Symmetric-Key Cryptography

Similar documents
Scanned by CamScanner

Block ciphers. CS 161: Computer Security Prof. Raluca Ada Popa. February 26, 2016

Block ciphers, stream ciphers

Crypto: Symmetric-Key Cryptography

Goals of Modern Cryptography

Computer Security CS 526

CS 161 Computer Security

1 Achieving IND-CPA security

Information Security CS526

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

Cryptography. Andreas Hülsing. 6 September 2016

Cryptography [Symmetric Encryption]

Cryptography: Symmetric Encryption [continued]

Block cipher modes. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 75

Block ciphers used to encode messages longer than block size Needs to be done correctly to preserve security Will look at five ways of doing this

Cryptography (cont.)

Winter 2011 Josh Benaloh Brian LaMacchia

Cryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography CS 555. Topic 11: Encryption Modes and CCA Security. CS555 Spring 2012/Topic 11 1

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Introduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu

Introduction to Symmetric Cryptography

Symmetric Cryptography

Computational Security, Stream and Block Cipher Functions

Cryptography 2017 Lecture 3

Private-Key Encryption

symmetric cryptography s642 computer security adam everspaugh

Symmetric Encryption. Thierry Sans

APNIC elearning: Cryptography Basics

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Network Security Essentials

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Cryptography Functions

ECE 646 Lecture 8. Modes of operation of block ciphers

Course Map. COMP 7/8120 Cryptography and Data Security. Learning Objectives. How to use PRPs (Block Ciphers)? 2/14/18

Practical Aspects of Modern Cryptography

Stream Ciphers and Block Ciphers

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

Summary. Final Week. CNT-4403: 21.April

CIS 4360 Secure Computer Systems Symmetric Cryptography

Lecture 2: Secret Key Cryptography

Block Ciphers Introduction

Lecture 6: Symmetric Cryptography. CS 5430 February 21, 2018

Advanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50

Cryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes

Symmetric Cryptography

Block Ciphers. Secure Software Systems

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Chapter 6 Contemporary Symmetric Ciphers

Message authentication codes

CSE 127: Computer Security Cryptography. Kirill Levchenko

CS155. Cryptography Overview

ECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

Block Cipher Operation. CS 6313 Fall ASU

Symmetric Cryptography. CS4264 Fall 2016

Understanding Cryptography by Christof Paar and Jan Pelzl. Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 2009

CS 161 Computer Security. Week of September 11, 2017: Cryptography I

Stream Ciphers and Block Ciphers

symmetric cryptography s642 computer security adam everspaugh

Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 24

CS155. Cryptography Overview

Encryption Details COMP620

Symmetric Crypto MAC. Pierre-Alain Fouque

Symmetric-Key Cryptography Part 1. Tom Shrimpton Portland State University

A High-Performance VLSI Architecture for Advanced Encryption Standard (AES) Algorithm

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Ref:

Presented by: Kevin Hieb May 2, 2005

CS 161 Computer Security

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Chapter 3 Block Ciphers and the Data Encryption Standard

Advanced Encryption Standard

Network Security Essentials Chapter 2

Chapter 8. Encipherment Using Modern Symmetric-Key Ciphers

PROTECTING CONVERSATIONS

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Lecture 3: Symmetric Key Encryption

Lecture 4: Symmetric Key Encryption

CSC574: Computer & Network Security

Feedback Week 4 - Problem Set

EEC-484/584 Computer Networks

P2_L6 Symmetric Encryption Page 1

Cryptography CS 555. Topic 8: Modes of Encryption, The Penguin and CCA security

CSC 580 Cryptography and Computer Security

Introduction to Cryptography. Lecture 3

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Introduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

18-642: Cryptography 11/15/ Philip Koopman

Data Encryption Standard (DES)

Some Aspects of Block Ciphers

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Symmetric Key Encryption. Symmetric Key Encryption. Advanced Encryption Standard ( AES ) DES DES DES 08/01/2015. DES and 3-DES.

Introduction to cryptology (GBIN8U16)

Introduction to Cryptology. Lecture 17

Double-DES, Triple-DES & Modes of Operation

Cryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi

18-642: Cryptography

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl

Transcription:

Symmetric-Key Cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 13, 2016

Announcements Project due Sept 20

Special guests Alice Bob The attacker (Eve - eavesdropper, Malice) Sometimes Chris too

Cryptography Narrow definition: secure communication over insecure communication channels Broad definition: a way to provide formal guarantees in the presence of an attacker

Three main goals Confidentiality: preventing adversaries from reading our private data, Integrity: preventing attackers from altering some data, Authenticity: determining who created a given document

Modern Cryptography Symmetric-key cryptography The same secret key is used by both endpoints of a communication = Public-key (asymmetric-key) cryptography Sender and receiver use different keys =

Today: Symmetric-key Cryptography Whiteboard & notes: - Symmetric encryption definition - Security definition - One time pad (OTP) - Block cipher

Advanced Encryption Standard (AES) - Block cipher developed in 1998 by Joan Daemen and Vincent Rijmen - Recommended by US National Institute for Standard and Technology (NIST) - Block length n = 128, key length k = 256

AES ALGORITHM 14 cycles of repetition for 256-bit keys. AES slides, credit Kevin Orr

Algorithm Steps - Sub bytes each byte in the state matrix is replaced with a SubByte using an 8-bit substitution box b ij = S(a ij )

Shift Rows Cyclically shifts the bytes in each row by a certain offset The number of places each byte is shifted differs for each row

Uses Government Standard AES is standardized as Federal Information Processing Standard 197 (FIPS 197) by NIST To protect classified information Industry SSL / TLS SSH WinZip BitLocker Mozilla Thunderbird Skype But used as part of symmetric-key encryption or other crypto tools

Symmetric-key encryption from block ciphers

Why block ciphers not enough for encryption by themselves? Can only encrypt messages of a certain size If message is encrypted twice, attacker knows it is the same message

Original image

Eack block encrypted with a block cipher

Later (identical) message again encrypted

Symmetric key encryption scheme Can be reused (unlike OTP) Builds on block ciphers: Can be used to encrypt long messages Wants to hide that same block is encrypted twice Uses block ciphers in certain modes of operation

Electronic Code Book (ECB) Split message M in blocks P 1, P 2, Each block is a value which is substituted, like a codebook Each block is encoded independently of the other blocks C i = EK(Pi)

Encryption P 1 P 2 P 3 C 1 C 2 C 3 KeyGen = key gen of block cipher Enc(K, P1 P2 P3) = (IV, C1, C2, C3) Dec(K, (IV,C1,C2,C3)) = (P1, P2, P3)

Decryption C 1 C 2 C 3 P 1 P 2 P 3 What is the problem with ECB?

Does this achieve IND-KPA? No, attacker can tell if P i =P j

Original image

Encrypted with ECB

Later (identical) message again encrypted with ECB

CBC: Encryption P 1 P 2 P 3 C 1 C 2 C 3 IV may not repeat for messages with same P 1, choose it at random

CBC: Decryption C 1 C 2 C 3 P 1 P 2 P 3

Original image

Encrypted with CBC

CBC Popular, still widely used Achieves IND-KPA, and more (IND-CPA) Caveat: sequential encryption, hard to parallelize CTR mode gaining popularity

CTR: Encryption Enc(K, P1 P2 P3) = (nonce, C1, C2, C3) P 1 P 2 P 3 C 1 C 2 C 3 Nonce is similar to IV for CBC, one should not use the same nonce for two messages; choose it at random

CTR: Decryption Dec(K, (nonce,c1,c2,c3)) = (P1, P2, P3) C 1 C 2 C 3 P 1 P 2 P 3 Note, CTR decryption uses block cipher s encryption, not decryption

CBC vs CTR Security: Both IND-KPA, and even IND-CPA If you ever reuse the same nonce, CBC might leak some information about the initial plaintext blocks up to a first difference between two messages. CTR can leak information about various blocks in the message. Speed: Both modes require the same amount of computation, but CTR is parallelizable

Summary Encryption protects confidentiality IND-KPA is a security game expressing message indistinguishability OTP is secure if used only once Block ciphers help build symmetric-key encryption schemes with reusable sizes and arbitrary message lengths by chaining them in cipher modes

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback