Block Ciphers, DES, 2DES, 3DES
|
|
- Emmeline Lloyd
- 6 years ago
- Views:
Transcription
1 Block Ciphers, DES, 2DES, 3DES Lecture Dr. Muhammad Mubashir Khan December 2017 Department of Computer Science & IT, NED University of Engineering & Technology
2 Stream vs Block Ciphers Both are symmetric key ciphers Stream ciphers process messages a bit or byte at a Nme when en/decrypnng, E.g. RC4, A5/1, A5/2 Block cipher operates on fixed-length groups of bits, called blocks, Well-known block ciphers, E.g. DES, Triple DES, AES
3 Ideal Block Cipher Allows for the maximum number of possible encrypnon mappings from the plaintext to ciphertext block. A 4-bit input produces one of 16 possible input states, which is mapped by the subsntunon cipher into a unique one of 16 possible output states Problems: A small block size (E.g. 4-bits) with key size of 4x2 4= 64 bits is vulnerable to stansncal analysis of the plaintext, as we have in simple subsntunon ciphers A large block size (E.g. 64-bits) requires a key length of 64x2 64= 2 70 bits of key Total of 64 bits key
4 S-P Network Claude Shannon introduced the idea of subsntunonpermutanon S-P networks in 1949 Form a basis of modern block ciphers Introduced the ideas of confusion & diffusion Confusion seeks to make the relanonship between the stansncs of the ciphertext and the value of the encrypnon key as complex as possible Diffusion seeks to make the stansncal relanonship between the plaintext and ciphertext as complex as possible S-P Network consists of: subsntunon (S-box) (improves confusion) permutanon (P-box) (improves diffusion)
5 Feistel Cipher By German-born physicist Horst Feistel A cipher scheme with iterated use of Round funcnon ProperNes: Symmetric Key Cipher Block Cipher Product Cipher Combines mulnple rounds of repeated operanons to achieve high degree of Confusion and Diffusion Bit-shuffling (oben called permutanon boxes or P-boxes) Simple non-linear funcaons (oben called subsntunon boxes or S-boxes) Linear mixing (in the sense of modular algebra) using XOR
6 SubsNtuNon A plaintext block is equally divided into two halves F is a Round funcnon L 1 =R 0 R 1 =L 0 XORF(R 0,K 0 ) R n =L n+1 L n =R n+1 XORF(L n+1,k n ) PermutaNon L 2 =R 1 R 2 =L 1 XORF(R 1,K 1 ) R n-1 =L n L n-1 =R n XORF(L n,k n-1 ) L n+1 =R n R n+1 =L n XORF(R n,k n ) R 0 =L 1 L 0 =R 1 XORF(L 1,K 0 ) Aber Final Interchange Interchange again
7 Feistel Cipher Important Elements The exact realizanon of a Feistel network depends on the choice of the following parameters and design features: 1. Block size - increasing size improves security, but slows cipher, typically 64-bits is considered reasonable 2. Key size - increasing size improves security, makes exhausnve key searching harder, but may slow cipher 3. Number of rounds - increasing number improves security, but slows cipher. Typical size is 16 rounds 4. Subkey generaaon algorithm - greater complexity can make analysis harder, but slows cipher 5. Round funcaon - greater complexity can make analysis harder, but slows cipher 6. Fast sooware en/decrypaon - more recent concern for pracncal use 7. Ease of analysis - for easier validanon & tesnng of strength
8 Note One nice property of a Feistel cipher is that the round-funcnon is always invernble regardless of the choice of F! F needs not be reversible; means it may always have a same constant output for every input without affecnng the proof of encrypnon/ decrypnon process However, in this case it won t be a good encrypnon scheme
9 Data EncrypNon Standard (DES) Selected by the Na4onal Bureau of Standards as an official Federal Informa4on Processing Standard (FIPS) for the United States in 1976 In January, 1999, distributed.net and the Electronic FronNer FoundaNon collaborated to publicly break a DES key in 22 hours and 15 minutes Replaced by Triple DES (TDES or 3DES) 64-bits plaintext block and key size (out of which 56-bits of keys are effecnvely used) Based upon Feistel Structure (which ensures that decrypnon/ encrypnon are very similar processes the only difference is that the subkeys are applied in the reverse order when decrypnng)
