7. Symmetric encryption. symmetric cryptography 1
|
|
- Alyson Williamson
- 5 years ago
- Views:
Transcription
1 CIS 5371 Cryptography 7. Symmetric encryption symmetric cryptography 1
2 Cryptographic systems Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) M, plaintext message space C, ciphertext message space K, K, encryption and decryption key spaces G : N K K, K key generation algorithm E : M K C, encryption algorithm D : C K M, decryption algorithm G,E,D must be efficient symmetric cryptography 2
3 Examples Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) Substitution Cipher: M = C = Z 26, with K=K The encryption algorithm is a mapping E k :M C -- E k (x) = (x), where k K is the key. The dencryption algorithm is a mapping D k :M C -- D k (y) = -1 (y). Shift Cipher: M = C = K = K = Z 26, with -- E k (x) = x + k mod D k (y) = y k mod26 where x,y Z 26 symmetric cryptography 3
4 Examples Examples Polyalphabetic ciphers: a plaintext message can be y p p p g encrypted into any ciphertext Vigenere cipher e k i m Ke u t s r q p o n m l k j i h g f e d c b a z y x w v y h p a r g o t p y r Plaintext e k i m Key t x e t n i a l p c t x e t r e h p i c y e k t x e t n i a l p symmetric cryptography 4 c r x m v q w f t i z o Ciphertext
5 Vernam cipher the one-time pad M = C = K = K = {0,1} n, n > 1. The keys k = k 1,k 2,, k n are selected at random in K with uniform distribution. Encryption is bit by bit at a time, with each ciphertext bit obtained by XORing each message bit with the corresponding key bit. Decryption is the same as encryption since the XOR operation is its own inverse. The special case when M = C = K = K = {0,1}*, and the key is only used once (one-time key) gives us a cipher with a strong security property: perfect secrecy. symmetric cryptography 5
6 Transposition (permutation) cipher Example M = C = (Z 26 ) m, m > 1, K=K is the set of all permutations of {1,,m}. For a key (permutation) -- e (x 1,, x m ) = (x (1),, x m) ) -- d (y 1,,yy m ) = (y (1),, y (1)) where (1) is the inverse of symmetric cryptography 6
7 Structure t of classical l ciphers Classical ciphers are based on: Substitution and Transposition. This is also the basis for modern ciphers symmetric cryptography 7
8 Cryptanalysis: y attacks on cryptosystems Ciphertext only attacks: the opponent possesses a string of ciphertexts: y 1,y 2, Known plaintext attack: the opponent possesses a string of plaintexts x 1,x 2, and the corresponding string of ciphertexts: y 1,y 2, symmetric cryptography 8
9 Usefulness of classical l ciphers Cryptanalysis of substitution ciphers: Known plaintext attack - easy to get the keys Ciphertext only attack -- use statistical properties of the language. Cryptanalysis of polyalphabetic (Vigenere) cipher: Known plaintext attack - easy to get the keys Ciphertext only attack -- use statistical: properties of the language. symmetric cryptography 9
10 Requirements for secure use of classical l ciphers The notion of information-theoretic cryptographic security was developed by Shannon and requires that: K M k U K and is used only once in each encryption This kind of security is not practical for most applications. symmetric cryptography 10
11 The one-time-pad -- Perfect secrecy Assume that there is a distribution on P, K. Then the plaintext and the keys are chosen with a certain probability. bili That is we have: Pr[x = x] and Pr[k = k], where x, k are random variables (r.v. s). symmetric cryptography 11
12 The one-time-pad -- Perfect secrecy The probability bili distribution ib i on P and K induces a distribution on C, for which: Pr [y = y] = k: y=e k (x), x P k For this distribution we have, Pr [k = k] Pr [x = d k (y)] Pr [x, y] = Pr [x = x] Pr [k = k] k: x=d k (y) symmetric cryptography 12
13 Perfect secrecy c Ui Using Bayes theorem we get: Pr [ x = x y = y] = Pr [x = x] Pr [k = k] K: x=d K (y) Pr [k = k] Pr [x = d k (y)] k: y=e k (x), x P this symmetric cryptography 13
14 Perfect secrecy Definition: iti We have perfect secrecy if: Pr[x = x y = y] = Pr[x = x], for all x P, y C. symmetric cryptography 14
15 Perfect secrecy Theorem The One-Time-Pad provides perfect secrecy. Proof We have: Pr [k = k] = 1 / K, and for each x P, y C there is exactly one key k with y = e k (x). symmetric cryptography 15
