A Java implemented key collision attack on the Data Encryption Standard (DES) John Loughran, Tom Dowling NUI, Maynooth, Co. Kildare, Ireland PPPJ ‘03.

Slides:

Advertisements

Similar presentations

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.

Advertisements

Cryptography encryption authentication digital signatures

Conventional Encryption: Algorithms

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.

Cryptography and Network Security Chapter 3

Public Key Encryption Algorithm

Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.

Cryptanalysis of the Playfair Cipher Using an Evolutionary Algorithm By: Benjamin Rhew.

ICS 454: Principles of Cryptography

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

Decryption Algorithms Characterization Project ECE 526 spring 2007 Ravimohan Boggula,Rajesh reddy Bandala Southern Illinois University Carbondale.

Network Security Chapter

L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.

CSE 651: Introduction to Network Security

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

1 Homework Study Java Cryptography by Reading the rest of slides and accessing Sun ’ s Java website:

Public Key Model 8. Cryptography part 2.

Cryptography Week-6.

Cryptanalysis. The Speaker  Chuck Easttom  

Java supports encryption by a wide variety of packages: The standard java.security package The standard javax.crypto package Packages supplied by third.

Content  Introduction  Signing, sealing and guarding Java object Motivation Design ( in terms of API ) Performance  Summary.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.

Confusion and Diffusion1 Ref: William Stallings, Cryptography and Network Security, 3rd Edition, Prentice Hall, 2003.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Network Security Lecture 14 Presented by: Dr. Munam Ali Shah.

CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Network Security Lecture 11 Presented by: Dr. Munam Ali Shah.

Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:

Based on Bruce Schneier Chapter 7: Key Length Dulal C. Kar.

National Institute of Science & Technology Cryptology and Its Applications Akshat Mathur [1] Cryptology and Its Applications Presented By AKSHAT MATHUR.

Strength of Cryptographic Systems Dr. C F Chong, Dr. K P Chow Department of Computer Science and Information Systems The University of Hong Kong.

DES Attacks and Triple DES

Cryptography Team Presentation 2

Elementary Cryptography  Concepts of encryption  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public key) Encryption (RSA)(RSA)

Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.

CRYPTOGRAPHY. TOPICS OF SEMINAR Introduction & Related Terms Categories and Aspects of cryptography Model of Network Security Encryption Techniques Public.

24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,

Lecture 23 Symmetric Encryption

1 Symmetric key cryptography: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64 bit plaintext input How secure.

PZAPR Parallel Zip Archive Password Recovery CSCI High Perf Sci Computing Univ. of Colorado Spring 2011 Neelam Agrawal Rodney Beede Yogesh Virkar.

BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.

Chapter 2 Symmetric Encryption.

DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.

David Evans CS551: Security and Privacy University of Virginia Computer Science Lecture 4: Dissin’ DES The design took.

DES: Data Encryption Standard

Block Ciphers and the Data Encryption Standard. Modern Block Ciphers  One of the most widely used types of cryptographic algorithms  Used in symmetric.

Group 01 Foucher, S Thontat, Y Shaduka, S. Encryption History  WWII and breaking the Enigma code  people full time.

CST 312 Pablo Breuer. A block of plaintext is treated as a whole and used to produce a ciphertext block of equal length Typically a block size of 64 or.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Introduction Of System Security

Lecture 3: Symmetric Key Encryption

Cryptanalysis Network Security.

Presentation transcript:

A Java implemented key collision attack on the Data Encryption Standard (DES) John Loughran, Tom Dowling NUI, Maynooth, Co. Kildare, Ireland PPPJ ‘03

17 th June 2003Java implemented DES attack2 Java Cryptography Used Java Cryptographic Extension (JCE) based on Java Cryptographic Architecture (JCA) Contains java.security and javax.crypto packages Used Austrian IAIK version of the JCE Contains classes which simplify encryption process E.g. factory methods to return instances of a class as: Cipher cryptObject = Cipher.getInstance(“DES”);

17 th June 2003Java implemented DES attack3 Data Encryption Standard (DES) DES is a symmetric block cipher Same key for encryption and decryption Works on blocks of fixed length DES has 2 56 different keys =

17 th June 2003Java implemented DES attack4 Birthday Paradox Brute force attack: Try all 2 56 possible keys Birthday attack: Reduces complexity of attack to 2 28 i.e. sqrt(2 56 ) ~ For a set with n (2 56 for DES) possible keys In two subsets of randomly generated keys of size sqrt(n) (2 28 for DES) Probability of a match is 0.63 [Stallings, 2003]

17 th June 2003Java implemented DES attack5 The Biham Algorithm A known plaintext header is used E.g. Postcript file header: “%!PS-Ado” This plaintext header is encrypted using 2 28 different random DES keys Resulting (ciphertext, key) pairs stored in a table Compare 2 28 incoming ciphertexts of the same header whose keys are unknown with table When a match is found the corresponding key is returned The key can be used to decrypt the message or even substitute a favourable message

17 th June 2003Java implemented DES attack6 Implementing the Attack Used the JCE to generate the keys as: KeyGenerator keyGen = KeyGenerator.getInstance(“DES”); keyGen.init(new SecureRandom()); Key key = keyGen.generateKey(); Stored (ciphertext, key) pairs in Hashtables Searching complexity of O(1)

17 th June 2003Java implemented DES attack7 Memory Considerations Unable to keep a Hashtable with 2 28 pairs in memory Even using a Pentium 4, 2 GHz, 1 GB RAM, 60 GB HD With virtual memory set to 4 GB Despite increasing Java heap size to max using switch at runtime: C:\>java –Xms 1640m –Xmx 1640m CrackDES

17 th June 2003Java implemented DES attack8 Multiple Hashtable Approach 2 14 Hashtables each containing 2 14 (ciphertext, key) pairs were generated During generations pairs were allocated to a particular Hashtable based on the mod of the hashCode() of the ciphertext Hashtables were finally stored on disk as files bightable ser to bightable ser after various merging operations

17 th June 2003Java implemented DES attack9

17 th June 2003Java implemented DES attack10 Finding a Key Arrays of ciphertexts of the same plaintext header were generated to simulate incoming ciphertexts with unknown keys Each ciphertext was examined as follows: Its hashCode() mod was obtained The corresponding Hashtable was read in and searched If a matching ciphertext was found the corresponding key was returned

17 th June 2003Java implemented DES attack11

17 th June 2003Java implemented DES attack12 Time Considerations To speed up the search process the “incoming” ciphertexts were split up into arrays such that Each array contained ciphertexts whose hashCode() mod were the same Thus only one Hashtable needs to be read in for each array This reduced the estimated time needed to find a key from 6.2 years to 2.3 hours!

17 th June 2003Java implemented DES attack13 Space Optimisation Storing only the key value as a Long object rather than a Key object reduced the space required for the Hashtables from an estimated 55 GB to 8 GB This necessitates creating a Key object from the returned key value using SecretKey methods from the JCE

17 th June 2003Java implemented DES attack14 Conclusions Biham algorithm implemented successfully in Java Use of JCE in cryptanalysis demonstrated Space and time optimisations mean that DES can now be cracked in 2 hours on a single PC using Java Possible future work on implementation of a parallel search using a distributed system

17 th June 2003Java implemented DES attack15 Website This presentation and the full text of the thesis including references and appendices can be downloaded from my website:-