10 DES Overall Structure 64-bits input is divided into two halves (Feistel Structure) 16 idenncal stages of processing, termed as rounds IniNal and Final PermutaNon (IP and FP) inverses of each other The F-funcNon scrambles half a block together with part of the key The output from the F-funcNon is then combined with the other half of the block, and the halves are swapped before the next round. 32-bits 32-bits
11 IniNal PermutaNon
12 Final PermutaNon
13 DES Overall Structure 64-bits input is divided into two halves (Feistel Structure) 16 idenncal stages of processing, termed as rounds IniNal and Final PermutaNon (IP and FP) inverses of each other The F-funcAon scrambles half a block together with part of the key The output from the F-funcAon is then combined with the other half of the block, and the halves are swapped before the next round. 32-bits 32-bits
14 The Round FuncNon F! Expansion: 32-bit half-block is expanded to 48 bits using the expansion permutanon (E) Key Mixing: Expansion result is combined with one of sixteen 48-bits sub-keys (one for each round) 48-bits block is divided into eight 6-bits pieces SubsAtuAon: Each 6-bits input is subsntuted by 4-bits output according to non-linear transformanon (provided in the form of a Lookup-Table) PermutaAon: the 32-bits outputs from the S-boxes are rearranged according to a fixed permutanon, the P-box. 48-bits
15 Expansion FuncNon (E) The expansion funcnon is interpreted as for the ininal and final permutanons. Note that some bits from the input are duplicated at the output; e.g. the first bit of the input is duplicated in both the second and forty-eighth bit of the output. Thus, the 32-bit half-block is expanded to 48 bits
16 The Round FuncNon F! 48-bits SubsAtuAon: Each 6-bits input is subsntuted by 4-bits output according to non-linear transformanon (provided in the form of a Lookup-Table)
17 Substitution Eight S-boxes each map 6 to 4 bits Each S-box is specified as a unique 4x16 table each row is a permutation of 0-15 (0000 à 1111) outer bits 1 & 6 of input are used to select one of the four rows inner 4 bits of input are used to select a column S Row 10 Column 1011 Table for S
18 The Round FuncNon F! 48-bits PermutaAon: the 32-bits outputs from the S-boxes are rearranged according to a fixed permutanon, the P-box.
19 PermutaNon (P) P
20 The Round FuncNon F! IniNally we had a 64-bits key. 48-bits Where this 48-bits key came from???
21 Key Scheduling (Key generanon for each of 16 Round) 56 bits of the key are selected from the ininal 64 by Permuted Choice 1 (PC-1) The 56 bits are then divided into two 28-bit halves both halves are rotated leb by one or two bits 48 subkey bits are selected by Permuted Choice 2 (PC-2) 24 bits from the leb half, and 24 from the right. The rotanons (denoted by "<<<" in the diagram) mean that a different set of bits is used in each subkey 1 or 2 Leb Rotate
22 Permuted Choice1 (PC1) Leb side subsntunon Table for PC Right side subsntunon Table for PC
23 Leb RotaNon for each round Round No. No. of RotaAons
24 Permuted Choice2 (PC2) Table for PC
25 Avalanche Effect in DES Minor change in the (plaintext or key) results in a big (reasonable) change in the ciphertext. A good cryptosystem with greater diffusion and confusion results strong Avalanche Effect. (E.g. DES) 1 bit change in the plaintext (on average) affects 34 bits in the ciphertext 1 bit change in the Key (on average) affects 35 bits in the ciphertext
26 DES is not secure now! Key Size (bits) Number of Alternative Keys Time required at 1 decryption /µs Time required at 10 6 decryptions /µs 56-bits 2 56 = µs = 1142 years hours Practical DES Crackers The first DES Challenge was solved in 96 days by the DESCHALL Project led by Rocke Verser in Colorado. EFF DES cracker won RSA Laboratory s DES Challenge II-2 by successfully finding a DES key in 56 hours. (nicknamed "Deep Crack ) 29 circuit boards of 64 chips each Cost: US$250,000 Key search speed over 90 billion keys / second two-sided DES Cracker circuit board fiped with 64 Deep Crack chips
27 Finding the solution We simply need to increase the key size of DES to defend a brute force attack Is it worth to apply DES twice (2-Des) or thrice (3-DES)? Applying DES twice with two keys (K 1 and K 2 ) 56-bits each Encryption: C = E K2 (E K1 (P)) Decryption: P = D K1 (D K2 (C)) Key size: 56 x 2 = 112 bits = different keys Apparently much secure against brute force attack P E K1 (P) X E K2 (X) C Are we really safe now???
