Announcements: Quizzes returned at end of class Quizzes returned at end of class This week: Mon-Thurs: Data Encryption Standard (DES) Mon-Thurs: Data Encryption.

Slides:



Advertisements
Similar presentations
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
Advertisements

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3
Public Key Encryption Algorithm
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Announcements: Quiz grades entered Quiz grades entered Homework 4 updated with more details. Homework 4 updated with more details. Discussion forum is.
Announcements: Please pass in Assignment 1 now. Please pass in Assignment 1 now. Assignment 2 posted (when due?) Assignment 2 posted (when due?)Questions?
Announcements: Matlab: tutorial available at Matlab: tutorial available at
1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.
JLM :161 Homework 6 – Problem 1 S-box 4 is observed to have the indicated output xor when presented with the indicated inputs In1: 0x22, In2:
Announcements: Ch 3 quiz next week (tentatively Friday). Will include fields (today) Ch 3 quiz next week (tentatively Friday). Will include fields (today)Today:
Announcements: Get your ch 1-2 quiz if you haven’t. Get your ch 1-2 quiz if you haven’t. Grading change: Grading change: Homeworks are mixed programming.
Announcements: Class is cancelled Thurs+Fri while I’m at the SIGCSE conference Class is cancelled Thurs+Fri while I’m at the SIGCSE conference Assignment.
AES clear a replacement for DES was needed
Announcements: Homework 3 due now Homework 3 due now Homework 4 posted Homework 4 postedToday: Attacks on DES Attacks on DESQuestions? DTTF/NB479: DszquphsbqizDay.
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
Announcements: Quizzes returned tomorrow Quizzes returned tomorrow This week: Mon-Thurs: Data Encryption Standard (DES) Mon-Thurs: Data Encryption Standard.
Announcements: Assignment 2 finalized Assignment 2 finalizedQuestions?Today: Wrap up Hill ciphers Wrap up Hill ciphers One-time pads and LFSR One-time.
Announcements: Homework 2 returned Homework 2 returned Monday: Written (concept and small calculations) exam on breaking ch 2 ciphers Monday: Written (concept.
Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …
Chapter 3 – Block Ciphers and the Data Encryption Standard Jen-Chang Liu, 2004 Adopted from lecture slides by Lawrie Brown.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Announcements: DES due Thursday. DES due Thursday. Try not to use late day, so you can study for Ch 3 quiz Friday. Try not to use late day, so you can.
Announcements: HW4 – DES due Friday midnight HW4 – DES due Friday midnight Any volunteers to help config C/C# later today? Who’s using Scheme? Quiz on.
Session 6: Introduction to cryptanalysis part 1. Contents Problem definition Symmetric systems cryptanalysis Particularities of block ciphers cryptanalysis.
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
Announcements: Assignment 1 due tomorrow in class. Assignment 1 due tomorrow in class.Questions? Roll Call Today: Vigenere ciphers Pronunciation? DTTF/NB479:
Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
Announcements: Quizzes graded, but not in gradebook. (Current grade gives 0 on the parts you shouldn’t have done .) Quizzes graded, but not in gradebook.
Chapter 3 – Block Ciphers and the Data Encryption Standard
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Cryptanalysis. The Speaker  Chuck Easttom  
Cryptanalysis of Modern Symmetric-Key Block Ciphers [Based on “A Tutorial on Linear and Differential Cryptanalysis” by Howard Heys.] Modern block ciphers.
Differential Cryptanalysis - quite similar to linear cryptanalysis - exploits the relationship between the difference of two inputs and the difference.
Announcements: HW4 – DES due Thursday HW4 – DES due Thursday I have installed, or will install: Java, C (gcc), Python. What other languages? Please make.
Introduction to Cryptography Techniques How secure is that banking network traffic?
The Misuse of RC4 in Microsoft Office A paper by: Hongjun Wu Institute for Infocomm Research, Singapore ECE 578 Matthew Fleming.
Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:
Block ciphers Structure of a multiround block cipher
Announcements: Please pass in Assignment 1 now. Please pass in Assignment 1 now. Assignment 2 posted (when due?) Assignment 2 posted (when due?)Questions?
13. Other Block Ciphers 13.1 LUCIFER 13.2 MADRYGA 13.3 NEWDES 13.4 FEAL 13.5 REDOC 13.6 LOKI.
Cryptography Team Presentation 2
Announcements: Homework 3 due now Homework 3 due now Homework 4 posted Homework 4 postedToday: Attacks on DES Attacks on DESQuestions? DTTF/NB479: DszquphsbqizDay.
Description of a New Variable-Length Key, 64-Bit Block Cipher (BLOWFISH) Bruce Schneier BY Sunitha Thodupunuri.
TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
Chapter 3 Encryption Algorithms & Systems (Part D)
Cracking the DES Encryption
Symmetric Encryption Lesson Introduction ●Block cipher primitives ●DES ●AES ●Encrypting large message ●Message integrity.
Chapter 2 (C) –Advanced Encryption Standard. Origins clearly a replacement for DES was needed –have theoretical attacks that can break it –have demonstrated.
Advanced Encryption Standard Dr. Shengli Liu Tel: (O) Cryptography and Information Security Lab. Dept. of Computer.
Announcements: Homework 2 returned Homework 2 returned Monday: Written (concept and small calculations) exam on breaking ch 2 ciphers Monday: Written (concept.
Computer and Network Security Rabie A. Ramadan Lecture 3.
Intro to Cryptography Lesson Introduction
© Information Security Group, ICU1 Block Cipher- introduction  DES Description: Feistel, S-box Exhaustive Search, DC and LC Modes of Operation  AES Description:
DES Analysis and Attacks CSCI 5857: Encoding and Encryption.
Linear Cryptanalysis of DES
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Block Cipher- introduction
David Evans CS551: Security and Privacy University of Virginia Computer Science Lecture 4: Dissin’ DES The design took.
Lecture 4 Overview. Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion.
Data Encryption Standard (DES) most widely used block cipher in world adopted in 1977 by NBS (now NIST) – as FIPS PUB 46 encrypts 64-bit data using 56-bit.
CS519, © A.SelcukDifferential & Linear Cryptanalysis1 CS 519 Cryptography and Network Security Instructor: Ali Aydin Selcuk.
Linear Cryptanalysis of DES M. Matsui. 1.Linear Cryptanalysis Method for DES Cipher. EUROCRYPT 93, 1994.Linear Cryptanalysis Method for DES Cipher 2.The.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
6b. Practical Constructions of Symmetric-Key Primitives.
DTTF/NB479: Dszquphsbqiz Day 17
Presentation transcript:

Announcements: Quizzes returned at end of class Quizzes returned at end of class This week: Mon-Thurs: Data Encryption Standard (DES) Mon-Thurs: Data Encryption Standard (DES) Today: Differential Cryptanalysis on EDEN HW 4 (assigned Thurs) is to implement DES HW 4 (assigned Thurs) is to implement DES Friday: Computer quiz on breaking ciphers in ch 2 Friday: Computer quiz on breaking ciphers in ch 2 Next week: Rijndael, start RSA Rijndael, start RSAQuestions? DTTF/NB479: DszquphsbqizDay 14

Recall EDEN Input (12 bits) L 0 (6)R 0 (6) f L 1 (6)R 1 (6) K 1 (8) f L 2 (6)R 2 (6) K 2 (8) Round 1 Round 2 Repeat for 8 rounds … The key, K i for round i is derived from a 9-bit key K.

Differential Cryptanalysis A chosen plaintext attack to find the key We’ll work the process together for 3 rounds. Assume we can input L 1 R 1 and view output L 4 R 4. This can be extended to 4 rounds

Lots of calculations done on whiteboard…

Extension to 4 Rounds Exploits weaknesses in S-boxes. S 1 : 12/16 of input pairs with XOR = 0011 have output XOR 011 S 2 : 8/16 of input pairs with XOR = 1100 have output XOR 010 But we expect only 2/16 pairs in each case We choose R 0, R 0 * such that R 0 ’ = P(XOR of outputs = ) ~ 3/8. P(XOR of outputs = ) ~ 3/8. If we also choose L 0, L 0 * such that L 0 ’ = , then 3/8 of time, L 1 ’R 1 ’ = So we choose lots of pairs like this, and do the 3-round method with L 1 ’ = and the known outputs. We’ll get lots of garbage (random keys), since we aren’t sure that L 1 ’ = , but since it shows up so often, K 4 will show up much more frequently than other keys! Example on p. 122 gives key frequencies using an attack with 100 such inputs. K 4 shows up ~50% more than others.

Extensions What about more than 4 rounds? What about stronger S-boxes? Can do both, just require more inputs to gather statistics to find key. Is this more efficient than brute forcing?

Summary Number of rounds # inputs needed for diffy crypt. # inputs required for brute force EDEN 3~2*(2-3) ~2* DES <=15 < > 2 56 (no longer efficient to use) 2 56 Could the DES designers have anticipated diffy crypt attacks?

HW4: DES Implementation I implemented EDEN in Java fairly quickly DES is obviously more complicated You’ll implement encryption and decryption. Correctness: Can use one to test the other. Can use one to test the other.Efficiency: In addition, it’d be nice to use a language that closer to the hardware for efficiency, like C. In addition, it’d be nice to use a language that closer to the hardware for efficiency, like C. I’m planning a competition to see whose implementation is quickest! I’m planning a competition to see whose implementation is quickest!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.