MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 24=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

Slides:

Advertisements

Similar presentations

Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.

Advertisements

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Sri Lanka Institute of Information Technology

Digital Signatures and Hash Functions. Digital Signatures.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

Cryptography Basic (cont)

Chapter 5 Cryptography Protecting principals communication in systems.

Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Encryption Methods By: Michael A. Scott

CN8816: Network Security1 Confidentiality, Integrity & Authentication Confidentiality - Symmetric Key Encryption Data Integrity – MD-5, SHA and HMAC Public/Private.

Chapter 31 Network Security

Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Cryptography, Authentication and Digital Signatures

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

Cryptographic Hash Functions Message Authentication Digital Signatures.

Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Bit Cipher 1. Example of bit Cipher 2 Practical Stream Cipher 3.

Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.

ISEP / Fakulta Elektrotecknika 1 Project Of Telecommunication Subject: Describe following “ MAC - Message Authentication Code " modes: Describe following.

CSCI 172/283 Fall 2010 Hash Functions, HMACs, and Digital Signatures.

11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.

A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.

Lecture 2: Introduction to Cryptography

Chapter 11 Message Authentication and Hash Functions.

Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Cryptography and Network Security (CS435) Part Nine (Message Authentication)

Lecture 5.1: Message Authentication Codes, and Key Distribution

Presentation Road Map 1 Authenticated Encryption 2 Message Authentication Code (MAC) 3 Authencryption and its Application Objective Modes of Operation.

DIGITAL SIGNATURE(DS) IN VIDEO. Contents  What is Digital Signature(DS)?  General Signature Vs. Digital Signatures  How DS is Different from Encryption?

EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Message Authentication Codes CSCI 5857: Encoding and Encryption.

Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.

1 Introduction to Cryptography Chapter-4. Definitions  Cryptography = the science (art) of encryption  Cryptanalysis = the science (art) of breaking.

@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.

Symmetric Cryptography

CSCE 715: Network Systems Security

Digital Signatures Last Updated: Oct 14, 2017.

NET 311 Information Security

MAC: Message Authentication Code

Cryptography Basics and Symmetric Cryptography

Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.

Presentation transcript:

MAC Raushan

DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor k1=5 0 1 f f xor 1 k2=7 0 0 =0001 xor 0001=0000 = 0 f(r,k)=(2*r+k^2)%8 f(0,7)=(2*0+7^2)%8=1 1 xor 1 CipherText 2 Round simple fiestel network 0

ECB p1p2p3p4 p1p2p3p4 PlainText Blocks 4*4=16bits 2*4=8bits c1c2c3c4 CipherText Block Cipher Encryptio n e.g. DES, AES Disadvantage: ciphertext repeats for same plaintext KKKK

ECB: example PlainText Blocks 4*4=16bits 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor k1=5 0 1 f f xor 1 k2=7 0 0 =0001 xor 0001=0000 = 0 f(r,k)=(2*r+k^2)%8 f(0,7)=(2*0+7^2)%8=1 1 xor 1 31 f f 3 k1=5 0 1 f f xor 1 k2= CipherText 2 Round simple fiestel network

CBC : Code Block Chaining p1p2p3p4 p1p2p3p4 PlainText Blocks c1 c2 CipherText Block cipher Encryption Algorithm (e.g. DES, AES etc.) xor Initial Vector xor c3 c4 to avoid repeating cipher text for same plaintext

Code Block Chaining: example PlainText Blocks 7 6 CipherText xor Initial Vector= 27 xor ————— ————— f f xor 5 k1=5 4 6 f f xor 1 k2=7 6 7 =0001 xor 0101=0100 = 4 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*6+5^2)%8=5 1 xor 5 =0110 xor 0001=0111 = 7 f(r,k)=(2*r+k^2)%8 f(4,7)=(2*4+7^2)%8=1 6 xor ————— ————— f f xor 7 k1=5 3 7 f f xor 7 k2=7 3 0 f(r,k)=(2*r+k^2)%8 =0100 xor 0111=0011 = 3 f(7,5)=(2*7+5^2)%8=7 4 xor 7 =0111 xor 0111=0000 = 0 f(r,k)=(2*r+k^2)%8 f(3,7)=(2*3+7^2)%8=7 7 xor

Why Integrity Check So far we have encrypted message which gives confidentiality. But, how can we ensure that Bob is receiving correct message from Alice? that is message is not modified by Eve. This is known as Integrity Check. One way is “Message Authentication Code”

MAC In cryptography, a message authentication code (often MAC) is a short piece of information used to authentication a message and to provide integrity and authenticity assurances on the message. Integrity assurances detect accidental and intentional message changes, while authenticity assurances affirm the message's origin.

MAC MACs differ from digital signatures as MAC values are both generated and verified using the same secret key. For the same reason, MACs do not provide the property of non-repudiation offered by signatures: any user who can verify a MAC is also capable of generating MACs for other messages. In contrast, a digital signature is generated using the private key of a key pair. Since this private key is only accessible to its holder, a digital signature proves that a document was signed by none other than that holder. Thus, digital signatures do offer non-repudiation.

MAC MAC algorithms can be constructed from other cryptographic primitives, such as cryptographic hash functions (as in the case of HMAC) or from block cipher algorithms ( OMAC, CBC, PMAC). However many of the fastest MAC algorithms such as UMAC, VMAC are constructed based on universal hashing

Message Integrity Alice Bob Alice sends message m_a. Bob receives message m_b. Bob wants to verify that m_b=m_a. Eve Eve might alter message m_a to m_e

Message Authentication Code (MAC) MAC uses two algorithms: MAC Signing Algorithm (Alice signs m_a) MAC Verification Algorithm (Bob verifies if m_b=m_a)

MAC Alice Bob Alice sends message m_a and a tag using MAC signing algo [m_a, tag] Bob uses MAC verification Algo to check if m_b=m_a MAC signing Algo m_a K tag MAC verifying Algo, m_b=m_a ? m_b K tag yes/no k k Alice & Bob shares a key

MAC

Notice: we are sending message (plaintext or encrypted) and sending a tag message can be gigabits, but tag is small 90/100bits. How to generate tag? By using MAC signing Algo. One example is CBC-MAC.

MAC signing Algo: example CBC-MAC p1p2p3p4 p1p2p3p4 PlainText Blocks c1 c2 Block cipher Encryption Algorithm (e.g. DES, AES etc.) xor Initial Vector=0 xor c3 c4 tag Here, message = p1p2p3p4 tag=c3c4 Note: CBC-MAC uses IV=0 Here, message = p1p2p3p4 tag=c3c4 Note: CBC-MAC uses IV=0

CBC-MAC: example PlainText Blocks 0 xor Initial Vector= 0 xor ————— ————— f f xor 3 k1=5 0 1 f f xor 1 k2=7 0 0 =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 3 xor 3 =0001 xor 0001=0000 = 0 f(r,k)=(2*r+k^2)%8 f(0,7)=(2*0+7^2)%8=1 1 xor ————— ————— f f xor 3 k1=5 0 1 f f xor 1 k2=7 0 0 Now, Alice sends message = 3131 and tag=00 Now, Alice sends message = 3131 and tag=00

MAC verifying Algo: example CBC-MAC Now, Bob receives message = 3131 and tag=00 Now, Bob receives message = 3131 and tag=00 Bob uses CBC-MAC and generates the tag_bob. Then checks, if tag_bob=tag. If yes, then the message is authentic otherwise tampered.

MAC It uses key Used for integrity check CBC is used for encrypting message whereas CBC- MAC is used for integrity check. It is slow. Integrity check must be fast. Another way is hash[keyless]. Hash - next class..