Lecture 2: Shared-Key Cryptography
|
|
- Victoria Melton
- 6 years ago
- Views:
Transcription
1 Graduate Course on Computer Security Lecture 2: Cryptography Iliano Cervesato ITT Industries, NRL Washington DC DIMI, Universita di Udine, Italy December 3, 2001
2 Outline of cryptography Symmetric ciphers Block ciphers Stream ciphers Data Encryption Standard () What is a secure cipher? Computer Security: 2 Cryptography 2
3 Confidentiality Implement a virtual trusted channel over an insecure medium E D Computer Security: 2 Cryptography 3
4 Insecure Channels External observer can Read traffic Inject new traffic Erase traffic sometimes Modify traffic sometimes Computer Security: 2 Cryptography 4
5 Classical of Cryptography Encryption Encrypted message (ciphertext) Decryption Message (cleartext, plaintext) E key E, D realize a virtual trusted channel, given key D Message (cleartext, plaintext) Computer Security: 2 Cryptography 5
6 Modern Cryptography Not just about confidentiality! Integrity Digital signatures Hash functions Fair exchange Contract signing Anonymity Electronic cash Electronic voting Computer Security: 2 Cryptography 6
7 A Brief of Cryptography ~2000 years ago: Substitution ciphers A few centuries later: Permutation ciphers Renaissance: Polyalphabetic ciphers 1844: Mechanization 1976: Public-key cryptography Computer Security: 2 Cryptography 7
8 Substitution Ciphers Replace each letter with another Key: substitution table How to break it? Brute force? 26! possibilities (= 4x10 26 ) Count the frequencies of letters, pairs, Arabs had tabulated the Koran by 1412 Ciphertext is enough: ciphertext-only attack Example: QVAQBCWZQRLWDVEFW IAMINDECIPHERABLE A V B E C Z D C E W F G G O Caesar s cipher: H L I Q J N K H L F M A N B O S P R Q I R D S U T Y U K A C B E D F X A Y B Z C V X W M X T Y J Z P Computer Security: 2 Cryptography 8
9 Permutation Ciphers k = Switch letters around by a permutation Example: HELLOWORLD Key: permutation Breakable with ciphertext-only attack LOLHERDLWO Computer Security: 2 Cryptography 9
10 Renaissance Ciphers Use message and key letters for cipher Key: a word (CRYPTO) Example: WHATANICEDAYTODAY CRYPTOCRYPTOCRYPT ZZZJUCLUDTUNWGCQS + (mod 26) Polyalphabetic cipher: Encryption of letter is context-dependent Seed of modern cryptography Computer Security: 2 Cryptography 10
11 Mechanization The Enigma 1844: invention of telegraph Beginning of civilian crypto Rotor machines Key: initial position of rotors Culminate in WW II 1975: AES 1976: Public key cryptography We will examine in some detail Computer Security: 2 Cryptography 11
12 Symmetric Ciphers Encryption box Encrypted message (ciphertext) Decryption box M E X X D M Message (cleartext) k Secret key D k (E k (m)) = m Message (cleartext) Computer Security: 2 Cryptography 12
13 Properties of a Good Cipher D k (E k (m)) = m E, D : {0,1} n x {0,1} l {0,1} n For every k, E k is an injection with inverse D k E k (m) is easy to compute, given m and k D k (x) is easy to compute, given x and k Polynomial in max{n,l} - often linear If x = E k (m), it is hard to find m without k Exponential in min{n,l} Computer Security: 2 Cryptography 13
14 Open Design Kerchoff s Principle (1883) The security of a cryptosystem must not depend on keeping the algorithm secret No security by obscurity Better Lots of smart but innocuous people dissect it Than a single smart malicious Computer Security: 2 Cryptography 14
15 Attack Models x Random Random m, x E k (m) Ciphertext Only Known Plaintext Chosen E k (m) Chosen D k (x) m, x x, m Chosen Plaintext Known Plaintext Good ciphers resist all attack models Computer Security: 2 Cryptography 15
16 Successful Decrypt future messages coded with k Recover k Hard Often not needed! Exploit properties of the cipher See Lecture 5 (WEP) Computer Security: 2 Cryptography 16
17 Sneaky Differential Power Analysis on Obtain the key somehow Network sniffers, worms, backup tapes, Blackmail, bribery, torture, Be careful! Detail: Round 2 Round 3 From Side-channel cryptanalysis Power consumption off-peak computation Encryption time random noise Radiation physical shielding Better implementation and design Computer Security: 2 Cryptography 17
18 Encrypting Long messages Most algorithms operate on fixed sizes E.g. 64 bits for Block ciphers Slice m into m 1,, m n Add padding to last block Use E k to produce x 1,, x n Use D k to recover m 1,, m n Stream ciphers Rely on pseudo-random sequence Computer Security: 2 Cryptography 18
19 Electronic Codebook Mode ECB Any identical block encrypted identically Lots of ciphertext with the same k Dictionary attack m: E k E k E k Attacker records blocks Substitute them back when appropriate Encryption guarantees secrecy, not integrity x: n bits n bits n bits n bits Computer Security: 2 Cryptography 19
20 Exclusive OR Fundamental operation of many ciphers y z y z Properties y y = 0 y 0 = y y 1 = y y z z = y Computer Security: 2 Cryptography 20
21 Cipher Block Chaining CBC Encryption x 1 = E k (m 1 IV) x i = E k (m i x i-1 ) Decryption m 1 = D k (x 1 ) IV Initialization Vector m: IV x: n bits E k n bits E k n bits E k n bits m i = D k (x i ) x i-1 Widely used E.g IPSec Computer Security: 2 Cryptography 21
22 Output Feedback Mode OFB Encryption x i = m i E k (IV) i m: n bits E k E k E k n bits Decryption m i = x i D k (IV) i Initialization Vector IV x: n bits n bits NB: encryption is never applied to m Computer Security: 2 Cryptography 22
23 One-Time Pad E k (m) = m k D k (x) = x k Requires m = k Very fast Perfect secrecy Prob[guessing m] = Prob[guessing m x] k should never be reused again! x 1 = m 1 k x x 2 = m 2 k 1 x 2 = m 1 m 2 k very large for long messages How to distribute it? Computer Security: 2 Cryptography 23
24 Pseudo-Random Bit Generators Deterministic functions RNG : {0,1} n {0,1} Stretch fixed-size seed to an unbounded sequence that looks random Computable approximation of one-time pad Example: RC4 Example: i := 0 i := 0 do forever i := i+1 mod 256 j := j+s[i] mod 256 swap s[i],s[j] t := s[i]+s[j] mod 256 output s[t] Seed: initial value of s Size of state: (2 256 ) 256 Computer Security: 2 Cryptography 24
25 Stream Ciphers One-time pad using a RNG Use k as seed? Reuse problem! E k (m) = m RNG(k) Typical usage (e.g., with ) E k (m) = k (s), m RNG(s) Chose new s each time strong fast Computer Security: 2 Cryptography 25
26 - Data Encryption Standard [NIST/IBM/NSA, released 1975] key Message blocks: 64 bits Keys: 56 bits Cleartext block Ciphertext block Speed Software: 43,000 block/sec ~ 2.7 Mbit/sec Measured on an old at 66MHz OK for files and web pages Too slow for sound and video Hardware: 16.8 million block/sec ~ 1 Gbit/sec High speed Ethernet: 100 Mbit/sec Modem: 56 Kbit/sec Computer Security: 2 Cryptography 26
27 Feistel Networks n bits L 0 : R 0 : n bits f 1,, f k : {0,1} n {0,1} n Round 1 f 1 L 1 : R 1 : Arbitrary functions Not necessarily invertible Round 2 f 2 L k-2 : R k-2 : L i = R i-1 R i = L i-1 f i (R i-1 ) Round k-1 Round k f k-1 L k-1 : R k-1 : f k L k : R k : Computer Security: 2 Cryptography 27
28 Inverting a Feistel Network Theorem For any f 1,, f k : {0,1} n {0,1} n, a Feistel network computes a permutation π : {0,1} n {0,1} n L 0 : R 0 : f 1 L 1 : R 1 : f 2 Inverse: L i-1 = R i f i (L i ) R i-1 = L i Feistel networks convert generic functions into permutations L k-2 : R k-2 : f k-1 L k-1 : R k-1 : f k L k : R k : Computer Security: 2 Cryptography 28
29 Inside cleartext is a Feistel network with rounds π 64 bit cleartext blocks 56 bits key f 1,, f 16 derived from key Initial permutation π (public) Decryption key round Feistel Network π Apply f 16,, f 1 (in reverse order) Same chip 64 ciphertext Computer Security: 2 Cryptography 29
30 The Functions f i x k i 48 bits f i (x) = F(x, k i ) k i derived from k Public key schedule 56 bits r F: {0,1} 32 x {0,1} 48 {0,1} 32 is public 32 bits 48 bits ½ block x expanded to x Public replicator r S-boxes S j are public 6 bits 4 bits where the magic happens Rationale was kept secret Final permutation π is public Shuffles input for next round 6 S 1 6 S 2 6 S 3 6 S 4 6 S 5 6 S 6 6 S 7 6 S π 32 F(x, k i ) Computer Security: 2 Cryptography 30
31 on Exhaustive search Given plaintext m and ciphertext x, with high probability there is a single key k s.t. x = (m,k) Trying 10 6 keys/sec, it takes 2,000 years However 1993, $10 6 homemade supercomputer breaks in 7 hours (CPA) More sophisticated attacks Use properties (e.g. (m,k) = (m,k)) Linear / differential crypto-analysis Computer Security: 2 Cryptography 31
32 Avoiding Exhaustive Search 3 is not a group Given k1, k2, with high probability there is no k3 s.t. E k1 (E k2 (m)) = E k3 (m) for every m 3 k1,k2 (m) = E k1 (D k2 (E k1 (m))) Key length: 112 bits Very popular encryption decryption Computer Security: 2 Cryptography 32
33 How about a 2? 2 k1,k2 (m) = E k1 ( E k2 (m))?? Meet-in-the-middle attack! m E X 1 X 2 X 2 56 m 1 m 2 =? For key length n, D X total work is only 2 n + 2 n = 2 n+1 m 2 56 Try all possible keys Effective key length is just 57 bits! Applies to any encryption algorithm Computer Security: 2 Cryptography 33
34 X encryption X k1,k2,k3 (m) = k1 E k2 (m k3) Key length: *64 = 184 bits However, effective key length is only about 100 bits Computer Security: 2 Cryptography 34
35 AES a Successor to Advanced Encryption Standard 1996: NIST issues public call for proposal Secure for next years Block cipher faster than 3 Variable key lengths (128, 192, 256, bits) Open design 15 algorithms submitted Public (and private) crypto-analysis for 4 years 5 finalists Computer Security: 2 Cryptography 35
36 Oct. 2000: AES Contest Winner Rijndael, by J. Daemen and V. Rijmen Fast (~18-20 cycles to encrypt a byte) Small (98 Kb) Well understood characteristics Bit operations:, shift, Provides good safety (1.33 safety factor) Computer Security: 2 Cryptography 36
37 When is a Cipher Secure? m m E k (_) E k (0) x Polynomial adversary cannot tell a real encryption box from a fake one x Computer Security: 2 Cryptography 37
38 Formal Definition Let E: {0,1} n x {0,1} l {0,1} n A(x m) = 1 iff x = E k (m) A algorithm polynomial in key length l x m = E k (m) E is a secure encryption scheme if polynomial p(_) L s.t. l > L k {0,1} l Pr[A(x m m) = 1] - Pr[A(x 0 m) = 1] < 1/p(l) Computer Security: 2 Cryptography 38
39 Readings Andrea Sgarro, Codici Segreti, 1989 The comprehensive of Secret Communication from Ancient Times to the Internet David Kahn, The Code-Breakers, 1996 A. Menezes, P. van Oorschot and S. Vanstone, The Handbook of Applied Cryptography, 1996 Computer Security: 2 Cryptography 39
40 Exercises for Lecture 2 Find a way to measure the redundancy in the ASCII rendering of English (or Italian) text Prove the invertibility of a Feistel network Why is 3 immune from the meet-inthe-middle attack? Can you explain why 3 uses only 2 keys? What is the cost of breaking y iterated encryptions with different keys? Computer Security: 2 Cryptography 40
41 Next Public-Key Cryptography Computer Security: 2 Cryptography 41
Symmetric Encryption. Thierry Sans
Symmetric Encryption Thierry Sans Design principles (reminder) 1. Kerkoff Principle The security of a cryptosystem must not rely on keeping the algorithm secret 2. Diffusion Mixing-up symbols 3. Confusion
More informationClassical Cryptography. Thierry Sans
Classical Cryptography Thierry Sans Example and definitions of a cryptosystem Caesar Cipher - the oldest cryptosystem A shift cipher attributed to Julius Caesar (100-44 BC) MEET ME AFTER THE TOGA PARTY
More informationComputer Security CS 526
Computer Security CS 526 Topic 4 Cryptography: Semantic Security, Block Ciphers and Encryption Modes CS555 Topic 4 1 Readings for This Lecture Required reading from wikipedia Block Cipher Ciphertext Indistinguishability
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationPractical Aspects of Modern Cryptography
Practical Aspects of Modern Cryptography Lecture 3: Symmetric s and Hash Functions Josh Benaloh & Brian LaMacchia Meet Alice and Bob Alice Bob Message Modern Symmetric s Setup: Alice wants to send a private
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationCryptography III: Symmetric Ciphers
Cryptography III: Symmetric Ciphers Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 14th February 2008 Outline Stream ciphers Block ciphers DES and Rijndael Summary
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationInformation Security CS526
Information CS 526 Topic 3 Ciphers and Cipher : Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA 1 Announcements HW1 is out, due on Sept 10 Start early, late policy is 3 total late days for
More informationCIT 380: Securing Computer Systems. Symmetric Cryptography
CIT 380: Securing Computer Systems Symmetric Cryptography Topics 1. Modular Arithmetic 2. What is Cryptography? 3. Transposition Ciphers 4. Substitution Ciphers 1. Cæsar cipher 2. Vigènere cipher 5. Cryptanalysis:
More informationNetwork Security Essentials Chapter 2
Network Security Essentials Chapter 2 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Encryption What is encryption? Why do we need it? No, seriously, let's discuss this. Why do we need
More informationCrypto: Symmetric-Key Cryptography
Computer Security Course. Song Crypto: Symmetric-Key Cryptography Slides credit: Dan Boneh, David Wagner, Doug Tygar Overview Cryptography: secure communication over insecure communication channels Three
More information7. Symmetric encryption. symmetric cryptography 1
CIS 5371 Cryptography 7. Symmetric encryption symmetric cryptography 1 Cryptographic systems Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) M, plaintext message space C, ciphertext message space K, K, encryption
More informationIntroduction to Cryptography. Lecture 2. Benny Pinkas. Perfect Cipher. Perfect Ciphers. Size of key space
Perfect Cipher Introduction to Cryptography Lecture 2 Benny Pinkas What type of security would we like to achieve? Given C, the adversary has no idea what M is Impossible since adversary might have a-priori
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationIntroduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function
More informationECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #7 Analysis of DES and the AES Standard Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we analyze the security properties of DES and
More informationCIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm
CIS 4360 Introduction to Computer Security Fall 2010 WITH ANSWERS in bold Name:.................................... Number:............ First Midterm Instructions This is a closed-book examination. Maximum
More informationLecture 3: Symmetric Key Encryption
Lecture 3: Symmetric Key Encryption CS996: Modern Cryptography Spring 2007 Nitesh Saxena Outline Symmetric Key Encryption Continued Discussion of Potential Project Topics Project proposal due 02/22/07
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard
Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationBasic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline
CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationLecture 4: Symmetric Key Encryption
Lecture 4: Symmetric ey Encryption CS6903: Modern Cryptography Spring 2009 Nitesh Saxena Let s use the board, please take notes 2/20/2009 Lecture 1 - Introduction 2 Data Encryption Standard Encrypts by
More informationEEC-484/584 Computer Networks
EEC-484/584 Computer Networks Lecture 23 wenbing@ieee.org (Lecture notes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of last lecture Introduction to
More informationECE 646 Lecture 8. Modes of operation of block ciphers
ECE 646 Lecture 8 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5 th and 6 th Edition, Chapter 6 Block Cipher Operation II. A. Menezes, P.
More informationSome Aspects of Block Ciphers
Some Aspects of Block Ciphers Palash Sarkar Applied Statistics Unit Indian Statistical Institute, Kolkata India palash@isical.ac.in CU-ISI Tutorial Workshop on Cryptology, 17 th July 2011 Palash Sarkar
More informationChapter 3 Block Ciphers and the Data Encryption Standard
Chapter 3 Block Ciphers and the Data Encryption Standard Last Chapter have considered: terminology classical cipher techniques substitution ciphers cryptanalysis using letter frequencies transposition
More informationCSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography
CSCI 454/554 Computer and Network Security Topic 2. Introduction to Cryptography Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationPrivate-Key Encryption
Private-Key Encryption Ali El Kaafarani Mathematical Institute Oxford University 1 of 50 Outline 1 Block Ciphers 2 The Data Encryption Standard (DES) 3 The Advanced Encryption Standard (AES) 4 Attacks
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationLecture 2: Secret Key Cryptography
T-79.159 Cryptography and Data Security Lecture 2: Secret Key Cryptography Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi 1 Reminder: Communication Model Adversary Eve Cipher, Encryption
More informationCSCE 813 Internet Security Symmetric Cryptography
CSCE 813 Internet Security Symmetric Cryptography Professor Lisa Luo Fall 2017 Previous Class Essential Internet Security Requirements Confidentiality Integrity Authenticity Availability Accountability
More informationOutline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing
Outline CSCI 454/554 Computer and Network Security Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues Topic 2. Introduction to Cryptography 2 Cryptography Basic Concepts
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationCryptography Functions
Cryptography Functions Lecture 3 1/29/2013 References: Chapter 2-3 Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner Types of Cryptographic Functions Secret (Symmetric)
More informationCryptography III: Symmetric Ciphers
Cryptography III: Symmetric Ciphers Computer Security Lecture 4 David Aspinall School of Informatics University of Edinburgh 26th January 2012 Outline Stream ciphers Block ciphers DES and Rijndael Summary
More informationGoals of Modern Cryptography
Goals of Modern Cryptography Providing information security: Data Privacy Data Integrity and Authenticity in various computational settings. Data Privacy M Alice Bob The goal is to ensure that the adversary
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationStudy Guide to Mideterm Exam
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #7 Professor M. J. Fischer February 20, 2012 Study Guide to Mideterm Exam For the exam, you are responsible
More informationSecurity: Cryptography
Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationIDEA, RC5. Modes of operation of block ciphers
C 646 - Lecture 8 IDA, RC5 Modes of operation of block ciphers Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th dition, Chapter 6 Block Cipher Operation II. A. Menezes, P. van
More informationT H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A. Introduction to Cryptography
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Introduction to Cryptography 1 Module Outline Historical background Classic ciphers One-time pad The Random Oracle model Random functions: Hash
More informationCryptography [Symmetric Encryption]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationCryptography BITS F463 S.K. Sahay
Cryptography BITS F463 S.K. Sahay BITS-Pilani, K.K. Birla Goa Campus, Goa S.K. Sahay Cryptography 1 Terminology Cryptography: science of secret writing with the goal of hiding the meaning of a message.
More informationSyrvey on block ciphers
Syrvey on block ciphers Anna Rimoldi Department of Mathematics - University of Trento BunnyTn 2012 A. Rimoldi (Univ. Trento) Survey on block ciphers 12 March 2012 1 / 21 Symmetric Key Cryptosystem M-Source
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 14: Folklore, Course summary, Exam requirements Ion Petre Department of IT, Åbo Akademi University 1 Folklore on
More informationPRNGs & DES. Luke Anderson. 16 th March University Of Sydney.
PRNGs & DES Luke Anderson luke@lukeanderson.com.au 16 th March 2018 University Of Sydney Overview 1. Pseudo Random Number Generators 1.1 Sources of Entropy 1.2 Desirable PRNG Properties 1.3 Real PRNGs
More informationSecret Key Cryptography (Spring 2004)
Secret Key Cryptography (Spring 2004) Instructor: Adi Shamir Teaching assistant: Eran Tromer 1 Background Lecture notes: DES Until early 1970 s: little cryptographic research in industry and academcy.
More informationSecret Key Algorithms (DES)
Secret Key Algorithms (DES) G. Bertoni L. Breveglieri Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationBlock cipher modes. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 75
Block cipher modes Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 75 Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 76 Block cipher modes Block ciphers (like
More informationP2_L6 Symmetric Encryption Page 1
P2_L6 Symmetric Encryption Page 1 Reference: Computer Security by Stallings and Brown, Chapter 20 Symmetric encryption algorithms are typically block ciphers that take thick size input. In this lesson,
More informationDouble-DES, Triple-DES & Modes of Operation
Double-DES, Triple-DES & Modes of Operation Prepared by: Dr. Mohamed Abd-Eldayem Ref.: Cryptography and Network Security by William Stallings & Lecture slides by Lawrie Brown Multiple Encryption & DES
More informationCIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)
CIS 6930/4930 Computer and Network Security Topic 3.1 Secret Key Cryptography (Cont d) 1 Principles for S-Box Design S-box is the only non-linear part of DES Each row in the S-Box table should be a permutation
More informationCourse Business. Midterm is on March 1. Final Exam is Monday, May 1 (7 PM) Allowed to bring one index card (double sided) Location: Right here
Course Business Midterm is on March 1 Allowed to bring one index card (double sided) Final Exam is Monday, May 1 (7 PM) Location: Right here 1 Cryptography CS 555 Topic 18: AES, Differential Cryptanalysis,
More informationIntroduction to Cryptography. Lecture 3
Introduction to Cryptography Lecture 3 Benny Pinkas March 6, 2011 Introduction to Cryptography, Benny Pinkas page 1 Pseudo-random generator seed s (random, s =n) Pseudo-random generator G Deterministic
More informationCryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi
Cryptographic Primitives A brief introduction Ragesh Jaiswal CSE, IIT Delhi Cryptography: Introduction Throughout most of history: Cryptography = art of secret writing Secure communication M M = D K (C)
More informationIntroduction to Cryptography CS 136 Computer Security Peter Reiher October 9, 2014
Introduction to Cryptography CS 136 Computer Security Peter Reiher October 9, 2014 Page 1 Outline What is data encryption? Cryptanalysis Basic encryption methods Substitution ciphers Permutation ciphers
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationSymmetric Encryption Algorithms
Symmetric Encryption Algorithms CS-480b Dick Steflik Text Network Security Essentials Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Symmetric Cipher Model Plaintext Encryption Algorithm
More informationIntroduction to Cryptography. Lecture 1. Benny Pinkas. Administrative Details. Bibliography. In the Library
Administrative Details Introduction to Cryptography Lecture 1 Benny Pinkas Grade Exam 75% Homework 25% (might include programming) Office hours: Wednesday, 12-13. Email: benny@cs.haifa.ac.il Web page:
More informationIntroduction to Cryptography. Lecture 1
Introduction to Cryptography Lecture 1 Benny Pinkas page 1 1 Administrative Details Grade Exam 75% Homework 25% (might include programming) Office hours: Wednesday, 12-13. Email: benny@cs.haifa.ac.il Web
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Lecture 6 Michael J. Fischer Department of Computer Science Yale University January 27, 2010 Michael J. Fischer CPSC 467b, Lecture 6 1/36 1 Using block ciphers
More informationScanned by CamScanner
Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Symmetric-Key Cryptography CS 161: Computer Security
More informationOutline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Department of Electrical and Computer Engineering Cleveland State University wenbing@ieee.org Outline Review
More informationCRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext
CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public
More informationSubstitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.
Substitution Ciphers, continued 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet. Non-periodic case: Running key substitution ciphers use a known text (in a standard
More informationSecret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34
Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used for both encryption and decryption.
More informationCSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms
CSCI 454/554 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms? Security by
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationCryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái
Cryptography and Network Security Block Ciphers + DES Lectured by Nguyễn Đức Thái Outline Block Cipher Principles Feistel Ciphers The Data Encryption Standard (DES) (Contents can be found in Chapter 3,
More informationIntroduction to Cryptography. Lecture 3
Introduction to Cryptography Lecture 3 Benny Pinkas March 6, 2011 Introduction to Cryptography, Benny Pinkas page 1 Pseudo-random generator seed s (random, s =n) Pseudo-random generator G Deterministic
More informationICT 6541 Applied Cryptography. Hossen Asiful Mustafa
ICT 6541 Applied Cryptography Hossen Asiful Mustafa Basic Communication Alice talking to Bob Alice Bob 2 Eavesdropping Eve listening the conversation Alice Bob 3 Secure Communication Eve listening the
More informationUNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan
UNIT - II Traditional Symmetric-Key Ciphers 1 Objectives To define the terms and the concepts of symmetric key ciphers To emphasize the two categories of traditional ciphers: substitution and transposition
More informationUses of Cryptography
Uses of Cryptography What can we use cryptography for? Lots of things Secrecy Authentication Prevention of alteration Page 1 Cryptography and Secrecy Pretty obvious Only those knowing the proper keys can
More informationIntroduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu
Introduction to Cryptographic Systems Asst. Prof. Mihai Chiroiu Vocabulary In cryptography, cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Decryption
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationHow many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?
Homework 1. Come up with as efficient an encoding as you can to specify a completely general one-to-one mapping between 64-bit input values and 64-bit output values. 2. Token cards display a number that
More informationCryptography Symmetric Encryption Class 2
Cryptography Symmetric Encryption Class 2 Stallings: Ch 3 & 6 Stallings: Ch 4 CEN-5079: 18.January.2018 1 Symmetric Cryptosystems Encryption Key Decryption Key Plaintext Plaintext Encryption Algorithm
More informationStream ciphers. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 91
Stream ciphers Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 91 Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 92 Stream Cipher Suppose you want to encrypt
More informationBlock Ciphers and Data Encryption Standard. CSS Security and Cryptography
Block Ciphers and Data Encryption Standard CSS 322 - Security and Cryptography Contents Block Cipher Principles Feistel Structure for Block Ciphers DES Simplified DES Real DES DES Design Issues CSS 322
More informationTraditional Symmetric-Key Ciphers. A Biswas, IT, BESU Shibpur
Traditional Symmetric-Key Ciphers A Biswas, IT, BESU Shibpur General idea of symmetric-key cipher The original message from Alice to Bob is called plaintext; the message that is sent through the channel
More informationCSC574: Computer & Network Security
CSC574: Computer & Network Security Lecture 3 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr, Patrick McDaniel, and Peng Ning) Modern Cryptography 2 Kerckhoffs Principles Modern cryptosystems
More informationSymmetric-Key Cryptography
Symmetric-Key Cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 13, 2016 Announcements Project due Sept 20 Special guests Alice Bob The attacker (Eve - eavesdropper, Malice) Sometimes Chris
More informationCPS2323. Block Ciphers: The Data Encryption Standard (DES)
Block Ciphers: The Data Encryption Standard (DES) Content Block Ciphers: Constructing Pseudo Random Permutations using confusion/diffusion A call for an industry standard... and the NSA Lucifer and Feistel
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 3.1 Secret Key Cryptography Algorithms Instructor: Dr. Kun Sun Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms?
More informationStream Ciphers An Overview
Stream Ciphers An Overview Palash Sarkar Indian Statistical Institute, Kolkata email: palash@isicalacin stream cipher overview, Palash Sarkar p1/51 Classical Encryption Adversary message ciphertext ciphertext
More informationGeldy : A New Modification of Block Cipher
Geldy : A New Modification of Block Cipher Candy Olivia Mawalim (13513031) School of Electrical Engineering and Informatics Institut Teknologi Bandung Jl. Ganesha 10 Bandung 40132, Indonesia 13513031@std.stei.itb.ac.id
More informationConventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution
Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation
More informationOutline Basics of Data Encryption CS 239 Computer Security January 24, 2005
Outline Basics of Data Encryption CS 239 Computer Security January 24, 2005 What is data encryption? Basic encryption mechanisms Stream and block ciphers Characteristics of good ciphers Page 1 Page 2 Data
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5a January 29, 2013 CPSC 467b, Lecture 5a 1/37 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationBlock ciphers used to encode messages longer than block size Needs to be done correctly to preserve security Will look at five ways of doing this
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2015. Slide: 74 Block ciphers used to encode messages longer than block size Needs to be done correctly to preserve security Will look at five ways
More information