boxes are carefully chosen to resist cryptanalysis Thus, that is where the security comes from Example: Given a 6-bit input, the 4-bit output is found by selecting the row using the outer two bits, and the column using the inner four bits. For example, an input "011011" has outer bits "01" and inner bits "1101"; the corresponding output would be "1001". 21
22 Avalanche Effect in DES: Change in Plaintext Round δ Round δ 02468aceeca aceeca cf03c0fbad cf03c0fbad bad e9b723 bad a9b7a3 3 99e9b7230bae3b9e 39a9b7a3171cb8b3 4 0bae3b9e cb8b3ccaca55e b3fa41 ccaca55ed16c b3fa419616fe23 d16c3653cf402c fe cf2 cf402c682b2cefbc cf2c11bfc09 2b2cefbc99f c11bfc09887fbc6c 99f911532eed7d fbc6c600f7e8b 2eed7d94d0f f7e8bf596506e d0f da9c f596506e738538b8 455da9c47f6e3cf b8c6a62c4e 7f6e3cf34bc1a8d c6a62c4e56b0bd75 4bc1a8d91e07d b0bd7575e8fd8f 1e07d4091ce2e6dc e8fd8f ce2e6dc365e5f59 33 IP 1 da02ce3a89ecac3b 057cde97d7683f2a (from Stallings, Crypto and Net Security)
23 Avalanche Effect in DES: Change in Key Round δ Round δ 02468aceeca aceeca cf03c0fbad cf03c0f9ad628c5 2 bad e9b723 9ad628c b 3 99e9b7230bae3b9e b768067b7 4 0bae3b9e b75a8807c b3fa41 5a8807c5488dbe b3fa419616fe23 488dbe94aba7fe fe cf2 aba7fe53177d21e cf2c11bfc09 177d21e4548f1de4 0 9 c11bfc09887fbc6c 548f1de471f64dfd fbc6c600f7e8b 71f64dfd c f7e8bf596506e c399fdc0d f596506e738538b8 399fdc0d6d208dbb b8c6a62c4e 6d208dbbb9bdeeaa c6a62c4e56b0bd75 b9bdeeaad2c3a56f b0bd7575e8fd8f d2c3a56f2765c1fb e8fd8f c1fb01263dc4 32 IP 1 da02ce3a89ecac3b ee92b50606b62b0b (from Stallings, Crypto and Net Security)
24 Cryptanalysis of DES DES has an effective 56-bit key length Wiener: $1,000, hours (never built) July 17, 1998, the EFF DES Cracker, which was built for less than $250,000 < 3 days January 19, 1999, Distributed.Net (w/eff), 22 hours and 15 minutes (over many machines) We all assume that NSA and agencies like it around the world can crack (recover key) DES in milliseconds What now? Give up on DES? 24
25 Variants of DES DESX (XOR with separate keys ~= 60-bits) DESX(m) =K 2 DES K (m K 1 ) Linear cryptanalysis Triple DES (three keys ~= 112 bits) Keys k 1, k 2, k 3, but in practice k 1 = k 3 C = E(D(E(p, k 1 ),k 2,k 3 ) Compatible with normal DES if k 1 = k 2 = k 3 k 1 k 2 k 3 p E D E c 25
26 Advanced Encryption Standard (AES) International NIST bakeoff between cryptographers Rijndael (pronounced Rhine-dall ) Replaced DES as the accepted symmetric key cipher Substitution-permutation network, not a Feistel network Variable key lengths (, 192, or 256 bits) Block size: bits Fast implementation in both hardware and software Small code and memory footprint 26
27 AES Encryption Process 27 (from Stallings, Crypto and Net Security)
28 AES Data Structures (from Stallings, Crypto and Net Security) 28
29 AES Encryption and Decryption 29 (from Stallings, Crypto and Net Security)
30 30 (from Stallings, Crypto and Net Security)
31 S-box S-box and Inverse Inverse S-box S-box (from Stallings, Crypto and Net Security) 31
32 Implementation Aspects AES can be implemented very efficiently on an 8-bit processor AddRoundKey is a bytewise XOR operation ShiftRows is a simple byte-shifting operation SubBytes operates at the byte level and only requires a table of 256 bytes MixColumns requires matrix multiplication in the field GF(2 8 ), which means all operations are carried out on bytes Designers believe this very efficient implementation was a key factor in its selection as the AES cipher 32 (from Stallings, Crypto and Net Security)
33 Modes of Operation Most ciphers work on blocks of fixed (small) size How to encrypt long messages? Modes of operation ECB (Electronic Code Book) CBC (Cipher Block Chaining) OFB (Output Feedback) CFB (Cipher Feedback) CTR (Counter) 33
34 Issues for Block Chaining Modes Information leakage: Does it reveal info about the plaintext blocks? Ciphertext manipulation: Can an attacker modify ciphertext block(s) in a way that will produce a predictable/desired change in the decrypted plaintext block(s)? Note: assume the structure of the plaintext is known, e.g., first block is employee #1 salary, second block is employee #2 salary, etc. Parallel/Sequential: Can blocks of plaintext (ciphertext) be encrypted (decrypted) in parallel? Error Propagation: If there is an error in a plaintext (ciphertext) block, will there be an encryption (decryption) error in more than one ciphertext (plaintext) block? 34
35 Electronic Code Book Plaintext (ECB) M 1 M 2 M 3 M padding Key E E E E Ciphertext C 1 C 2 C 3 C 4 The easiest mode of operation; each block is independently encrypted 35
36 ECB Decryption M 1 M 2 M 3 M padding Key D D D D C 1 C 2 C 3 C 4 Each block is independently decrypted 36
37 ECB Issues Information leaks: two ciphertext blocks that are the same Manipulation: switch ciphertext with predictable results on plaintext (e.g., shuffle). Parallel: yes Propagate: no Plaintext ECB Other modes 37
38 Cipher Block Chaining (CBC) M 1 M 2 M 3 M padding Initialization Vector Key E E E E C 1 C 2 C 3 C 4 Chaining dependency: each ciphertext block depends on all preceding plaintext blocks 38
39 Initialization Vectors Initialization Vector (IV) Used along with the key; not secret For a given plaintext, changing either the key, or the IV, will produce a different ciphertext Why is that useful? IV generation and sharing Random; may transmit with the ciphertext Incremental; predictable by receivers 39
40 CBC Decryption M 1 M 2 M 3 M padding Initialization Vector Key D D D D C 1 C 2 C 3 C 4 How many ciphertext blocks does each plaintext block depend on? 40
41 CBC Properties Does information leak? Identical plaintext blocks will produce different ciphertext blocks Can ciphertext be manipulated profitably???? Parallel processing possible? no (encryption), yes (decryption) Do ciphertext errors propagate? yes (encryption), a little (decryption) 41
42 Output Feedback Mode (OFB) Initialization Vector one-time pad Key E Pseudo-Random E Number Generator E E M 1 M 2 M 3 M padding C 1 C 2 C 3 C 4 42
43 OFB Decryption IV one-time pad Key E E E E M 1 M 2 M 3 M padding C 1 C 2 C 3 C 4 No block decryption required! 43
44 OFB Properties Does information leak? identical plaintext blocks produce different ciphertext blocks Can ciphertext be manipulated profitably???? Parallel processing possible? no (generating pad), yes (XORing with blocks) Do ciphertext errors propagate???? 44
45 OFB (Cont d) If you know one plaintext/ciphertext pair, can easily derive the one-time pad that was used i.e., should not reuse a one-time pad! Conclusion: IV must be different every time 45
46 Cipher Feedback Mode (CFB) IV Key E E E E M 1 M 2 M 3 M padding C 1 C 2 C 3 C 4 Ciphertext block C j depends on all preceding plaintext blocks 46
47 CFB Decryption IV Key E E E E M 1 M 2 M 3 M padding C 1 C 2 C 3 C 4 No block decryption required! 47
48 CFB Properties Does information leak? Identical plaintext blocks produce different ciphertext blocks Can ciphertext be manipulated profitably???? Parallel processing possible? no (encryption), yes (decryption) Do ciphertext errors propagate???? 48
49 Counter Mode (CTR) IV IV++ IV++ Key E E E M 1 M 2 M 3 C 1 C 2 C 3 49
50 CTR Mode Properties Does information leak? Identical plaintext block produce different ciphertext blocks Can ciphertext be manipulated profitably??? Parallel processing possible Yes (both generating pad and XORing) Do ciphertext errors propagate???? Allow decryption the ciphertext at any location Ideal for random access to ciphertext 50
51 Basic truths of cryptography Cryptography is not frequently the source of security problems Algorithms are well known and widely studied Vetted through crypto community Avoid any proprietary encryption Claims of new technology or perfect security are almost assuredly snake oil 51
52 Building systems with cryptography Use quality libraries SSLeay, cryptolib, openssl Find out what cryptographers think of a package before using it Code review like crazy Educate yourself on how to use library Understand caveats by original designer and programmer 52
53 Common pitfalls Generating randomness Storage of secret keys Virtual memory (pages secrets onto disk) Protocol interactions Poor user interface Poor choice of parameters or modes 53
CIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)
CIS 6930/4930 Computer and Network Security Topic 3.1 Secret Key Cryptography (Cont d) 1 Principles for S-Box Design S-box is the only non-linear part of DES Each row in the S-Box table should be a permutation
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.2 Secret Key Cryptography CSC 474/574 Dr. Peng Ning 1 Agenda Generic block cipher Feistel cipher DES Modes of block ciphers Multiple encryptions Message
More informationCSC574: Computer & Network Security
CSC574: Computer & Network Security Lecture 4 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr, Patrick McDaniel, and Peng Ning) Announcements Homework 2, assigned. Due Friday, January
More informationChapter 3 Block Ciphers and the Data Encryption Standard
Chapter 3 Block Ciphers and the Data Encryption Standard Last Chapter have considered: terminology classical cipher techniques substitution ciphers cryptanalysis using letter frequencies transposition
More informationNetwork Security Essentials Chapter 2
Network Security Essentials Chapter 2 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Encryption What is encryption? Why do we need it? No, seriously, let's discuss this. Why do we need
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard
Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationModern Symmetric Block cipher
Modern Symmetric Block cipher 81 Shannon's Guide to Good Ciphers Amount of secrecy should determine amount of labour appropriate for encryption and decryption The set of keys and enciphering algorithm
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationModule: Cryptography. Professor Patrick McDaniel Fall CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Cryptography Professor Patrick McDaniel Fall 2008 1 A historical moment Mary Queen of Scots is being held by Queen Elizabeth and accused of
More informationSecret Key Cryptography
Secret Key Cryptography General Block Encryption: The general way of encrypting a 64-bit block is to take each of the: 2 64 input values and map it to a unique one of the 2 64 output values. This would
More informationSymmetric Encryption. Thierry Sans
Symmetric Encryption Thierry Sans Design principles (reminder) 1. Kerkoff Principle The security of a cryptosystem must not rely on keeping the algorithm secret 2. Diffusion Mixing-up symbols 3. Confusion
More informationCSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms
CSCI 454/554 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms? Security by
More informationBlock Ciphers and Data Encryption Standard. CSS Security and Cryptography
Block Ciphers and Data Encryption Standard CSS 322 - Security and Cryptography Contents Block Cipher Principles Feistel Structure for Block Ciphers DES Simplified DES Real DES DES Design Issues CSS 322
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Secret Key Cryptography Block cipher DES 3DES
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationCryptography Functions
Cryptography Functions Lecture 3 1/29/2013 References: Chapter 2-3 Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner Types of Cryptographic Functions Secret (Symmetric)
More informationA Novel Symmetric Block Cipher Algorithm. Based on Two-Key Dependent Permutation
Applied Mathematical Sciences, Vol. 10, 2016, no. 40, 1983-2002 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ams.2016.63127 A Novel Symmetric Block Cipher Algorithm Based on Two-Key Dependent
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 3.1 Secret Key Cryptography Algorithms Instructor: Dr. Kun Sun Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms?
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationDouble-DES, Triple-DES & Modes of Operation
Double-DES, Triple-DES & Modes of Operation Prepared by: Dr. Mohamed Abd-Eldayem Ref.: Cryptography and Network Security by William Stallings & Lecture slides by Lawrie Brown Multiple Encryption & DES
More informationSymmetric Cryptography
CSE 484 (Winter 2010) Symmetric Cryptography Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials...
More informationIntroduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function
More informationCSCI 454/554 Computer and Network Security. Topic 3.2 Secret Key Cryptography Modes of Operation
CSCI 454/554 Computer and Network Security Topic 3.2 Secret Key Cryptography Modes of Operation Processing with Block Ciphers Most ciphers work on blocks of fixed (small) size How to encrypt long messages?
More informationECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #7 Analysis of DES and the AES Standard Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we analyze the security properties of DES and
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationSymmetric Key Encryption. Symmetric Key Encryption. Advanced Encryption Standard ( AES ) DES DES DES 08/01/2015. DES and 3-DES.
Symmetric Key Encryption Symmetric Key Encryption and 3- Tom Chothia Computer Security: Lecture 2 Padding Block cipher modes Advanced Encryption Standard ( AES ) AES is a state-of-the-art block cipher.
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationSymmetric Encryption Algorithms
Symmetric Encryption Algorithms CS-480b Dick Steflik Text Network Security Essentials Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Symmetric Cipher Model Plaintext Encryption Algorithm
More informationCENG 520 Lecture Note III
CENG 520 Lecture Note III Symmetric Ciphers block ciphers process messages in blocks, each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process
More informationCSC/ECE 574 Computer and Network Security. Processing with Block Ciphers. Issues for Block Chaining Modes
CSC/C 574 Computer and Network Security Topic 3.2 Secret Cryptography Modes of Operation CSC/C 574 r. eng Ning 1 rocessing with Block Ciphers Most ciphers work on blocks of fixed (small) size How to encrypt
More informationGoals of Modern Cryptography
Goals of Modern Cryptography Providing information security: Data Privacy Data Integrity and Authenticity in various computational settings. Data Privacy M Alice Bob The goal is to ensure that the adversary
More information3 Symmetric Cryptography
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 3 Symmetric Cryptography Symmetric Cryptography Alice Bob m Enc c = e k (m) k c c Dec m = d k (c) Symmetric cryptography uses the same secret key k for encryption
More informationCIS 6930/4930 Computer and Network Security. Project requirements
CIS 6930/4930 Computer and Network Security Project requirements Project Requirement Form a team of 3 people to complete the course project. The project has 100pts + 20pts (extra credit) Report requirement:
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationBlock Encryption and DES
Block Encryption and DES Plain Text Block 1 Block 2 Block 3 Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available
More informationP2_L6 Symmetric Encryption Page 1
P2_L6 Symmetric Encryption Page 1 Reference: Computer Security by Stallings and Brown, Chapter 20 Symmetric encryption algorithms are typically block ciphers that take thick size input. In this lesson,
More informationBlock Ciphers. Advanced Encryption Standard (AES)
Network Security - ISA 656 Angelos Stavrou September 28, 2008 Codes vs. K = {0, 1} l P = {0, 1} m C = {0, 1} n, C C E : P K C D : C K P p P, k K : D(E(p, k), k) = p It is infeasible to find F : P C K Let
More informationCS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES
CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES PREPARED BY R.CYNTHIA PRIYADHARSHINI AP/IT/SREC Block Ciphers A block cipher is an encryption/decryption scheme in which a block of plaintext is treated
More information18-642: Cryptography 11/15/ Philip Koopman