28 Verifying the security of 2DES Walk in the opposite direcnons and Meet in the Middle AssumpNon: Given a know (plaintext, ciphertext) sample encrypted with the same Key 1. Encrypt P with all 2 56 possible keys and store all X s in a table 2. Decrypt C with all 2 56 possible keys and store all X s in another table 3. Try find the exact mach of X s in the two tables 4. If a match found then use the corresponding keys as K1 and K2 to decrypt the actual ciphertext 5. If works then it takes O(2 56 ) to break 2-DES which is nearly same as breaking the simple DES P E Ki (P) E K1 (P) K 1 X i X E K2 (X) K 2 X j D Kj (C) C
29 Trying 3 DES P E K1 (P) X E K2 (X) E K3 (Y) C Y We simply add another DES round in 2DES making it 3DES Is it worth to apply DES thrice (3-DES)? Meet-in-the-Middle attack will extremely difficult if X and Y are not known Encryption: C = E K3 (E K2 (E K1 (P))) Decryption: P = D K1 (D K2 (D K3 (C))) Key size: 56 x 3 = 168 bits = different keys Apparently much secure against brute force attack (currently no practical attack is know) PGP and S/MIME (internet applications) use 3DES with 3-keys
30 Different Key Options If all keys are same then 3DES = DES Encryption: C = E K1 (D K1 (E K1 (P))) = E K1 (P) Decryption: P = D K1 (C) No pracncal apacks are known on 2-keys implementanon P E K1 (P) X D K2 (X) Y E K1 (Y) C If using two different keys as shown above then Encryption: C = E K1 (D K2 (E K1 (P))) Decryption: P = D K1 (E K2 (D K1 (P))) Still very secure (harder to break because of forward-reverse-forward process ) Key size = 112 à Key space
31 Message Padding The plaintext message is broken into blocks, P 1, P 2, P 3,... Most probably the last block remains incomplete Needs some extra bits (padding bits) to complete the block Several padding schemes To add null bytes to the plaintext to bring its length up to a multiple of the block size To add number indicating the size of the pad To a number indicating the size of the plaintext The last two schemes may require an extra block.
32 Block Ciphers Modes of Operation The way in which the block cipher scheme is implemented 1. ECB (Electronic Code Book) 2. CBC (Cipher Block Chaining) 3. PCBC (PropagaNng Cipher Block Chaining) 4. CFB (Cipher Feedback) 5. OFB (Output Feedback) 6. CTR (Counter)
33 ECB - Electronic Code Book idenncal plaintext blocks are encrypted into idenncal ciphertext blocks
34 ECB - Disadvantages Same (repennve) encrypted informanon can be observed very easily SuscepNble to replay apacks Does not hide papern informanon. Encrypted with ECB Not recommended to use in security protocols ApplicaAons: ü Encrypt small amount of informanon ü Temporary encrypnon keys Encrypted with other modes
35 CBC Cipher Block Chaining Most commonly used mode of operanon Invented by IBM in 1976 Repeated plaintext blocks are encrypted differently. EncrypAon is sequenaal (i.e., it cannot be parallelized) bcz every Nme C i-1 is needed for C i IV must be known to both the sender & receiver. IV is either a fixed value or is sent encrypted in ECB mode before the rest of ciphertext. Each ciphertext block is dependent on all plaintext blocks processed up to that point.
36 CBC - DecrypNon DecrypNng with the incorrect IV causes the first block of plaintext to be corrupt but subsequent plaintext blocks will be correct. A plaintext block can be recovered from two adjacent blocks of ciphertext. As a consequence, decrypaon can be parallelized.
37 PropagaNng cipher-block chaining (PCBC) EncrypNon PCBC is used in Kerberos v4
38 PropagaNng cipher-block chaining (PCBC) DecrypNon if two adjacent ciphertext blocks are interchanged, this does not affect the decrypnon of subsequent blocks.
