Cryptography Symmetric Encryption Class 2

Similar documents
2

Cryptography and Network Security. Lecture 02 Symmetric Encryption. Ediz ŞAYKOL

CSCE 715: Network Systems Security

PART I Symmetric Ciphers

Cryptography and Network Security

Cryptography and Network Security Chapter 2

Chapter 2: Classical Encryption Techniques

Chapter 3 Block Ciphers and the Data Encryption Standard

Classical Encryption Techniques

Cryptography and Network Security 2. Symmetric Ciphers. Lectured by Nguyễn Đức Thái

UNIT 2 CLASSICAL ENCRYPTION TECHNIQUES

Symmetric Encryption Algorithms

Block Encryption and DES

Unit-II. Symmetric Ciphers. To emphasize the 2 categories of traditional ciphers:substitution and transposition ciphers.

Information Systems Security

Modern Block Ciphers

Network Security Essentials Chapter 2

CENG 520 Lecture Note III

10/3/2017. Cryptography and Network Security. Sixth Edition by William Stallings

Network Security 網路安全. Lecture 3 March 16, 2015 洪國寶

Symmetric Cryptography. Chapter 6

Overview of Conventional Encryption Techniques

Cryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles

Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution

Computer Security Network Security Internet Security

Classical Encryption Techniques. CSS 322 Security and Cryptography

Introduction to Network Security Missouri S&T University CPE 5420 Cryptology Overview

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Double-DES, Triple-DES & Modes of Operation

Classical Encryption Techniques

Classical Cryptography. Thierry Sans

Traditional Symmetric-Key Ciphers. A Biswas, IT, BESU Shibpur

CLASSICAL CRYPTOGRAPHY. A Brief Reference for Self Build Crypto assignment

Block Cipher Operation. CS 6313 Fall ASU

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Secret Key Cryptography Overview

Classical Encryption Techniques

Chapter 6 Contemporary Symmetric Ciphers

Secret Key (symmetric) Cryptography

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

Computer and Data Security. Lecture 3 Block cipher and DES

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

Network Security. Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar

Symmetric Encryption. Thierry Sans

7. Symmetric encryption. symmetric cryptography 1

Introduction to Cryptography CS 136 Computer Security Peter Reiher October 9, 2014

Lecture 4: Symmetric Key Encryption

Lecture 3: Symmetric Key Encryption

Introduction to Symmetric Cryptography

Cryptography III: Symmetric Ciphers

Crypto: Symmetric-Key Cryptography

Introduction to Software Security Crypto Basics (Chapter 2)

P2_L6 Symmetric Encryption Page 1

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Modern Symmetric Block cipher

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

Cryptography and Network Security

L2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015

CSCE 813 Internet Security Symmetric Cryptography

Data Encryption Standard (DES)

Outline Basics of Data Encryption CS 239 Computer Security January 24, 2005

3 Symmetric Cryptography

CSEC 507: APPLIED CRYPTOLOGY Historical Introduction to Cryptology

Network Security Essentials

Cryptography MIS

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Substitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.

6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1

CSC 580 Cryptography and Computer Security

Module 1: Classical Symmetric Ciphers

CHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))

Information Security and Cryptography 資訊安全與密碼學. Lecture 6 April 8, 2015 洪國寶

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Conventional Encryption: Modern Technologies

CIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)

EEC-484/584 Computer Networks

Cryptography III: Symmetric Ciphers

Chapter 6: Contemporary Symmetric Ciphers

Secret Key Cryptography

Applied Cryptography Data Encryption Standard

Block Ciphers. Advanced Encryption Standard (AES)

Symmetric Cryptography

CPSC 467b: Cryptography and Computer Security

Making and Breaking Ciphers

Stream Ciphers and Block Ciphers

ECE 646 Fall 2008 Multiple-choice test

Secret Key Cryptography

APNIC elearning: Cryptography Basics

Lecture 1 Applied Cryptography (Part 1)

OVE EDFORS ELECTRICAL AND INFORMATION TECHNOLOGY

Computer Security 3/23/18

Stream Ciphers and Block Ciphers

Behrang Noohi. 22 July Behrang Noohi (QMUL) 1 / 18

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

Darshan Institute of Engineering & Technology Page Information Security (IS) UNIT-2 Conventional Encryption Techniques

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

JNTU World JNTU World. JNTU World. Cryptography and Network Security. Downloaded From JNTU World ( )( )JNTU World

Symmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.

Transcription:

Cryptography Symmetric Encryption Class 2 Stallings: Ch 3 & 6 Stallings: Ch 4 CEN-5079: 18.January.2018 1

Symmetric Cryptosystems Encryption Key Decryption Key Plaintext Plaintext Encryption Algorithm = Decryption Algorithm CEN-5079: 18.January.2018 2

Outline Encryption Techniques Classical Techniques Modern Times: DES CEN-5079: 18.January.2018 3

Classic Techniques Substitution Ciphers Cesar Cipher Monoalphabetic Ciphers Polyalphabetic Ciphers Vigenere Vernam One Time Pad Transposition Ciphers Product Ciphers CEN-5079: 18.January.2018 4

Classic Substitution Techniques Letters of plaintext are replaced by other letters or by numbers or symbols If plaintext is viewed as a sequence of bits Replace plaintext bits with ciphertext bits CEN-5079: 18.January.2018 5

Caesar Cipher Earliest known substitution cipher By Julius Caesar First attested use in military affairs Example: meet me after the toga party PHHW PH DIWHU WKH WRJD SDUWB Guess how? Replaces each letter by 3rd letter on CEN-5079: 18.January.2018 6

Caesar Cipher (cont d) Define transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Math -- Caesar cipher is: c = E(k, p) = (p + k) mod (26) p = D(k, c) = (c k) mod (26) CEN-5079: 18.January.2018 7

Cryptanalysis of Caesar Cipher Only have 25 possible ciphers A maps to B,C,.., Z Brute force search Given ciphertext, just try all shifts of letters Do need to recognize when have plaintext E.g. break ciphertext QIIX QI MR QMEQM CEN-5079: 18.January.2018 8

Monoalphabetic Cipher Shuffle the letters arbitrarily Random permutation how many in total? Each plaintext letter maps to a different random ciphertext letter Key is 26 letters long Example: Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA CEN-5079: 18.January.2018 9

Monoalphabetic Cipher Security Key space increases from 25 (Caesar) to 26! = 4 x 10 26 (English) http://www.simonsingh.net/the_black_chamb er/generalsubstitutionwithmenu.html With so many keys, might think is secure But would be WRONG Problem is language characteristics CEN-5079: 18.January.2018 10

Language and Cryptanalysis Letters are not equally used In English E is by far the most common letter Other letters like Z,J,K,Q,X are fairly rare Build digrams Trigrams CEN-5079: 18.January.2018 11

Use In Cryptanalysis Monoalphabetic substitution ciphers do not change relative letter frequencies Discovered by Arabian scientists in 9 th century 1. Calculate letter frequencies for ciphertext 2. Compare counts against known values peaks at: A-E-I triple, NO pair, RST triple valeys at: JK, X-Z CEN-5079: 18.January.2018 12

Playfair Cipher Not even the large number of keys in a monoalphabetic cipher provides security Idea: encrypt multiple letters at a time Example: the Playfair Cipher Invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair CEN-5079: 18.January.2018 13

Playfair Key Matrix 5X5 matrix of letters based on a keyword Fill in letters of keyword (without duplicates) Fill rest of matrix with other letters Example: using the keyword MONARCHY M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z CEN-5079: 18.January.2018 14

Encrypting and Decrypting Plaintext is encrypted two letters at a time 1. If a pair is a repeated letter, insert filler like 'X 2. If both letters fall in the same row, replace each with letter to right (wrapping back to start from end) 3. If both letters fall in the same column, replace each with the letter below it (wrapping to top from bottom) 4. Otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair CEN-5079: 18.January.2018 15

Security of Palyfair Security much improved over monoalphabetic Since we have 26 x 26 = 676 digrams Would need a 676 entry frequency table to analyse Versus 26 for a monoalphabetic And correspondingly more ciphertext Was widely used for many years E.g. by US & British military in WW1 It can be broken, given a few hundred letters Since still has much of plaintext structure CEN-5079: 18.January.2018 16

Classic Techniques Substitution Ciphers Cesar Cipher Monoalphabetic Ciphers Polyalphabetic Ciphers Vigenere Vernam One Time Pad Transposition Ciphers Product Ciphers CEN-5079: 18.January.2018 17

Polyalphabetic Ciphers Improve security using multiple cipher alphabets Flatten frequency distribution Use key to select which alphabet is used for each letter of the message Use each alphabet in turn Repeat from start after end of key is reached CEN-5079: 18.January.2018 18

Vigenere Ciphers Simplest polyalphabetic substitution cipher Effectively multiple Caesar ciphers Key is multiple letters long K = k 1 k 2... k m i th letter of key specifies i th alphabet to use Key k 1..k m C 1 =(P 1 +k 1 ) mod 26 Plaintext P 1, P 2...P n Succession of Caesar ciphers Ciphertext C 1, C 2...C n C m =(P m +k m ) mod 26 C m+1 =(P m+1 +k 1 ) mod 26 CEN-5079: 18.January.2018 19

Example: Vigenere Cipher Write the plaintext out Write the keyword repeated above it Use each key letter as a Caesar cipher key Encrypt the corresponding plaintext letter key #: 342415198214342415198214342415198214 key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext:zicvtwqngrzgvtwavzhcqyglmgj CEN-5079: 18.January.2018 20

Security of Vigenere Cipher Have multiple ciphertext letters for each plaintext letter Hence letter frequencies are obscured But not totally lost! CEN-5079: 18.January.2018 21

Kasiski Method Repetitions in ciphertext give clues to period Find same plaintext an exact period apart Which results in the same ciphertext key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext:zicvtwqngrzgvtwavzhcqyglmgj Suggests key size of 3 or 9 Then attack each monoalphabetic cipher individually using same techniques as before CEN-5079: 18.January.2018 22

Vernam Cipher Ultimate defense is to use a key as long as the plaintext With no statistical relationship to it Invented by AT&T engineer Gilbert Vernam in 1918 Originally proposed using a very long but eventually repeating key CEN-5079: 18.January.2018 23

Vernam Cipher Generalization of Vigenere Represent messages in binary format E.g., ASCII (google it): A = 10 (decimal) = 1010 (binary) Key has the same length as the cipertext key stream generator key stream generator Key Plaintext k i Ciphertext Key k i Plaintext P i C i Encryption Decryption P i CEN-5079: 18.January.2018 24

One Time Pad Vernam: the key was very long, but Repeatable One Time Pad: Generalization of Vernam The key is used ONLY ONCE! The only Perfect security cryptosystem Problems: Production of many random keys Distribution of random keys as long as the message CEN-5079: 18.January.2018 25

Classic Techniques Substitution Ciphers Cesar Cipher Monoalphabetic Ciphers Polyalphabetic Ciphers Vigenere Vernam One Time Pad Transposition Ciphers Product Ciphers CEN-5079: 18.January.2018 26

Transposition Ciphers Transposition or permutation ciphers Rearrange the letter order Without altering the actual letters used Easily recognizable Have the same frequency distribution as the original text CEN-5079: 18.January.2018 27

Rail Fence Cipher Write message letters over a number of rows Then read off cipher by column Example: write message out as: m e m a t r h t g p r y e t e f e t e o a a t Resulting ciphertext MEMATRHTGPRYETEFETEOAAT CEN-5079: 18.January.2018 28

Row Transposition Ciphers Write letters of message out in rows over a specified number of columns Then reorder the columns according to some key before reading off the rows Key: 4 3 1 2 5 6 7 a t t a c k p o s t p o n e d u n t i l t w o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ CEN-5079: 18.January.2018 29

Product Ciphers Ciphers using substitutions or transpositions are not secure because of language characteristics Use several ciphers in succession to make harder: Two substitutions make a more complex substitution Two transpositions make more complex transposition Product cipher: a substitution followed by a transposition makes a new much harder cipher This is bridge from classical to modern ciphers CEN-5079: 18.January.2018 30

Rotor Machines Before modern ciphers, rotor machines were most common complex ciphers in use Widely used in WW II German Enigma, Allied Hagelin, Japanese Purple Implemented a very complex, varying substitution cipher Used a series of cylinders, each giving one substitution, which rotated and changed after each letter was encrypted With 3 cylinders have 26 3 =17576 alphabets CEN-5079: 18.January.2018 31

Hagelin Rotor Machine CEN-5079: 18.January.2018 32

Enigma Rotor Machine CEN-5079: 18.January.2018 33

Symmetric Ciphers Stream Ciphers Block Ciphers CEN-5079: 18.January.2018 34

Stream Ciphers Encrypt one bit (byte) at a time Example: Vigenere, Vernam Length of key = length of (clear/cipher) text Hard to share between sender and receiver Key (K) Bit-stream generator Bit-stream generator Key (K) Key k i Key k i Plaintext Ciphertext Plaintext P i C i P i Plaintext Plaintext CEN-5079: 18.January.2018 35

Block Ciphers Encrypt one block of text at a time 64-128 bit long Encryption key = Decryption key Shared by sender and receiver 64 bits Key (K) 64 bits Plaintext Encryption Algorithm Ciphertext CEN-5079: 18.January.2018 36

Block Cipher Principles n bit input to n bit output 2 n possible inputs Each must produce a unique ciphertext Otherwise encryption is not reversible No decryption possible CEN-5079: 18.January.2018 37

Ideal Block Cipher Need 2 n table to encrypt! CEN-5079: 18.January.2018 38

Data Encryption Standard (DES) Most widely used block cipher in world Adopted in 1977 by NBS (now NIST) As FIPS PUB 46 Encrypts 64-bit data using 56-bit key Has seen considerable controversy over its security CEN-5079: 18.January.2018 39

DES History IBM developed Lucifer cipher Team led by Feistel in late 60 s Used 64-bit data blocks with 128-bit key Redeveloped as a commercial cipher with input from NSA and others 1973: National Bureau of Standards (NBS) issued request for proposals for a national cipher standard IBM submitted their revised Lucifer which was eventually accepted as the DES CEN-5079: 18.January.2018 40

DES Controversy DES standard is public Considerable controversy over design Choice of 56-bit key (vs Lucifer 128-bit) Design criteria were classified Subsequent events and public analysis show in fact design was appropriate Use of DES has flourished Especially in financial applications Still standardised for legacy application use Replaced by AES CEN-5079: 18.January.2018 41

DES Encryption CEN-5079: 18.January.2018 42

Initial Permutation (IP) First step of the data computation IP reorders the input data bits Even bits to LH half, odd bits to RH half Quite regular in structure (easy in h/w) Example: IP(675a6967 5e5a6b5a) = (ffb2194d 004df6fb) CEN-5079: 18.January.2018 43

DES Round Structure Uses two 32-bit L & R halves Feistel cipher: L i = R i 1 R i = L i 1 F(R i 1, K i ) CEN-5079: 18.January.2018 44

Feistel Cipher Introduced by Horst Feistel 16 + 1 rounds Plaintext LE 0 RE 0 What is F? F K 1 LE 1 =RE 0 RE 1 L i = R i 1 R i = L i 1 F(R i 1, K i ) CEN-5079: 18.January.2018 45

Feistel Cipher Structure CEN-5079: 18.January.2018 46

DES Structure: Function F F takes 32-bit R half and 48-bit subkey: Expands R to 48-bits using perm E Adds to subkey using XOR 8 S-boxes to get 32-bit result Finally permutes using 32-bit perm P CEN-5079: 18.January.2018 47

Symmetric Key Crypto Symmetric Ciphers Multiple Encryption Modes of Operation CEN-5079: 18.January.2018 48

Multiple Encryption and DES Uses 56-bit keys to encrypt 64 bit blocks Differential cryptanalysis O(2 47 ) encryptions Linear cryptanalysis O(2 43 ) encryptions Can we make DES withstand attacks without changing its structure? Yes! CEN-5079: 18.January.2018 49

Double DES 2 DES with keys K 1 and K 2 : C = E K2 (E K1 (P)) K 1 K 2 P DES Encrypt X DES Encrypt C K2 K 1 DES Decrypt DES Decrypt C X P CEN-5079: 18.January.2018 50

2 DES: Meet-in-the-Middle 2 DES uses two keys: 56+56=112 bits Is the strength 2 56 of DES? NO!!!! Given P and C Encrypt P for all possible 2 56 values of K 1 Store in table T: pairs (K 1, E K1 (P)) Decrypt C for all possible 2 56 values of K 2 Search D K2 (C) in table T Success when E K1 (P) = D K2 (C) Attack takes O(2 56 ) steps similar to DES CEN-5079: 18.January.2018 51

Triple DES: Two Keys Must use 3 encryptions But can use 2 keys with E-D-E sequence C = E K1 (D K2 (E K1 (P))) If K 1 =K 2 then equivalent with single DES Standardized in ANSI X9.17 & ISO8732 No current known practical attacks Several proposed impractical attacks might become basis of future attacks CEN-5079: 18.January.2018 52

Triple DES: Three Keys Can use Triple-DES with Three-Keys to avoid even these C = E K3 (D K2 (E K1 (P))) Has been adopted by some Internet applications PGP, S/MIME CEN-5079: 18.January.2018 53

Symmetric Key Crypto Symmetric Ciphers Multiple Encryption Modes of Operation CEN-5079: 18.January.2018 54

Modes of Operation Block ciphers encrypt fixed size blocks DES encrypts 64-bit blocks with 56-bit key Need to encrypt and decrypt arbitrary amounts of data in practice NIST SP 800-38A defines 5 modes Electronic Code Book: ECB Cipher Block Chaining: CBC Cipher Feedback: CFB Output Feedback: OFB Counter Mode: CTR Can be used with any block cipher CEN-5079: 18.January.2018 55

Electronic Code Book (ECB) Split message into blocks of length b (e.g., 64 bits) Use the same key to encrypt each block Each block is mapped into a unique value like a codebook P 1 P s K DES Encrypt (s blocks) K DES Encrypt C 1 C s CEN-5079: 18.January.2018 56

ECB Decryption C 1 C s K DES Decrypt K (s blocks) DES Decrypt P 1 P s Weakness due to independent encryptions Same bit repeated each b positions Main use is sending a few blocks of data E.g., shared keys CEN-5079: 18.January.2018 57

Cipher Block Chaining (CBC) Use Initial Vector (IV) to start process Chain current cipher block into next encryption IV P 1 P 2 (s blocks) K DES Encrypt K DES Encrypt C 1 C 2 C 1 CEN-5079: 18.January.2018 58

CBC: Decryption C 1 C 2 C 1 (s blocks) K DES Decrypt K DES Decrypt IV P 1 P 2 CEN-5079: 18.January.2018 59

CBC Discussion Padding: Message length may not be divisible by b End of message must handle a possible last short block Random padding May require an extra entire block over those in message Need Initialization Vector (IV) Must be known to sender & receiver May be sent encrypted in ECB mode before rest of message CEN-5079: 18.January.2018 60

Stream Modes of Operation Block modes (ECB,CBC) encrypt entire block May need to operate on smaller units: Why? Real time data Convert block cipher into stream cipher Cipher feedback (CFB) mode Output feedback (OFB) mode Counter (CTR) mode CEN-5079: 18.January.2018 61

Cipher Feedback Mode (CFB) Message is treated as a stream of bits Take s bits at a time; s<b K IV (b bits) DES Encrypt K IV Shift s bits DES Encrypt (so on) s bits Discard s bits Discard P 1 (s) P 2 (s) C 1 C 2 CEN-5079: 18.January.2018 62

More on CFB Decryption similar Appropriate when data arrives in bits/bytes CEN-5079: 18.January.2018 63

Counter Mode (CTR) b is block size Counter 1 Counter 2 K Encrypt K Encrypt (so on) P 1 (b) P 2 (b) C 1 Counter 2 = Counter 1 +1,.., Counter n = Counter n-1 + 1 C 2 CEN-5079: 18.January.2018 64

CTR (cont d) The initial Counter 1 is random Decryption is identical to encryption Counter 1 must be known Counters should not be reused This includes across multiple messages CEN-5079: 18.January.2018 65

CTR Advantages Hardware/software efficient Can process blocks in parallel Preprocessing Precompute encryptions of counters Random access Can encrypt/decrypt any block CEN-5079: 18.January.2018 66

CTR Advantages (cont d) Provable security At least as secure as the other modes Simplicity Encryption = Decryption CEN-5079: 18.January.2018 67

Summary Symmetric Ciphers Multiple Encryption Cipher Modes of Operation CEN-5079: 18.January.2018 68

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback