A Brief Outlook at Block Ciphers
|
|
- Morgan Bond
- 5 years ago
- Views:
Transcription
1 A Brief Outlook at Block Ciphers Pascal Junod École Polytechnique Fédérale de Lausanne, Suisse CSA 03, Rabat, Maroc,
2 Content Generic Concepts DES / AES Cryptanalysis of Block Ciphers Provable Security CSA 03, 10 septembre 2003, Rabat, Maroc i
3 Block Cipher P e C d P K K CSA 03, 10 septembre 2003, Rabat, Maroc ii
4 Block Cipher (2) Deterministic, invertible function: e : {0, 1} n K {0, 1} n d : {0, 1} n K {0, 1} n The function is parametered by a key K. Mapping an n-bit plaintext P to an n-bit ciphertext C: C = e K (P ) The function must be a bijection for a fixed key. CSA 03, 10 septembre 2003, Rabat, Maroc iii
5 Product Ciphers and Iterated Block Ciphers A product cipher combines two or more transformations in a manner intending that the resulting cipher is (hopefully) more secure than the individual components. An iterated block cipher is a block cipher involving the sequential repetition of an internal function f called a round function. Parameters include the number of rounds r, the block bit size n and the bit size k of the input key K from which r subkeys k i (called round keys) are derived. For invertibility purposes, the round function f is a bijection on the round input for each value k i. CSA 03, 10 septembre 2003, Rabat, Maroc iv
6 Product Ciphers and Iterated Block Ciphers (2) P K f k1 f k2 f k r C CSA 03, 10 septembre 2003, Rabat, Maroc v
7 Good and Bad Block Ciphers Flexibility Throughput Estimated Security Level CSA 03, 10 septembre 2003, Rabat, Maroc vi
8 Data Encryption Standard (DES) American standard from ( ). Designed by a team of IBM. Iterated block cipher with 64-bit block size, 56-bit key size. High-level structure is a Feistel scheme. CSA 03, 10 septembre 2003, Rabat, Maroc vii
9 Feistel Scheme F CSA 03, 10 septembre 2003, Rabat, Maroc viii
10 DES f-function S 1 S 2 S 3 S 4 S 5 S 6 S 7 S 8 CSA 03, 10 septembre 2003, Rabat, Maroc ix
11 Advanced Encryption Standard (AES) Competitive basis 15 candidates 5 finalists: Rijndael, Serpent, Twofish, Mars, RC6 Rijndael has become the AES Encrypts 128-bit blocks under 128-, 192- and 256-bit keys. CSA 03, 10 septembre 2003, Rabat, Maroc x
12 AES Substitution-Permutation Network Write the data as a 4 4 matrix over elements of GF(2 8 ): x 1,1 x 1,2 x 1,3 x 1,4 x 2,1 x 2,2 x 2,3 x 2,4 x 3,1 x 3,2 x 3,3 x 3,4 x 4,1 x 4,2 x 4,3 x 4,4 4 main operations: key addition, SubBytes, ShiftRows, MixColumns CSA 03, 10 septembre 2003, Rabat, Maroc xi
13 AES (2) rounds (depends on the key length) SubBytes: inversion operation in GF(2 8 ) followed by an affine application on GF(2) 8. MixColumns: linear (4, 4)-multipermutation on GF(2 8 ) 4. ShiftRows: row-wise rotation of the matrix components. CSA 03, 10 septembre 2003, Rabat, Maroc xii
14 AES (3) Plus de détails sur AES lors des travaux pratiques de demain! CSA 03, 10 septembre 2003, Rabat, Maroc xiii
15 Speed Name Key Size Cycles / byte on an Intel P3 RC CAST Nimbus Khazad Hierocrypt Nush Misty IDEA DES KASUMI Skipjack SAFER Triple-DES CS-Cipher CSA 03, 10 septembre 2003, Rabat, Maroc xiv
16 Speed (2) Name Key Size Cycles / byte on an Intel P3 RC Nush Twofish Mars AES SC Camellia Anubis Serpent SAFER Hierocrypt CSA 03, 10 septembre 2003, Rabat, Maroc xv
17 Kerkhoffs Principle The adversary knows all details of the encrypting and decrypting processes, except for the value of the secret key. CSA 03, 10 septembre 2003, Rabat, Maroc xvi
18 Attack Models Global Deduction Local Deduction Information Deduction Distinguishing Attack CSA 03, 10 septembre 2003, Rabat, Maroc xvii
19 Attack Scenarii Ciphertext-Only Attack Known-Plaintext Attack Chosen-Plaintext Attack Non-Adaptive vs. Adaptive Attacks CSA 03, 10 septembre 2003, Rabat, Maroc xviii
20 Generic Attacks Exhaustive Key Search (related to the key size) Ciphertext-Matching Attack (related to the block size) Hellman s Time-Memory Tradeoff CSA 03, 10 septembre 2003, Rabat, Maroc xix
21 Differential Cryptanalysis Chosen-plaintext attack (re-) discovered by Biham and Shamir (1990). Looks at ciphertext pairs whose corresponding plaintexts have a particular difference: (P, P + ) (C, C + ). Last-round attack concept. CSA 03, 10 septembre 2003, Rabat, Maroc xx
22 Differential Cryptanalysis (2) Since then, many variants have been described. Truncated, impossible, high-order differential cryptanalysis. Boomerang attack, rectangle attack CSA 03, 10 septembre 2003, Rabat, Maroc xxi
23 Linear Cryptanalysis Invented by Matsui in 1993, based on ideas of Gilbert et al.. Known-plaintext attack. Looks at equation of the type a P b C = c K One expects that the above equation is probabilistically biased. CSA 03, 10 septembre 2003, Rabat, Maroc xxii
24 Other Attacks Differential-Linear Cryptanalysis Integral Cryptanalysis Interpolation Attack Statistical Attacks CSA 03, 10 septembre 2003, Rabat, Maroc xxiii
25 Algebraic Attacks Shannon (1949) stated that the break of a block cipher should require as much work as solving a system of simultaneous equations in a large number of unknowns of a complex type. Overdefined systems (AES) (papers of Courtois, Pieprzyk, Murphy, Robshaw...) Actual (real) complexity of the known solving algorithms remains at this time an open problem. Ongoing, exciting research field! CSA 03, 10 septembre 2003, Rabat, Maroc xxiv
26 Attacks against the Key-Schedule Algorithm Linear Factors Related-Key Attacks Slide Attacks Weak Keys CSA 03, 10 septembre 2003, Rabat, Maroc xxv
27 Provable Security Theoretical Notions of Security Linear, Differential Cryptanalysis Luby-Rackoff Model Decorrelation Theory CSA 03, 10 septembre 2003, Rabat, Maroc xxvi
28 Luby-Rackoff Model Distinguisher δ: computationally unbounded Turing machine. Oracle Ω implements a permutation on {0, 1} n. C vs. C The distinguisher can submit a bounded number of queries to Ω and ultimately outputs a decision bit. CSA 03, 10 septembre 2003, Rabat, Maroc xxvii
29 Luby-Rackoff Model (2) Advantage: Adv n δ (C, C ) = Pr [δ(x) = 1] Pr [δ(x) = 1] C C Best Advantage BestAdv n (C, C ) = max δ Adv n δ (C, C ) A security proof means that one is able to provide an acceptable upper bound on BestAdv n (C, C ) for a given block cipher C. CSA 03, 10 septembre 2003, Rabat, Maroc xxviii
30 Luby-Rackoff Model (3) Feistel scheme is the most studied one in the Luby-Rackoff model. For 4 rounds or more, a random Feistel scheme is secure against knownplaintext attacks. For 7 rounds or more, a random Feistel scheme is secure against chosenplaintext attacks. For 10 rounds or more, a random Feistel scheme is secure against chosenplaintext and chosen-ciphertext attacks. CSA 03, 10 septembre 2003, Rabat, Maroc xxix
31 Decorrelation Theory Constructive Security Framework proposed by Vaudenay (1998). Based on the Luby-Rackoff model. Central concept is the decorrelation matrix of order d of a random function F : [F ] d (x 1,...,x d ),(y 1,...,y d ) = Pr K [F (x 1) = y 1... F (x d ) = y d ] CSA 03, 10 septembre 2003, Rabat, Maroc xxx
32 Decorrelation Theory (2) Given the decorrelation matrix of a random function F, one can compare it to a canonical function F using the concept of decorrelation bias: Dec d (F ) = [F ] d (x 1,...,x d ),(y 1,...,y d ) [F ] d (x 1,...,x d ),(y 1,...,y d ) Idea: find a matrix distance meaning something in terms of security! Link to the best advantage of any adaptive distinguisher limited to d queries through the following distance: M a max max max M (x1,...,x x 1 x 2 x d )(y 1,...,y d ) d y d y 1 y 2 CSA 03, 10 septembre 2003, Rabat, Maroc xxxi
33 Decorrelation Theory (3) Theorem 1 BestAdv d (F, F ) = 1 2 [F ] d (x 1,...,x d ),(y 1,...,y d ) [ F ] d (x1,...,x d ),(y 1,...,y d ) a CSA 03, 10 septembre 2003, Rabat, Maroc xxxii
34 Decorrelation Theory (4) Concept of decorrelation modules. DFC, candidate for the AES contest. CSA 03, 10 septembre 2003, Rabat, Maroc xxxiii
35 Future Perspectives New designs, new attacks. Study of generic attacks. Provable security for block ciphers!? CSA 03, 10 septembre 2003, Rabat, Maroc xxxiv
36 Related Topics Stream Ciphers Modes of Encryption Combined primitives (confidentiality + authentication) CSA 03, 10 septembre 2003, Rabat, Maroc xxxv
37 More Information Proceedings of Crypto, Eurocrypt, Asiacrypt, Fast Software Encryption (FSE), Selected Areas in Cryptography (SAC), and other conferences published in Springer s Lecture Notes in Computer Science. CSA 03, 10 septembre 2003, Rabat, Maroc xxxvi
38 Merci! Homepage: Homepage of my lab: CSA 03, 10 septembre 2003, Rabat, Maroc xxxvii
39 Questions?
CROSS-REFERENCE TABLE ASME A Including A17.1a-1997 Through A17.1d 2000 vs. ASME A
CROSS-REFERENCE TABLE ASME Including A17.1a-1997 Through A17.1d 2000 vs. ASME 1 1.1 1.1 1.1.1 1.2 1.1.2 1.3 1.1.3 1.4 1.1.4 2 1.2 3 1.3 4 Part 9 100 2.1 100.1 2.1.1 100.1a 2.1.1.1 100.1b 2.1.1.2 100.1c
More informationFew Other Cryptanalytic Techniques
Few Other Cryptanalytic Techniques Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Boomerang Attack
More informationWeek 5: Advanced Encryption Standard. Click
Week 5: Advanced Encryption Standard Click http://www.nist.gov/aes 1 History of AES Calendar 1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationSelected Areas in Cryptography 04 University of Waterloo (Canada), August 9, 2004
ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE Selected Areas in Cryptography 04 University of Waterloo (Canada), August 9, 2004 Outline of this talk of the ciphers results issues Do we really need new block
More informationGoals of Modern Cryptography
Goals of Modern Cryptography Providing information security: Data Privacy Data Integrity and Authenticity in various computational settings. Data Privacy M Alice Bob The goal is to ensure that the adversary
More informationLecture 2: Secret Key Cryptography
T-79.159 Cryptography and Data Security Lecture 2: Secret Key Cryptography Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi 1 Reminder: Communication Model Adversary Eve Cipher, Encryption
More informationComp527 status items. Crypto Protocols, part 2 Crypto primitives. Bart Preneel July Install the smart card software. Today
Comp527 status items Crypto Protocols, part 2 Crypto primitives Today s talk includes slides from: Bart Preneel, Jonathan Millen, and Dan Wallach Install the smart card software Bring CDs back to Dan s
More informationDifferential-Linear Cryptanalysis of Serpent
Differential-Linear Cryptanalysis of Serpent Eli Biham 1, Orr Dunkelman 1, and Nathan Keller 2 1 Computer Science Department, Technion, Haifa 32000, Israel {biham,orrd}@cs.technion.ac.il 2 Mathematics
More informationBlock Ciphers. Lucifer, DES, RC5, AES. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk Block Ciphers 1
Block Ciphers Lucifer, DES, RC5, AES CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk Block Ciphers 1 ... Block Ciphers & S-P Networks Block Ciphers: Substitution ciphers
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5 January 23, 2012 CPSC 467b, Lecture 5 1/35 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationCourse Business. Midterm is on March 1. Final Exam is Monday, May 1 (7 PM) Allowed to bring one index card (double sided) Location: Right here
Course Business Midterm is on March 1 Allowed to bring one index card (double sided) Final Exam is Monday, May 1 (7 PM) Location: Right here 1 Cryptography CS 555 Topic 18: AES, Differential Cryptanalysis,
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5a January 29, 2013 CPSC 467b, Lecture 5a 1/37 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationAttacks on Advanced Encryption Standard: Results and Perspectives
Attacks on Advanced Encryption Standard: Results and Perspectives Dmitry Microsoft Research 29 February 2012 Design Cryptanalysis history Advanced Encryption Standard Design Cryptanalysis history AES 2
More informationA Meet-in-the-Middle Attack on 8-Round AES
A Meet-in-the-Middle Attack on 8-Round AES Hüseyin Demirci 1 and Ali Aydın Selçuk 2 1 Tübitak UEKAE, 41470 Gebze, Kocaeli, Turkey huseyind@uekae.tubitak.gov.tr 2 Department of Computer Engineering Bilkent
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Secret Key Cryptography Block cipher DES 3DES
More informationA Methodology for Differential-Linear Cryptanalysis and Its Applications
A Methodology for Differential-Linear Cryptanalysis and Its Applications Jiqiang Lu Presenter: Jian Guo Institute for Infocomm Research, Agency for Science, Technology and Research, 1 Fusionopolis Way,
More informationElastic Block Ciphers: The Feistel Cipher Case
Elastic Block Ciphers: The Feistel Cipher Case Debra L. Cook Moti Yung Angelos D. Keromytis Department of Computer Science Columbia University, New York, NY dcook,moti,angelos @cs.columbia.edu Technical
More informationLinear Cryptanalysis of Reduced Round Serpent
Linear Cryptanalysis of Reduced Round Serpent Eli Biham 1, Orr Dunkelman 1, and Nathan Keller 2 1 Computer Science Department, Technion Israel Institute of Technology, Haifa 32000, Israel, {biham,orrd}@cs.technion.ac.il,
More informationIntroduction to PTC Windchill MPMLink 11.0
Introduction to PTC Windchill MPMLink 11.0 Overview Course Code Course Length TRN-4754-T 16 Hours In this course, you will learn how to complete basic Windchill MPMLink functions. You will learn about
More informationThe Rectangle Attack
The Rectangle Attack and Other Techniques for Cryptanalysis of Block Ciphers Orr Dunkelman Computer Science Dept. Technion joint work with Eli Biham and Nathan Keller Topics Block Ciphers Cryptanalysis
More informationBlock Ciphers Introduction
Technicalities Block Models Block Ciphers Introduction Orr Dunkelman Computer Science Department University of Haifa, Israel March 10th, 2013 Orr Dunkelman Cryptanalysis of Block Ciphers Seminar Introduction
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 7 September 23, 2015 CPSC 467, Lecture 7 1/1 Advanced Encryption Standard AES Alternatives CPSC 467,
More informationUnderstanding Cryptography by Christof Paar and Jan Pelzl. Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 2009
Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 29 These slides were prepared by Daehyun Strobel, Christof
More informationComputer and Data Security. Lecture 3 Block cipher and DES
Computer and Data Security Lecture 3 Block cipher and DES Stream Ciphers l Encrypts a digital data stream one bit or one byte at a time l One time pad is example; but practical limitations l Typical approach
More informationCertificate Program. Introduction to Microsoft Excel 2013
Certificate Program We offer online education programs designed to provide the workforce skills necessary to enter a new field or advance your current career. Our Online Career Training Programs in the
More informationData Encryption Standard
ECE 646 Lecture 7 Data Encryption Standard Required Reading W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationInformation Security CS526
Information CS 526 Topic 3 Ciphers and Cipher : Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA 1 Announcements HW1 is out, due on Sept 10 Start early, late policy is 3 total late days for
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2018
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2018 Previously on COS 433 Confusion/Diffusion Paradigm f 1 f 2 f 3 f 4 f 5 f 6 Round π 1 f 7 f 8 f 9 f 10 f 11 f 12 π 2 Substitution
More informationPrivate-Key Encryption
Private-Key Encryption Ali El Kaafarani Mathematical Institute Oxford University 1 of 50 Outline 1 Block Ciphers 2 The Data Encryption Standard (DES) 3 The Advanced Encryption Standard (AES) 4 Attacks
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 4 The Advanced Encryption Standard (AES) Israel Koren ECE597/697 Koren Part.4.1
More informationNew Attacks against Reduced-Round Versions of IDEA
New Attacks against Reduced-Round Versions of IDEA Pascal Junod École Polytechnique Fédérale de Lausanne Switzerland pascal@junod.info Abstract. In this paper, we describe a sequence of simple, yet efficient
More informationIntroduction to Creo Elements/Direct 19.0 Modeling
Introduction to Creo Elements/Direct 19.0 Modeling Overview Course Code Course Length TRN-4531-T 3 Day In this course, you will learn the basics about 3-D design using Creo Elements/Direct Modeling. You
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationImproved Truncated Differential Attacks on SAFER
Improved Truncated Differential Attacks on SAFER Hongjun Wu * Feng Bao ** Robert H. Deng ** Qin-Zhong Ye * * Department of Electrical Engineering National University of Singapore Singapore 960 ** Information
More informationAES Advanced Encryption Standard
AES Advanced Encryption Standard AES is iterated block cipher that supports block sizes of 128-bits and key sizes of 128, 192, and 256 bits. The AES finalist candidate algorithms were MARS, RC6, Rijndael,
More informationCryptanalysis of Block Ciphers: A Survey
UCL Crypto Group Technical Report Series Cryptanalysis of Block Ciphers: A Survey Francois-Xavier Standaert, Gilles Piret, Jean-Jacques Quisquater REGARDS GROUPE http://www.dice.ucl.ac.be/crypto/ Technical
More informationComputer Security CS 526
Computer Security CS 526 Topic 4 Cryptography: Semantic Security, Block Ciphers and Encryption Modes CS555 Topic 4 1 Readings for This Lecture Required reading from wikipedia Block Cipher Ciphertext Indistinguishability
More informationData Encryption Standard
ECE 646 Lecture 6 Data Encryption Standard Required Reading: I. W. Stallings, "Cryptography and Network-Security," 5th Edition, Chapter 3: Block Ciphers and the Data Encryption Standard Chapter 6.1: Multiple
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationIntroduction to Cryptology. Lecture 17
Introduction to Cryptology Lecture 17 Announcements HW7 due Thursday 4/7 Looking ahead: Practical constructions of CRHF Start Number Theory background Agenda Last time SPN (6.2) This time Feistel Networks
More informationIntroduction to Windchill PDMLink 10.2 for the Implementation Team
Introduction to Windchill PDMLink 10.2 for the Implementation Team Overview Course Code Course Length TRN-4262-T 2 Days In this course, you will learn how to complete basic Windchill PDMLink functions.
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationFOX : a New Family of Block Ciphers
FOX : a New Family of Block Ciphers Pascal Junod and Serge Vaudenay École Polytechnique Fédérale de Lausanne (Switzerland) {pascal.junod, serge.vaudenay}@epfl.ch Abstract. In this paper, we describe the
More informationElastic Block Ciphers: The Feistel Cipher Case
Elastic Block Ciphers: The Feistel Cipher Case Debra L. Cook Moti Yung Angelos D. Keromytis Department of Computer Science Columbia University, New York, NY dcook,moti,angelos @cs.columbia.edu Technical
More informationWeak Keys of the Full MISTY1 Block Cipher for Related-Key Cryptanalysis
3. 2 13.57 Weak eys for a Related-ey Differential Attack Weak eys of the Full MISTY1 Block Cipher for Related-ey Cryptanalysis Institute for Infocomm Research, Agency for Science, Technology and Research,
More informationLecture 3: Symmetric Key Encryption
Lecture 3: Symmetric Key Encryption CS996: Modern Cryptography Spring 2007 Nitesh Saxena Outline Symmetric Key Encryption Continued Discussion of Potential Project Topics Project proposal due 02/22/07
More informationDierential-Linear Cryptanalysis of Serpent? Haifa 32000, Israel. Haifa 32000, Israel
Dierential-Linear Cryptanalysis of Serpent Eli Biham, 1 Orr Dunkelman, 1 Nathan Keller 2 1 Computer Science Department, Technion. Haifa 32000, Israel fbiham,orrdg@cs.technion.ac.il 2 Mathematics Department,
More informationAndale Store Getting Started Manual
Andale Store Getting Started Manual CHAPTER 1 : INTRODUCTION AND WELCOME 3 1. LOG INTO YOUR ACCOUNT 3 CHAPTER 2 : DESIGN CENTER 3 1. CREATE YOUR DESIGN LAYOUT 4 1.1 Choose a Style 4 1.2 Choose a Font 5
More informationShop Manager Help. Version 5
Version 5 Contents I Table of Contents Foreword 0 Part I Overview 4 Part II ToolBar 5 Part III Login to Server 6 Part IV LogOut from Server 8 Part V Print Mount Report for Current Wheelset 9 Part VI Preview
More informationKey Separation in Twofish
Twofish Technical Report #7 Key Separation in Twofish John Kelsey April 7, 2000 Abstract In [Mur00], Murphy raises questions about key separation in Twofish. We discuss this property of the Twofish key
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously on COS 433 Pseudorandom Permutations unctions that look like random permutations Syntax: Key space K (usually {0,1}
More informationLecture 4: Symmetric Key Encryption
Lecture 4: Symmetric ey Encryption CS6903: Modern Cryptography Spring 2009 Nitesh Saxena Let s use the board, please take notes 2/20/2009 Lecture 1 - Introduction 2 Data Encryption Standard Encrypts by
More informationOn the Design of Secure Block Ciphers
On the Design of Secure Block Ciphers Howard M. Heys and Stafford E. Tavares Department of Electrical and Computer Engineering Queen s University Kingston, Ontario K7L 3N6 email: tavares@ee.queensu.ca
More informationDesign of block ciphers
Design of block ciphers Joan Daemen STMicroelectronics and Radboud University University of Zagreb Zagreb, Croatia, March 23, 2016 1 / 49 Outline 1 Data Encryption Standard 2 Wide Trail Strategy 3 Rijndael
More informationIntegral Cryptanalysis of the BSPN Block Cipher
Integral Cryptanalysis of the BSPN Block Cipher Howard Heys Department of Electrical and Computer Engineering Memorial University hheys@mun.ca Abstract In this paper, we investigate the application of
More informationCryptographic Algorithms - AES
Areas for Discussion Cryptographic Algorithms - AES CNPA - Network Security Joseph Spring Department of Computer Science Advanced Encryption Standard 1 Motivation Contenders Finalists AES Design Feistel
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 6: Advanced Encryption Standard (AES) Ion Petre Department of IT, Åbo Akademi University 1 Origin of AES 1999: NIST
More informationIntroduction to Modern Symmetric-Key Ciphers
Introduction to Modern Symmetric-Key Ciphers 1 Objectives Review a short history of DES. Define the basic structure of DES. List DES alternatives. Introduce the basic structure of AES. 2 Data Encryption
More informationBlock Ciphers and Stream Ciphers. Block Ciphers. Stream Ciphers. Block Ciphers
Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2... M N. Then, each block M i is encrypted to the ciphertext block C i = K (M i ), and
More informationSymmetric Cryptography. Chapter 6
Symmetric Cryptography Chapter 6 Block vs Stream Ciphers Block ciphers process messages into blocks, each of which is then en/decrypted Like a substitution on very big characters 64-bits or more Stream
More informationAutomatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES, Camellia, Khazad and Others
Automatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES, Camellia, Khazad and Others Alex Biryukov and Ivica Nikolić University of Luxembourg {alex.biryukov,ivica.nikolic}uni.lu
More informationAutomatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers
Automatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers 1 June 2010 1 Block Ciphers 2 The tool 3 Applications 4 Conclusion Basics P Block cipher E K (P) Input: Plaintext
More informationReport on Present State of CIPHERUNICORN-A Cipher Evaluation (full evaluation)
Report on Present State of CIPHERUNICORN-A Cipher Evaluation (full evaluation) January 28, 2002 Masayuki Kanda, Member Symmetric-Key Cryptography Subcommittee 1 CIPHERUNICORN-A CIPHERUNICORN-A was presented
More informationAnalysis of Involutional Ciphers: Khazad and Anubis
Analysis of Involutional Ciphers: Khazad and Anubis Alex Biryukov Katholieke Universiteit Leuven, Dept. ESAT/COSIC, Leuven, Belgium abiryuko@esat.kuleuven.ac.be Abstract. In this paper we study structural
More informationEncryption DES. Dr.Talal Alkharobi. The Data Encryption Standard (DES)
DES The Data Standard (DES) 2 A block cipher selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally.
More information7. Symmetric encryption. symmetric cryptography 1
CIS 5371 Cryptography 7. Symmetric encryption symmetric cryptography 1 Cryptographic systems Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) M, plaintext message space C, ciphertext message space K, K, encryption
More informationSymmetric Key Encryption. Symmetric Key Encryption. Advanced Encryption Standard ( AES ) DES DES DES 08/01/2015. DES and 3-DES.
Symmetric Key Encryption Symmetric Key Encryption and 3- Tom Chothia Computer Security: Lecture 2 Padding Block cipher modes Advanced Encryption Standard ( AES ) AES is a state-of-the-art block cipher.
More informationChapter 3 Block Ciphers and the Data Encryption Standard
Chapter 3 Block Ciphers and the Data Encryption Standard Last Chapter have considered: terminology classical cipher techniques substitution ciphers cryptanalysis using letter frequencies transposition
More informationPresented by: Kevin Hieb May 2, 2005
Presented by: Kevin Hieb May 2, 2005 Governments National Finances National Security Citizens Companies Data Loss Monetary Loss Individuals Identity Theft Data Loss Networks Firewalls Intrusion Detection
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.2 Secret Key Cryptography CSC 474/574 Dr. Peng Ning 1 Agenda Generic block cipher Feistel cipher DES Modes of block ciphers Multiple encryptions Message
More informationEvaluation of security level of CLEFIA
Evaluation of security level of CLEFIA An anonymous reviewer Version 1.0 January 25, 2011 1 Evaluation of security level of CLEFIA 1 Contents Executive Summary 3 References 4 1 Introduction 8 2 CLEFIA
More informationSoftware Performance Characterization of Block Cipher Structures Using S-boxes and Linear Mappings
Software Performance Characterization of Block Cipher Structures Using S-boxes and Linear Mappings Lu Xiao 1 and Howard M. Heys 2 1 QUALCOMM Incorporated, lxiao@qualcomm.com 2 Electrical and Computer Engineering,
More informationDATA STRUCTURES AND ALGORITHMS
LECTURE 14 Babeş - Bolyai University Computer Science and Mathematics Faculty 2017-2018 In Lecture 13... AVL Trees Binary Search Trees AVL Trees Today AVL Trees 1 AVL Trees 2 AVL Trees Definition: An AVL
More informationSymmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.
Symmetric Key Algorithms Definition A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting. 1 Block cipher and stream cipher There are two main families
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationEncryption Details COMP620
Encryption Details COMP620 Encryption is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government It s hard to think of a more
More informationAnalysis of MARS. January 12, 2001
Analysis of MARS January 12, 2001 Executive Summary This report presents the results of a limited evaluation of the block cipher MARS. No important weaknesses or flaws were found on MARS. The round function
More informationA Related Key Attack on the Feistel Type Block Ciphers
International Journal of Network Security, Vol.8, No.3, PP.221 226, May 2009 221 A Related Key Attack on the Feistel Type Block Ciphers Ali Bagherzandi 1,2, Mahmoud Salmasizadeh 2, and Javad Mohajeri 2
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University February 8 2018 Review CPA-secure construction Security proof by reduction
More informationA Related-Key Attack on TREYFER
The Second International Conference on Emerging Security Information, Systems and Technologies A Related-ey Attack on TREYFER Aleksandar ircanski and Amr M Youssef Computer Security Laboratory Concordia
More informationSome Aspects of Block Ciphers
Some Aspects of Block Ciphers Palash Sarkar Applied Statistics Unit Indian Statistical Institute, Kolkata India palash@isical.ac.in CU-ISI Tutorial Workshop on Cryptology, 17 th July 2011 Palash Sarkar
More informationLecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 24
Assume encryption and decryption use the same key. Will discuss how to distribute key to all parties later Symmetric ciphers unusable for authentication of sender Lecturers: Mark D. Ryan and David Galindo.
More informationSurvey questions. Winter Tracking Survey 2012 Final Topline 02/22/2012 Data for January 20 February 19, p e w i n t e r n e t.
Survey questions Winter Tracking Survey 2012 Final Topline 02/22/2012 Data for January 20 February 19, 2012 Princeton Survey Research Associates International for the Pew Research Center s Internet & American
More informationAdvanced Encryption Standard
Advanced Encryption Standard Vincent Rijmen Institute for Applied Information Processing and Communications (IAIK) - Krypto Group Faculty of Computer Science Graz University of Technology Outline Modern
More informationCryptography and Network Security
Cryptography and Network Security CRYPTOGRAPHY AND NETWORK SECURITY PRAKASH C. GUPTA Former Head Department of Information Technology Maharashtra Institute of Technology Pune Delhi-110092 2015 CRYPTOGRAPHY
More informationFAQ for PVRTV-305U. Copyright KWorld Computer Co., Ltd. All rights are reserved. November 9, 2007
FAQ for PVRTV-305U Copyright 2007. KWorld Computer Co., Ltd. All rights are reserved. November 9, 2007 (1) May I use this same TV tuner card worldwide?...1 (2) If I want to use Windows Vista Media Center
More informationAAM Guide for Authors
ISSN: 1932-9466 AAM Guide for Authors Application and Applied Mathematics: An International Journal (AAM) invites contributors from throughout the world to submit their original manuscripts for review
More information"Charting the Course... SharePoint 2007 Hands-On Labs Course Summary
Course Summary Description This series of 33 hands-on labs allows students to explore the new features of Microsoft SharePoint Server, Microsoft Windows, Microsoft Office, including Microsoft Office Groove,
More informationWeek 4. : Block Ciphers and DES
Week 4. : Block Ciphers and DES Model of Symmetric Cryptosystem Cryptanalyst Adversary M K E Insecure Channel D Plaintext M Ciphertext C Secure Channel Plaintext M Key K Shared Secret Key C = E K (M) D
More informationWeak Keys. References
Weak Keys The strength of the encryption function E K (P) may differ significantly for different keys K. If for some set WK of keys the encryption function is much weaker than for the others this set is
More informationDATA STRUCTURES AND ALGORITHMS
LECTURE 14 Babeş - Bolyai University Computer Science and Mathematics Faculty 2017 In Lecture 13... AVL Trees Binary Search Trees AVL Trees Today AVL Trees 1 AVL Trees 2 AVL Trees Definition: An AVL (Adelson-Velskii
More informationVolunteer Registration Instructions
Volunteer Registration Instructions Follow these steps to register as a volunteer: a) Go to the official WYD web page: www.panama2019.pa/en/home b) Click on the menu, then on Registration, then on Volunteers.
More informationCryptography Functions
Cryptography Functions Lecture 3 1/29/2013 References: Chapter 2-3 Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner Types of Cryptographic Functions Secret (Symmetric)
More informationInternational Journal for Research in Applied Science & Engineering Technology (IJRASET) Performance Comparison of Cryptanalysis Techniques over DES
Performance Comparison of Cryptanalysis Techniques over DES Anupam Kumar 1, Aman Kumar 2, Sahil Jain 3, P Kiranmai 4 1,2,3,4 Dept. of Computer Science, MAIT, GGSIP University, Delhi, INDIA Abstract--The
More informationCryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working
More informationSecurity Analysis of Extended Sponge Functions. Thomas Peyrin
Security Analysis of Extended Sponge Functions Hash functions in cryptology: theory and practice Leiden, Netherlands Orange Labs University of Versailles June 4, 2008 Outline 1 The Extended Sponge Functions
More informationSafehome Project. Analysis Model Prepared by Inyoung Kim Donghan Jang <TEAM 6> KAIST CS350 Introduction to Software Engineering
Safehome Project Analysis Model 2015.5.6 Prepared by Inyoung Kim Donghan Jang KAIST CS350 Introduction to Software Engineering 1 Bootup Feature 1.1 Use case diagram Picture 1: Bootup use case
More information