Secret Key Cryptography

Similar documents
Cryptography Functions

Data Encryption Standard (DES)

Secret Key Cryptography

How many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?

P2_L6 Symmetric Encryption Page 1

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General Considerations:

Advanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50

7. Symmetric encryption. symmetric cryptography 1

Modern Symmetric Block cipher

L3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015

ECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

CHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

CSC 474/574 Information Systems Security

Applied Cryptography Data Encryption Standard

Lecture 1 Applied Cryptography (Part 1)

CIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)

6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas

Network Security Essentials Chapter 2

AIT 682: Network and Systems Security

CSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms

Symmetric Cryptography

Block Encryption and DES

Secret Key Cryptography Overview

Content of this part

Network Security Essentials

Introduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers

Double-DES, Triple-DES & Modes of Operation

Block Cipher Operation. CS 6313 Fall ASU

Symmetric Encryption Algorithms

Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34

SOLUTIONS FOR HOMEWORK # 1 ANSWERS TO QUESTIONS

3 Symmetric Cryptography

Cryptography CS 555. Topic 11: Encryption Modes and CCA Security. CS555 Spring 2012/Topic 11 1

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

CIS 4360 Secure Computer Systems Symmetric Cryptography

CSC574: Computer & Network Security

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Jaap van Ginkel Security of Systems and Networks

Stream Ciphers and Block Ciphers

A High-Performance VLSI Architecture for Advanced Encryption Standard (AES) Algorithm

Lecture 4: Symmetric Key Encryption

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design:

Modes of Operation. Raj Jain. Washington University in St. Louis

Lecture 4. Encryption Continued... Data Encryption Standard (DES)

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

Secret Key Algorithms (DES)

Chapter 6 Contemporary Symmetric Ciphers

Block Ciphers. Advanced Encryption Standard (AES)

FPGA Implementation of Optimized DES Encryption Algorithm on Spartan 3E

Chapter 3 Block Ciphers and the Data Encryption Standard

Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution

Encryption Details COMP620

Stream Ciphers and Block Ciphers

Symmetric Encryption. Thierry Sans

CSCI 454/554 Computer and Network Security. Topic 3.2 Secret Key Cryptography Modes of Operation

Winter 2011 Josh Benaloh Brian LaMacchia

CENG 520 Lecture Note III

L3: Basic Cryptography II. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

Implementation and Performance analysis of Skipjack & Rijndael Algorithms. by Viswnadham Sanku ECE646 Project Fall-2001

EEC-484/584 Computer Networks

Using block ciphers 1

Cryptography [Symmetric Encryption]

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

Conventional Encryption: Modern Technologies

ENEE 459-C Computer Security. Symmetric key encryption in practice: DES and AES algorithms

Lecture 2B. RTL Design Methodology. Transition from Pseudocode & Interface to a Corresponding Block Diagram

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Lecture 3: Symmetric Key Encryption

Block Ciphers and Stream Ciphers. Block Ciphers. Stream Ciphers. Block Ciphers

Cryptography and Network Security

Symmetric key cryptography

Chapter 8. Encipherment Using Modern Symmetric-Key Ciphers

Computer and Data Security. Lecture 3 Block cipher and DES

Homework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Computer Security 3/23/18

Introduction to Cryptography. Lecture 2. Benny Pinkas. Perfect Cipher. Perfect Ciphers. Size of key space

Introduction. Secret Key Cryptography. Outline. Secrets? (Cont d) Secret Keys or Secret Algorithms? Introductory Remarks Feistel Cipher DES AES

Processing with Block Ciphers

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

Chapter 6: Contemporary Symmetric Ciphers

CSC/ECE 574 Computer and Network Security. Processing with Block Ciphers. Issues for Block Chaining Modes

Chap. 3. Symmetric Key Crypto (Block Ciphers)

Block Cipher Modes of Operation

SECRET KEY: STREAM CIPHERS & BLOCK CIPHERS

Geldy : A New Modification of Block Cipher

Symmetric Cryptography CS461/ECE422

Indect Block Cipher Application

CIS 6930/4930 Computer and Network Security. Topic 3.2 Secret Key Cryptography Modes of Operation

Implementation of Full -Parallelism AES Encryption and Decryption

Implementation and Performance analysis of Skipjack & Rijndael Algorithms

Block cipher modes. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 75

Cryptographic Algorithms - AES

Fundamentals of Cryptography

Transcription:

Secret Key Cryptography General Block Encryption: The general way of encrypting a 64-bit block is to take each of the: 2 64 input values and map it to a unique one of the 2 64 output values. This would take (2 64 )*(64) = 2 70 bits to store this map. This is NOT practical. Secret key cryptographic systems take a reasonable length key (e.g., 64 bits) and generate a one-one mapping that looks, to someone who does not know the key, completely random. I.e., any single bit change in the input results in a totally independent random number output. Types of transformation for k-bit blocks: Substitution: For small values of k, specify for each of the 2 k possible values of the input, the k-bit output. This takes k*2 k bits.

E.g., for k=8, we need 2048 bits. Permutation: For each of the I input bits, specify the output position to which it goes. This takes I*log 2 I bits. E.g., for I=64, we need 64*5=320 bits Rounds If we do only a single round, then a bit of input can only affect 8 bits of output. There is optimal number of rounds to achieve complete randomization, e.g., 16. The following figure (Fig. 3-1) shows a secret key algorithm based on rounds of substations and permutation. It takes the same effort to reverse (decrypt).

Data Encryption Standard (DES): Key length: 64 bits 8 bits are used for parity check, why is that? to make it 265 times less secure! Read why 56 bits? section in the textbook How secure is DES?

In 1998, $150K machine can break the key in 5 days! For added security triple DES is used. Basic Structure of DES: (Fig. 3-2) The decryption works by essentially running DES backward with keys in reverse order: K16.. K1. The Permutation of Data (Fig. 3-3 ) This is not random, See Fig. 3-3 to get IP, and

Reverse the arrows to get IP -1 In the IP table: bit 1 comes from bit 58, bit 2 comes from bit 50, etc.

The first octet of the input (ABC...H) is distributed over the 8 octets of the output: A to 5th octet, B to 1st Octet,... H to 4th octet. Generating the Per-Round Keys: Key-Permutation: (Fig. 3-4) Produces C 0 and D 0 C0 D0 Key-Generation: (Fig. 3-5)

Eight bits are discarded at positions: 9, 18, 22, 25 from C i & 35, 38, 43, 54 from D i so that each K i is 48 bits. A DES Round: (Fig. 3-6)

Why decryption works? o The output of the Mangler Function (M) is the same for both encryption and decryption. o In encryption: M L n = R n+1 o In decryption: M R n+1 = M ( M L n ) = L n The Mangler Function: Expands R from 32 bit 48 bits as shown in Fig3-7: It breaks R into eight 4-bit chunks and Expand each to 6-bit by concatenating the adjacent 2 bits.

Let CR i refer to i th chunk of the expanded R. The 48-bit K is broken to eight 6-bit chunks. Let CK i refer to the i th chunk of K. Let S i = CR i CK i S i is fed into an S-box, a substitution which produces 4-bit output for each possible 6-bit input (Figure 3-8) i.e., 4 inputs are mapped to 1 output.

The 8 S-boxes are specified in Fig. 3-9 to 3-16: Two of these tables are shown below.

The output of the eight S-boxes is permuted as shown in Fig. 3-17. This is to ensure that the output of an S-box in one round affects the input of multiple S-boxes on the next round. What's So Special about DES? The S-boxes! Are they random? No one knows.

Playing around with the S-boxes can be dangerous! International Data Encryption Algorithm (IDEA): Encrypts 64-bit blocks using 128-bit key. It is similar to DES since it: o o operates in rounds the mangler function runs in the same direction for both encryption and decryption. Fig. 3-18 shows the basic Structure of IDEA:

IDEA operations: Exclusive OR + Addition mod 2 16 and x Multiplication mod 2 16 These operations are reversible: a K = A» A K = a since (a K) K = a a + K = A» A + (-K) = a since (a + K) + (-K) = a a x K = A» A x (K -1 ) = a since (a x K) x (K -1 ) = a Key Expansion:

The 128-bit key is expanded into: Fifty two 16-bit-keys: K1, K2,...K52. After generating the first 8 keys (Fig. 3-19), Shift 25 bits and continue the generation (Fig. 3-20). Figure 3-20 Rounds: Total number of rounds: 17: odd: 1, 3,...17 & even 2, 4,.., 16 Odd Round: (Fig. 3-21) This is reversible using the inverse keys.

Even Round: (Fig. 3-22) How to reverse? Just apply it again, using the same keys (not the inverse keys as in odd rounds!).

Why? From Figure 3-22 we have: X'a = Xa Yout X'b = Xb Yout Yin = Xa Xb Thus: X'a X'b = (Xa Yout ) (Xb Yout) = Xa Xb = Yin Yin is the same if we use either (Xa, Xb) or (X'a, X'b) Similarly, Zin is the same if we use either (Xc, Xd) or (X'c, X'd) Thus, Yout & Zout are the same in both encryption and decryption. Since we know Yout and Zout we can get: X'a Yout = (Xa Yout) Yout = Xa Similarly we can get: Xb, Xc and Xd Inverse Keys for Decryption: Encryption keys: K1 K2 K3 K4 K5 K6... Decryption Keys:

(K49) -1 -(K50) -(K51) (K52) -1 K47 K48... Advanced Encryption Standard (AES): Developed with the help of NIST as an Efficient, Flexible, Secure and Unencumbered (free to implement) Encryption Standard for protecting: sensitive, non-classified, U.S. government information. NIST selected an algorithm called Rijndael, named after two Belgium cryptographers. It uses a variety of block and key sizes: 128, 192 and 256 and the standards are named: AES-128, AES-192, AES-256 Block sizes are fixed in all to 128 bits. It is similar to both DES and IDEA in that there is rounds and key expansion. Basic Structure: (Figure 3-23)

Nb: the number of 32-bit words in an encryption block. for AES-128: Nb = 4. Nk: the number of 32-bit words in an encryption key. for AES-128: Nk = 4. Nr: the number of rounds.

It should be large enough to allow sufficient mixing so that each bit of a plain text block or a key has a complex effect on each bit of the resulting cipher text. for AES-128: Nr = 10. Nr = 6 + Max (Nb, Nk), Primitive Operations: XOR Octet-Substitution (S-box, Figure 3-24) Rearrangement of octets (rotating rows and columns) An MixColumn operation: Replace a column with another. - Each octet of the input column is used as index to retrieve a column from a table (Figure 3-26). - Each retrieved column is rotated and - The four rotated columns are 'd to produce the output column (Figure 3-25).

Figure 3-26. MixColumn Table

Inverse Cipher: is its own inverse The inverse of S-box is given by a different table (Fig 3-27) Rotating is inverted by another rotation in the opposite direction. The inverse of MixColumn is called InvMixCoumn is similar to MixColumn using a different table (Fig 3-28). Key Expansion: Arrange the key as Nk columns and Iteratively generate the next Nk columns (see Figure 3-29 and 3-30). The Ci are constants defined in Figure 3-31.

Rounds: Each round is an identical sequence of 3 operations:

1. Each octet of the state has the S-box applied. 2. For AES-128: Row i of the state is rotated left i columns (i=0, 1, 2, 3). 3. Each column of the state has MixColumn applied to it Inverse Rounds: Since each operation is invertible, decryption is done by performing the inverse of each operation in the opposite order and using the round keys in the reverse order. RC4 RC4 is a stream cipher designed by Ron Rivest. A long random string is called a one-time pad. Page 93 gives a C code for RC4 one-time pad generator. A stream cipher generates a one-time pad and applies it to a stream of plain text with. Block Chaining: Encrypting a Large Massage Electronic Code Book (ECB): Break the message into 64-bit blocks (padding the last one) and Encrypt each block with the secret key. Two problems:

Two identical plaintext blocks produces two identical cipher blocks Blocks can be rearranged or modified. Example: See Fig. 4-3 where an eavesdropper: Can see which sets of employees have identical or similar salaries & Can alter own salary to match another employee with higher salary. Cipher Block Chaining (CBC): See Figure Fig. 4-5 (encryption) & Fig 4-6 (decryption). IV (Initialization Vector) is a randomly chosen number.

Two identical plain messages produce two different cipher messages. Thus continue holding, continue holding... Start attach produces different cipher blocks. This also prevents the Chosen plain text attach. CBC Threat: Modifying Cipher Blocks You can modify the contents of one cipher block to make the plain text of next block as you wish. However the preceding plain text block will be garbled. For example in Figure 4-6: To change m6 to m'6, we can change c5 to c'5, Where c'5 is computed as: (c5 m6 ) m'6

However, the content of m5 will be garbage. E.g: change Jo Tacker salary from ~$54K to ~$74K: Output Feedback Mode (OFB): It is a stream cipher, Encryption/Decryption is performed by X ing the message with one-time pad generated as follows: 1. A 64-bit IV is generated (and is transmitted with the encrypted message). 2. b 1 is the DES encryption of IV with the secret key. 3. b i, i > 1, is the DES encryption of b i-1 with secret key. 4. The resulting one-time pad is: b1 b2 b3... 5. c i = b i m i for i =1, 2,...

Major advantages of OFB: The pad can be generated in advance of the message arrival. If some bits of cipher text get garbled, only the corresponding bits in the plain text get garbled. Major disadvantages of OFB: If one block is lost, the rest of the blocks will be garbled. If data is stored on disk, you can not randomly read any block unless you decrypt all the preceding blocks. If the <plaintext m, ciphertext c) > are known by Trudy, he can modify m into anything he wants m'. How? 1. Calculate: X = c m c' = m' X 2. Sends: c' instead of c.

3. The receiver calculates: c' X = (m' X) X = m' Cipher Feedback Mode (CFB): CFB solves the first two problems of OFB: If one block is lost, only the next block is garbled and the rest of the blocks will decrypt properly. To randomly access one block, you only need to access the preceding block. CFB steps: 1. A 64-bit IV is generated (and is transmitted with the encrypted message). 2. b 1 is the DES encryption of IV with the secret key. 3. b i, i > 1, is the DES encryption of c i-1 with secret key. (Thus you can't generate a one-time pad in advance like OFB) 4. c i = b i m i for i =1, 2,...

Counter Mode (CTR): CTR (Figure 4-10) have the following advantages: You can generate the one-time pad in advance. You can randomly access any block without decrypting all the preceding blocks. Disadvantage: If one block is lost, the rest of the blocks will be garbled. Figure 4-10

Multiple Encryption DES It is called 3DES or EDE (encrypt-decrypt-encrypt): m>>>> E >>>> D >>>> E >>>>c K1 K2 K1 c >>>> E >>>> D >>>> E >>>> m CBC is used for stream encryption as shown is Fig. 4-15: Why EDE instead EEE?. P >>> P -1. P >>> P -1. P >>> P -1 E E E

P >>> P -1. P -1 >>> P. P >>> P -1 E D E Thus, there is security gain by having permutation done between stages using EDE.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback