8. Cryptography part 21 Rotor Machines Combine Substitution and Transposition Methods produce ciphers that are very difficult to break Rotor Machines in.

Slides:



Advertisements
Similar presentations
DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Advertisements

“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.2 Secret Key Cryptography.
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Cryptography and Network Security Chapter 3
Week 2 - Friday.  What did we talk about last time?  Substitution ciphers  Vigenère ciphers  One-time pad.
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Lecture 23 Symmetric Encryption
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
Encryption Schemes Second Pass Brice Toth 21 November 2001.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
The Data Encryption Standard - see Susan Landau’s paper: “Standing the test of time: the data encryption standard.” DES - adopted in 1977 as a standard.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
Cryptography and Network Security Chapter 6. Multiple Encryption & DES  clear a replacement for DES was needed theoretical attacks that can break it.
Network Security Lecture 14 Presented by: Dr. Munam Ali Shah.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Lecture 4: Using Block Ciphers
TE/CS 536 Network Security Spring 2006 – Lectures 6&7 Secret Key Cryptography.
Chapter 20 Symmetric Encryption and Message Confidentiality.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Cryptography and Network Security
Lecture 3 Feistel based algorithms. Today 1.Block ciphers - basis 2.Feistel cipher 3.DES 4.DES variations 5.IDEA 5.NEWDES.
CS555Spring 2012/Topic 111 Cryptography CS 555 Topic 11: Encryption Modes and CCA Security.
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
3DES and Block Cipher Modes of Operation CSE 651: Introduction to Network Security.
Multiple Encryption & DES  clearly a replacement for DES was needed Vulnerable to brute-force key search attacks Vulnerable to brute-force key search.
Chapter 2 (B) – Block Ciphers and Data Encryption Standard.
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.
Stream Ciphers and Block Ciphers A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream.
TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms.
Lecture 2: Introduction to Cryptography
Lecture 23 Symmetric Encryption
Symmetric Encryption Lesson Introduction ●Block cipher primitives ●DES ●AES ●Encrypting large message ●Message integrity.
Chapter 2 Symmetric Encryption.
© Information Security Group, ICU1 Block Cipher- introduction  DES Description: Feistel, S-box Exhaustive Search, DC and LC Modes of Operation  AES Description:
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Block Cipher- introduction
1 The Data Encryption Standard. 2 Outline 4.1 Introduction 4.4 DES 4.5 Modes of Operation 4.6 Breaking DES 4.7 Meet-in-the-Middle Attacks.
Cryptography and Network Security
1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.
Lecture 3: Symmetric Key Encryption
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
Security through Encryption
PART VII Security.
Security Of Wireless Sensor Networks
Block vs Stream Ciphers
Security of Wireless Sensor Networks
Elect. Codebook, Cipher Block Chaining
Secret-Key Encryption
Presentation transcript:

8. Cryptography part 21 Rotor Machines Combine Substitution and Transposition Methods produce ciphers that are very difficult to break Rotor Machines in World War II: German “Enigma” and Japanese “Purple” Breaking by the Allies was a significant factor in the outcome of the war (Turing)

8. Cryptography part 22 Example of Rotor Machine

8. Cryptography part 23 Concealment Cipher Message within a message: Example – third word in each sentence matters: GMU students take the security class very seriously. They study a good eight hours a day, each day. They can break many of the classical ciphers.

8. Cryptography part 24 Symmetric (Secret Key) Cryptography

8. Cryptography part 25 Conditional Cryptography Cryptographic schemes that do not have a mathematical proof that they are 100% secure An opponent can break the scheme if unlimited text, computing power, and time is available Strength of the scheme relies on assumption that attacker does not have sufficient resources (text, time, computers, money, etc.) to break the scheme All modern practical cryptographic schemes are only conditionally secure

8. Cryptography part 26 Xor = Exclusive OR

8. Cryptography part 27 Notation A – Alice (a party) B – Bob (another party) E – Eve (eavesdropper / attacker) M – Message (plaintext, sometimes secret) K – Key (very secret) C – Cipher (ciphertext, seen by attacker) ENC – Encryption (secret / known) DEC – Decryption (secret / known) AUTH – Authentication (secret / known) VER – Verification (secret / known)

8. Cryptography part 28 Symmetric Encryption A encrypts the message M using the algorithm ENC with the key K to obtain the ciphertext C B decrypts the ciphertext C using the algorithm DEC with the key K to obtain the message M Key K is symmetric, secret, and known only to A and B

8. Cryptography part 29 DES (Data Encryption Standard) In 1973, NBS (National Bureau of Standards, now NIST) wrote an RFP (Request for Proposals) for a commercial encryption standard IBM proposed its strong Lucifer algorithm (developed by Feistel and others) NSA (National Security Agency) asked for a weaker Lucifer (by shortening the key) and also made changes to IBM’s algorithm Data Encryption Standard (DES) accepted in 1976 and expired 22 years later, in 1998

8. Cryptography part 210 DES Design Criteria Algorithm must: provide high level of security be completely specified Security of the algorithm must reside in the key Algorithm must be: available to all users adaptable for use in diverse applications efficiently implemented in hardware efficient to use able to be validated Exportable !

8. Cryptography part 211 DES in use DES is widely-used data encryption using a (secret) key judged so difficult to break by the U.S. government that it was restricted for export to other countries. There are 72,000,000,000,000,000 (72 quadrillion) or more possible encryption keys that can be used. For each given message, the key is chosen at random from among this enormous number of keys. Like other private key cryptographic methods, both the sender and receiver must know and use the same private key.

8. Cryptography part 212 DES Structure Block size – 64 bits Key size – 64 bit quantity=(8 bit parity)+(56 bit key) – Every 8th bit is a parity bit. – 16 round keys (48 bits) derived from key (56 bits) 16 iterations each consisting of scrambling the round-block (64 bits) with the round-key (48 bits) 64 bit input, 64 bit output.

8. Cryptography part 213 Multiple Encryption

8. Cryptography part 214 Multiple Encryption Major limitation of DES Key length is too short (56 bits). Question: So can we apply DES multiple times to increase the strength of encryption? Advantage: We could then preserve the existing investment in software and equipment.

8. Cryptography part 215 Double DES (I) Apply two iterations of DES with two keys K1 and K2 What if DES has a structure of an algebraic group, such that for each K1 and K2 there is a K3 with the property: Ek2(Ek1(P)) = Ek3(P) This is not the case (it was proved in 1992) but is the security level O(2112)?

8. Cryptography part 216 Double DES (II) Meet-in-the-Middle Attack: For given M and C – search only O(256) pairs of keys K 1 and K 2 at the intermediate point I Encrypt M under all 2 56 options for K1 – Denote the results by X 1, X 2,..., X 2 Decrypt C under all 2 56 options for K2 – Denote the results by Y 1, Y 2,..., Y 2

8. Cryptography part 217 Double DES (III) Meet-in-the-Middle Attack (continued): Sort the values X 1, X 2,..., X 2 Sort the values Y 1, Y 2,... Find collisions between values of X i and Y j – there should be about (2 112 / 2 64 ) = 2 48 collisions Mark the 2 48 potential candidates for key-pair K 1 / K 2 Take another pair M’ and C’, and repeat this -- test with the new pair and the suspected 2 48 key-pairs The second test will pin down the correct pair K 1 / K 2 (the success rate will be (2 48 / 2 64 ) = )

8. Cryptography part 218 Double DES (IV) Meet-in-the-Middle Attack (continued): Time requirement of attack – for encryptions, decryptions, sorting, and comparing: O(2 64 ) steps Space requirement of attack – for keeping the encryption and decryption values: O(2 60 ) bytes Although attack is not practical – it is high enough to consider Double-DES insecure

8. Cryptography part 219 Triple-DES (I) EEE Mode: – DES Encrypt-Encrypt-Encrypt with three keys K 1, K 2, K 3 (168 bits) and strength O (2 110 ) against Meet-in-the- Middle – Not compatible with regular DES

8. Cryptography part 220 Triple-DES (II) EDE Mode: DES Encrypt-Decrypt-Encrypt with two keys K 1, & K 2 Properties: Two keys (112 bits) Strength O(2 110 ) against Meet-in-the-Middle Compatible with regular DES when K 1 = K 2

8. Cryptography part 221 E-D-E versus E-E-E Why E-D-E? – Initial and final permutations would cancel each other out with EEE (minor advantage to EDE) EDE compatible with single DES if same keys. Only 2 different Keys needed with E-D-E

8. Cryptography part 222 Triple DES Not Ideal... Efficiency demands schemes with longer keys! Runs one third as fast as DES on the same platform New candidates numerous - RC5, IDEA, two-fish, CAST, etc New AES

8. Cryptography part 223 Modes of Block Cipher Operations Encrypting a Large Message The base algorithms encrypt a fixed size block -- one block at a time. This is the Electronic Code Book (ECB) repeated plaintext blocks results in repeated ciphertext blocks Other modes “chain” to avoid this CBC (Cipher Block Chaining Mode) OFB (Output Feedback Mode) CFB (Cipher Feedback Mode) Encryption does not guarantee integrity!

8. Cryptography part 224 ECB Divide and conquer ! (M 1 == M 3 ) => (C 1 == C 3 ) giving information to eavesdroppers

8. Cryptography part 225 ECB Properties Disadvantage: If c i =c J, then p i =p J 1. Can reorder blocks 2. Can substitute (fabricated information) blocks to affect plaintext Advantage: No error propagation. Two serious flaws, one advantage!

8. Cryptography part 226 ECB problem

8. Cryptography part 227 CBC Encryption

8. Cryptography part 228 CBC Decryption

8. Cryptography part 229 CBC Properties Chaining dependency – Each ciphertext block depends on all preceding plaintext blocks – To change a bit in m i, change the corresponding bit in c i-1. The side effect is that m i-1 will be garbled. Error propagation – Each error in c j affects decipherment of m j and m j+1. Error recovery – An error in c j doesn’t propagate beyond c j+1. – Can recover from loss of cipher text blocks.

8. Cryptography part 230 OFB

8. Cryptography part 231 OFB Properties OFB stream generated: – IV (transmitted in the clear) – pad 1 =e(IV, key) – pad 2 =e(pad1, key) – pad i =e(padi-1,key) Chaining dependencies – Key stream is plaintext-independent – Allow pre-computing of pseudo-random stream (One-Time Pad); XOR can be implemented very efficiently No error propagation problem as in CBC What if ciphertext is garbled or lost? – If garbled, only plaintext bits are garbled. – If lost or duplicated, it is no linger synchronized, so everything is lost.

8. Cryptography part 232 CFB

8. Cryptography part 233 CFB Properties Chaining dependencies – Ciphertext block c j depends on all preceding plaintext blocks. Error propagation Bit error in one ciphertext block affects the next few Error recovery Can recover from bit errors after several blocks Can resynchronize after loss of blocks.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.