Secret Key Cryptography

Similar documents
Cryptography and Network Security

Secret Key Cryptography

CSC 474/574 Information Systems Security

Cryptography Functions

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General Considerations:

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Cryptography and Network Security. Sixth Edition by William Stallings

Data Encryption Standard (DES)

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

Crypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Cryptographic Algorithms - AES

CSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms

AIT 682: Network and Systems Security

Network Security Essentials Chapter 2

P2_L6 Symmetric Encryption Page 1

CSc 466/566. Computer Security. 6 : Cryptography Symmetric Key

Secret Key Cryptography Overview

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

CIS 6930/4930 Computer and Network Security. Project requirements

Introduction to Modern Symmetric-Key Ciphers

CSCE 813 Internet Security Symmetric Cryptography

Symmetric Cryptography. Chapter 6

L3: Basic Cryptography II. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

Lecture 4: Symmetric Key Encryption

Computer and Data Security. Lecture 3 Block cipher and DES

Symmetric Cryptography CS461/ECE422

Network Security. Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar

How many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?

Lecture 2: Secret Key Cryptography

Secret Key Algorithms (DES)

Modern Block Ciphers

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

Fundamentals of Cryptography

Encryption Details COMP620

Goals of Modern Cryptography

Chapter 3 Block Ciphers and the Data Encryption Standard

Symmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.

Lecture 3: Symmetric Key Encryption

CENG 520 Lecture Note III

Block Encryption and DES

ISSN: (Online) Volume 2, Issue 4, April 2014 International Journal of Advance Research in Computer Science and Management Studies

Symmetric Cryptography

Symmetric Encryption Algorithms

Modern Symmetric Block cipher

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Computer Security 3/23/18

PGP: An Algorithmic Overview

Network Security Essentials

Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34

Block Ciphers. Secure Software Systems

Data Encryption Standard

3 Symmetric Cryptography

Symmetric Key Cryptography

Implementation of Full -Parallelism AES Encryption and Decryption

Block Ciphers Introduction

Introduction. Secret Key Cryptography. Outline. Secrets? (Cont d) Secret Keys or Secret Algorithms? Introductory Remarks Feistel Cipher DES AES

Introduction to Cryptology. Lecture 17

SOLUTIONS FOR HOMEWORK # 1 ANSWERS TO QUESTIONS

Data Encryption Standard

Week 4. : Block Ciphers and DES

Block Ciphers Tutorial. c Eli Biham - May 3, Block Ciphers Tutorial (5)

7. Symmetric encryption. symmetric cryptography 1

Cryptography III: Symmetric Ciphers

6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design:

CPSC 467b: Cryptography and Computer Security

Symmetric Cryptography. CS4264 Fall 2016

Cryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles

Advanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50

L3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015

Chapter 6: Contemporary Symmetric Ciphers

Cryptography and Network Security. Sixth Edition by William Stallings

CPSC 467b: Cryptography and Computer Security

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

FPGA Based Design of AES with Masked S-Box for Enhanced Security

Cryptography [Symmetric Encryption]

Design and Implementation of Rijndael Encryption Algorithm Based on FPGA

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas

Goals for Today. Substitution Permutation Ciphers. Substitution Permutation stages. Encryption Details 8/24/2010

Area Optimization in Masked Advanced Encryption Standard

Block Ciphers and the Data Encryption Standard (DES) Modified by: Dr. Ramzi Saifan

Week 5: Advanced Encryption Standard. Click

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

FPGA Implementation of High Speed AES Algorithm for Improving The System Computing Speed

Conventional Encryption: Modern Technologies

CPSC 467: Cryptography and Computer Security

Chapter 7 Advanced Encryption Standard (AES) 7.1

Computer Security: Principles and Practice

Design and Analysis of New Symmetric Block Cipher Algorithm

Computational Security, Stream and Block Cipher Functions

International Journal of Advance Engineering and Research Development

Encryption Algorithms

HOST Cryptography III ECE 525 ECE UNM 1 (1/18/18)

Module 13 Network Security. Version 1 ECE, IIT Kharagpur

Winter 2011 Josh Benaloh Brian LaMacchia

Homework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING

ENEE 459-C Computer Security. Symmetric key encryption in practice: DES and AES algorithms

EEC-484/584 Computer Networks

Transcription:

Secret Key Cryptography 1

Block Cipher Scheme Encrypt Plaintext block of length N Decrypt Secret key Cipher block of length N 2

Generic Block Encryption Convert a plaintext block into an encrypted block: oneto-one Key length too short? Block Length: Long enough to avoid known-plaintext attack, but not too long (performance) 64 bit typical Output should look random No correlation between plaintext and ciphertext Spread bits around A single input bit should have influence on all the bits of the output Be able to change any one of the output with a probability of about 50% 3

Example of Block Encryption 4

Generic Block Encryption Two kinds of simple transformations (k-bit blocks) A Substitution specifies, for each of the 2 k possible values of the input, the k-bit output. A Permutation specifies, for each of the k input bits, the output position to which it goes. Round: a combination of substitution and permutation Given the key, an encryption mechanism must be efficient to reverse 5

DES (Data Encryption Standard) Published in 1977, standardized in 1979 Key: 64 bit quantity = 8-bit parity + 56-bit key 64-bit input block, 64-bit output block Efficient to implement in hardware but relatively slow if implemented in software 64 bit M 64 bit C DES Encryption 56 bits 6

Basic Structure of DES 64-bit 48-bit Input K1 Permutation 56-bit Key Generate 16 48-bit per-round keys Initial Permutation Round 1 Round 2... Round 16 Swap Permutation 48-bit K 1 48-bit K 2 48-bit K 16 Swap left and right halves Final Permutation 64-bit Output 7

Permutation of the Data Initial Permutation (IP) View the input as M: 8(-byte) x 8(-bit) matrix Transform M into M1 in two steps Transpose row x into column (9-x), 0<x<9 Apply permutation on the rows: For even column y, it becomes row y/2; For odd column y, it becomes row (5+y/2). Final Permutation FP = IP -1 IP and FP are not random-looking permutation IP and FP do essentially nothing to enhance DES s security 8

Permutation of the Data 9

Generating the Per-Round Keys Initial Permutation of the 56 useful bits of the key C i-1 28 bits D i-1 28 bits One round 48 bits K i Circular Left Shift Permutation with Discard Circular Left Shift Round 1,2,9,16: single shift Others: two bits C i Also see Fig. 3-5 of the textbook D i 28 bits 28 bits 10

Initial Permutation of Key 11

DES Round Apply the same operations (keys in reverse order: k 16, k 15,, k 1 ) Input: R n+1 L n+1 : swap operation Output: R n L n : The swap operation at the end will produce the correct result 12

Expansion of R from 32 bits to 48 bits R Taking the adjacent bits and concatenating them to the chunk 13

The Mangler Function 4 4 4 4 4 4 4 4 K R 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 + + + + + + + + S1 S2 S3 S4 S5 S6 S7 4 4 4 4 4 4 4 4 Permutation S8 The permutation produces spread among the chunks/s-boxes! Also see Figure 3-8 of the textbook 14

S-Box (Substitute and Shrink) 48 bits ==> 32 bits. (8*6 ==> 8*4) 2 bits used to select amongst 4 substitutions for the rest of the 4-bit quantity 2 bits row 4 bits column I1 I2 I3 I4 I5 I6 S i i = 1, 8. O1 O2 O3 O4 An integer between 0 and 15 Also see Figure 3-8 of the textbook 15

S1 Example: input: 100110 output:??? 16

8 S-Boxes Logic behind the selection of the S-Boxes remains unpublished secret Is it a good idea technically to publish it? For details, see p. 72 p. 73 of the textbook 17

DES Standard Design process of DES was not more public If published the design process, this will involve many cryptanalytic attacks 18

DES Design Controversy Although DES standard is public, there was considerable controversy over design in choice of 56-bit key and because design criteria were classified Subsequent events and public analysis show in fact design was appropriate 16 Weak and Semi-Weak Keys C 0 and D 0 are: all ones, all zeros, alternating ones and zeros, alternating zeros and ones DES has become widely used, especially in financial applications 19

International Data Encryption Algorithm (IDEA) ETH Zurich, 1991 Encrypt a 64-bit block of plaintext into a 64-bit block of ciphertext 128-bit key Both DES and IDEA have the property that encryption and decryption are identical except for key expansion 20

Basic Structure of IDEA 128-bit Key 64-bit Input key expansion Round 1 Round 2... Round 16 Round 17 k 1 k 2 k 3 k 4 k 5 k 6 k 49 k 50 k 51 k 52 64-bit Output 21

IDEA Primitive Operations Map two 16-bit quantities into a 16-bit quantity Three operations: Bitwise exclusive or: Slightly modified add + mod 2 16 Slightly modified multiply mod(2 16 +1) reversible 22

Key Expansion Generation of Key 1 through 8 Generation of Key 9 through 16 23

Key Expansion The 128-bit key is expanded into 52 16-bit keys K1, K2, K52 Once the key are generated, the encryption and decryption operations are the same Chop off 16 bits at a time to get 8 16-bit keys Start at bit 25, chop (and wrap around) again to get next 8 16- bit keys Offsetting 25 more bits, repeat, until 52 keys are generated 24

One Round 17 rounds, even and odd 64 bits input are divided into 4 16-bit quantities, X a, X b, X c, and X d Odd round Use four of K i Even round Use two of K i 25

X a = X a K a X b = X c + K c IDEA: Odd Round X c = X b + K b X d = X d K d To decrypt, use the inverse (relative to the operations) of the keys 26

IDEA: Even Round 27

IDEA: Even Round Mangler: Y out, Z out = f (Y in, Z in, K e, K f ) First step: Y in = X a X b Z in = X c X d Second Step, mangler: Y out = ((K e Y in ) + Z in ) K f Z out = (K e Y in ) + Y out Third step: X a = X a Y out, X b = X b Y out, X c = X c Z out, X d = X d Z out 28

Decryption IDEA Decryption Use the same keys Use the exact operations as encryption The same code can perform either encryption or decryption given different expanded keys 29

Advanced Encryption Standard (AES) 30

Origins clearly a replacement for DES was needed have theoretical attacks that can break it DES s key was too small have demonstrated exhaustive key search attacks can use Triple-DES but slow with small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were short-listed in Aug-99 Algorithm Rijndael was selected as the AES in Oct- 2000 issued as FIPS PUB 197 standard in Nov-2001 31

AES Requirements private key symmetric block cipher 128-bit data, 128/192/256-bit keys stronger & faster than Triple-DES active life of 20-30 years (+ archival use) provide full specification & design details both C & Java implementations NIST have released all submissions & unclassified analyses 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback