CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

Slides:



Advertisements
Similar presentations
“Advanced Encryption Standard” & “Modes of Operation”
Advertisements

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 4 Jonathan Katz.
CIS 5371 Cryptography 3b. Pseudorandomness.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
CMSC 456 Introduction to Cryptography
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Foundations of Network and Computer Security J J ohn Black Lecture #5 Sep 6 th 2005 CSCI 6268/TLEN 5831, Fall 2005.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
Lecture 23 Symmetric Encryption
CS555Spring 2012/Topic 41 Cryptography CS 555 Topic 4: Computational Approach to Cryptography.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
Computer Security CS 426 Lecture 3
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
Dan Boneh Stream ciphers The One Time Pad Online Cryptography Course Dan Boneh.
Cryptography Lecture 8 Stefan Dziembowski
Lecture 4: Using Block Ciphers
TE/CS 536 Network Security Spring 2006 – Lectures 6&7 Secret Key Cryptography.
Symmetric-Key Cryptography
CS555Spring 2012/Topic 111 Cryptography CS 555 Topic 11: Encryption Modes and CCA Security.
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
Multiple Encryption & DES  clearly a replacement for DES was needed Vulnerable to brute-force key search attacks Vulnerable to brute-force key search.
Chapter 9: Algorithms Types and Modes Dulal C. Kar Based on Schneier.
Encryption Types & Modes Chapter 9 Encryption Types –Stream Ciphers –Block Ciphers Encryption Modes –ECB - Electronic Codebook –CBC - Cipher Block Chaining.
1.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
BLOCK CIPHER SYSTEMS OPERATION MODES OF DATA ENCRYPTION STANDARD (DES)
Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.
Stream Ciphers and Block Ciphers A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream.
CS426Fall 2010/Lecture 61 Computer Security CS 426 Lecture 6 Cryptography: Message Authentication Code.
Class 3 Cryptography Refresher II CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Lecture 23 Symmetric Encryption
CS555Spring 2012/Topic 31 Cryptography CS 555 Topic 3: One-time Pad and Perfect Secrecy.
CS555Spring 2012/Topic 71 Cryptography CS 555 Topic 7: Stream Ciphers and CPA Security.
Tae-Joon Kim Jong yun Jun
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
CS555Spring 2012/Topic 151 Cryptography CS 555 Topic 15: HMAC, Combining Encryption & Authentication.
Cryptography Lecture 3 Arpita Patra © Arpita Patra.
หัวข้อบรรยาย Stream cipher RC4 WEP (in)security LFSR CSS (in)security.
Block Cipher Modes Last Updated: Aug 25, ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently.
CMSC 414 Computer (and Network) Security Lecture 3 Jonathan Katz.
Modern symmetric-key Encryption
Cryptography Lecture 12.
Cryptography Lecture 4.
Cryptography Lecture 16.
CMSC 414 Computer and Network Security Lecture 3
Cryptography Lecture 6.
Symmetric-Key Encryption
Cryptography Lecture 4.
Cryptography Lecture 12.
Cryptography Lecture 3.
Cryptography Lecture 11.
CIS 5371 Cryptography 2. Perfect Secret Encryption
Presentation transcript:

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz

One-time pad  The one-time pad achieves perfect secrecy  But, it has a number of drawbacks –Key size equal to message size –Can only be used once –Insecure under chosen-plaintext attack  Unfortunately, these drawbacks are inherent if we want perfect secrecy

A weaker security guarantee  Instead of requiring that no adversary can learn anything about the plaintext…  …require that no adversary running in a “reasonable amount of time” can learn anything about the plaintext except with “very small probability” –“Reasonable time” = 10 6 years –“Very small probability” = –Computational security

A simpler characterization  Equivalent to the following, simpler definition: –Given a ciphertext C which is known to be an encryption of either M 0 or M 1, no adversary running in a reasonable amount of time can guess correctly which message was encrypted with probability significantly better than ½.

The take-home message  Weakening the definition slightly allows us to construct much more efficient schemes!  Strictly speaking, no longer 100% absolutely guaranteed to be secure –Security of encryption now depends on security of building blocks (which are analyzed extensively, and are assumed to be secure) –Given enough time, the scheme can be broken

Attacks  As always, we can couple our security notion with a variety of attacks –Ciphertext only –Known plaintext –Chosen plaintext –Chosen ciphertext (includes chosen plaintext attacks)

Attacks…  The default standard is security against chosen-plaintext attacks  Security against chosen-ciphertext attacks is increasingly required  Note that the one-time pad is insecure even against known-plaintext attack

Randomized encryption  To be secure against chosen-plaintext attack, encryption must be randomized –We will see later how this comes into play  Moral: always use randomized encryption!

Block ciphers  Keyed permutation; input/output length  Large key space  Modeled as a (family of) random permutations…  Example – “trivial” encryption: –C = F K (m) –This is not randomized…

Modes of encryption  ECB –C i = F K (m i )  CBC –C i = F K (m i  C i-1 )  OFB (stream cipher mode) –z i = F K (z i-1 ); C i = z i  m i  CFB (stream cipher mode) –z i = F K (C i-1 ); C i = z i  m i

Security?  All previous modes (except ECB) are secure against chosen-plaintext attacks –ECB is deterministic…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.