39 Cipher Feedback (CFB) EncrypNon
40 Cipher Feedback (CFB) Same EncrypNon Algorithms for DecrypNon DecrypNon
41 Stream Cipher ImplementaNon of CFB Using the Block Cipher (e.g. DES) as a Stream Cipher Eliminates the need to pad a Message to be an integral number of Blocks Can be operated in real Nme (e.g. a stream of characters) Plaintext is divided into segments s of any length less than the block-size b The input to the encrypnon funcnon is a b-bit shib register that is ininally set to IV A sequence of keys k1, k2, k3 is generated each of size s- bits
42 Stream Cipher ImplementaNon of CFB Input is a b-bit shib-register that is ininally set to IV EncrypNon process S-bits are shibed leb Lebmost s-bits serve as a key for the first round, which is XORed with plaintext segment k 1 k 2 s-bits ciphertext segment = P 1 (xor) S s ( E(K,IV) ) S s means s-bits from leb side (msb)
43 Stream Cipher ImplementaNon of CFB DecrypNon process Same process except C is XORed with K 1 instead of P k 1 k 2 s-bits plaintext segment = C 1 (xor) S s ( E(K,IV) ) S s means s-bits from leb side (msb)
44 Stream Cipher ImplementaNon of CFB Disadvantage: Bit errors in the transmission of C 1 propagate to the following ciphertext segments C 2, C 3 Advantage: Less vulnerable to message stream modificanon apack because a minor modificanon in a single cipher segment propagates to many following segments (easy to detect)
45 Output Feedback (OFB) Same as CFB Mode except that the Output of the encrypnon funcnon is fed to the input of the shib register EncrypNon process Shib Register Shib Register Shib Register S-bits from msb S-bits from msb S-bits from msb
46 Output Feedback (OFB) Same EncrypNon FuncNon is applied to generate keys k 1, k 2, DecrypNon process Shib Register Shib Register Shib Register S-bits from msb S-bits from msb S-bits from msb
47 Output Feedback (OFB) Advantage: Bit errors in the transmission of C 1 do not propagate to the following ciphertext segments C 2, C 3 Disadvantage: Vulnerable to message stream modificanon apack because Eve can modify bits in a cipher segment to modify the corresponding plaintext segment A clever Eve may apply necessary changes in the checksum pornon of the message to hide modificanon detecnon
48 Counter Mode (CTR) ApplicaAons: ATM (Asynchronous Transfer Mode) network security, IPSec, Features: Any block can be processed without following the cipher block sequence (No chaining) Different Counter value for every (plaintext/ciphertext) block Similar EncrypNon/DecrypNon processes (Simple Structure) Parallel EncrypNon/DecrypNon of blocks is possible (Improves Hardware/ Sobware efficiency) Beper processing throughput if the outputs of counter execunon are prepared in advance DecrypNon key scheduling needs not be implemented (Same EncrypNon/ DecrypNon algorithms)
49 IniNalized to some value Incremented by 1 or any number Incremente d by 1 or any number P 1 O 1 P 2 O 2 P n O n C 1 = P 1 O 1 C 2 = P 2 O 2 C n = P n O n Same sequence of counters as for encrypnon O 1 O 2 O n C 1 C 2 C n P 1 = C 1 O 1 P 2 = C 2 O 2 P n = C n O n From NIST SP800-38A RecommendaNon
50 Assignment / Homework
Chapter 3 Block Ciphers and the Data Encryption Standard
Chapter 3 Block Ciphers and the Data Encryption Standard Last Chapter have considered: terminology classical cipher techniques substitution ciphers cryptanalysis using letter frequencies transposition
More informationSymmetric Encryption Algorithms
Symmetric Encryption Algorithms CS-480b Dick Steflik Text Network Security Essentials Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Symmetric Cipher Model Plaintext Encryption Algorithm
More informationModern Symmetric Block cipher
Modern Symmetric Block cipher 81 Shannon's Guide to Good Ciphers Amount of secrecy should determine amount of labour appropriate for encryption and decryption The set of keys and enciphering algorithm
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.2 Secret Key Cryptography CSC 474/574 Dr. Peng Ning 1 Agenda Generic block cipher Feistel cipher DES Modes of block ciphers Multiple encryptions Message
More informationBlock Ciphers and Data Encryption Standard. CSS Security and Cryptography
Block Ciphers and Data Encryption Standard CSS 322 - Security and Cryptography Contents Block Cipher Principles Feistel Structure for Block Ciphers DES Simplified DES Real DES DES Design Issues CSS 322
More information6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 6 Block Ciphers 6.1 Block Ciphers Block Ciphers Plaintext is divided into blocks of fixed length and every block is encrypted one at a time. A block cipher is a
More informationSymmetric Cryptography. Chapter 6
Symmetric Cryptography Chapter 6 Block vs Stream Ciphers Block ciphers process messages into blocks, each of which is then en/decrypted Like a substitution on very big characters 64-bits or more Stream
More informationDouble-DES, Triple-DES & Modes of Operation
Double-DES, Triple-DES & Modes of Operation Prepared by: Dr. Mohamed Abd-Eldayem Ref.: Cryptography and Network Security by William Stallings & Lecture slides by Lawrie Brown Multiple Encryption & DES
More informationCHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))
CHAPTER 6. SYMMETRIC CIPHERS Multiple encryption is a technique in which an encryption algorithm is used multiple times. In the first instance, plaintext is converted to ciphertext using the encryption
More informationNetwork Security Essentials Chapter 2
Network Security Essentials Chapter 2 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Encryption What is encryption? Why do we need it? No, seriously, let's discuss this. Why do we need
More informationModern Block Ciphers
Modern Block Ciphers now look at modern block ciphers one of the most widely used types of cryptographic algorithms provide secrecy /authentication services focus on DES (Data Encryption Standard) to illustrate
More information3 Symmetric Cryptography
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 3 Symmetric Cryptography Symmetric Cryptography Alice Bob m Enc c = e k (m) k c c Dec m = d k (c) Symmetric cryptography uses the same secret key k for encryption
More informationSymmetric Encryption. Thierry Sans
Symmetric Encryption Thierry Sans Design principles (reminder) 1. Kerkoff Principle The security of a cryptosystem must not rely on keeping the algorithm secret 2. Diffusion Mixing-up symbols 3. Confusion
More informationNetwork Security. Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar
Network Security Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar Modern Block Ciphers now look at modern block ciphers one of the most widely used types
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationCENG 520 Lecture Note III
CENG 520 Lecture Note III Symmetric Ciphers block ciphers process messages in blocks, each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process
More informationCryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái
Cryptography and Network Security Block Ciphers + DES Lectured by Nguyễn Đức Thái Outline Block Cipher Principles Feistel Ciphers The Data Encryption Standard (DES) (Contents can be found in Chapter 3,
More informationBlock Cipher Operation. CS 6313 Fall ASU
Chapter 7 Block Cipher Operation 1 Outline q Multiple Encryption and Triple DES q Electronic Codebook q Cipher Block Chaining Mode q Cipher Feedback Mode q Output Feedback Mode q Counter Mode q XTS-AES
More informationCIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)
CIS 6930/4930 Computer and Network Security Topic 3.1 Secret Key Cryptography (Cont d) 1 Principles for S-Box Design S-box is the only non-linear part of DES Each row in the S-Box table should be a permutation
More informationCS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES
CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES PREPARED BY R.CYNTHIA PRIYADHARSHINI AP/IT/SREC Block Ciphers A block cipher is an encryption/decryption scheme in which a block of plaintext is treated
More informationECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #7 Analysis of DES and the AES Standard Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we analyze the security properties of DES and
More informationIntroduction to Cryptography. Lecture 2. Benny Pinkas. Perfect Cipher. Perfect Ciphers. Size of key space
Perfect Cipher Introduction to Cryptography Lecture 2 Benny Pinkas What type of security would we like to achieve? Given C, the adversary has no idea what M is Impossible since adversary might have a-priori
More informationChapter 6: Contemporary Symmetric Ciphers
CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 6: Contemporary Symmetric Ciphers Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Why Triple-DES?
More informationConventional Encryption: Modern Technologies
Conventional Encryption: Modern Technologies We mentioned that the statistical weakness in substitution ciphers is that they don t change the frequency of alphabetic letters. For example, if a substitution
More informationComputer and Data Security. Lecture 3 Block cipher and DES
Computer and Data Security Lecture 3 Block cipher and DES Stream Ciphers l Encrypts a digital data stream one bit or one byte at a time l One time pad is example; but practical limitations l Typical approach
More informationCSC574: Computer & Network Security
CSC574: Computer & Network Security Lecture 3 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr, Patrick McDaniel, and Peng Ning) Modern Cryptography 2 Kerckhoffs Principles Modern cryptosystems
More information7. Symmetric encryption. symmetric cryptography 1
CIS 5371 Cryptography 7. Symmetric encryption symmetric cryptography 1 Cryptographic systems Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) M, plaintext message space C, ciphertext message space K, K, encryption
More informationChapter 6 Contemporary Symmetric Ciphers
Chapter 6 Contemporary Symmetric Ciphers "I am fairly familiar with all the forms of secret writings, and am myself the author of a trifling monograph upon the subject, in which I analyze one hundred and
More informationSymmetric Cryptography
CSE 484 (Winter 2010) Symmetric Cryptography Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials...
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard
Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationSecret Key Cryptography
Secret Key Cryptography General Block Encryption: The general way of encrypting a 64-bit block is to take each of the: 2 64 input values and map it to a unique one of the 2 64 output values. This would
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationCryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working
More informationICT 6541 Applied Cryptography. Hossen Asiful Mustafa
ICT 6541 Applied Cryptography Hossen Asiful Mustafa Encryption & Decryption Key (K) Plaintext (P) Encrypt (E) Ciphertext (C) C = E K (P) Same Key (K) Ciphertext (C) Decrypt (D) Plaintext (P) P = D K (C)
More informationStudy and Analysis of Symmetric Key-Cryptograph DES, Data Encryption Standard
Study and Analysis of Symmetric Key-Cryptograph DES, Data Encryption Standard Dr Atul Gonsai #1, Naimish Kakkad *2, Bhargavi Goswami $3, Dr Nikesh Shah @4 # Department of MCA, Saurashtra University, @
More informationLecture 4: Symmetric Key Encryption
Lecture 4: Symmetric ey Encryption CS6903: Modern Cryptography Spring 2009 Nitesh Saxena Let s use the board, please take notes 2/20/2009 Lecture 1 - Introduction 2 Data Encryption Standard Encrypts by
More informationP2_L6 Symmetric Encryption Page 1
P2_L6 Symmetric Encryption Page 1 Reference: Computer Security by Stallings and Brown, Chapter 20 Symmetric encryption algorithms are typically block ciphers that take thick size input. In this lesson,
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationApplied Cryptography Data Encryption Standard
Applied Cryptography Data Encryption Standard Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1 History DES has a checkered history. The book provided fascinating reading
More informationBlock Encryption and DES
Block Encryption and DES Plain Text Block 1 Block 2 Block 3 Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationIntroduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function
More informationLecture 3: Symmetric Key Encryption
Lecture 3: Symmetric Key Encryption CS996: Modern Cryptography Spring 2007 Nitesh Saxena Outline Symmetric Key Encryption Continued Discussion of Potential Project Topics Project proposal due 02/22/07
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationHomework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING
UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING ENEE 457 Computer Systems Security Instructor: Charalampos Papamanthou Homework 2 Out: 09/23/16 Due: 09/30/16 11:59pm Instructions
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationPrivate-Key Encryption
Private-Key Encryption Ali El Kaafarani Mathematical Institute Oxford University 1 of 50 Outline 1 Block Ciphers 2 The Data Encryption Standard (DES) 3 The Advanced Encryption Standard (AES) 4 Attacks
More informationModes of Operation. Raj Jain. Washington University in St. Louis
Modes of Operation Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at : http://www.cse.wustl.edu/~jain/cse567-06/
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationPractical Aspects of Modern Cryptography
Practical Aspects of Modern Cryptography Lecture 3: Symmetric s and Hash Functions Josh Benaloh & Brian LaMacchia Meet Alice and Bob Alice Bob Message Modern Symmetric s Setup: Alice wants to send a private
More informationNew Kid on the Block Practical Construction of Block Ciphers. Table of contents
New Kid on the Block Practical Construction of Block Ciphers Foundations of Cryptography Computer Science Department Wellesley College Fall 2016 Table of contents Introduction Substitution-permutation
More informationCryptography [Symmetric Encryption]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Secret Key Cryptography Block cipher DES 3DES
More informationDarshan Institute of Engineering & Technology Page Information Security (IS) UNIT-2 Conventional Encryption Techniques
Q 1. Draw and explain Feistel s structure for encryption and decryption. The exact realization of Feistel network depends on the choice of which parameters? Feistel cipher is based on the idea that instead
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Lecture 6 Michael J. Fischer Department of Computer Science Yale University January 27, 2010 Michael J. Fischer CPSC 467b, Lecture 6 1/36 1 Using block ciphers
More informationLecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 24
Assume encryption and decryption use the same key. Will discuss how to distribute key to all parties later Symmetric ciphers unusable for authentication of sender Lecturers: Mark D. Ryan and David Galindo.
More informationSecret Key Cryptography Overview
Secret Key Cryptography Overview Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc01_07/ Block ciphers
More informationLecture 3: Block Ciphers and the Data Encryption Standard. Lecture Notes on Computer and Network Security. by Avi Kak
Lecture 3: Block Ciphers and the Data Encryption Standard Lecture Notes on Computer and Network Security by Avi Kak (kak@purdue.edu) January 12, 2013 11:13am c 2013 Avinash Kak, Purdue University Goals:
More informationSymmetric Cryptography. CS4264 Fall 2016
Symmetric Cryptography CS4264 Fall 2016 Correction: TA Office Hour Stefan Nagy (snagy2@vt.edu) Office hour: Thursday Friday 10-11 AM, 106 McBryde Hall 2 Slides credit to Abdou Illia RECAP AND HIGH-LEVEL
More informationSymmetric key cryptography
The best system is to use a simple, well understood algorithm which relies on the security of a key rather than the algorithm itself. This means if anybody steals a key, you could just roll another and
More informationBlock Ciphers and Stream Ciphers. Block Ciphers. Stream Ciphers. Block Ciphers
Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2... M N. Then, each block M i is encrypted to the ciphertext block C i = K (M i ), and
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's code, principally with
More informationIntroduction to Modern Symmetric-Key Ciphers
Introduction to Modern Symmetric-Key Ciphers 1 Objectives Review a short history of DES. Define the basic structure of DES. List DES alternatives. Introduce the basic structure of AES. 2 Data Encryption
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 5 More About Block Ciphers Israel Koren ECE597/697 Koren Part.5.1 Content of this
More informationUNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan
UNIT - II Traditional Symmetric-Key Ciphers 1 Objectives To define the terms and the concepts of symmetric key ciphers To emphasize the two categories of traditional ciphers: substitution and transposition
More informationThe Rectangle Attack
The Rectangle Attack and Other Techniques for Cryptanalysis of Block Ciphers Orr Dunkelman Computer Science Dept. Technion joint work with Eli Biham and Nathan Keller Topics Block Ciphers Cryptanalysis
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 5 More About Block Ciphers ver. November 26, 2010 Last modified 10-2-17
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 6 January 25, 2012 CPSC 467b, Lecture 6 1/46 Byte padding Chaining modes Stream ciphers Symmetric cryptosystem families Stream ciphers
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationEncryption DES. Dr.Talal Alkharobi. The Data Encryption Standard (DES)
DES The Data Standard (DES) 2 A block cipher selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally.
More informationCryptography Symmetric Encryption Class 2
Cryptography Symmetric Encryption Class 2 Stallings: Ch 3 & 6 Stallings: Ch 4 CEN-5079: 18.January.2018 1 Symmetric Cryptosystems Encryption Key Decryption Key Plaintext Plaintext Encryption Algorithm
More informationGeldy : A New Modification of Block Cipher
Geldy : A New Modification of Block Cipher Candy Olivia Mawalim (13513031) School of Electrical Engineering and Informatics Institut Teknologi Bandung Jl. Ganesha 10 Bandung 40132, Indonesia 13513031@std.stei.itb.ac.id
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationBlock Ciphers and the Data Encryption Standard (DES) Modified by: Dr. Ramzi Saifan
Block Ciphers and the Data Encryption Standard (DES) Modified by: Dr. Ramzi Saifan Block ciphers Keyed, invertible Large key space, large block size A block of plaintext is treated as a whole and used
More informationSymmetric Cryptography CS461/ECE422
Symmetric Cryptography CS461/ECE422 1 Outline Overview of Cryptosystem design Commercial Symmetric systems DES AES Modes of block and stream ciphers 2 Reading Section 2.4-2.6 and 12.2 in Security in Computing
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationHow many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?
Homework 1. Come up with as efficient an encoding as you can to specify a completely general one-to-one mapping between 64-bit input values and 64-bit output values. 2. Token cards display a number that
More informationIntroduction to Cryptography. Lecture 3
Introduction to Cryptography Lecture 3 Benny Pinkas March 6, 2011 Introduction to Cryptography, Benny Pinkas page 1 Pseudo-random generator seed s (random, s =n) Pseudo-random generator G Deterministic
More informationMaking and Breaking Ciphers
Making and Breaking Ciphers Ralph Morelli Trinity College, Hartford (ralph.morelli@trincoll.edu) Smithsonian Institute October 31, 2009 2009 Ralph Morelli You are free to reuse and remix this presentation
More informationCSCE 813 Internet Security Symmetric Cryptography
CSCE 813 Internet Security Symmetric Cryptography Professor Lisa Luo Fall 2017 Previous Class Essential Internet Security Requirements Confidentiality Integrity Authenticity Availability Accountability
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously on COS 433 Pseudorandom Permutations unctions that look like random permutations Syntax: Key space K (usually {0,1}
More informationPRNGs & DES. Luke Anderson. 16 th March University Of Sydney.
PRNGs & DES Luke Anderson luke@lukeanderson.com.au 16 th March 2018 University Of Sydney Overview 1. Pseudo Random Number Generators 1.1 Sources of Entropy 1.2 Desirable PRNG Properties 1.3 Real PRNGs
More informationSymmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.
Symmetric Key Algorithms Definition A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting. 1 Block cipher and stream cipher There are two main families
More informationCSc 466/566. Computer Security. 6 : Cryptography Symmetric Key
1/56 CSc 466/566 Computer Security 6 : Cryptography Symmetric Key Version: 2012/02/22 16:14:16 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg
More informationConventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution
Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationBlock Cipher Operation
Block Cipher Operation Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 6-1 Overview 1. Double DES, Triple
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationUsing block ciphers 1
Using block ciphers 1 Using block ciphers DES is a type of block cipher, taking 64-bit plaintexts and returning 64-bit ciphetexts. We now discuss a number of ways in which block ciphers are employed in
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 8 September 28, 2015 CPSC 467, Lecture 8 1/44 Chaining Modes Block chaining modes Extending chaining modes to bytes Public-key Cryptography
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 14: Folklore, Course summary, Exam requirements Ion Petre Department of IT, Åbo Akademi University 1 Folklore on
More informationBlock Ciphers Introduction
Technicalities Block Models Block Ciphers Introduction Orr Dunkelman Computer Science Department University of Haifa, Israel March 10th, 2013 Orr Dunkelman Cryptanalysis of Block Ciphers Seminar Introduction
More informationIntroduction to Cryptography. Lecture 3
Introduction to Cryptography Lecture 3 Benny Pinkas March 6, 2011 Introduction to Cryptography, Benny Pinkas page 1 Pseudo-random generator seed s (random, s =n) Pseudo-random generator G Deterministic
More informationComputational Security, Stream and Block Cipher Functions
Computational Security, Stream and Block Cipher Functions 18 March 2019 Lecture 3 Most Slides Credits: Steve Zdancewic (UPenn) 18 March 2019 SE 425: Communication and Information Security 1 Topics for
More informationSecret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34
Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used for both encryption and decryption.
More informationCryptographic Algorithms - AES
Areas for Discussion Cryptographic Algorithms - AES CNPA - Network Security Joseph Spring Department of Computer Science Advanced Encryption Standard 1 Motivation Contenders Finalists AES Design Feistel
More informationCIS 6930/4930 Computer and Network Security. Project requirements
CIS 6930/4930 Computer and Network Security Project requirements Project Requirement Form a team of 3 people to complete the course project. The project has 100pts + 20pts (extra credit) Report requirement:
More information