Symmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.

Similar documents
Secret Key Algorithms (DES)

Secret Key Algorithms (DES) Foundations of Cryptography - Secret Key pp. 1 / 34

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

Lecture 4: Symmetric Key Encryption

Lecture 3: Symmetric Key Encryption

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

Computer and Data Security. Lecture 3 Block cipher and DES

Applied Cryptography Data Encryption Standard

Secret Key Cryptography (Spring 2004)

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Fundamentals of Cryptography

New Kid on the Block Practical Construction of Block Ciphers. Table of contents

Encryption Details COMP620

Introduction to Cryptography. Lecture 2. Benny Pinkas. Perfect Cipher. Perfect Ciphers. Size of key space

Chapter 3 Block Ciphers and the Data Encryption Standard

Block Encryption and DES

Secret Key Cryptography

COS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2018

CSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms

Block Ciphers and the Data Encryption Standard (DES) Modified by: Dr. Ramzi Saifan

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas

CSc 466/566. Computer Security. 6 : Cryptography Symmetric Key

Symmetric Cryptography. Chapter 6

P2_L6 Symmetric Encryption Page 1

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Data Encryption Standard (DES)

Introduction to Modern Symmetric-Key Ciphers

Network Security. Lecture# 6 Lecture Slides Prepared by: Syed Irfan Ullah N.W.F.P. Agricultural University Peshawar

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

AIT 682: Network and Systems Security

Computer Security 3/23/18

Computational Security, Stream and Block Cipher Functions

L3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015

Block Ciphers and Stream Ciphers. Block Ciphers. Stream Ciphers. Block Ciphers

Week 4. : Block Ciphers and DES

CSC 474/574 Information Systems Security

Symmetric Encryption Algorithms

Network Security Essentials Chapter 2

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General Considerations:

Weak Keys of the Full MISTY1 Block Cipher for Related-Key Cryptanalysis

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

CIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)

CPS2323. Block Ciphers: The Data Encryption Standard (DES)

Advanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50

Modern Block Ciphers

Attacks on Advanced Encryption Standard: Results and Perspectives

Symmetric Key Cryptosystems. Definition

Data Encryption Standard

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

Symmetric Cryptography

6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1

Modern Symmetric Block cipher

Data Encryption Standard

Report on Present State of CIPHERUNICORN-A Cipher Evaluation (full evaluation)

The Rectangle Attack

How many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?

Few Other Cryptanalytic Techniques

3 Symmetric Cryptography

Symmetric Encryption. Thierry Sans

Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 24

Goals of Modern Cryptography

CENG 520 Lecture Note III

Cryptography and Network Security Chapter 3. Modern Block Ciphers. Block vs Stream Ciphers. Block Cipher Principles

Practical Aspects of Modern Cryptography

CSCE 813 Internet Security Symmetric Cryptography

Attack on DES. Jing Li

Syrvey on block ciphers

7. Symmetric encryption. symmetric cryptography 1

Classical Encryption Techniques. CSS 322 Security and Cryptography

Chapter 6: Contemporary Symmetric Ciphers

Secret Key Cryptography

Week 5: Advanced Encryption Standard. Click

Symmetric key cryptography

Linear Cryptanalysis of FEAL 8X Winning the FEAL 25 Years Challenge

Block Ciphers. Lucifer, DES, RC5, AES. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk Block Ciphers 1

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

Lecture 2: Secret Key Cryptography

A Chosen-key Distinguishing Attack on Phelix

Computer Security CS 526

COS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017

International Journal for Research in Applied Science & Engineering Technology (IJRASET) Performance Comparison of Cryptanalysis Techniques over DES

Differential Cryptanalysis

Cryptography and Network Security

Crypto: Symmetric-Key Cryptography

SOLUTIONS FOR HOMEWORK # 1 ANSWERS TO QUESTIONS

Introduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers

Goals for Today. Substitution Permutation Ciphers. Substitution Permutation stages. Encryption Details 8/24/2010

Hardware-Focused Performance Comparison for the Standard Block Ciphers AES, Camellia, and Triple-DES

Cryptography Functions

Lecture 4. Encryption Continued... Data Encryption Standard (DES)

On the Security of the 128-Bit Block Cipher DEAL

Jordan University of Science and Technology

Improved Attacks on Full GOST

Cryptography and Network Security. Sixth Edition by William Stallings

Geldy : A New Modification of Block Cipher

CIS 6930/4930 Computer and Network Security. Project requirements

Double-DES, Triple-DES & Modes of Operation

Conventional Encryption: Modern Technologies

Implementation of Full -Parallelism AES Encryption and Decryption

Transcription:

Symmetric Key Algorithms Definition A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting. 1

Block cipher and stream cipher There are two main families of symmetric key algorithm: Block cipher The input is a set of bits, i.e. larger then 64 Stream cipher The input is a single bit/byte or 32 bits Structure of a Block Cipher The block cipher is divided in two distinct parts, the key schedule and the data path Secret key KEY SCHEDULE plaintext DATA PATH ciphertext 2

The Data Path In order of having a regular structure the data path is composed by a function called round that is repeated a fixed number of time. This is necessary since no function has been found that exhibit the necessary property in a single application The Key Schedule The key schedule elaborates the secret key and derive from it the round keys used by the round Generally the secret key is not used as it is in the round in order of increasing the dependency of each bits of the cipher text from every bits of the secret key 3

Example The most popular block cipher is the Data Encryption Standard (DES) It has been designed in the 70 s by IBM and a magic touch from NSA (National Security Agency) DES structure The DES is structured in two parts: key schedule and data path The block size is 64 bits, while the secret key is 56 bits The round function is inspired by the Feistel function 4

Feistel round Depending on the properties of the function, the round is iterated a certain number of times The function f does not need to be invertible! It can be seen deriving the equations of L i and R i as functions of L i+1 and R i+1 L i R i + f L i+1 R i+1 ROUND KEY DES Structure The DES round is iterated 16 times An initial transformation is applied before the first round it is just a bit rearrangement not useful for security, it helps hw design Before output data the inverse of the initial transformation is applied 5

DES round 4 transformations compose the f function of DES: Expansion S Key addition 1 SBOX Permutation S 2 S 3 32 EXPANSION 48 48 + 48 S 4 S 5 S 6 32 PERMUTATION 32 ROUND KEY S 7 S 8 DES Expansion The right word is expanded from 32 bits to 48 The E-box simply duplicates some bits, those in positions 1, 4, 5, 9, 10, 14, 15 32 1 2 3 4 5 6 7 8 9 10. 48 1 2 3 4 5 6 7 8 9 10 11 12.. 6

DES Sboxes The criteria of the design of the SBOXes has been hidden for a long time, the only way for representing them is trough the use of a look up table. The 8 SBOXes are all different and indicated with S1 S8 All take a 6 bit input and return a 4 bit output DES permutation The 32 bit output of the SBOX are permutated, all bits are used once, no bits are discharged A simple rearrangement of the bits 7

DES key schedule SECRET KEY 64 PC - 1 The key schedule is very simple and has the property to give the original key as final output SUB KEY 1 48... C 0 56 D 0 28 28 LS 1 LS 1 C 1 D 1 28 28 PC - 2 LS 2 LS 2 28 28...... 28 28 LS 16 LS 16 SUB KEY 16 48 PC - 2 C 16 D 16 28 28 DES key schedule PC-1 extracts 56 bits ignoring the 8th bits of every byte, so 64 bits are used to store the key and the 8th of every byte can be used to check the parity PC-2 extracts a fixed set of bits in order of obtaining 48 bits round key The key is shifted one bit position for round 1, 2, 9 and 16, two bit position in the other rounds 8

DES decryption Due to the Feistel structure in order of decrypting a ciphertext it is necessary just applying the same round 16 time feeding round keys in reverse order Weak keys The secret key should be randomly chosen, but there are some particular values that should not be used 4 Weak keys: all 0, all 1, half 0 half 1 12 Semi weak keys: C=E k (P)=P In the form 7 zeros, 7 ones combinations 0000000 11111111 0000000 1111111 Possible weak keys Complement keys E k (P)= C => E k (P )= C where A = not(a) 9

DES is not a Group The transformation executed by the DES is not a group If DES forms a group then: E k2 (E k1 (P)) = E k3 (P) Proven in 1992, IBM states that was known by design How to test the security Is a block cipher secure? Consider key space and block size, is brute force feasible? Consider mathematical attacks Implementation attacks 10

How to break DES Due to the available power computation DES is not safe today Brute force: Given a cipher text and a plain text How much does it takes to try all the keys? 2^56 encryption! Brute Force Attack Estimation How many days does it takes to compute 2^56 encryption? If 1 encryption per millisecond 833,999,931 per microsecond 833,999 per nanosecond 833 If 100 devices in parallel 8 days Solutions? 3DES 11

Trade time and memory space Select a plaintext, encrypt it with all possible keys: (56 + 64 bits) * 2^56 memory space = 8646911284551352320 bit= 1,006,632,960 GByte Force the plaintext in the communication, get the cipher text, find the corresponding key in the data base 3DES Triple DES is the application of DES three time The most used is the EDE, first DES encryption then decryption, then encryption again Otherwise EEE is the other possibility 12

3DES 3DES is interesting since no changes to the basic algorithm are required, just a reuse of the available hw/sw Sometimes it is used a 3DES with only two keys (called two key 3DES): C=E k1 (D k2 (E k1 (P))) Security of 3DES First consider doubledes, application of the DES two times with different key. A simple brute force costs 2^112 encryption But there is another attack called meetin-the-middle that could trade time with memory space 13

Meet-in-the-middle Given a pair (C,P) First compute all possible M i =E ki (P) and store them, 2^56 encryption, 2^56 M i stored Decrypt P for all possible key, and check for all M j =D kj (C) if M j =M i, if so mark M i and write the value j There are now a set of candidate pairs (i,j) With a second couple (C,P ) check which (i,j) is the right couple The cost is 2^56 encryption 2^56 decryption (thus 2^57 operations) 2^56 memory space How this impact to 3DES? Consider the first two operations as a unique brute force that cost 2^112 encryption, then it is necessary other 2^56 decryption and 2^56 memory space The cost of breaking 3DES is then something like 2^112 operations and 2^56 memory space 14

How to implement DES The hardware structure is quite straightforward Simply implement the architecture divided in two parts, key schedule and round logic Since SBOX logic is unknown then the implementation of it is just a LUT HW improvement If the throughput is not satisfactory it is possible to pipeline the round, in order of increasing the clock frequency Generally the round is divided in two or three stages 15

HW improvement If latency is the constraints instead of throughput, it is possible to execute two rounds per clock cycles if the critical path allows it SW implementation DES is not software friendly, there are many operations bit oriented All the substitutions are stored in precomputed tables The key schedule is generally computed in advance and the round keys are stored in a table 16

Theoretical attacks To test the robustness of a block cipher there are some well known attacks that should be tested: Linear cryptanalysis Differential cryptanalysis Linear cryptanalysis Every block cipher should exhibit a good non linear properties If not linear cryptanalysis could find the relation between known plaintext, corresponding cipher text and bits of the key 17

Differential cryptanalysis Selects a set of pair of plaintext, where the elements of the pair have a fixed difference The difference propagates in the DES in a particular manner Build a set of probabilities on the difference of the cipher text pair Collect a certain number of plaintext/ciphertext, the statistics will validate guess of the right bits of the key 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback