Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Hashes and Message Digests
Lecture 5: Cryptographic Hashes
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
MD5 Message Digest Algorithm CS265 Spring 2003 Jerry Li Computer Science Department San Jose State University.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Information Security and Management 11
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part I.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Lecture 13 Message Signing
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Encryption Schemes Second Pass Brice Toth 21 November 2001.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 Hashes and Message Digests. 2 Hash Also known as –Message digest –One-way function Function: input message -> output One-way: d=h(m), but not h’(d)
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Bit Cipher 1. Example of bit Cipher 2 Practical Stream Cipher 3.
Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.
Hash and MAC Functions CS427 – Computer Security
Network Security David Lazăr.
Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.
Chapter 11 Message Authentication and Hash Functions.
Advanced Encryption Standard. Origins NIST issued a new version of DES in 1999 (FIPS PUB 46-3) DES should only be used in legacy systems 3DES will be.
Fifth Edition by William Stallings
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 8 September 14, 2004.
1 Chapter 12: Hash and MAC Algorithms Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal, U of Kentucky)
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.3 Hash Functions.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 10 September 21, 2004.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Lecture 4 Overview. Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 7 September 9, 2004.
Module :MA3036NI Symmetric Encryption -3 Lecture Week 4.
Information Security and Management 11. Cryptographic Hash Functions Chih-Hung Wang Fall
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Message Authentication Codes CSCI 5857: Encoding and Encryption.
Lecture 9 Overview. RSA Invented by Cocks (GCHQ), independently, by Rivest, Shamir and Adleman (MIT) Two keys e and d used for Encryption and Decryption.
1 Message Authentication using Message Digests and the MD5 Algorithm Message authentication is important where undetected manipulation of messages can.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Chapter 12 – Hash Algorithms
Advanced Computer Networks
Lecture 6 Overview.
Cryptographic Hash Function
Lecture 6 Overview.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Advanced Encryption Standard
Cipher-Based MAC Network Security.
Presentation transcript:

Lecture 7 Overview

Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different (10 th, 12 th, 14 th ) Each regular round consists of 4 steps – Byte substitution (BSB) – Shift row (SR) – Mix column (MC) – Add Round key (ARK) CS 450/650 Lecture 7: AES 2

AES Overview Plaintext (128)ARKSubkey 0 Ciphertext (128)ARKSubkey 10 SR BSB 9 rounds CS 450/650 Lecture 7: AES 3

State b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b bit block  4 x 4 matrix -128 bits  16 bytes  b0, b1, b2,.., b15 CS 450/650 Lecture 7: AES 4 S 0,0 S 0,1

Key k0k4k8k12 k1k5k9k13 k2k6k10k14 k3k7k11k bit key  4 x 4 matrix -128 bits  16 bytes  k0, k1, k2,.., k15 CS 450/650 Lecture 7: AES 5

Four Operations 1.Byte Substitution – predefined substitution table s[i,j]  s’[i,j] 2.Shift Row – left circular shift 3.Mix Columns – 4 elements in each column are multiplied by a polynomial 4.Add Round Key – Key is derived and added to each column CS 450/650 Lecture 7: AES 6 diffusion diffusion and confusion confusion

Shift Row (128-bit) b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15 b0b4b8b12 b5b9b13b1 b10b14b2b6 b15b3b7b11 CS 450/650 Lecture 7: AES 7

Mix Column S 0,i S 1,i S 2,I S 3,i S’ 0,I S’ 1,I S’ 2,I S’ 3,i = * Multiplying by 1  no change Multiplying by 2  shift left one bit Multiplying by 3  shift left one bit and XOR with original value More than 8 bits  is subtracted CS 450/650 Lecture 7: AES 8

Add Key b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15 k0k4k8k12 k1k5k9k13 k2k6k10k14 k3k7k11k15 b’ x bxbx kxkx = XOR CS 450/650 Lecture 7: AES 9

Key Generation 4 bytes Circular left shift 1byte S-box XOR Round constant CS 450/650 Lecture 7: AES 10

DES vs AES DESAES Date Block size64 bits128 bits Key length56 bits128, 192, 256, … bits Encryption primitivesSubstitution and permutationSubstitution, shift, bit mixing Cryptographic primitivesConfusion and diffusion DesignOpen Design rationaleClosedOpen Selection processSecretSecret (accepted public comment) SourceIBM, enhanced by NSABelgian cryptographers 11 CS 450/650 Lecture 7: AES

Cryptographic Hash Functions Message Digest Functions – Protect integrity – Create a message digest or fingerprint of a digital document – MD4, MD5, SHA Message Authentication Codes (MACs) – Protect both integrity and authenticity – Produce fingerprints based on both a given document and a secret key CS 450/650 Lecture 7: Hash Functions 12

Message Digest Functions Checksums  fingerprint of a message – If message changes, checksum will not match Most checksums are good in detecting accidental changes made to a message – They are not designed to prevent an adversary from intentionally changing a message resulting a message with the same checksum Message digests are designed to protect against this possibility CS 450/650 Lecture 7: Hash Functions 13

One-Way Hash Functions Example M = “Elvis” H(M) = (“E” + “L” + “V” + “I” + “S”) mod 26 H(M) = ( ) mod 26 H(M) = 67 mod 26 H(M) = 15 H M H(M) = h CS 450/650 Lecture 7: Hash Functions 14

Collision Example x = “Viva” Y = “Vegas” H(x) = H(y) = 2 H xH(x) H yH(y) = CS 450/650 Lecture 7: Hash Functions 15

Collision-resistant, One-way hash fnc. Given M, – it is easy to compute h Given any h, – it is hard to find any M such that H(M) = h Given M1, it is difficult to find M2 – such that H(M1) = H(M2) Functions that satisfy these criteria are called message digest – They produce a fixed-length digest (fingerprint) CS 450/650 Lecture 7: Hash Functions 16

Message Authentication Codes A message authentication code (MAC) is a key-dependent message digest function – MAC(M,k) = h CS 450/650 Lecture 7: Hash Functions 17

A MAC Based on a Block Cipher M1 Encrypt k M1 Encrypt k XOR M1 Encrypt k XOR … MAC CS 450/650 Lecture 7: Hash Functions 18

Lecture 8 Secure Hash Algorithm CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini

Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits 160-bit message digest CS 450/650 Lecture 8: Secure Hash Algorithm 20

Step 1 -- Padding Padding  the total length of a padded message is multiple of 512 – Every message is padded even if its length is already a multiple of 512 Padding is done by appending to the input – A single bit, 1 – Enough additional bits, all 0, to make the final 512 block exactly 448 bits long – A 64-bit integer representing the length of the original message in bits CS 450/650 Lecture 8: Secure Hash Algorithm 21

Padding (cont.) MessageMessage length10…0 64 bits Multiple of bit CS 450/650 Lecture 8: Secure Hash Algorithm 22

Example M = (20 bits) Padding is done by appending to the input – A single bit, 1 – 427 0s – A 64-bit integer representing 20 Pad(M) = …

Example Length of M = 500 bits Padding is done by appending to the input: – A single bit, 1 – 459 0s – A 64-bit integer representing 500 Length of Pad(M) = 1024 bits

Step 2 -- Dividing Pad(M) Pad (M) = B 1, B 2, B 3, …, B n Each B i denote a 512-bit block Each B i is divided into bit words – W 0, W 1, …, W 15 CS 450/650 Lecture 8: Secure Hash Algorithm 25

Step 3 – Compute W 16 – W 79 To Compute word W j (16<=j<=79) – W j-3, W j-8, W j-14, W j-16 are XORed – The result is circularly left shifted one bit CS 450/650 Lecture 8: Secure Hash Algorithm 26

Step 4 – Initialize A,B,C,D,E A = H 0 B = H 1 C = H 2 D = H 3 E = H 4 CS 450/650 Lecture 8: Secure Hash Algorithm 27

Initialize 32-bit words H 0 = H 1 = EFCDAB89 H 2 = 98BADCFE H 3 = H 4 = C3D2E1F0 K 0 – K 19 = 5A K 20 – K 39 = 6ED9EBA1 K 40 – K 49 = 8F1BBCDC K 60 – K 79 = CA62C1D6 CS 450/650 Lecture 8: Secure Hash Algorithm 28

Step 5 – Loop For j = 0 … 79 TEMP = CircLeShift_5 (A) + f j (B,C,D) + E + W j + K j E = D; D = C; C = CircLeShift_30(B); B = A; A = TEMP Done +  addition (ignore overflow) CS 450/650 Lecture 8: Secure Hash Algorithm 29

Four functions For j = 0 … 19 – f j (B,C,D) = (B AND C) OR ( B AND D) OR (C AND D) For j = 20 … 39 – f j (B,C,D) = (B XOR C XOR D) For j = 40 … 59 – f j (B,C,D) = (B AND C) OR ((NOT B) AND D) For j = 60 … 79 – f j (B,C,D) = (B XOR C XOR D) CS 450/650 Lecture 8: Secure Hash Algorithm 30

Step 6 – Final H 0 = H 0 + A H 1 = H 1 + B H 2 = H 2 + C H 3 = H 3 + D H 4 = H 4 + E CS 450/650 Lecture 8: Secure Hash Algorithm 31

Done Once these steps have been performed on each 512-bit block (B 1, B 2, …, B n ) of the padded message, – the 160-bit message digest is given by H 0 H 1 H 2 H 3 H 4 CS 450/650 Lecture 8: Secure Hash Algorithm 32

SHA Output size (bits) Internal state size (bits) Block size (bits) Max message size (bits) Word size (bits) RoundsOperations Collisions found SHA − , and, or, xor, rot Yes SHA − , and, or, xor, rot None (2 52 attack) SHA-2 256/ − , and, or, xor, shr, rot None 512/ − , and, or, xor, shr, rot None CS 450/650 Lecture 8: Secure Hash Algorithm 33

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.