16 Perfect secrecy Proof (continued) Then Pr [y = y] = Pr [k = k] Pr [x = d k (y)] k: y=e k (x), x P = 1 / K Pr [x = d k (y)] k: y=ek (x), x P = 1/ K. symmetric cryptography 16
17 Perfect secrecy Proof (continued) Using Bayes theorem: Pr [x=x y=y] = Pr [y=y x=x] Pr [x=x] /Pr[y=y] = Pr [k=k] Pr [x=x] / Pr [y=y] We have just seen that: Pr [k=k] = Pr[y=y]. It follows that: Pr [x=x y=y] = Pr [x=x], so we have perfect secrecy. symmetric cryptography 17
18 Iterating Block ciphers 1. Key schedule (Binary) key k round keys: k 1,..., k Nr, 2. Round dfunction g w r = g(w r-1, k r ), where w r-1 is the previous state symmetric cryptography 18
19 Iterated cipher Encryption operation: w 0 x w 1 = g(w 0, k 1 ), w 2 = g(w 1, k 2 ), w Nr = g(w Nr-1, k Nr ), y w Nr symmetric cryptography 19
20 Iterated t cipher For decryption we must have: g(.,k) must be invertible for all k Then decryption is the reverse of encryption (bottom-up) symmetric cryptography 20
21 DES DESi is a special iltype of fiterated tdcipher ih called llda Feistel cipher. Block length 64 bits Key length 56 bits Ciphertext length 64 bits symmetric cryptography 21
22 DES The round function is: where g ([L i-1,r i-1 ]), K i ) = (L i, R i ), L i = R i-11 and R i = L i-11 XOR f (R i-1 1,K i ). symmetric cryptography 22
23 DES round encryption symmetric cryptography 23
24 DES inner function symmetric cryptography 24
25 DES computation path symmetric cryptography 25
26 One DES Round 64 bit input 32 bit R n 32 bit L n Inner Function K n + 32 bit L n+1 32 bit R n+1 64 bit output symmetric cryptography 26
27 Inner Function Combine 32bit input and d48bi bit key into 32 bit output Expand 32 bit input to 48 bits XOR the 48 bit key with the expanded 48 bit input Apply the S-boxes to the 48 bit input to produce 32 bit output Permute the resulting 32 bits symmetric cryptography 27
28 Inner Function Expand 32 bit input to 48 bits by adding a bit to the front and the end of each 4 bit segment. These bits are taken from adjacent bits. This String Notice several bit values are repeated: 4, 5, 8, 9, 28, 29, etc. Becomes this String symmetric cryptography 28
29 S Boxes There are 8 different S-Boxes, 1 for each chunk S-box process maps 6 bit input to 4 bit output S box performs substitution on 4 bits There are 8 possible substitutions in each S box Inner 4 bits are fed into an S box Outer 2 bits determine which substitution is used symmetric cryptography 29
30 S Boxes Use bits 1 & 6 to select the row Bits 2-5 to select the substitution symmetric cryptography 30
31 DES: The Initial and Final Permutations There is also an initial and a final permutation: the final permutation is the inverse of the initial Permutation. symmetric cryptography 31
32 Decrypting DES DES (and all Feistel structures) is invertible through reverse encryption because The input to the n th step is the output of the n-1 1 th step Everything needed (except the key) to produce the input to the inner function of the n-1 th step is available from the output of the n th step. So we can Work backwards to step 1. Note that the S-boxes are not reversible (and don't need to be) symmetric cryptography 32
33 Encrypt round n Decrypt round n+1 64 bit input 64 bit output 32 bit R n 32 bit R n K 32 bit L n Inner K n 32 bit L n Inner K n Function Function bit L n+1 32 bit R n+1 32 bit L n+1 32 bit R n+1 64 bit output 64 bit input symmetric cryptography 33
34 Key schedule INPUT: 64-bit key: k 1, k 2,, k 64 OUTPUT: sixteen 48-bit keys: k 1, k 2,, k 16 The algorithm used for generating the key schedule combines and selects bits of K to generate the round keys two bit selection tables. -- for details see Handbook of Applied Cryptography. symmetric cryptography 34
35 Weak Keys Let Co and Do are the 28 bit key halves There are 4 week keys in the keyspace (2 56 ) C 0 = All zeros & D 0 = All zeros C 0 = All ones & D 0 = All zeros C 0 = All zeros & D 0 = All ones C 0 = All ones & D 0 = All ones There are 12 semi-weak keys, where C o & D o are the following in some combination All zeros, All ones, , for details see Handbook of Applied Cryptography. symmetric cryptography 35
36 Attacks on iterated t ciphers Suppose that there a probabilistic linear relation between some plaintext bits and state bits immediately preceding the last round. Say the bits XOR to 0 with probability bounded away from ½. Linear cryptanalysis is a known plaintext attack. The attacker needs to know a large number of pairs (x i,y i ) encrypted with the same key K, and uses a linear relation to decrypt a given cipher symmetric cryptography 36
37 Kerchoffs assumption The adversary knows all details of the encrypting function except the secret key symmetric cryptography 37
38 Diffusion i and Confusion -- Shannon Diffusion. i The relationship between the statistics of the plaintext and the ciphertext is as complex as possible: the value of each plaintext bit affects many plaintext bits. Confusion: the relationship between the statistics of the ciphertext and the value of the key is as complex as possible. symmetric cryptography 38
39 Attacks on DES Brute force Linear Cryptanalysis -- Known plaintext attack Differential cryptanalysis Chosen plaintext t attack Modify plaintext bits, observe change in ciphertext No dramatic improvement on brute force symmetric cryptography 39
40 Linear cryptanalysis (known plantext) For each pair (x i,y i ), decrypt using all possible candidate keys for the last round and determine if the linear relation holds. If it does, increment a frequency counter for the candidate key used. Hopefully, at the end, this counter can be used to determine the correct values for the subkey bits. symmetric cryptography 40
41 Differential cryptanalysis (chosen plaintext) Differential cryptanalysis is a chosen plaintext t attack. In this case the XOR of two inputs x, x* is compared with that of the corresponding outputs y, y*. In general we look for pairs x, x* for which x =x+x* is fixed. For each such pair, decrypt y, y* using all possible candidate keys for the last round, and determine if their XOR has a certain value. Again use a frequency counter. Hopefully, at the end, this counter can be used to determine the correct values for the subkey bits. symmetric cryptography 41
42 The security of DES None of these attacks have a serious impact on the security of DES. The main problem with DES is that it has relatively l short key length. Consequently it is subject to brute-force or exhaustive key search attacks. One solution to overcome this problem is to run DES a multiple number of times. symmetric cryptography 42
43 Countering Attacks Large keyspace combats brute force attack Triple DES, typically two key mode: E k 1 D k2 E k1 Use AES symmetric cryptography 43
44 Triple DES Encryption: c = Ek 1 (Dk 2 (Ek 1 (m)) Decryption: m = D Dk 1 (Ek 2 (Dk 1 (c))) symmetric cryptography 44
45 AES Block length 128 bits. Key lengths 128 (or 192 or 256). The AES is an iterated cipher with Nr=10 (or 12 or 14) In each round we have: Sbk Subkey mixing: ii State Roundkey XOR State A substitution: SubBytes(State) A permutation: ShiftRows(State) & MixColumns(State) symmetric cryptography 45
46 Modes of operation Four basic modes of operation are available for block ciphers: Electronic codebook mode: ECB Cipher block chaining mode: CBC Cipher feedback mode: CFB Output feedback mode: OFB symmetric cryptography 46
47 Electronic Codebook mode, ECB Each plaintext x i is encrypted with the same key K: y i = e K (x i ). So, the naïve use of a block cipher. symmetric cryptography 47
48 ECB x 1 x 2 x 3 x 4 DES DES DES DES y 1 y 2 y 3 y 4 symmetric cryptography 48
49 Cipher Block Chaining mode, CBC Each cipher block y i-1 is xor-ed with the next plaintext x i : y i = e K (y i-1 XOR x i ) bf before bi being encrypted to get the next plaintext li y i. The chain is initialized with an initialization vector: y 0 = IV with length, the block size. symmetric cryptography 49
50 CBC x 1 x 2 x 3 x 4 IV DES DES DES DES y 1 y 2 y 3 y 4 symmetric cryptography 50
51 Cipher and Output feedback modes (CFB & OFB) CFB z 0 = IV and recursively: OFB z i = e K (y i-1 ) and y i = x i XOR z i z 0 = IV and recursively: z i = e K (z i-1 ) and y i = x i XOR z i symmetric cryptography 51
52 CFB mode x 1 x 2 IV e K + e K + e K y 1 y 2 symmetric cryptography 52
53 OFB mode IV e K e K x 1 x y 1 y 2 symmetric cryptography 53
54 Key Channel Establishment for symmetric ti cryptosystems t Conventional techniques Public-key techniques Quantum Key distribution techniques symmetric cryptography 54
Modern Symmetric Block cipher
Modern Symmetric Block cipher 81 Shannon's Guide to Good Ciphers Amount of secrecy should determine amount of labour appropriate for encryption and decryption The set of keys and enciphering algorithm
More informationCIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm
CIS 4360 Introduction to Computer Security Fall 2010 WITH ANSWERS in bold Name:.................................... Number:............ First Midterm Instructions This is a closed-book examination. Maximum
More informationCHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))
CHAPTER 6. SYMMETRIC CIPHERS Multiple encryption is a technique in which an encryption algorithm is used multiple times. In the first instance, plaintext is converted to ciphertext using the encryption
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationSome Aspects of Block Ciphers
Some Aspects of Block Ciphers Palash Sarkar Applied Statistics Unit Indian Statistical Institute, Kolkata India palash@isical.ac.in CU-ISI Tutorial Workshop on Cryptology, 17 th July 2011 Palash Sarkar
More informationChapter 3 Block Ciphers and the Data Encryption Standard
Chapter 3 Block Ciphers and the Data Encryption Standard Last Chapter have considered: terminology classical cipher techniques substitution ciphers cryptanalysis using letter frequencies transposition
More informationSecret Key Cryptography
Secret Key Cryptography General Block Encryption: The general way of encrypting a 64-bit block is to take each of the: 2 64 input values and map it to a unique one of the 2 64 output values. This would
More informationCIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)
CIS 6930/4930 Computer and Network Security Topic 3.1 Secret Key Cryptography (Cont d) 1 Principles for S-Box Design S-box is the only non-linear part of DES Each row in the S-Box table should be a permutation
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.2 Secret Key Cryptography CSC 474/574 Dr. Peng Ning 1 Agenda Generic block cipher Feistel cipher DES Modes of block ciphers Multiple encryptions Message
More informationCS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES
CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES PREPARED BY R.CYNTHIA PRIYADHARSHINI AP/IT/SREC Block Ciphers A block cipher is an encryption/decryption scheme in which a block of plaintext is treated
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard
Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationSymmetric Encryption Algorithms
Symmetric Encryption Algorithms CS-480b Dick Steflik Text Network Security Essentials Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Symmetric Cipher Model Plaintext Encryption Algorithm
More informationBlock Cipher Operation. CS 6313 Fall ASU
Chapter 7 Block Cipher Operation 1 Outline q Multiple Encryption and Triple DES q Electronic Codebook q Cipher Block Chaining Mode q Cipher Feedback Mode q Output Feedback Mode q Counter Mode q XTS-AES
More informationNetwork Security Essentials Chapter 2
Network Security Essentials Chapter 2 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Encryption What is encryption? Why do we need it? No, seriously, let's discuss this. Why do we need
More informationLecture 4: Symmetric Key Encryption
Lecture 4: Symmetric ey Encryption CS6903: Modern Cryptography Spring 2009 Nitesh Saxena Let s use the board, please take notes 2/20/2009 Lecture 1 - Introduction 2 Data Encryption Standard Encrypts by
More informationCSCE 813 Internet Security Symmetric Cryptography
CSCE 813 Internet Security Symmetric Cryptography Professor Lisa Luo Fall 2017 Previous Class Essential Internet Security Requirements Confidentiality Integrity Authenticity Availability Accountability
More informationSymmetric Encryption. Thierry Sans
Symmetric Encryption Thierry Sans Design principles (reminder) 1. Kerkoff Principle The security of a cryptosystem must not rely on keeping the algorithm secret 2. Diffusion Mixing-up symbols 3. Confusion
More informationSecret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34
Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used for both encryption and decryption.
More informationIntroduction to Cryptography. Lecture 2. Benny Pinkas. Perfect Cipher. Perfect Ciphers. Size of key space
Perfect Cipher Introduction to Cryptography Lecture 2 Benny Pinkas What type of security would we like to achieve? Given C, the adversary has no idea what M is Impossible since adversary might have a-priori
More informationCryptography and Network Security
Cryptography and Network Security CRYPTOGRAPHY AND NETWORK SECURITY PRAKASH C. GUPTA Former Head Department of Information Technology Maharashtra Institute of Technology Pune Delhi-110092 2015 CRYPTOGRAPHY
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 5 More About Block Ciphers Israel Koren ECE597/697 Koren Part.5.1 Content of this
More informationICT 6541 Applied Cryptography. Hossen Asiful Mustafa
ICT 6541 Applied Cryptography Hossen Asiful Mustafa Encryption & Decryption Key (K) Plaintext (P) Encrypt (E) Ciphertext (C) C = E K (P) Same Key (K) Ciphertext (C) Decrypt (D) Plaintext (P) P = D K (C)
More informationSymmetric key cryptography
The best system is to use a simple, well understood algorithm which relies on the security of a key rather than the algorithm itself. This means if anybody steals a key, you could just roll another and
More informationLecture 3: Symmetric Key Encryption
Lecture 3: Symmetric Key Encryption CS996: Modern Cryptography Spring 2007 Nitesh Saxena Outline Symmetric Key Encryption Continued Discussion of Potential Project Topics Project proposal due 02/22/07
More informationGoals of Modern Cryptography
Goals of Modern Cryptography Providing information security: Data Privacy Data Integrity and Authenticity in various computational settings. Data Privacy M Alice Bob The goal is to ensure that the adversary
More informationCRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext
CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public
More informationGeldy : A New Modification of Block Cipher
Geldy : A New Modification of Block Cipher Candy Olivia Mawalim (13513031) School of Electrical Engineering and Informatics Institut Teknologi Bandung Jl. Ganesha 10 Bandung 40132, Indonesia 13513031@std.stei.itb.ac.id
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Secret Key Cryptography Block cipher DES 3DES
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationData Encryption Standard (DES)
Data Encryption Standard (DES) Best-known symmetric cryptography method: DES 1973: Call for a public cryptographic algorithm standard for commercial purposes by the National Bureau of Standards Goals:
More informationCryptography III: Symmetric Ciphers
Cryptography III: Symmetric Ciphers Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 14th February 2008 Outline Stream ciphers Block ciphers DES and Rijndael Summary
More informationP2_L6 Symmetric Encryption Page 1
P2_L6 Symmetric Encryption Page 1 Reference: Computer Security by Stallings and Brown, Chapter 20 Symmetric encryption algorithms are typically block ciphers that take thick size input. In this lesson,
More informationSecret Key Cryptography Overview
Secret Key Cryptography Overview Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc01_07/ Block ciphers
More informationComputer and Data Security. Lecture 3 Block cipher and DES
Computer and Data Security Lecture 3 Block cipher and DES Stream Ciphers l Encrypts a digital data stream one bit or one byte at a time l One time pad is example; but practical limitations l Typical approach
More informationL3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015
L3. An Introduction to Block Ciphers Rocky K. C. Chang, 29 January 2015 Outline Product and iterated ciphers A simple substitution-permutation network DES and AES Modes of operations Cipher block chaining
More informationUNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan
UNIT - II Traditional Symmetric-Key Ciphers 1 Objectives To define the terms and the concepts of symmetric key ciphers To emphasize the two categories of traditional ciphers: substitution and transposition
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationCryptography Symmetric Encryption Class 2
Cryptography Symmetric Encryption Class 2 Stallings: Ch 3 & 6 Stallings: Ch 4 CEN-5079: 18.January.2018 1 Symmetric Cryptosystems Encryption Key Decryption Key Plaintext Plaintext Encryption Algorithm
More informationSymmetric Cryptography. Chapter 6
Symmetric Cryptography Chapter 6 Block vs Stream Ciphers Block ciphers process messages into blocks, each of which is then en/decrypted Like a substitution on very big characters 64-bits or more Stream
More informationDarshan Institute of Engineering & Technology Page Information Security (IS) UNIT-2 Conventional Encryption Techniques
Q 1. Draw and explain Feistel s structure for encryption and decryption. The exact realization of Feistel network depends on the choice of which parameters? Feistel cipher is based on the idea that instead
More informationENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel
(a) Introduction - recall symmetric key cipher: III. BLOCK CIPHERS k Symmetric Key Cryptography k x e k y yʹ d k xʹ insecure channel Symmetric Key Ciphers same key used for encryption and decryption two
More information6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 6 Block Ciphers 6.1 Block Ciphers Block Ciphers Plaintext is divided into blocks of fixed length and every block is encrypted one at a time. A block cipher is a
More informationECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #7 Analysis of DES and the AES Standard Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we analyze the security properties of DES and
More information3 Symmetric Cryptography
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 3 Symmetric Cryptography Symmetric Cryptography Alice Bob m Enc c = e k (m) k c c Dec m = d k (c) Symmetric cryptography uses the same secret key k for encryption
More informationSymmetric Cryptography
CSE 484 (Winter 2010) Symmetric Cryptography Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials...
More informationSecret Key Algorithms (DES)
Secret Key Algorithms (DES) G. Bertoni L. Breveglieri Foundations of Cryptography - Secret Key pp. 1 / 34 Definition a symmetric key cryptographic algorithm is characterized by having the same key used
More informationComputer Security CS 526
Computer Security CS 526 Topic 4 Cryptography: Semantic Security, Block Ciphers and Encryption Modes CS555 Topic 4 1 Readings for This Lecture Required reading from wikipedia Block Cipher Ciphertext Indistinguishability
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationSyrvey on block ciphers
Syrvey on block ciphers Anna Rimoldi Department of Mathematics - University of Trento BunnyTn 2012 A. Rimoldi (Univ. Trento) Survey on block ciphers 12 March 2012 1 / 21 Symmetric Key Cryptosystem M-Source
More informationBlock Encryption and DES
Block Encryption and DES Plain Text Block 1 Block 2 Block 3 Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available
More informationDouble-DES, Triple-DES & Modes of Operation
Double-DES, Triple-DES & Modes of Operation Prepared by: Dr. Mohamed Abd-Eldayem Ref.: Cryptography and Network Security by William Stallings & Lecture slides by Lawrie Brown Multiple Encryption & DES
More informationPrivate-Key Encryption
Private-Key Encryption Ali El Kaafarani Mathematical Institute Oxford University 1 of 50 Outline 1 Block Ciphers 2 The Data Encryption Standard (DES) 3 The Advanced Encryption Standard (AES) 4 Attacks
More informationHomework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING
UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING ENEE 457 Computer Systems Security Instructor: Charalampos Papamanthou Homework 2 Out: 09/23/16 Due: 09/30/16 11:59pm Instructions
More informationStudy Guide to Mideterm Exam
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #7 Professor M. J. Fischer February 20, 2012 Study Guide to Mideterm Exam For the exam, you are responsible
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously on COS 433 Pseudorandom Permutations unctions that look like random permutations Syntax: Key space K (usually {0,1}
More informationInformation Security CS526
Information Security CS 526 Topic 3 Cryptography: One-time Pad, Information Theoretic Security, and Stream CIphers 1 Announcements HW1 is out, due on Sept 11 Start early, late policy is 3 total late days
More informationInformation Security CS526
Information CS 526 Topic 3 Ciphers and Cipher : Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA 1 Announcements HW1 is out, due on Sept 10 Start early, late policy is 3 total late days for
More informationHow many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?
Homework 1. Come up with as efficient an encoding as you can to specify a completely general one-to-one mapping between 64-bit input values and 64-bit output values. 2. Token cards display a number that
More informationCSc 466/566. Computer Security. 6 : Cryptography Symmetric Key
1/56 CSc 466/566 Computer Security 6 : Cryptography Symmetric Key Version: 2012/02/22 16:14:16 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg
More informationCENG 520 Lecture Note III
CENG 520 Lecture Note III Symmetric Ciphers block ciphers process messages in blocks, each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process
More informationConventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution
Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation
More informationConventional Encryption: Modern Technologies
Conventional Encryption: Modern Technologies We mentioned that the statistical weakness in substitution ciphers is that they don t change the frequency of alphabetic letters. For example, if a substitution
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationNetwork Security. Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar
Network Security Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar Modern Block Ciphers now look at modern block ciphers one of the most widely used types
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's code, principally with
More informationApplied Cryptography Data Encryption Standard
Applied Cryptography Data Encryption Standard Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1 History DES has a checkered history. The book provided fascinating reading
More informationSymmetric Cryptography CS461/ECE422
Symmetric Cryptography CS461/ECE422 1 Outline Overview of Cryptosystem design Commercial Symmetric systems DES AES Modes of block and stream ciphers 2 Reading Section 2.4-2.6 and 12.2 in Security in Computing
More informationNew Kid on the Block Practical Construction of Block Ciphers. Table of contents
New Kid on the Block Practical Construction of Block Ciphers Foundations of Cryptography Computer Science Department Wellesley College Fall 2016 Table of contents Introduction Substitution-permutation
More informationCryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái
Cryptography and Network Security Block Ciphers + DES Lectured by Nguyễn Đức Thái Outline Block Cipher Principles Feistel Ciphers The Data Encryption Standard (DES) (Contents can be found in Chapter 3,
More informationCryptography III: Symmetric Ciphers
Cryptography III: Symmetric Ciphers Computer Security Lecture 4 David Aspinall School of Informatics University of Edinburgh 26th January 2012 Outline Stream ciphers Block ciphers DES and Rijndael Summary
More informationIntroduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function
More informationENEE 457: Computer Systems Security 09/12/16. Lecture 4 Symmetric Key Encryption II: Security Definitions and Practical Constructions
ENEE 457: Computer Systems Security 09/12/16 Lecture 4 Symmetric Key Encryption II: Security Definitions and Practical Constructions Charalampos (Babis) Papamanthou Department of Electrical and Computer
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationBlock Ciphers and Data Encryption Standard. CSS Security and Cryptography
Block Ciphers and Data Encryption Standard CSS 322 - Security and Cryptography Contents Block Cipher Principles Feistel Structure for Block Ciphers DES Simplified DES Real DES DES Design Issues CSS 322
More informationSimple DES DES Modes of operation Triple DES AES RSA Attacks Primality test factoring.
UNIT II BLOCK CIPHER UNIT II Simple DES DES Modes of operation Triple DES AES RSA Attacks Primality test factoring. 2.1 SIMPLIFIED DATA ENCRYPTION STANDARD (S-DES) The overall structure of the simplified
More informationSymmetric Key Cryptography
Symmetric Key Cryptography Michael Huth M.Huth@doc.ic.ac.uk www.doc.ic.ac.uk/~mrh/430/ Symmetric Key Cryptography (3.1) Introduction Also known as SECRET KEY, SINGLE KEY, PRIVATE KEY Sender and Receiver
More informationChapter 6: Contemporary Symmetric Ciphers
CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 6: Contemporary Symmetric Ciphers Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Why Triple-DES?
More informationThe Rectangle Attack
The Rectangle Attack and Other Techniques for Cryptanalysis of Block Ciphers Orr Dunkelman Computer Science Dept. Technion joint work with Eli Biham and Nathan Keller Topics Block Ciphers Cryptanalysis
More informationChap. 3. Symmetric Key Crypto (Block Ciphers)
Introduction to SW Security Chap. 3. Symmetric Key Crypto (Block Ciphers) Spring, 28 Cho, Seong-je ( 조성제 ) sjcho at dankook.ac.kr Many slides taken from Textbook (Its site), and Web sites Textbook M. T.
More informationChapter 3 Traditional Symmetric-Key Ciphers 3.1
Chapter 3 Traditional Symmetric-Key Ciphers 3.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Objectives To define the terms and the concepts of symmetric
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers 2MMC10 Cryptology Fall 2015 Ruben Niederhagen October 6th, 2015 Introduction 2/32 Recall: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationStream Ciphers. Çetin Kaya Koç Winter / 13
Çetin Kaya Koç http://koclab.cs.ucsb.edu Winter 2016 1 / 13 Block Ciphers Cryptography Plaintext: M i with M i = n, where n is the block length (in bits) Ciphertext: C i with C i = m, where m n, however,
More informationIntroduction to Modern Symmetric-Key Ciphers
Introduction to Modern Symmetric-Key Ciphers 1 Objectives Review a short history of DES. Define the basic structure of DES. List DES alternatives. Introduce the basic structure of AES. 2 Data Encryption
More informationMaking and Breaking Ciphers
Making and Breaking Ciphers Ralph Morelli Trinity College, Hartford (ralph.morelli@trincoll.edu) Smithsonian Institute October 31, 2009 2009 Ralph Morelli You are free to reuse and remix this presentation
More informationSecret Key Cryptography
Secret Key Cryptography 1 Block Cipher Scheme Encrypt Plaintext block of length N Decrypt Secret key Cipher block of length N 2 Generic Block Encryption Convert a plaintext block into an encrypted block:
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 5 More About Block Ciphers ver. November 26, 2010 Last modified 10-2-17
More informationIntroduction to Symmetric Cryptography
Introduction to Symmetric Cryptography Tingting Chen Cal Poly Pomona 1 Some slides are from Dr. Cliff Zou. www.cs.ucf.edu/~czou/cis3360-12/ch08-cryptoconcepts.ppt Basic Cryptography Private Key Cryptography
More informationCIT 380: Securing Computer Systems. Symmetric Cryptography
CIT 380: Securing Computer Systems Symmetric Cryptography Topics 1. Modular Arithmetic 2. What is Cryptography? 3. Transposition Ciphers 4. Substitution Ciphers 1. Cæsar cipher 2. Vigènere cipher 5. Cryptanalysis:
More informationCSC574: Computer & Network Security
CSC574: Computer & Network Security Lecture 3 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr, Patrick McDaniel, and Peng Ning) Modern Cryptography 2 Kerckhoffs Principles Modern cryptosystems
More informationCSCE 548 Building Secure Software Symmetric Cryptography
CSCE 548 Building Secure Software Symmetric Cryptography Professor Lisa Luo Spring 2018 Previous Class Important terms Vulnerability Attack Attack vector Exploit 2 Previous Class Attack surface Components
More informationCryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi
Cryptographic Primitives A brief introduction Ragesh Jaiswal CSE, IIT Delhi Cryptography: Introduction Throughout most of history: Cryptography = art of secret writing Secure communication M M = D K (C)
More informationSecret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General Considerations:
Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General Considerations: Secret Key Systems Encrypting a small block of text (say 64 bits) General Considerations: 1. Encrypted
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationCryptography [Symmetric Encryption]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationLecture 2: Shared-Key Cryptography
Graduate Course on Computer Security Lecture 2: Cryptography Iliano Cervesato iliano@itd.nrl.navy.mil ITT Industries, Inc @ NRL Washington DC http://www.cs.stanford.edu/~iliano/ DIMI, Universita di Udine,
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5 January 23, 2012 CPSC 467b, Lecture 5 1/35 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationCryptography Part II Introduction to Computer Security. Chapter 8
Cryptography Part II Introduction to Computer Security Chapter 8 Vigènere Cipher Like Cæsar cipher, but use phrase Example Message: THE BOY HAS THE BALL Key: VIG Encipher using Cæsar cipher for each letter:
More information