18-642: Cryptography 11/15/2017 Cryptography Overview Anti-Patterns for Cryptography Using a home-made cryptographic algorithm Using private key when public key is required Not considering key distribution
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationLecture 4: Symmetric Key Encryption
Lecture 4: Symmetric ey Encryption CS6903: Modern Cryptography Spring 2009 Nitesh Saxena Let s use the board, please take notes 2/20/2009 Lecture 1 - Introduction 2 Data Encryption Standard Encrypts by
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationUNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan
UNIT - II Traditional Symmetric-Key Ciphers 1 Objectives To define the terms and the concepts of symmetric key ciphers To emphasize the two categories of traditional ciphers: substitution and transposition
More informationChapter 6 Contemporary Symmetric Ciphers
Chapter 6 Contemporary Symmetric Ciphers "I am fairly familiar with all the forms of secret writings, and am myself the author of a trifling monograph upon the subject, in which I analyze one hundred and
More informationCHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))
CHAPTER 6. SYMMETRIC CIPHERS Multiple encryption is a technique in which an encryption algorithm is used multiple times. In the first instance, plaintext is converted to ciphertext using the encryption
More informationLecture 2: Secret Key Cryptography
T-79.159 Cryptography and Data Security Lecture 2: Secret Key Cryptography Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi 1 Reminder: Communication Model Adversary Eve Cipher, Encryption
More information6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 6 Block Ciphers 6.1 Block Ciphers Block Ciphers Plaintext is divided into blocks of fixed length and every block is encrypted one at a time. A block cipher is a
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationSymmetric Cryptography. Chapter 6
Symmetric Cryptography Chapter 6 Block vs Stream Ciphers Block ciphers process messages into blocks, each of which is then en/decrypted Like a substitution on very big characters 64-bits or more Stream
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationProcessing with Block Ciphers
AIT 682: Network and Systems Security Topic 3.2 Secret Cryptography Modes of Operation Instructor: r. Kun Sun rocessing with Block Ciphers Most ciphers work on blocks of fixed (small) size How to encrypt
More informationLecture 3: Symmetric Key Encryption
Lecture 3: Symmetric Key Encryption CS996: Modern Cryptography Spring 2007 Nitesh Saxena Outline Symmetric Key Encryption Continued Discussion of Potential Project Topics Project proposal due 02/22/07
More information7. Symmetric encryption. symmetric cryptography 1
CIS 5371 Cryptography 7. Symmetric encryption symmetric cryptography 1 Cryptographic systems Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) M, plaintext message space C, ciphertext message space K, K, encryption
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationModern Block Ciphers
Modern Block Ciphers now look at modern block ciphers one of the most widely used types of cryptographic algorithms provide secrecy /authentication services focus on DES (Data Encryption Standard) to illustrate
More informationComputer and Data Security. Lecture 3 Block cipher and DES
Computer and Data Security Lecture 3 Block cipher and DES Stream Ciphers l Encrypts a digital data stream one bit or one byte at a time l One time pad is example; but practical limitations l Typical approach
More informationScanned by CamScanner
Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Symmetric-Key Cryptography CS 161: Computer Security
More informationCryptography [Symmetric Encryption]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationIntroduction to Cryptography. Lecture 3
Introduction to Cryptography Lecture 3 Benny Pinkas March 6, 2011 Introduction to Cryptography, Benny Pinkas page 1 Pseudo-random generator seed s (random, s =n) Pseudo-random generator G Deterministic
More informationChapter 6: Contemporary Symmetric Ciphers
CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 6: Contemporary Symmetric Ciphers Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Why Triple-DES?
More informationCryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái
Cryptography and Network Security Block Ciphers + DES Lectured by Nguyễn Đức Thái Outline Block Cipher Principles Feistel Ciphers The Data Encryption Standard (DES) (Contents can be found in Chapter 3,
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationSymmetric Cryptography CS461/ECE422
Symmetric Cryptography CS461/ECE422 1 Outline Overview of Cryptosystem design Commercial Symmetric systems DES AES Modes of block and stream ciphers 2 Reading Section 2.4-2.6 and 12.2 in Security in Computing
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationIntroduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu
Introduction to Cryptographic Systems Asst. Prof. Mihai Chiroiu Vocabulary In cryptography, cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Decryption
More informationIntroduction to Cryptography. Lecture 2. Benny Pinkas. Perfect Cipher. Perfect Ciphers. Size of key space
Perfect Cipher Introduction to Cryptography Lecture 2 Benny Pinkas What type of security would we like to achieve? Given C, the adversary has no idea what M is Impossible since adversary might have a-priori
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More information18-642: Cryptography
18-642: Cryptography 4/16/2018 Cryptography [without system integrity] is like investing in an armored car to carry money between a customer living in a cardboard box and a person doing business on a park
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationNetwork Security. Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar
Network Security Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar Modern Block Ciphers now look at modern block ciphers one of the most widely used types
More informationPRNGs & DES. Luke Anderson. 16 th March University Of Sydney.
PRNGs & DES Luke Anderson luke@lukeanderson.com.au 16 th March 2018 University Of Sydney Overview 1. Pseudo Random Number Generators 1.1 Sources of Entropy 1.2 Desirable PRNG Properties 1.3 Real PRNGs
More informationIntroduction to Cryptography. Lecture 3
Introduction to Cryptography Lecture 3 Benny Pinkas March 6, 2011 Introduction to Cryptography, Benny Pinkas page 1 Pseudo-random generator seed s (random, s =n) Pseudo-random generator G Deterministic
More informationCryptography 2017 Lecture 3
Cryptography 2017 Lecture 3 Block Ciphers - AES, DES Modes of Operation - ECB, CBC, CTR November 7, 2017 1 / 1 What have seen? What are we discussing today? What is coming later? Lecture 2 One Time Pad
More informationSecret Key Cryptography Overview
Secret Key Cryptography Overview Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc01_07/ Block ciphers
More informationComputer Security CS 526
Computer Security CS 526 Topic 4 Cryptography: Semantic Security, Block Ciphers and Encryption Modes CS555 Topic 4 1 Readings for This Lecture Required reading from wikipedia Block Cipher Ciphertext Indistinguishability
More informationSymmetric-Key Cryptography
Symmetric-Key Cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 13, 2016 Announcements Project due Sept 20 Special guests Alice Bob The attacker (Eve - eavesdropper, Malice) Sometimes Chris
More informationBlock Ciphers Introduction
Technicalities Block Models Block Ciphers Introduction Orr Dunkelman Computer Science Department University of Haifa, Israel March 10th, 2013 Orr Dunkelman Cryptanalysis of Block Ciphers Seminar Introduction
More informationCSCE 813 Internet Security Symmetric Cryptography
CSCE 813 Internet Security Symmetric Cryptography Professor Lisa Luo Fall 2017 Previous Class Essential Internet Security Requirements Confidentiality Integrity Authenticity Availability Accountability
More informationConventional Encryption: Modern Technologies
Conventional Encryption: Modern Technologies We mentioned that the statistical weakness in substitution ciphers is that they don t change the frequency of alphabetic letters. For example, if a substitution
More informationCrypto: Symmetric-Key Cryptography
Computer Security Course. Song Crypto: Symmetric-Key Cryptography Slides credit: Dan Boneh, David Wagner, Doug Tygar Overview Cryptography: secure communication over insecure communication channels Three
More informationCryptography and Network Security
Cryptography and Network Security CRYPTOGRAPHY AND NETWORK SECURITY PRAKASH C. GUPTA Former Head Department of Information Technology Maharashtra Institute of Technology Pune Delhi-110092 2015 CRYPTOGRAPHY
More informationPart XII. From theory to practice in cryptography
Part XII From theory to practice in cryptography FROM CRYPTO-THEORY to CRYPTO-PRACTICE FROM CRYPTO-THEORY to CRYPTO-PRACTICE In this chapter we deal with several applied cryptography methods, systems and
More informationInformation Security CS526
Information CS 526 Topic 3 Ciphers and Cipher : Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA 1 Announcements HW1 is out, due on Sept 10 Start early, late policy is 3 total late days for
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Lecture 6 Michael J. Fischer Department of Computer Science Yale University January 27, 2010 Michael J. Fischer CPSC 467b, Lecture 6 1/36 1 Using block ciphers
More informationSecret Key Cryptography (Spring 2004)
Secret Key Cryptography (Spring 2004) Instructor: Adi Shamir Teaching assistant: Eran Tromer 1 Background Lecture notes: DES Until early 1970 s: little cryptographic research in industry and academcy.
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5a January 29, 2013 CPSC 467b, Lecture 5a 1/37 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationBlock Cipher Operation. CS 6313 Fall ASU
Chapter 7 Block Cipher Operation 1 Outline q Multiple Encryption and Triple DES q Electronic Codebook q Cipher Block Chaining Mode q Cipher Feedback Mode q Output Feedback Mode q Counter Mode q XTS-AES
More informationCryptography CS 555. Topic 11: Encryption Modes and CCA Security. CS555 Spring 2012/Topic 11 1
Cryptography CS 555 Topic 11: Encryption Modes and CCA Security CS555 Spring 2012/Topic 11 1 Outline and Readings Outline Encryption modes CCA security Readings: Katz and Lindell: 3.6.4, 3.7 CS555 Spring
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 5 More About Block Ciphers Israel Koren ECE597/697 Koren Part.5.1 Content of this
More informationBlock Ciphers, DES, 2DES, 3DES
Block Ciphers, DES, 2DES, 3DES Lecture 10-14 Dr. Muhammad Mubashir Khan mmkhan@neduet.edu.pk December 2017 Department of Computer Science & IT, NED University of Engineering & Technology Stream vs Block
More informationBlock Ciphers. Secure Software Systems
1 Block Ciphers 2 Block Cipher Encryption function E C = E(k, P) Decryption function D P = D(k, C) Symmetric-key encryption Same key is used for both encryption and decryption Operates not bit-by-bit but
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationLecture 6: Symmetric Cryptography. CS 5430 February 21, 2018
Lecture 6: Symmetric Cryptography CS 5430 February 21, 2018 The Big Picture Thus Far Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures.
More informationENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel
(a) Introduction - recall symmetric key cipher: III. BLOCK CIPHERS k Symmetric Key Cryptography k x e k y yʹ d k xʹ insecure channel Symmetric Key Ciphers same key used for encryption and decryption two
More informationHomework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING
UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING ENEE 457 Computer Systems Security Instructor: Charalampos Papamanthou Homework 2 Out: 09/23/16 Due: 09/30/16 11:59pm Instructions
More informationCryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationCryptography: Symmetric Encryption [continued]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography: Symmetric Encryption [continued] Fall 2016 Ada (Adam) Lerner lerner@cs.washington.edu Thanks to Franzi Roesner, Dan Boneh, Dieter Gollmann,
More informationSymmetric Key Cryptography
Symmetric Key Cryptography Jooyoung Lee School of Computing (GSIS), KAIST Outline 1. Introduction to Symmetric Key Crypto 2. Stream Ciphers 3. Block Ciphers 3.1 DES 3.2 AES 3.3 Modes of Operations 3.4
More information