Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

Similar documents
Cryptography and Network Security. Sixth Edition by William Stallings

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

Chapter 3 Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard (DES) Modified by: Dr. Ramzi Saifan

Symmetric Cryptography. Chapter 6

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

Network Security Essentials

Cryptography III: Symmetric Ciphers

Symmetric Encryption Algorithms

Computer and Data Security. Lecture 3 Block cipher and DES

Cryptography Functions

Introduction to Network Security Missouri S&T University CPE 5420 Cryptology Overview

Stream Ciphers and Block Ciphers

Network Security Essentials Chapter 2

7. Symmetric encryption. symmetric cryptography 1

L3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015

CSC 474/574 Information Systems Security

ECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

CENG 520 Lecture Note III

Modern Symmetric Block cipher

Secret Key Cryptography

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Modern Block Ciphers

Cryptography III: Symmetric Ciphers

Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34

Lecture 3: Symmetric Key Encryption

Lecture 1 Applied Cryptography (Part 1)

Symmetric Encryption. Thierry Sans

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

Lecture 4: Symmetric Key Encryption

Secret Key Cryptography Overview

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas

Cryptography MIS

Cryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Data Encryption Standard

Computer Security 3/23/18

Block Encryption and DES

CSC574: Computer & Network Security

Conventional Encryption: Modern Technologies

Network Security. Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

CSCE 813 Internet Security Symmetric Cryptography

ECE 646 Lecture 8. Modes of operation of block ciphers

CPS2323. Block Ciphers: The Data Encryption Standard (DES)

Stream Ciphers and Block Ciphers

Modes of Operation. Raj Jain. Washington University in St. Louis

Geldy : A New Modification of Block Cipher

Making and Breaking Ciphers

6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

3 Symmetric Cryptography

Introduction to Cryptography. Lecture 2. Benny Pinkas. Perfect Cipher. Perfect Ciphers. Size of key space

Secret Key Cryptography

Double-DES, Triple-DES & Modes of Operation

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Secret Key Algorithms (DES)

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

ECE 646 Lecture 7. Modes of Operation of Block Ciphers. Modes of Operation. Required Reading:

P2_L6 Symmetric Encryption Page 1

Applied Cryptography Data Encryption Standard

CIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)

Homework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING

Study and Analysis of Symmetric Key-Cryptograph DES, Data Encryption Standard

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

Symmetric Cryptography CS461/ECE422

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography and Network Security. Sixth Edition by William Stallings

CIT 380: Securing Computer Systems. Symmetric Cryptography

Data Encryption Standard (DES)

Chapter 6: Contemporary Symmetric Ciphers

Cryptography Symmetric Encryption Class 2

Cryptographic Algorithms - AES

CIS 4360 Secure Computer Systems Symmetric Cryptography

Introduction to Network Security Missouri S&T University CPE 5420 Network Access Control

Data Encryption Standard

Symmetric Cryptography

Introduction to Modern Symmetric-Key Ciphers

IDEA, RC5. Modes of operation of block ciphers

Jaap van Ginkel Security of Systems and Networks

Jordan University of Science and Technology

Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution

Content of this part

Symmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.

CSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms

Introduction to Symmetric Cryptography

Symmetric key cryptography

Chapter 6 Contemporary Symmetric Ciphers

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

ENEE 459-C Computer Security. Symmetric key encryption in practice: DES and AES algorithms

Cryptography and Network Security

SUMMARY OF INFORMATION ON EACH COURSE

EEC-484/584 Computer Networks

CSc 466/566. Computer Security. 6 : Cryptography Symmetric Key

Symmetric Key Cryptography

AIT 682: Network and Systems Security

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl

Symmetric Key Cryptography

Transcription:

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu http://web.mst.edu/~cetinkayae/teaching/cpe5420fall2016 2 September 2016 rev. 16.0 2014 2016 Egemen K. Çetinkaya

Data Encryption Standard Outline Stream and block ciphers Feistel cipher DES 2 September 2016 MST CPE 5420 Data Encryption Standard 2

Data Encryption Standard Stream and Block Ciphers Stream and block ciphers Feistel cipher DES 2 September 2016 MST CPE 5420 Data Encryption Standard 3

Cryptography Cryptographic System Types Egemen K. Çetinkaya Operation type transforming plaintext to ciphertext 2 September 2016 MST CPE 5420 Data Encryption Standard 4

Cryptography Cryptographic System Types Operation type transforming plaintext to ciphertext substitution: elements mapped into another transposition: elements are rearranged essential requirement - information is not lost and reversible 2 September 2016 MST CPE 5420 Data Encryption Standard 5

Cryptography Cryptographic System Types Operation type transforming plaintext to ciphertext substitution: elements mapped into another transposition: elements are rearranged essential requirement - information is not lost and reversible The number of keys used 2 September 2016 MST CPE 5420 Data Encryption Standard 6

Cryptography Cryptographic System Types Operation type transforming plaintext to ciphertext substitution: elements mapped into another transposition: elements are rearranged essential requirement - information is not lost and reversible The number of keys used symmetric, single-key, secret-key, private-key asymmetric, two-key, public-key 2 September 2016 MST CPE 5420 Data Encryption Standard 7

Cryptography Cryptographic System Types Operation type transforming plaintext to ciphertext substitution: elements mapped into another transposition: elements are rearranged essential requirement - information is not lost and reversible The number of keys used symmetric, single-key, secret-key, private-key asymmetric, two-key, public-key The way in which the plaintext is processed 2 September 2016 MST CPE 5420 Data Encryption Standard 8

Cryptography Cryptographic System Types Operation type transforming plaintext to ciphertext substitution: elements mapped into another transposition: elements are rearranged essential requirement - information is not lost and reversible The number of keys used symmetric, single-key, secret-key, private-key asymmetric, two-key, public-key The way in which the plaintext is processed block cipher stream cipher 2 September 2016 MST CPE 5420 Data Encryption Standard 9

Stream Cipher Operation Encrypts data stream one bit or one byte at a time Examples? 2 September 2016 MST CPE 5420 Data Encryption Standard 10

Stream Cipher Operation Encrypts data stream one bit or one byte at a time Examples? autokeyed Vigenère cipher Vernam cipher Ideal case is: a one-time pad keystream is as long as the plaintext bit stream keystream is completely random Keys need to be distributed before communication via independent and secure channel Cryptographic strong bit-stream generation needed 2 September 2016 MST CPE 5420 Data Encryption Standard 11

Stream Cipher Operation Bit stream is algorithmic procedure Both ends generate bit stream using shorter key, K 2 September 2016 MST CPE 5420 Data Encryption Standard 12

Block Cipher Operation Blocks of plaintext is operated: 64 or 128 bits size Both ends utilize symmetric key, K Vast crypto systems utilize this method 2 September 2016 MST CPE 5420 Data Encryption Standard 13

Transformation Singularity Reversible vs. Irreversible Transformation n bits plaintext produce a ciphertext block of n bits There are 2 n possible different plaintext blocks Encryption reversibility decryption possible ciphertext must be unique 2 n! possible different transformations for revers. map. Plaintext Reversible (nonsingular) ciphertext Irreversible (singular) ciphertext 00 11 11 01 10 10 10 00 01 11 01 01 2 September 2016 MST CPE 5420 Data Encryption Standard 14

Block Substitution Example General n-bit-n-bit Block Substitution Possible input states: 16 input states Required key length for all possible states: n 2 n 2 September 2016 MST CPE 5420 Data Encryption Standard 15

Diffusion Statistical Cryptanalysis Diffusion and Confusion dissipate long-range statistics of the plaintext each plaintext digit affect value of many ciphertext digits Confusion make complex relationship between statistics of ciphertext and value of the encryption key complex substitution rather than simple linear substitution 2 September 2016 MST CPE 5420 Data Encryption Standard 16

Data Encryption Standard Feistel Cipher Stream and block ciphers Feistel cipher DES 2 September 2016 MST CPE 5420 Data Encryption Standard 17

Product cipher Product Cipher Definitions combines two or more transformations with intend that the resulting cipher is more secure than individual components Substitution-Permutation (SP) network is a product cipher composed of a number of stages each involving substitutions and permutations An iterated block cipher is a block cipher involving the sequential repetition of an internal function called a round function [MOV1996] 2 September 2016 MST CPE 5420 Data Encryption Standard 18

Feistel Cipher Operation Cipher that alternates substitutions and permutations substitution? permutation? 2 September 2016 MST CPE 5420 Data Encryption Standard 19

Feistel Cipher Operation Cipher that alternates substitutions and permutations substitution: plaintext replaced by corresponding ciphertext permutation: reordering or transposition Design features: block size key size number of rounds subkey generation algorithm round function F fast software encryption/decryption ease of analysis 2 September 2016 MST CPE 5420 Data Encryption Standard 20

Block size Feistel Cipher Features 1 larger block sizes mean greater security but reduced encryption/decryption speed for a given algorithm Key size larger key size means greater security but may decrease encryption/decryption speeds Number of rounds a single round offers inadequate security but multiple rounds offer increasing security 2 September 2016 MST CPE 5420 Data Encryption Standard 21

Feistel Cipher Features 2 Subkey generation algorithm greater complexity should lead to greater cryptanalysis effort Round function (aka Mangler function) F greater complexity leads greater resistance to cryptanalysis Fast software encryption/decryption speed of execution of the algorithm becomes a concern both in hardware and software Ease of analysis algorithm analysis can alleviate cryptanalytic vulnerabilities 2 September 2016 MST CPE 5420 Data Encryption Standard 22

Feistel Cipher Structure All rounds have same structure All rounds have substitution and permutation Decryption uses keys in the reverse order [http://www.emc.com/emc-plus/rsa-labs/images/feistel.gif] 2 September 2016 MST CPE 5420 Data Encryption Standard 23

Feistel Cipher F Function E: Expansion 32 bit to 48 bits S-box for substitution 8 S-boxes P-box 6-bit input 4-bit output for permutation [https://en.wikipedia.org/wiki/file:des-f-function.png] 2 September 2016 MST CPE 5420 Data Encryption Standard 24

Data Encryption Standard DES Stream and block ciphers Feistel cipher DES 2 September 2016 MST CPE 5420 Data Encryption Standard 25

Data Encryption Standard Overview Symmetric key algorithm Uses 56 bit long key actually 64 bit, 8 bit used for parity check or padding Block size is 64-bit; also plaintext size Based on Feistel cipher Decryption uses the same keys, inverse operation Initial selection of the algorithm controversial NSA involved in selection US government officials claim it is unbreakable 1992 Movie Sneakers 2 September 2016 MST CPE 5420 Data Encryption Standard 26

Data Encryption Standard History 1973: NBS (ex-nist) initiates competition 1976: DES approved as a standard 1977: Published in FIPS PUB 46 1992: Theoretical cryptanalysis using brute force requires 2 47 chosen plaintext 1998: DES cracker breaks key in less than 3 days cost ~ $250 K https://w2.eff.org/privacy/crypto/crypto_misc/descracker/html/19980716_eff_des_faq.html 2001: AES published 2008: COPACOBANA breaks DES in about a week cost ~ $10 K; http://www.sciengines.com/copacobana/index.html 2 September 2016 MST CPE 5420 Data Encryption Standard 27

Data Encryption Standard Operation Modes It has 3 stages initial permutation; IP key dependent encryption/decryption inverse initial permutation; IP -1 Encryption/decryption is based on Feistel cipher Key schedule designates keys in each round depends on the round number includes shifts and permuted choice functions Avalanche effect causes change in ciphertext 1 bit change in plaintext causes 32 bit change in ciphertext 2 September 2016 MST CPE 5420 Data Encryption Standard 28

Data Encryption Standard Operation Modes Electronic Codebook (ECB) plaintext datablock is used as a direct input to DES Cipher Block Chaining (CBC) chains successive cipher and plaintext blocks Cipher Feedback (CFB) Egemen K. Çetinkaya previous ciphertext used to generate pseudorandom output Output Feedback (OFB) similar to CFB CBC, CFB, OFB uses initialization vector, IV Details in chapter 4 [http://csrc.nist.gov/publications/fips/fips81/fips81.htm] 2 September 2016 MST CPE 5420 Data Encryption Standard 29

Data Encryption Standard Successors Triple DES TDES or 3DES applies DES three times with 2 or 3 different keys adequately secure, but much slower more on chapter 4 DES-X or DESX uses additional 2 keys and XOR operation DES-X (M)=K 2 DES (M K 1 ) requires 2 61 chosen plaintext vs. 2 47 for DES Generalized DES (GDES) faster but less secure than the DES 2 September 2016 MST CPE 5420 Data Encryption Standard 30

Block Cipher Design Principle Three critical aspects to block cipher design? 2 September 2016 MST CPE 5420 Data Encryption Standard 31

Number of rounds Block Cipher Design Principles the more rounds, more difficult to perform cryptanalysis Design of Mangler function F function to be nonlinear linearity: approximation of function F by linear equations good avalanche properties strict avalanche criterion bit independence criterion Key schedule should be difficult to deduce the key from subkeys 2 September 2016 MST CPE 5420 Data Encryption Standard 32

References and Further Reading [S2017] William Stallings, Cryptography and Network Security: Principles and Practice, 7th edition, Prentice Hall, 2017. [KPS2002] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall, 2002. [MOV1996] Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996. [FIPS46] NIST FIPS 46, Data Encryption Standard, 1999 (withdrawn) http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf 2 September 2016 MST CPE 5420 Data Encryption Standard 33

End of Foils 2 September 2016 MST CPE 5420 Data Encryption Standard 34

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback