Block Cipher Modes CS 465 Make a chart for the mode comparisons

Slides:



Advertisements
Similar presentations
Block Cipher Modes of Operation and Stream Ciphers
Advertisements

Chapter 4: Modes of Operation CS 472: Fall Encrypting a Large Massage 1.Electronic Code Book (ECB) 2.Cipher Block Chaining (CBC) 3.Output Feedback.
“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Cryptography and Network Security Chapter 6 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
Chapter 3 – Block Ciphers and the Data Encryption Standard Jen-Chang Liu, 2004 Adopted from lecture slides by Lawrie Brown.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Lecture 23 Symmetric Encryption
CS470, A.SelcukModes of Operation1 Encrypting with Block Ciphers CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Block Cipher Transmission Modes CSCI 5857: Encoding and Encryption.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
symmetric key cryptography
Cryptography and Network Security Chapter 6. Multiple Encryption & DES  clear a replacement for DES was needed theoretical attacks that can break it.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Lecture 4: Using Block Ciphers
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
CS555Spring 2012/Topic 111 Cryptography CS 555 Topic 11: Encryption Modes and CCA Security.
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
3DES and Block Cipher Modes of Operation CSE 651: Introduction to Network Security.
Multiple Encryption & DES  clearly a replacement for DES was needed Vulnerable to brute-force key search attacks Vulnerable to brute-force key search.
Chapter 9: Algorithms Types and Modes Dulal C. Kar Based on Schneier.
Encryption Types & Modes Chapter 9 Encryption Types –Stream Ciphers –Block Ciphers Encryption Modes –ECB - Electronic Codebook –CBC - Cipher Block Chaining.
More About DES Cryptography and Network Security Reference: Sec 3.1 of Stallings Text.
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
1.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
BLOCK CIPHER SYSTEMS OPERATION MODES OF DATA ENCRYPTION STANDARD (DES)
Modes of Usage Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) 11 Coming up: Modes of.
Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.
Cryptography and Network Security Chapter 6 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 23 Symmetric Encryption
Privacy and Integrity: “ Two Essences of Network Security” Presenter Prosanta Gope Advisor Tzonelih Hwang Quantum Information and Network Security Lab,
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
Cipher Transmission and Storage Modes Part 2: Stream Cipher Modes CSCI 5857: Encoding and Encryption.
Block Cipher Modes Last Updated: Aug 25, ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently.
Modes of Operation block ciphers encrypt fixed size blocks – eg. DES encrypts 64-bit blocks with 56-bit key need some way to en/decrypt arbitrary amounts.
Block Cipher Encrypting a large message Electronic Code Book (ECB) message m1 m2 m3 m4 m5 m6 c1 c2 c3 c4 c5 c6 E E E Secret.
Symmetric-Key Cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 13, 2016.
CS480 Cryptography and Information Security
Modes of Operation.
Algorithm Modes ECB, CBC, CFB, OFB.
Computer and Network Security
Outline Desirable characteristics of ciphers Stream and block ciphers
Final Project, , 2016 Kyle Kotowick
MAC: Message Authentication Code
Cryptography This week we are going to use OpenSSL
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
Block cipher and modes of encryptions
PART VII Security.
Cryptography and Network Security
Algorithm Types & Algorithm Modes
Security Of Wireless Sensor Networks
Symmetric-Key Encryption
Block vs Stream Ciphers
Block Ciphers (Crypto 2)
Security of Wireless Sensor Networks
Encryption Basics Types of ciphers Algorithms Modes Key Length
Counter With Cipher Block Chaining-MAC
Counter Mode, Output Feedback Mode
Elect. Codebook, Cipher Block Chaining
Stream Cipher Structure
Secret-Key Encryption
Presentation transcript:

Block Cipher Modes CS 465 Make a chart for the mode comparisons Read crypto chapter on finer points for questions Last Updated: Sep 19, 2017

ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently There is a weakness with this approach “Plain-Tux” “Cipher-Tux” “Cipher-Tux2”

CBC Mode Cipher Block Chaining Overcomes the problem with ECB XOR the plaintext with the prior ciphertext block What about the first block?

Source: Network Security Essentials (Stallings)

Initialization Vector (IV) Must be known to both the sender and recipient Ideally both IV and key should protected, but the IV may be public Common approach: encrypt IV using ECB and send it with the encrypted data Most importantly, an IV should never be reused with the same key. Why? What happens if we have two plaintext message with the same prefix? How will the ciphertexts compare?

Block Cipher as a Stream Cipher The following modes create a stream cipher from a block cipher. How is it done? Three modes Counter Mode (CTR) Cipher Feedback Mode (CFB) Output Feedback Mode (OFB)

Homework 3 Comparison of these modes Summative – we will grade for correctness Contrived scenario to illustrate why the IV should not be reused

Summary ECB CBC Simple Don’t have to create/manage an IV Parallel encryption/decryption Reveals patterns in the plaintext – should not use CBC Conceals plaintext patterns Requires sequential encryption Parallel decryption

Summary Block cipher as stream cipher CTR CFB OFB No need for padding Only have to implement encrypt function CTR Parallel encryption/decryption Preprocessing able to generate the keystream in advance CFB Parallel decryption OFB

Authenticated Encryption Modes

More recent block cipher modes offer both Symmetric encryption offers confidentiality, but not integrity and authenticity HW 3 – bit flipping attacks More recent block cipher modes offer both Authenticated Encryption with Associated Data (AEAD) EAX Mode https://en.wikipedia.org/wiki/EAX_mode GCM (Galois Counter Mode) https://en.wikipedia.org/wiki/Galois/Counter_Mode

Encrypt-then-MAC (EtM) IPSec TLS/DTLS SSHv2

Encrypt-and-MAC (E&M) SSH

MAC-then-Encrypt (MtE) SSL/TLS

EAX Mode

GCM Mode TLS SSH IPSec OpenVPN Encrypt-then-MAC mode, Used in TLS, SSH, IPSec, OpenVPN

Padding

Block Ciphers & Padding Block ciphers require that the plaintext be a multiple of the block size (ECB and CBC modes) Padding is used to make sure that all blocks are “full” Both sides need to know the padding scheme

Padding Schemes Pad with bytes all of the same value as the number of padding bytes Pad with 0x80 followed by 0x00 characters Pad with 0x00 characters Last byte is equal to the number of padding bytes Pad with spaces Pad with 0x00 characters or spaces Assuming these values don’t appear at the end of the actual data Short one-block messages in ECB mode will all encrypt the same with the same key – use random padding See http://www.di-mgt.com.au/cryptopad.html

Other Uses for Padding? Disguise identical messages Identical messages encrypted with the same key will always produce the same ciphertext (assumes no IV, such as ECB mode) Disguise message length Pad the message with a random number of bytes to create a random-sized messages All messages are padded to a preset length When is padding not required? When the plaintext is always a multiple of the block size and both sides agree not to include padding

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.