Encryption Algorithms

Similar documents
Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

2.3 SUBTITUTION CIPHERS.

Computer Security 3/23/18

Some Stuff About Crypto

CIS 3362 Final Exam 12/4/2013. Name:

APNIC elearning: Cryptography Basics

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Public Key Cryptography

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Crypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

EEC-484/584 Computer Networks

Making and Breaking Ciphers

Technological foundation

Public Key Algorithms

Chapter 9 Public Key Cryptography. WANG YANG

Public Key Algorithms

Public-key encipherment concept

PGP: An Algorithmic Overview

Public Key Algorithms

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Study Guide to Mideterm Exam

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Encryption Details COMP620

ECE 646 Fall 2009 Final Exam December 15, Multiple-choice test

Public Key Cryptography

Cryptography and Network Security

Cryptography and Network Security

Introduction to Symmetric Cryptography

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

1. Diffie-Hellman Key Exchange

CRYPTOGRAPHY & DIGITAL SIGNATURE

Chapter 3. Cryptography. Information Security/System Security p. 33/617

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Chapter 9. Public Key Cryptography, RSA And Key Management

CSE 127: Computer Security Cryptography. Kirill Levchenko

Secret Key Cryptography

Cryptography Functions

Overview. Public Key Algorithms I

Cryptography MIS

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Substitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

EEC-682/782 Computer Networks I

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

CS61A Lecture #39: Cryptography

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

CSC 474/574 Information Systems Security

Fall 2017 CIS 3362 Final Exam. Last Name: First Name: 1) (10 pts) Decrypt the following ciphertext that was encrypted using the shift cipher:

Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution

Network Security Essentials Chapter 2

UNIT III 3.1DISCRETE LOGARITHMS

LECTURE 4: Cryptography

Lecture 2 Applied Cryptography (Part 2)

Jaap van Ginkel Security of Systems and Networks

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

L2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015

Symmetric Cryptography. CS4264 Fall 2016

Goals for Today. Substitution Permutation Ciphers. Substitution Permutation stages. Encryption Details 8/24/2010

CS669 Network Security

CS682 Advanced Security Topics

Encryption. INST 346, Section 0201 April 3, 2018

HOST Cryptography III ECE 525 ECE UNM 1 (1/18/18)

Lecture 2: Secret Key Cryptography

L3: Basic Cryptography II. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Lecture 4: Symmetric Key Encryption

7. Symmetric encryption. symmetric cryptography 1

Traditional Symmetric-Key Ciphers. A Biswas, IT, BESU Shibpur

CSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Winter 2011 Josh Benaloh Brian LaMacchia

Chapter 30 Cryptography 30.1

AIT 682: Network and Systems Security

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

RSA (material drawn from Avi Kak Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto.

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

CIS 3362 Final Exam. Date: 12/9/2015. Name:

Public Key Cryptography and the RSA Cryptosystem

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Lecture IV : Cryptography, Fundamentals

Sankalchand Patel College of Engineering, Visnagar B.E. Semester V (CE/IT) INFORMATION SECURITY Practical List

Channel Coding and Cryptography Part II: Introduction to Cryptography

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography

Secret Key Cryptography

Security: Cryptography

Cryptographic Concepts

ECE 646 Fall 2008 Multiple-choice test

Introduction to Cryptography. Vasil Slavov William Jewell College

Cryptography Introduction

How many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?

Transcription:

Encryption Algorithms 1. Transposition Ciphers 2. Substitution Ciphers 3. Product Ciphers 4. Exponentiation Ciphers 5. Cryptography based on Discrete Logarithms 6. Advanced Encryption Standard (AES)

1. Transposition Ciphers -Transposition ciphers rearrange characters according to some scheme. -Many transposition ciphers permute the characters of the plaintext with a fixed period d. -A transposition cipher can be defined by providing an integer d, and a permutation f: Zd Zd (where Zd is the set of integers 1 through d) The key: K = (d,f) A plaintext message M is enciphered as follows: M= m1 mdmd+1 m2d Ek(M) = mf(1) mf(d)md+f(1) md+f(d)

Example: encryption suppose d= 4, and f gives the permutation: M= RENAISSANCE i: 1 2 3 4 f(i): 2 4 1 3 Compute Ek(M)? Example: Cryptanalysis -A transposition may be subject to successful cryptanalysis because the relative frequencies of the letters in the ciphertext can closely match expected frequencies for plaintext. -Assuming all keys are equally likely, what is the the entropy of a key of a transposition cipher with a period d? -Determine the expected number N of characters required to break the cipher, for a period d=27?

2. Substitution Ciphers There are several kinds of substitution ciphers: simple, homophonic, polyalphabetic, and polygram substitution ciphers. Simple Substitution Ciphers -Simple one-to-one mapping is used to encipher an entire message. -Let: A and C be n-character alphabets f: A C a one-to-one mapping A = {a0,,an-1} C = {f(a0},,f(an-1)} A plaintext M is enciphered as follows: M=m1 mp Ek(M) = f(m1) f(mp)

Example: ciphers based on shifted alphabet -f is defined by f(a) = (a+k) mod n where n is the size of the alphabet and a denotes both a letter and its position in A. - A is given as follows: 0-A 7-H 13-N 20-U 1-B 8-I 14-O 21-V 2-C 9-J 15-P 22-W 3-D 10-K 16-Q 23-X 4-E 11-L 17-R 24-Y 5-F 12-M 18-S 25-Z 6-G 19-T Compute Ek(M) for M=RENAISSANCE, and k=3 Example: cryptanalysis Assuming that all keys are equally likely, how many characters are needed to break the above cipher?

Homophonic Substitution Ciphers -Use a one-to-many mapping; each plaintext character can be mapped into a cipertext element picked at random from a set of characters. Let: A, C: n-character alphabet f: A (C), a one-to-many mapping A plaintext message M is enciphered as follows: M=m1m2 Ek(M) = c1c2, where ci f(mi)

Example: Suppose that the English letters are enciphered as integers between 0 and 99. Consider the following assignment of integers to letters: Letter Homophones A 17 19 34 56 60 67 83 I 08 22 53 65 88 90 L 03 44 76 N 02 09 15 27 32 40 59 O 01 11 23 28 42 54 70 80 P 33 91 T 05 10 20 29 45 58 64 78 99 Compute Ek(M) for M=PLAIN PILOT

Polyalphabetic Substitution Ciphers -Use multiple mappings from plaintext to ciphertext characters; the mappings are usually one-to-one as in simple substitution. -Most polyalphabetic substitution ciphers are periodic substitution ciphers based on a period d. Let: C1, Cd, cipher alphabets fi: A Ci, mapping from plaintext alphabet A to the ith cipher alphabet Ci (1 i d) A plaintext message M is enciphered as follows: M= m1 mdmd+1 m2d Ek(M)= f1(m1) fd(md)f1(md+1) fd(m2d)

Compute Ek(M) for M=A, and K=D (A=11000; D=10010) Example: Vigenere cipher The key K is specified by a sequence of letters K=k1 kd, where ki (i=1,,d) gives the amount of shift in the ith alphabet: fi(a) = (a+ki) mod n. Compute Ek(M), for M=RENAISSANCE, and K=BAND Example: cryptanalysis How many characters are required to break the Vigenere cipher, assuming a period d. Example: one-time pad -A cipher in which the key is a random sequence of characters and is not repeated; the key is only used once. -Let M=m1m2 a plaintext bit stream and K=k1k2 a key bit stream, Ek(M) = c1c2, where ci=(mi ki) mod 2, i=1,2 -Because ki ki=0, deciphering is performed by: ci ki=mi ki ki=mi

Polygram Substitution Ciphers -The most general forms of substitution ciphers, permitting arbitrary substitutions for groups of characters. -Enciphering larger blocks of letters makes cryptanalysis harder by destroying the significance of single-letter frequencies.

Example: Playfair cipher Digram substitution cipher that uses a 5 5matrix (J is not used) to generate the key; a pair of plaintext letters m1m2 is enciphered as follows: 1. If m1 and m2 are in the same row, then c1 and c2 are the two characters to the right of m1 and m2, respectively, where the first column is considered to be to the right of the last column. 2. If m1 and m2 are in the same column, then c1 and c2 are the two characters below m1and m2, respectively, where the first row is considered to be below the last row. 3. If m1 and m2 are in different rows and columns, then c1 and c2 are the other two corners of the rectangle having m1 and m2 as corners, where c1 is in m1 s row and c2 is in m2 s row. 4. If m1=m2, a null letter (e.g., X) is inserted into the plaintext between m1 and m2 to eliminate the double. 5. If the plaintext has an odd number of characters, a null letter is appended to the end of the plaintext. Compute Ek(M), for M=RENAISSANCE with K: H A R P S I C O D B E F G K L M N Q T U V W X Y Z

3. Product Ciphers Substitution-Permutation Ciphers Algorithm design -Shannon proposed to design strong ciphers by mixing different kinds of transformations. That can be achieved by alternating substitutions and transpositions. -The earliest block ciphers were based on that principle and so were called SP-networks. S-box S-box S-box S-box

-Three things need to be done to make the algorithm design secure: 1. The cipher needs to be wide enough. 2. The cipher needs to have enough rounds. 3. The S-boxes need to be suitably chosen. Example: LUCIFER cipher C = Ek(M) = St o Pt-1 o o S2 o P1 o S1(M) Each Si is a function of the key K, and is broken into 4 smaller substitutions Si1,,Si4, operating on a 3-bit sub-block to reduce the complexity of the circuits

S1 P1 S2 Pt-1 St m1 m2 m3 S11 S21 St1 c1 c2 c3 m4 S12 S22 St2 c4 m5 c5 m6 m7 S13 S23 St3 c6 c7 m8 m9 c8 c9 m10 m11 S14 S24 St4 c10 c11 m12 c12

Digital Encryption Standard (DES) -DES has been created in 1977 at IBM, as an outgrowth of LUCIFER. -DES enciphers 64-bit blocks of data with a 56-bit key, and has been implemented in both hardware and software. -The same algorithm is used for encryption and decryption. An input block T is first passed through a permutation IP. Then the output of the initial permutation is submitted to 16 iterations of a function f (substitution + transposition). Finally the inverse permutation 1 IP is applied, which gives the final result. Let Ti =LiRi denotes the result of the ith iteration, with Li and Ri the left and right halves of Ti: Li = t1 t32,ri = t33 t64 Li = Ri-1, Ri= Li-1 f(ri-1,ki) where Ki is a 48-bit key.

T IP L0 L1=R0 L2=R1 K1 K2 f f R0 R1=L0 f(r0,k1) R2=L1 f(r1,k2) L15=R14 R16=L15 f(r15,k16) K16 f R15=L14 f(r14,k15) L16=R15 1 IP output

Calculation of f(ri-1,ki) Ri-1 E Ki S1 S2 S3 S4 S5 S6 S7 S8 P f(ri-1,ki)

1. Ri-1 is first expanded in 48 bits using a permutation E, 2. E(Ri-1) Ki is taken and divided into 8 blocks of 6 bits: E(Ri-1) Ki = B1...B8, where Bi = b1...b6 3. Each block Bi is passed through a S-box, returning a 4-bit block Si(Bi) 4. The Si(Bi) are then concatenated and transposed using a permutation P: f(ri-1,ki) = P(S1(B1)...S8(B8)) S-box: An input block Bi = b1...b6 is transformed using a substitution table: The integer corresponding to b1b6 specifies a row number, The integer corresponding to b2b3b4b5 specifies a column. Si(Bi) is the 4-bit representation of the integer in that row and column.

Key Calculation K PC-1 C0 D0 LS1 LS1 C1 D1 PC-2 K1 LS2 LS2 C2 D2 PC-2 K2 LS16 LS16 C16 D16 PC-2 K16

-A different key Ki derived from K is used for each iteration. K is input as a 64-bit block, with 8 parity bits in positions 8, 16,...,64 Then a permutation PC-1 is applied discarding the parity bits and transposing the remaining 56 bits. The results PC-1(K) is then split into two halves C and D of 28 bits each. A key Ki is derived by successively shifting left C and D for each iteration: Ci = LSi(Ci-1), Di = LSi(Di-1) Ki = PC-2(CiDi), where LSi is a left circular shift by specified number of positions, and PC-2 is a permutation.

Triple DES -Since its invention, several weaknesses have been identified in DES. -Key size is one of them: 56-bits keys are vulnerable to known plaintext attack by exhaustive search. -Solutions: either increase the size of the key (->112 bits) or use a multiple encryption scheme Triple DES. Encipher DES 1 DES DES plaintext k1 k2 k3 ciphertext Decipher 1 DES DES 1 DES -A plaintext message M is encrypted, decrypted, and then encrypted 1 using different keys: C = DES ( DES ( DES ( M ))) k3 k2 k1 -The message is restored using the reverse operation: 1 1 DES ( DES ( DES ( C))) = k1 k2 k3 M

4. Exponentiation Ciphers -Encipher a message block M [0,n-1] by computing the exponential C = M e mod n (1) where K = (e,n) is the encryption key. -M is restored by the same operation, but using a different exponent d. (2) M = C d mod n -Enciphering and deciphering are based on Euler s generalization of Fermat s Theorem, which states that for every M relatively prime to n: Φ( n ) (3) M mod n Theorem 1: Given e and d satisfying ed mod Φ(n) and a message M [0,n-1] such that gcd(m,n) = 1, = 1 ( M e mod n) d mod n = M -By symmetry, enciphering and deciphering are commutative and mutual inverses: d e de (4) ( M mod n) mod n = M mod n = M

Rivest, Shamir, and Adelman (RSA) Algorithm -Exponentiation cipher based on the use of the product of two very 100 large prime numbers (greater than 10 ), and the fact that the computation of large prime factors is difficult. To find a key pair e, d: 1. 100 Choose two large prime numbers, P and Q (each greater than 10 ), and form N = P Q, Z = (P-1) (Q-1) 2. For d choose any number that is relatively prime with Z 3. To find e solve the equation: e d = 1 mod Z 4. Divide the plaintext into equal blocks of length k bits where 2 k < N (in practice k is in the range 512-1024) 5. A single block of plaintext is encrypted using E( e, N, M ) = M mod N 6. A block of encrypted text C is decrypted using D( d, N, C) = C d mod N

-RSA can be used both for secrecy and authenticity in a public-key system due to the symmetry (Eq. (4)) inherent to exponential ciphers. -Any attempt to compromise the private key Kd = (d,n) requires knowledge of the original prime numbers P and Q, and these can only be obtained by the factorization of N, which is hard since 100 N > 10 Using RSA for Digital Signatures -The private key Kd = (d,n) can be used to produce a digital signature on a message: Sigd( M ) M d mod N -The signature can be verified by using the public key Ke =(e,n): M ( Sigd( M )) e mod N

5. Cryptography based on Discrete Logarithms -There are 2 flavors of algorithms based on discrete logarithm: arithmetic and elliptic curves. -The arithmetic approach is based on the difficulty of finding, given a large prime number p, the discrete logarithm of a number y: f y = g x mod : x p g x mod The mapping is a one-way function, with the additional properties that: p f ( x + y) = f ( x) g( y) and f(nx) = n (f(x))

The Diffie-Hellman Protocol -Public key encryption scheme based on a commutative encryption function: 1. Alice encrypts message M with her key: ka {M}ka. 2. Alice sends {M}ka to Bob. 3. Bob in his turn encrypts the received message: {{M}ka}kb 4. Bob sends {{M}ka}kb back to Alice. 5. Alice is able to decrypt the received message due to commutativity {{M}ka}kb = {{M}kb}ka: {M}kb 6. Alice sends {M}kb to Bob, who can decrypt it using his key kb M.

-Diffie and Hellman use a commutative encryption function based on discrete logarithm: Appropriate prime p and generator g are chosen, and common for all users. 1. Alice chooses a secret random number xa ( her private key) xa and publish ya = g (her public key). xb 2. Bob does the same with xb secret and yb = g public. 3. Alice uses xa xaxb to encrypt a message to Bob. yb = ya = g g 4. Bob uses xb xaxb to decrypt the received message. xaxb -In practice Alice and Bob uses g as shared session key for their communication. -The basic protocol itself doesn t provide forward security; it is easily subject to middleperson attacks and so on. This can be dealt with by authenticating the participants (e.g. digital signatures).

Digital Signature Algorithm (DSA) -DSA is a US standard for digital signatures. -DSA assumes the following: Aprime p of 1024 bits, Aprime q of 160 bits dividing (p-1), An element g of order q in the integers modulo p, A secret signing key x, x A public verification key y = -DSA uses a hash function h (typically SHA1) to compute the signature Sigx(M) on a message M; given a message key K chosen at random: k r ( g Sigx( M ) g mod p) mod q h( M ) xr k mod q

6. Advanced Encryption Standard (AES) -Invented by Vincent Rijmen and Joan Daemen, and adopted recently after a competition organized by NIST, as US standard. -Acts on 128 bit blocks and can use a key of 128, 192, or 256 bits in length. -Based on an SP-network that uses a single S-box which acts on a byte input to give a byte output. The S-box is defined by: 1 S ( x) = M + b over x the field GF(2 where M is a suitably chosen matrix and b is a constant. 8 )

-The linear transformation, between the rounds, is based on arranging the 16 bytes of the value enciphered in a square and then doing bytewise shuffling and mixing operations: 1. The first step is the shuffle: the top row of four bytes is left unchanged, while the second row is shifted one place to the left, the third row by two places and the fourth row by three places. 2. The second step is the column mixing: 4 bytes in a column are mixed using matrix multiplication. 1 1 1 2 2 2 3 3 3 4 4 4 Shift row Mix column

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback