Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.

Slides:



Advertisements
Similar presentations
Block Cipher Modes of Operation and Stream Ciphers
Advertisements

ECE454/CS594 Computer and Network Security
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
“Advanced Encryption Standard” & “Modes of Operation”
Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers
8.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Lecture 23 Symmetric Encryption
CS470, A.SelcukModes of Operation1 Encrypting with Block Ciphers CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Block Cipher Transmission Modes CSCI 5857: Encoding and Encryption.
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Cryptography, Authentication and Digital Signatures
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Professional Encryption Software FINECRYPT 8.1. Contents Introduction Introduction Features Features Installation Installation Tests Tests Results Results.
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
Multiple Encryption & DES  clearly a replacement for DES was needed Vulnerable to brute-force key search attacks Vulnerable to brute-force key search.
Chapter 9: Algorithms Types and Modes Dulal C. Kar Based on Schneier.
Encryption Types & Modes Chapter 9 Encryption Types –Stream Ciphers –Block Ciphers Encryption Modes –ECB - Electronic Codebook –CBC - Cipher Block Chaining.
More About DES Cryptography and Network Security Reference: Sec 3.1 of Stallings Text.
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
1.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.
Stream Ciphers and Block Ciphers A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream.
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Lecture 23 Symmetric Encryption
Privacy and Integrity: “ Two Essences of Network Security” Presenter Prosanta Gope Advisor Tzonelih Hwang Quantum Information and Network Security Lab,
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
Cipher Transmission and Storage Modes Part 2: Stream Cipher Modes CSCI 5857: Encoding and Encryption.
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
Part 1  Cryptography 1 Integrity Part 1  Cryptography 2 Data Integrity  Integrity  detect unauthorized writing (i.e., modification of data)  Example:
Message Authentication Codes CSCI 5857: Encoding and Encryption.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.
Block Cipher Modes Last Updated: Aug 25, ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently.
Modes of Operation block ciphers encrypt fixed size blocks – eg. DES encrypts 64-bit blocks with 56-bit key need some way to en/decrypt arbitrary amounts.
CS480 Cryptography and Information Security
Computer and Network Security
Message Integrity and Message Authentication
Computer Communication & Networks
Outline Desirable characteristics of ciphers Stream and block ciphers
NET 311 Information Security
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
Algorithm Types & Algorithm Modes
Security Of Wireless Sensor Networks
Block vs Stream Ciphers
Security of Wireless Sensor Networks
Counter Mode, Output Feedback Mode
Elect. Codebook, Cipher Block Chaining
Secret-Key Encryption
Presentation transcript:

Encipherment Using Modern Symmetric-Key Ciphers

8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long messages.

USE OF MODERN BLOCK CIPHERS Symmetric-key encipherment can be done using modern block ciphers. Modes of operation have been devised to encipher text of any size employing either DES or AES.

8.4 Continued Modes of operation

8.5 The simplest mode of operation is called the electronic codebook (ECB) mode. Electronic Codebook (ECB) Mode Electronic codebook (ECB) mode

 Pattern at block level are preserved  Block independence creates opportunities for Eve to exchange some cipher text block without knowing key. 8.6

Assume that Eve works in a company a few hours per month (her monthly payment is very low). She knows that the company uses several blocks of information for each employee in which the seventh block is the amount of money to be deposited in the employee’s account. Eve can intercept the ciphertext sent to the bank at the end of the month, replace the block with the information about her payment with a copy of the block with the information about the payment of a full-time colleague. Each month Eve can receive more money than she deserves. Example

8.8 Error Propagation A single bit error in transmission can create errors in the corresponding block. However, the error does not have any effect on the other blocks.

8.9 In CBC mode, each plaintext block is exclusive-ored with the previous ciphertext block before being encrypted. Cipher Block Chaining (CBC) Mode Cipher block chaining (CBC) mode

8.10 Cipher block chaining (CBC) mode

Continued It can be proved that each plaintext block at Alice’s site is recovered exactly at Bob’s site. Because encryption and decryption are inverses of each other, Initialization Vector (IV) The initialization vector (IV) should be known by the sender and the receiver.

8.12 Error Propagation In CBC mode, a single bit error in ciphertext block C j during transmission may create error in most bits in plaintext block P j during decryption.

8.13 In some situations, we need to use DES or AES as secure ciphers, but the plaintext or ciphertext block sizes are to be smaller. Cipher Feedback (CFB) Mode Encryption in cipher feedback (CFB) mode

8.14 The relation between plaintext and ciphertext blocks is shown below: In CFB mode, encipherment and decipherment use the encryption function of the underlying block cipher. Note

8.15 CFB as a Stream Cipher Cipher feedback (CFB) mode as a stream cipher

8.16 In this mode each bit in the ciphertext is independent of the previous bit or bits. This avoids error propagation. Output Feedback (OFB) Mode Encryption in output feedback (OFB) mode

8.17 OFB as a Stream Cipher Output feedback (OFB) mode as a stream cipher

8.18 In the counter (CTR) mode, there is no feedback. The pseudorandomness in the key stream is achieved using a counter. Counter (CTR) Mode Encryption in counter (CTR) mode

8.19 Counter (CTR) mode as a stream cipher

8.20 Comparison of Different Modes

8.21 USE OF STREAM CIPHERS Although the five modes of operations enable the use of block ciphers for encipherment of messages or files in large units and small units, sometimes pure stream are needed for enciphering small units of data such as characters or bits. RC4 A5/1

RC4 RC4 is a byte-oriented stream cipher in which a byte (8 bits) of a plaintext is exclusive-ored with a byte of key to produce a byte of a ciphertext. State RC4 is based on the concept of a state.

8.23 The idea of RC4 stream cipher

8.24 Initialization Initialization is done in two steps:

Key Stream Generation The keys in the key stream are generated, one by one.

8.26 Algorithm

8.27 Algorithm Continued

8.28 A5/1 (a member of the A5 family of ciphers) is used in the Global System for Mobile Communication (GSM), a network for mobile telephone communication.. A5/1 General outline of A5/1

8.29 Key Generator A5/1 uses three LFSRs with 19, 22, and 23 bits. Three LFSR’s in A5/1

8.30 Initialization 1. set all bits in three LFSRs to Mix the 64 bit key with the value of register according to following code 3. Repeat above procedure but use 22 bit frame buffer

For 100 cycles clock the whole generator but use majority function to see which LFSR should be clocked.

clock control C3 C2 C1 R2 R1 R A5/1 working example

8.33 Encryption/Decryption The bit streams created from the key generator are buffered to form a 228-bit key that is exclusive-ored with the plaintext frame to create the ciphertext frame. Encryption/decryption is done one frame at a time.

 Prevent (or at least detect) unauthorized modification of data  Encryption provides confidentiality (prevents unauthorized disclosure)  Encryption alone does not assure integrity 8.34

 The cryptography systems that we have studied so far provide secrecy, or confidentiality, but not integrity. However, there are occasions where we may not even need secrecy but instead must have integrity  One way to preserve the integrity of a document is through the use of a fingerprint. If Alice needs to be sure that the contents of her document will not be changed, she can put her fingerprint at the bottom of the document. 8.35

11.36 The electronic equivalent of the document and fingerprint pair is the message and digest pair. Message and Message Digest Message and digest

11.37 The two pairs (document / fingerprint) and (message / message digest) are similar, with some differences. The document and fingerprint are physically linked together. The message and message digest can be unlinked separately, and, most importantly, the message digest needs to be safe from change. Difference The message digest needs to be safe from change. Note

11.38 Checking Integrity Checking integrity

11.39 A cryptographic hash function must satisfy three criteria: preimage resistance, second preimage resistance, and collision resistance. Cryptographic Hash Function Criteria Criteria of a cryptographic hash function

11.40 Preimage Resistance Preimage

11.41 Second Preimage Resistance Second preimage

11.42 Collision Resistance Continued Collision

 A message digest does not authenticate the sender of the message. To provide message authentication, Alice needs to provide proof that it is Alice sending the message and not an impostor. The digest created by a cryptographic hash function is normally called a modification detection code (MDC). What we need for message authentication is a message authentication code (MAC). 8.43

 A modification detection code (MDC) is a message digest that can prove the integrity of the message: that message has not been changed.  If Alice needs to send a message to Bob and be sure that the message will not change during transmission, Alice can create a message digest, MDC, and send both the message and the MDC to Bob.  Bob can create a new MDC from the message and compare the received MDC and the new MDC. If they are the same, the message has not been changed. 8.44

8.45

11.46 Message Authentication Code (MAC) Message authentication code

11.47 The security of a MAC depends on the security of the underlying hash algorithm. Note

11.48 Nested MAC Continued Nested MAC

11.49 HMAC Continued Details of HMAC Ipad=(36)H Opad=(5c)H

11.50 Continued CMAC

8.51