NC7201 Communication. Dr.G.A.Sathish Kumar Professor EC
|
|
- Francis Atkinson
- 6 years ago
- Views:
Transcription
1 NC7201 Communication Network Security Dr.G.A.Sathish Kumar Professor EC
2 Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know what the key is it's virtually indecipherable." Talking to Strange Men, Ruth Rendell
3 Origins clear a replacement for DES was needed have theoretical attacks that can break it have demonstrated exhaustive key search attacks can use Triple-DES but slow, has small blocks US NIST issued call for ciphers in candidates accepted in Jun 98 5 were shortlisted in Aug-99 Rijndael was selected as the AES in Oct-2000 issued as FIPS PUB 197 standard in Nov-2001
4 The AES Cipher -Rijndael designed by Rijmen-Daemen in Belgium has 128/192/256 bit keys, 128 bit data an iterative rather than feistel cipher processes data as block of 4 columns of 4 bytes operates on entire data block in every round designed to be: resistant against known attacks speed and code compactness on many CPUs design simplicity
5 AES Encryption Process
6 AES Structure datablockof4columnsof4bytesisstate keyisexpandedtoarrayofwords has 9/11/13 rounds in which state undergoes: bytesubstitution(1s-boxusedoneverybyte) shift rows(permute bytes between groups/columns) mix columns(subs using matrix multiply of groups) addroundkey(xorstatewithkeymaterial) viewasalternatingxorkey&scrambledatabytes initial XOR key material& incomplete last round with fast XOR& table lookup implementation
7 AES Structure
8 Some Comments on AES 1. an iterative rather than feistel cipher 2. key expanded into array of 32-bit words 1. four words form round key in each round 3. 4 different stages are used as shown 4. has a simple structure 5. only AddRoundKey uses key 6. AddRoundKey a form of Vernam cipher 7. each stage is easily reversible 8. decryption uses keys in reverse order 9. decryption does recover plaintext 10.final round has only 3 stages
9 Substitute Bytes asimplesubstitutionofeachbyte uses one table of 16x16 bytes containing a permutation of all bit values eachbyteofstateisreplacedbybyteindexedbyrow (left 4-bits)& column(right 4-bits) eg.byte{95}isreplacedbybyteinrow9column5 whichhasvalue{2a} S-box constructed using defined transformation of valuesingf(2 8 ) designedtoberesistanttoallknownattacks
10 Substitute Bytes
11 Substitute Bytes Example
12 Shift Rows a circular byte shift in each each 1 st row is unchanged 2 nd row does 1 byte circular shift to left 3rd row does 2 byte circular shift to left 4th row does 3 byte circular shift to left decrypt inverts using shifts to right since state is processed by columns, this step permutes bytes between the columns
13 Shift Rows
14 Mix Columns each column is processed separately each byte is replaced by a value dependent on all 4 bytes in the column 8 effectively a matrix multiplication in GF(2 8 ) using prime poly m(x) =x 8 +x 4 +x 3 +x+1
15 Mix Columns
16 Mix Columns Example
17 AES Arithmetic uses arithmetic in the finite field GF(2 8 ) with irreducible polynomial m(x) = x 8 + x 4 + x 3 + x + 1 which is ( ) or {11b} e.g. {02} {87} mod {11b} = ( ) mod {11b} = ( ) xor ( ) = ( )
18 Mix Columns can express each colas 4 equations to derive each new byte in col decryption requires use of inverse matrix with larger coefficients, hence a little harder have an alternate characterisation each column a 4-term polynomial with coefficients in GF(2 8 ) and polynomials multiplied modulo (x 4 +1) coefficients based on linear code with maximal distance between codewords
19 Add Round Key XOR state with 128-bits of the round key again processed by column (though effectively a series of byte operations) inverse for decryption identical since XOR own inverse, with reversed keys designed to be as simple as possible a form of Vernam cipher on expanded key requires other stages for complexity / security
20 Add Round Key
21 AES Round
22 AES Key Expansion takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words startbycopyingkeyintofirst4words then loop creating words that depend on valuesinprevious&4placesback in3of4casesjustxorthesetogether 1 st word in 4 has rotate + S-box + XOR round constantonprevious,beforexor4 th back
23 AES Key Expansion
24 Key Expansion Rationale designed to resist known attacks design criteria included knowing part key insufficient to find many more invertible transformation fastonwiderangeofcpu s use round constants to break symmetry diffusekeybitsintoroundkeys enough non-linearity to hinder analysis simplicity of description
25 AES Example Key Expansion
26 AES Example Encryption
27 AES Example Avalanche
28 AES Decryption AES decryption is not identical to encryption since steps done in reverse but can define an equivalent inverse cipher with steps as for encryption butusinginversesofeachstep with a different key schedule works since result is unchanged when swap byte substitution& shift rows swapmixcolumns&add(tweaked)roundkey
29 AES Decryption
30 Implementation Aspects can efficiently implement on 8-bit CPU byte substitution works on bytes using a table of 256 entries shiftrowsissimplebyteshift addroundkeyworksonbytexor s mix columns requires matrix multiply in GF(2 8 ) which works on byte values, can be simplified to usetablelookups&bytexor s
31 Implementation Aspects can efficiently implement on 32-bit CPU redefine steps to use 32-bit words can precompute 4 tables of 256-words theneachcolumnineachroundcanbecomputed using4tablelookups+4xors atacostof4kbtostoretables designers believe this very efficient implementation was a key factor in its selection as the AES cipher
32 Multiple Encryption & DES clearareplacementfordeswasneeded theoretical attacks that can break it demonstrated exhaustive key search attacks AESisanewcipheralternative prior to this alternative was to use multiple encryption with DES implementations Triple-DES is the chosen form
33 Double-DES? could use 2 DES encrypts on each block C = E K2 (E K1 (P)) issue of reduction to single stage and have meet-in-the-middle attack works whenever use a cipher twice since X = E K1 (P) = D K2 (C) attack by encrypting P with all keys and store then decrypt C with keys and match X value can show takes O(2 56 )steps
34 Triple-DES with Two-Keys hence must use 3 encryptions would seem to need 3 distinct keys but can use 2 keys with E-D-E sequence C = E K1 (D K2 (E K1 (P))) nb encrypt & decrypt equivalent in security if K1=K2then can work with single DES standardized in ANSI X9.17 & ISO8732 no current known practical attacks several proposed impractical attacks might become basis of future attacks
35 Triple-DES with Three-Keys although are no practical attacks on two-key Triple-DES have some indications can use Triple-DES with Three-Keys to avoid even these C = E K3 (D K2 (E K1 (P))) has been adopted by some Internet applications, eg PGP, S/MIME
36 Blowfish a symmetric block cipher designed by Bruce Schneier in 1993/94 characteristics fast implementation on 32-bit CPUs compactinuseofmemory simple structure eases analysis/ implemention variable security by varying key size has been implemented in various products
37 Blowfish Key Schedule uses a 32 to 448 bit key used to generate bit subkeysstored in K-array K j four 8x32 S-boxes stored in S i,j key schedule consists of: initialize P-array and then 4 S-boxes using pi XOR P-array with key bits (reuse as needed) loop repeatedly encrypting data using current P & S and replace successive pairs of P then S values requires 521 encryptions, hence slow in rekeying
38 Blowfish Encryption uses two primitives: addition & XOR data is divided into two 32-bit halves L 0 & R 0 for i = 1 to 16 do R i = L i-1 XOR P i ; L i = F[R i ] XOR R i-1 ; L 17 = R 16 XOR P 18 ; R 17 = L 16 XOR i 17 ; where F[a,b,c,d] = ((S 1,a + S 2,b ) XOR S 3,c ) + S 4,a
39 Discussion key dependent S-boxes and subkeys, generated using cipher itself, makes analysis very difficult changing both halves in each round increases security provided key is large enough, brute-force key search is not practical, especially given the high key schedule cost
40 RC5 a proprietary cipher owned by RSADSI designed by Ronald Rivest (of RSA fame) used in various RSADSI products can vary key size / data size / no rounds very clean and simple design easy implementation on various CPUs yet still regarded as secure
41 RC5 Ciphers RC5 is a family of ciphers RC5-w/r/b w = word size in bits (16/32/64) nb data=2w r = number of rounds (0..255) b = number of bytes in key (0..255) nominal version is RC5-32/12/16 ie 32-bit words so encrypts 64-bit data blocks using 12 rounds with 16 bytes (128-bit) secret key
42 RC5 Key Expansion RC5 uses 2r+2 subkey words(w-bits) subkeys are stored in array S[i], i=0..t-1 thenthekeyscheduleconsistsof initializing S to a fixed pseudorandom value, based onconstantseandphi the byte key is copied (little-endian) into a c-word array L amixing operation then combines L and S to form thefinalsarray
43 RC5 Encryption split input into two halves A & B L 0 = A + S[0]; R 0 = B + S[1]; for i = 1 to r do L i = ((L i-1 XOR R i-1 ) <<< R i-1 ) + S[2 x i]; R i = ((R i-1 XOR L i ) <<< L i ) + S[2 x i + 1]; each round is like 2 DES rounds note rotation is main source of non-linearity need reasonable number of rounds (eg 12-16)
44 RC5 Modes RFC2040defines4modesusedbyRC5 RC5BlockCipher,isECBmode RC5-CBC,isCBCmode RC5-CBC-PAD, is CBC with padding by bytes with value being the number of padding bytes RC5-CTS, a variant of CBC which is the same size as the original message, uses ciphertext stealing to keep size same as original
45 Stream Ciphers processmessagebitbybit(asastream) have a pseudo random keystream combined(xor) with plaintext bit by bit randomness of stream key completely destroys statistically properties in message C i = M i XOR StreamKey i but must never reuse stream key otherwise can recover messages(cf book cipher)
46 Stream Cipher Structure
47 Stream Cipher Properties some design considerations are: long period with no repetitions statistically random depends on large enough key large linear complexity properly designed, can be as secure as a block cipher with same size key but usually simpler& faster
48 RC4 aproprietarycipherownedbyrsadsi another Ron Rivest design, simple but effective variable key size, byte-oriented stream cipher widely used(web SSL/TLS, wireless WEP/WPA) key forms random permutation of all 8-bit values uses that permutation to scramble input info processedabyteatatime
49 RC4 Key Schedule starts with an array S of numbers: use key to well and truly shuffle S forms internal stateof the cipher for i = 0 to 255 do S[i] = i T[i] = K[i mod keylen]) j = 0 for i = 0 to 255 do j = (j + S[i] + T[i]) (mod 256) swap (S[i], S[j])
50 RC4 Encryption encryption continues shuffling array values sum of shuffled pair selects"stream key" value from permutation XOR S[t] with next byte of message to en/decrypt i = j = 0 for each message byte M i i = (i + 1) (mod 256) j = (j + S[i]) (mod 256) swap(s[i], S[j]) t = (S[i] + S[j]) (mod 256) C i = M i XOR S[t]
51 RC4 Overview
52 RC4 Security claimed secure against known attacks have some analyses, none practical result is very non-linear sincerc4isastreamcipher,mustneverreuse akey have a concern with WEP, but due to key handling rather than RC4 itself
53 Motivation and outline symmetric encryption is used to provide message confidentiality Q: Where to put the encryption mechanism? How to distribute the secret key? Placement of encryption function Traffic confidentiality Key distribution
54 Confidentiality using Symmetric Encryption Whatto encrypt and wherethe encryption function should be located (4) Monitor traffic consider typical scenario: (2) dial-in, then intrude (3) Tap into wire (1) Eavesdropping by members
55 Typical scenario and attacks consider typical scenario workstations on LANs access other workstations & servers on LAN LANs interconnected using switches/routers with external lines or radio/satellite links consider attacks and placement in this scenario snooping from another workstation usedial-intolanorservertosnoop useexternalrouterlinktoenter&snoop monitor and/or modify traffic one external links
56 Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario workstations on LANs access other workstations & servers onlan LANs interconnected using switches/routers with external lines or radio/satellite links consider attacks and placement in this scenario snooping from another workstation usedial-intolanorservertosnoop useexternalrouterlinktoenter&snoop monitor and/or modify traffic one external links
57 Confidentiality using Symmetric Encryption have two major placement alternatives link encryption encryption occurs independently on every link implies must decrypt traffic between links requires many devices, but paired keys end-to-end encryption encryption occurs between original source and final destination needdevicesateachendwithsharedkeys
58 Confidentiality using Symmetric Encryption Which part to encrypt in a PSN Packet switching network traditionally symmetric encryption is used to provide message confidentiality Vulnerable points: snooping, monitoring or modifying by using another workstation dial-intolanorserverorexternalrouter by physically taping line in wiring closet end-to-end encryption (shared keys): protects data between source and destination, needs devices at each end. link encryption, (paired keys): protects traffic monitoring, is considered over every link, requires many devices, End[Link[]Link]End
59 Confidentiality using Symmetric Encryption Which part to encrypt in a PSN Packet switching network PSN
60 Confidentiality using Symmetric Encryption have two major placement alternatives linkencryption encryption occurs independently on every link implies must decrypt traffic between links requires many devices, but paired keys end-to-endencryption encryption occurs between original source and final destination needdevicesateachendwithsharedkeys
61 Placement of encryption have two major placement alternatives link encryption encryption occurs independently on every link implies must decrypt traffic between links requiresmanydevices,butpairedkeysforalllinks end-to-end encryption encryption occurs between original source and final destination needdevicesateachendwithsharedkeys
62 Placement of encryption (cont.) One key for each link One shared key
63 Problems with routing In a packet-switching network, we need packet header to route packets Link encryption: so packet must be decrypted before routing Vulnerable at each switch node End-to-end encryption: must leave headers in clear, so network can correctly route information hence although contents protected, traffic pattern is not protected ideallywantbothatonce end-to-end protects data contents over entire path and provides authentication link protects traffic flows from monitoring
64 Placement of Encryption can place encryption function at various layers in OSI Reference Model linkencryptionoccursatlayers1or2 end-to-endcanoccuratlayers3,4,6,7 as move higher less information is encrypted but it is more secure though more complex with more entities and keys
65 Placement of encryptionover OSI model can place encryption function at various layers in OSI Reference Model
66 OSI model and packetization Application level encryption TCP level encryption Link level encryption
67 Placement of encryptionover OSI model (cont.)
68 Placement of Encryption in the various levels of OSI Encapsulation Model (b) TCP Layer level (c) Link Layer Level
69 Traffic Analysis when using end-to-end encryption must leave headers in clear so network can correctly route information hence although contents protected, traffic pattern flows are not ideallywantbothatonce end-to-end protects data contents over entire path and provides authentication link protects traffic flows from monitoring
70 Traffic Analysis is monitoring of communications flows between parties useful both in military& commercial spheres canalsobeusedtocreateacovertchannel link encryption obscures header details butoveralltrafficvolumesinnetworksandatendpoints is still visible traffic padding can further obscure flows butatcostofcontinuoustraffic
71 Traffic Analysis In packet-switching network, the packet header cannot be encrypted Traffic analysis is monitoring of communications flows between parties Ex.knowwhoistalkingtowhominmilitaryusage Traffic analysis reveals Identities of partners How frequently the partners are communicating Message pattern, message length, quantity of messages,
72 Defense against traffic analysis link encryption obscures header details but overall traffic volumesin networks and at endpoints is still visible Traffic padding
73 Traffic monitoring The purpose of monitoring military& commercial can also be used to create a covert channel ifcontrolled Link encryption obscures headerdetails But overall traffic volumes in networks and at end- points will still bevisible Traffic padding can further obscure flows butat cost of continuoustraffic..
74 Key Distribution symmetric schemes require both parties to share a common secret key issue is how to securely distribute this key often secure system failure due to a break in often secure system failure due to a break in the key distribution scheme
75 How to distribute key symmetric schemes require to share a common secret key often secure system failure due to a break in the key distribution scheme given parties A and B have various key distribution alternatives: 1. PhysicallydeliveryfromAtoB 2. Third party can issue & deliver key to A & B, if A & B have secure communicationswithathirdpartyc,ccanrelaykeybetweena&b DistributionofKeyisbasedonaHierarchy,atleasttwolevelsof keys are used temporary key referred as session key used for the duration of a logical connection between users for one logical session then discarded masterkey usedtoencryptsessionkeys sharedbyuser&keydistributioncenter
76 Key Distribution given parties A and B have various key distribution alternatives: 1.AcanselectkeyandphysicallydelivertoB 2.thirdpartycanselect&deliverkeytoA&B 3.if A & B have communicated previously can use previous keytoencryptanewkey 4.if A & B have secure communications with a third party C, CcanrelaykeybetweenA&B
77 Key Distribution Scenario Assume that user A wishes to establish a logical connection with B and requires a one-time session key to protect the data transmitted over the logical connection tob.ahas hasamaster key, K a, known only to itself and the KDC; similarly, B shares the masterkeyk b with the KDC. Thefollowing steps occur:
78 a.aissues a requesttothe the KDC for a session keytob including the identity of A and B and a unique session identifier, N 1, valid for this transaction, nonce: a timestamp, a counter, orarandomrandom number; differs with each request. I.e. to prevent masquerading, suppose something like, a random number. a. b.thekdc sresponsetoa:k A Thus,onlyAcandecrypt themessage.one-timesessionkey,k S,tobeusedfor thesession.itemsfora:theoriginalmessagesothat,a can verify the original request not altered before reception by the KDC. Thenonce, so that this isnot areplay of some previous request. Items for B: The one time session key K S and ID SA (e.g., its network address), both encrypted with K B (the master key that thekdcshareswithb).
79 Key Distribution Issues hierarchies of KDC s required for large networks, but must trust each other session key lifetimes should be limited for greater security use of automatic key distribution on behalf of users, but must trust system use of decentralized key distribution controlling purposes keys are used for
80 Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman he would fear that some devil might take advantage of his weak state to slip into his body. The Golden Bough, Sir James George Frazer
81 Key Management and Distribution topics of cryptographic key management / key distribution are complex cryptographic, protocol, & management issues symmetric schemes require both parties to share a common secret key public key schemes require parties to acquire valid public keys have concerns with doing both
82 Key Distribution symmetric schemes require both parties to share a common secret key issue is how to securely distribute this key whilst protecting it from others frequent key changes can be desirable often secure system failure due to a break in the key distribution scheme
83 Key Distribution given parties A and B have various key distribution alternatives: 1. AcanselectkeyandphysicallydelivertoB 2. thirdpartycanselect&deliverkeytoa&b 3. if A & B have communicated previously can use previouskeytoencryptanewkey 4. if A & B have secure communications with a thirdpartyc,ccanrelaykeybetweena&b
84 Key Distribution Task
85 Key Hierarchy typically have a hierarchy of keys session key temporary key used for encryption of data between users for one logical session then discarded master key used to encrypt session keys shared by user & key distribution center
86 Key Hierarchy
87 Key Distribution Scenario
88 Key Distribution Issues hierarchies of KDC s required for large networks, but must trust each other session key lifetimes should be limited for greater security use of automatic key distribution on behalf of users, but must trust system use of decentralized key distribution controlling key usage
89 Symmetric Key Distribution Using Public Keys public key cryptosystems are inefficient so almost never use for direct data encryption rather use to encrypt secret keys for distribution
90 Simple Secret Key Distribution Merkle proposed this very simple scheme allows secure communications no keys before/after exist
91 Man-in-the-Middle Attack this very simple scheme is vulnerable to an active man-in-the-middle attack
92 Secret Key Distribution with Confidentiality and Authentication
93 Hybrid Key Distribution retain use of private-key KDC shares secret master key with each user distributes session key using master key public-key used to distribute master keys especially useful with widely distributed users rationale performance backward compatibility
94 Distribution of Public Keys can be considered as using one of: public announcement publicly available directory public-key authority public-key certificates
95 Public Announcement users distribute public keys to recipients or broadcast to community at large eg. append PGP keys to messages or post to news groups or list major weakness is forgery anyone can create a key claiming to be someone else and broadcast it until forgery is discovered can masquerade as claimed user
96 Publicly Available Directory can obtain greater security by registering keys with a public directory directory must be trusted with properties: contains {name,public-key} entries participants register securely with directory participants can replace key at any time directory is periodically published directory can be accessed electronically still vulnerable to tampering or forgery
97 Public-Key Authority improve security by tightening control over distribution of keys from directory has properties of directory and requires users to know public key for the directory then users interact with directory to obtain any desired public key securely does require real-time access to directory when keys are needed may be vulnerable to tampering
98 Public-Key Authority
99 Public-Key Certificates certificates allow key exchange without realtime access to public-key authority a certificate binds identity to public key usually with other info such as period of validity, rights of use etc with all contents signed by a trusted Public- Key or Certificate Authority (CA) can be verified by anyone who knows the public-key authorities public-key
100 Public-Key Certificates
101 X.509 Authentication Service part of CCITT X.500 directory service standards distributed servers maintaining user info database defines framework for authentication services directory may store public-key certificates with public key of user signed by certification authority also defines authentication protocols uses public-key crypto & digital signatures algorithms not standardised, but RSA recommended X.509 certificates are widely used have 3 versions
102 X.509 Certificate Use
103 X.509 Certificates issued by a Certification Authority (CA), containing: version V (1, 2, or 3) serial number SN (unique within CA) identifying certificate signature algorithm identifier AI issuer X.500 name CA) period of validity TA (from -to dates) subject X.500 name A (name of owner) subject public-key info Ap (algorithm, parameters, key) issuer unique identifier (v2+) subject unique identifier (v2+) extension fields (v3) signature (of hash of all fields in certificate) notation CA<<A>> denotes certificate for A signed by CA
104 X.509 Certificates
105 Obtaining a Certificate any user with access to CA can get any certificate from it only the CA can modify a certificate because cannot be forged, certificates can be placed in a public directory
106 CA Hierarchy if both users share a common CA then they are assumed to know its public key otherwise CA's must form a hierarchy use certificates linking members of hierarchy to validate other CA's each CA has certificates for clients (forward) and parent (backward) each client trusts parents certificates enable verification of any certificate from one CA by users of all other CAs in hierarchy
107 CA Hierarchy Use
108 Certificate Revocation certificates have a period of validity may need to revoke before expiry, eg: 1. user's private key is compromised 2. user is no longer certified by this CA 3. CA's certificate is compromised CA s maintain list of revoked certificates the Certificate Revocation List (CRL) users should check certificates with CA s CRL
109 X.509 Version 3 has been recognised that additional information is needed in a certificate /url, policy details, usage constraints rather than explicitly naming new fields defined a general extension method extensions consist of: extension identifier criticality indicator extension value
110 Certificate Extensions key and policy information convey info about subject & issuer keys, plus indicators of certificate policy certificate subject and issuer attributes support alternative names, in alternative formats for certificate subject and/or issuer certificate path constraints allow constraints on use of certificates by other CA s
111 Public Key Infrastructure
112 PKIX Management functions: registration initialization certification key pair recovery key pair update revocation request cross certification protocols: CMP, CMC
113 Stream Ciphers and Random Number Generation The comparatively late rise of the theory of probability shows how hard it is to grasp, and the many paradoxes show clearly that we, as humans, lack a well grounded intuition in this matter. In probability theory there is a great deal of art in setting up the model, in solving the problem, and in applying the results back to the real world actions that will follow. The Art of Probability, Richard Hamming
114 Random Numbers many uses of random numbersin cryptography nonces in authentication protocols to prevent replay session keys public key generation keystream for a one-time pad in all cases its critical that these values be statistically random, uniform distribution, independent unpredictability of future values from previous values true random numbers provide this care needed with generated random numbers
115 Pseudorandom Number Generators (PRNGs) often use deterministic algorithmic techniques to create random numbers although are not truly random can pass many tests of randomness known as pseudorandom numbers created by Pseudorandom Number Generators (PRNGs)
116 Random & Pseudorandom Number Generators
117 PRNG Requirements randomness uniformity, scalability, consistency unpredictability forward & backward unpredictability use same tests to check characteristics of the seed secure if known adversary can determine output so must be random or pseudorandom number
118 Linear Congruential Generator common iterative technique using: X n+1 = (ax n + c) mod m given suitable values of parameters can produce a long random-like sequence suitable criteria to have are: function generates a full-period generated sequence should appear random efficient implementation with 32-bit arithmetic note that an attacker can reconstruct sequence given a small number of values have possibilities for making this harder
119 Blum Blum Shub Generator based on public key algorithms use least significant bit from iterative equation: x i = x i-12 mod n where n=p.q, and primes p,q=3 mod 4 unpredictable, passes next-bit test security rests on difficulty of factoring N is unpredictable given any run of bits slow, since very large numbers must be used too slow for cipher use, good for key generation
120 Using Block Ciphers as PRNGs for cryptographic applications, can use a block cipher to generate random numbers often for creating session keys from master key CTR X i = E K [V i ] OFB X i = E K [X i-1 ]
121 ANSI X9.17 PRG
122 Stream Ciphers process message bit by bit (as a stream) have a pseudo random keystream combined (XOR) with plaintext bit by bit randomness of stream keycompletely destroys statistically properties in message C i = M i XOR StreamKey i but must never reuse stream key otherwise can recover messages (cf book cipher)
123 Stream Cipher Structure
124 Stream Cipher Properties some design considerations are: long period with no repetitions statistically random depends on large enough key large linear complexity properly designed, can be as secure as a block cipher with same size key but usually simpler & faster
125 Natural Random Noise best source is natural randomness in real world find a regular but random event and monitor do generally need special h/w to do this eg. radiation counters, radio noise, audio noise, thermal noise in diodes, leaky capacitors, mercury discharge tubes etc starting to see such h/w in new CPU's problems of biasor uneven distribution in signal have to compensate for this when sample, often by passing bits through a hash function best to only use a few noisiest bits from each sample RFC4086 recommends using multiple sources + hash
126 Published Sources a few published collections of random numbers Rand Co, in 1955, published 1 million numbers generated using an electronic roulette wheel has been used in some cipher designs cf Khafre earlier Tippett in 1927 published a collection issues are that: these are limited too well-known for most uses
127 Summary have considered: the AES selection process the details of Rijndael the AES cipher looked at the steps in each round the key expansion implementation aspects
128 Summary Multiple Encryption & Triple-DES Modes of Operation ECB, CBC, CFB, OFB, CTR, XTS-AES
129 Summary have considered: some other modern symmetric block ciphers Triple-DES Blowfish RC5 briefly introduced stream ciphers RC4
Cryptography and Network Security Chapter 7
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 7 Stream Ciphers and Random Number Generation The comparatively
More informationCryptography and Network Security Chapter 14
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture
More informationCryptography and Network Security Chapter 7. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 7 Fourth Edition by William Stallings Chapter 7 Confidentiality Using Symmetric Encryption John wrote the letters of the alphabet under the letters in its first
More informationChapter 6: Contemporary Symmetric Ciphers
CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 6: Contemporary Symmetric Ciphers Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Why Triple-DES?
More informationNetwork Security Essentials Chapter 2
Network Security Essentials Chapter 2 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Encryption What is encryption? Why do we need it? No, seriously, let's discuss this. Why do we need
More informationDouble-DES, Triple-DES & Modes of Operation
Double-DES, Triple-DES & Modes of Operation Prepared by: Dr. Mohamed Abd-Eldayem Ref.: Cryptography and Network Security by William Stallings & Lecture slides by Lawrie Brown Multiple Encryption & DES
More informationChapter 6 Contemporary Symmetric Ciphers
Chapter 6 Contemporary Symmetric Ciphers "I am fairly familiar with all the forms of secret writings, and am myself the author of a trifling monograph upon the subject, in which I analyze one hundred and
More informationCENG 520 Lecture Note III
CENG 520 Lecture Note III Symmetric Ciphers block ciphers process messages in blocks, each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process
More informationKEY DISTRIBUTION AND USER AUTHENTICATION
KEY DISTRIBUTION AND USER AUTHENTICATION Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman
More informationCryptography and Network Security Chapter 10. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Chapter 10 Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture out of the
More informationCrypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion
Crypto Basics Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion 1 What is a cryptosystem? K = {0,1} l P = {0,1} m C = {0,1} n, C C E: P K C D: C
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 10 Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 6: Advanced Encryption Standard (AES) Ion Petre Department of IT, Åbo Akademi University 1 Origin of AES 1999: NIST
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationT Cryptography and Data Security
T-79.159 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Kaufman et al: Ch 11.6; 9.7-9; Stallings:
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationKey Management and Distribution
Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationInformation Security CS526
Information CS 526 Topic 3 Ciphers and Cipher : Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA 1 Announcements HW1 is out, due on Sept 10 Start early, late policy is 3 total late days for
More informationT Cryptography and Data Security
T-79.4501 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Stallings: Ch 7.4; 7.3; 10.1 1 The Use
More informationChapter 3 Block Ciphers and the Data Encryption Standard
Chapter 3 Block Ciphers and the Data Encryption Standard Last Chapter have considered: terminology classical cipher techniques substitution ciphers cryptanalysis using letter frequencies transposition
More informationCS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES
CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES PREPARED BY R.CYNTHIA PRIYADHARSHINI AP/IT/SREC Block Ciphers A block cipher is an encryption/decryption scheme in which a block of plaintext is treated
More informationNetwork Security Essentials
Network Security Essentials Fifth Edition by William Stallings Chapter 4 Key Distribution and User Authentication No Singhalese, whether man or woman, would venture out of the house without a bunch of
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.2 Secret Key Cryptography CSC 474/574 Dr. Peng Ning 1 Agenda Generic block cipher Feistel cipher DES Modes of block ciphers Multiple encryptions Message
More informationKey Management and Distribution
CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 10 Key Management; Other Public Key Cryptosystems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan
More informationU-II BLOCK CIPHER ALGORITHMS
U-II BLOCK CIPHER ALGORITHMS IDEA: Idea is block cipher similar to DES Works on 64 bit plaintext block Key is longer and consist of 128 bits Idea is reversible like DES i.e. same algorithm can be used
More informationSymmetric Encryption Algorithms
Symmetric Encryption Algorithms CS-480b Dick Steflik Text Network Security Essentials Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Symmetric Cipher Model Plaintext Encryption Algorithm
More informationDarshan Institute of Engineering & Technology Page Information Security (IS) UNIT-2 Conventional Encryption Techniques
Q 1. Draw and explain Feistel s structure for encryption and decryption. The exact realization of Feistel network depends on the choice of which parameters? Feistel cipher is based on the idea that instead
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationSymmetric Encryption. Thierry Sans
Symmetric Encryption Thierry Sans Design principles (reminder) 1. Kerkoff Principle The security of a cryptosystem must not rely on keeping the algorithm secret 2. Diffusion Mixing-up symbols 3. Confusion
More informationSecret Key Cryptography
Secret Key Cryptography 1 Block Cipher Scheme Encrypt Plaintext block of length N Decrypt Secret key Cipher block of length N 2 Generic Block Encryption Convert a plaintext block into an encrypted block:
More information6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 6 Block Ciphers 6.1 Block Ciphers Block Ciphers Plaintext is divided into blocks of fixed length and every block is encrypted one at a time. A block cipher is a
More information3 Symmetric Cryptography
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 3 Symmetric Cryptography Symmetric Cryptography Alice Bob m Enc c = e k (m) k c c Dec m = d k (c) Symmetric cryptography uses the same secret key k for encryption
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 5 Advanced Encryption Standard Advance Encryption Standard Topics Origin of AES Basic AES Inside Algorithm Final Notes Origins
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationBlock Cipher Operation. CS 6313 Fall ASU
Chapter 7 Block Cipher Operation 1 Outline q Multiple Encryption and Triple DES q Electronic Codebook q Cipher Block Chaining Mode q Cipher Feedback Mode q Output Feedback Mode q Counter Mode q XTS-AES
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationAcknowledgments. CSE565: Computer Security Lectures 16 & 17 Authentication & Applications
CSE565: Computer Security Lectures 16 & 17 Authentication & Applications Shambhu Upadhyaya Computer Science & Eng. University at Buffalo Buffalo, New York 14260 Lec 16.1 Acknowledgments Material for some
More informationInformation Security CS526
Information Security CS 526 Topic 3 Cryptography: One-time Pad, Information Theoretic Security, and Stream CIphers 1 Announcements HW1 is out, due on Sept 11 Start early, late policy is 3 total late days
More informationPractical Aspects of Modern Cryptography
Practical Aspects of Modern Cryptography Lecture 3: Symmetric s and Hash Functions Josh Benaloh & Brian LaMacchia Meet Alice and Bob Alice Bob Message Modern Symmetric s Setup: Alice wants to send a private
More informationIntroduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationSymmetric Key Cryptography
Symmetric Key Cryptography Michael Huth M.Huth@doc.ic.ac.uk www.doc.ic.ac.uk/~mrh/430/ Symmetric Key Cryptography (3.1) Introduction Also known as SECRET KEY, SINGLE KEY, PRIVATE KEY Sender and Receiver
More informationPRNGs & DES. Luke Anderson. 16 th March University Of Sydney.
PRNGs & DES Luke Anderson luke@lukeanderson.com.au 16 th March 2018 University Of Sydney Overview 1. Pseudo Random Number Generators 1.1 Sources of Entropy 1.2 Desirable PRNG Properties 1.3 Real PRNGs
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Authentication Applications We cannot enter into alliance with neighbouring princes until
More informationSymmetric Cryptography CS461/ECE422
Symmetric Cryptography CS461/ECE422 1 Outline Overview of Cryptosystem design Commercial Symmetric systems DES AES Modes of block and stream ciphers 2 Reading Section 2.4-2.6 and 12.2 in Security in Computing
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationStream Ciphers. Stream Ciphers 1
Stream Ciphers Stream Ciphers 1 Stream Ciphers Generate a pseudo-random key stream & xor to the plaintext. Key: The seed of the PRNG Traditional PRNGs (e.g. those used for simulations) are not secure.
More informationChapter 7 Public Key Cryptography and Digital Signatures
Chapter 7 Public Key Cryptography and Digital Signatures Every Egyptian received two names, which were known respectively as the true name and the good name, or the great name and the little name; and
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationLecture Note 6 KEY MANAGEMENT. Sourav Mukhopadhyay
Lecture Note 6 KEY MANAGEMENT Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Key Management There are actually two distinct aspects to the use of public-key encryption in this regard:
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationSummary on Crypto Primitives and Protocols
Summary on Crypto Primitives and Protocols Levente Buttyán CrySyS Lab, BME www.crysys.hu 2015 Levente Buttyán Basic model of cryptography sender key data ENCODING attacker e.g.: message spatial distance
More informationECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #7 Analysis of DES and the AES Standard Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we analyze the security properties of DES and
More informationSecret Key Cryptography
Secret Key Cryptography General Block Encryption: The general way of encrypting a 64-bit block is to take each of the: 2 64 input values and map it to a unique one of the 2 64 output values. This would
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationCryptology Part 1. Terminology. Basic Approaches to Cryptography. Basic Approaches to Cryptography: (1) Transposition (continued)
Cryptology Part 1 Uses of Cryptology 1. Transmission of a message with assurance that the contents will be known only by sender and recipient a) Steganography: existence of the message is hidden b) Cryptography:
More informationThis chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest
1 2 3 This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest PKCS, Diffie- Hellman key exchange. This first published
More informationICT 6541 Applied Cryptography. Hossen Asiful Mustafa
ICT 6541 Applied Cryptography Hossen Asiful Mustafa Encryption & Decryption Key (K) Plaintext (P) Encrypt (E) Ciphertext (C) C = E K (P) Same Key (K) Ciphertext (C) Decrypt (D) Plaintext (P) P = D K (C)
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 8 September 28, 2015 CPSC 467, Lecture 8 1/44 Chaining Modes Block chaining modes Extending chaining modes to bytes Public-key Cryptography
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution
Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University
More informationOutline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Department of Electrical and Computer Engineering Cleveland State University wenbing@ieee.org Outline Review
More informationStream Ciphers An Overview
Stream Ciphers An Overview Palash Sarkar Indian Statistical Institute, Kolkata email: palash@isicalacin stream cipher overview, Palash Sarkar p1/51 Classical Encryption Adversary message ciphertext ciphertext
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 4 The Advanced Encryption Standard (AES) Israel Koren ECE597/697 Koren Part.4.1
More informationCSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms
CSCI 454/554 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms? Security by
More informationGoals of Modern Cryptography
Goals of Modern Cryptography Providing information security: Data Privacy Data Integrity and Authenticity in various computational settings. Data Privacy M Alice Bob The goal is to ensure that the adversary
More informationCryptography Functions
Cryptography Functions Lecture 3 1/29/2013 References: Chapter 2-3 Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner Types of Cryptographic Functions Secret (Symmetric)
More informationSymmetric Cryptography. Chapter 6
Symmetric Cryptography Chapter 6 Block vs Stream Ciphers Block ciphers process messages into blocks, each of which is then en/decrypted Like a substitution on very big characters 64-bits or more Stream
More informationOverview of Security Principles
Overview of Security Principles Wireless Network Security Principles and Practices CSE 713 (Lecture 3) 1 Outline Basic Encryption Methodology Message Authentication and Integrity Program Security Network
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationComputer Security CS 526
Computer Security CS 526 Topic 4 Cryptography: Semantic Security, Block Ciphers and Encryption Modes CS555 Topic 4 1 Readings for This Lecture Required reading from wikipedia Block Cipher Ciphertext Indistinguishability
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationBCA III Network security and Cryptography Examination-2016 Model Paper 1
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct
More informationChapter 9. Public Key Cryptography, RSA And Key Management
Chapter 9 Public Key Cryptography, RSA And Key Management RSA by Rivest, Shamir & Adleman of MIT in 1977 The most widely used public-key cryptosystem is RSA. The difficulty of attacking RSA is based on
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 5 More About Block Ciphers Israel Koren ECE597/697 Koren Part.5.1 Content of this
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationCryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working
More informationCryptographic Algorithms - AES
Areas for Discussion Cryptographic Algorithms - AES CNPA - Network Security Joseph Spring Department of Computer Science Advanced Encryption Standard 1 Motivation Contenders Finalists AES Design Feistel
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 3.1 Secret Key Cryptography Algorithms Instructor: Dr. Kun Sun Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms?
More informationKey Management and Distribution
2 and Distribution : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l10, Steve/Courses/2015/s2/css441/lectures/key-management-and-distribution.tex,
More informationIDEA, RC5. Modes of operation of block ciphers
C 646 - Lecture 8 IDA, RC5 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th dition, Chapter 6 Block Cipher Operation II. A. Menezes, P. van
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security MAC, HMAC, Hash functions and DSA Vinod Ganapathy Lecture 6 Message Authentication message authentication is concerned with: protecting the integrity of a message validating
More informationEEC-484/584 Computer Networks
EEC-484/584 Computer Networks Lecture 23 wenbing@ieee.org (Lecture notes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of last lecture Introduction to
More informationHomework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING
UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING ENEE 457 Computer Systems Security Instructor: Charalampos Papamanthou Homework 2 Out: 09/23/16 Due: 09/30/16 11:59pm Instructions
More informationENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel
(a) Introduction - recall symmetric key cipher: III. BLOCK CIPHERS k Symmetric Key Cryptography k x e k y yʹ d k xʹ insecure channel Symmetric Key Ciphers same key used for encryption and decryption two
More informationComputer and Data Security. Lecture 3 Block cipher and DES
Computer and Data Security Lecture 3 Block cipher and DES Stream Ciphers l Encrypts a digital data stream one bit or one byte at a time l One time pad is example; but practical limitations l Typical approach
More informationWeek 5: Advanced Encryption Standard. Click
Week 5: Advanced Encryption Standard Click http://www.nist.gov/aes 1 History of AES Calendar 1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty
More informationHOST Cryptography III ECE 525 ECE UNM 1 (1/18/18)
AES Block Cipher Blockciphers are central tool in the design of protocols for shared-key cryptography What is a blockcipher? It is a function E of parameters k and n that maps { 0, 1} k { 0, 1} n { 0,
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard
Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationSolutions to exam in Cryptography December 17, 2013
CHALMERS TEKNISKA HÖGSKOLA Datavetenskap Daniel Hedin DIT250/TDA351 Solutions to exam in Cryptography December 17, 2013 Hash functions 1. A cryptographic hash function is a deterministic function that
More information