Module :MA3036NI Symmetric Encryption -4 Lecture Week 5.

Slides:



Advertisements
Similar presentations
Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Advertisements

Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5
Cryptography and Network Security Chapter 3
Chapter 3 Block Ciphers and the Data Encryption Standard
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Modified by Richard Newman.
Cryptography and Network Security
Symmetric Encryption Algorithms CS-480b Dick Steflik Text – Network Security Essentials – Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik.
Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.
AES clear a replacement for DES was needed
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.
Cryptography and Network Security Chapter 3. Chapter 3 – Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's.
CSCE 790G: Computer Network Security Chin-Tser Huang University of South Carolina.
Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
Chapter 3 – Block Ciphers and the Data Encryption Standard
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 3 – Block Ciphers and the Data Encryption Standard
Chapter 5 Advanced Encryption Standard. Origins clear a replacement for DES was needed –have theoretical attacks that can break it –have demonstrated.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know what the key is it's virtually indecipherable."
Dr. Lo’ai Tawalbeh 2007 Chapter 3: Block Ciphers and the Data Encryption Standard Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
Cryptography and Network Security Chapter 3. Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types of cryptographic.
Applied Cryptography Example: AES. Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know what the key is it's.
Chapter 2 Symmetric Ciphers MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
9/17/15UB Fall 2015 CSE565: S. Upadhyaya Lec 6.1 CSE565: Computer Security Lecture 6 Advanced Encryption Standard Shambhu Upadhyaya Computer Science &
CIM Symmetric Ciphers 31 Advanced Encryption Standard Ch 5 of Cryptography and Network Security -Third Edition by William Stallings Modified from.
Advance Encryption Standard. Topics  Origin of AES  Basic AES  Inside Algorithm  Final Notes.
Information Security Lab. Dept. of Computer Engineering 122/151 PART I Symmetric Ciphers CHAPTER 5 Advanced Encryption Standard 5.1 Evaluation Criteria.
Network Security Lecture 14 Presented by: Dr. Munam Ali Shah.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Feistel Cipher Structure
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 2 (B) – Block Ciphers and Data Encryption Standard.
CSCE 815 Network Security Lecture 4 DES again. Outline History of DES DES revisited.
Symmetric Encryption Algorithms. Symmetric Cipher Model Plaintext Encryption Algorithm Secret Key (known to sender and receiver) Ciphertext Decryption.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Symmetric Encryption IT 352 : Lecture 2- part2 Najwa AlGhamdi, MSc – 2012 /1433.
Advanced Encryption Standard. Origins NIST issued a new version of DES in 1999 (FIPS PUB 46-3) DES should only be used in legacy systems 3DES will be.
Chapter 3 – Block Ciphers and the Data Encryption Standard.
Fifth Edition by William Stallings
Chapter 2 (C) –Advanced Encryption Standard. Origins clearly a replacement for DES was needed –have theoretical attacks that can break it –have demonstrated.
Advanced Encryption Standard Dr. Shengli Liu Tel: (O) Cryptography and Information Security Lab. Dept. of Computer.
Computer and Network Security Rabie A. Ramadan Lecture 3.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Data Security and Encryption (CSE348) 1. Lecture # 7 2.
Cryptography and Network Security 2 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Data Encryption Standard (DES) most widely used block cipher in world adopted in 1977 by NBS (now NIST) – as FIPS PUB 46 encrypts 64-bit data using 56-bit.
1 Block Ciphers (DES) Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Changed by Somesh Jha)
Depart. of Computer Science and Engineering
Module :MA3036NI Symmetric Encryption -3 Lecture Week 4.
Data Security and Encryption (CSE348) 1. Lecture # 9 2.
Block Ciphers and the Data Encryption Standard. Modern Block Ciphers  One of the most widely used types of cryptographic algorithms  Used in symmetric.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Cryptography and Network Security Chapter 3 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security
School of Computer Science and Engineering Pusan National University
Cryptography and Network Security
Block Ciphers and the Data Encryption Standard (DES)
Chapter -2 Block Ciphers and the Data Encryption Standard
Chapter -3 ADVANCED ENCRYPTION STANDARD & BLOCK CIPHER OPERATION
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Presentation transcript:

Module :MA3036NI Symmetric Encryption -4 Lecture Week 5

Question. Encrypt the Hexadecimal word “CA” using Key using the techniques of S-DES.

3 Overview Feistel Cipher Structure Data Encryption Standard(DES) – History – Encryption – Round Structure – Key Schedule – Decryption – Avalanche effect – Strengths AES (demo)

4 Feistel Cipher Structure Horst Feistel devised the feistel cipher – based on concept of invertible product cipher Partitions input block into two halves – process through multiple rounds which – perform a substitution on left data half – based on round function of right half & sub key – then have permutation swapping halves Implements Shannon ’ s substitution-permutation network concept

5 Feistel Cipher Structure

6 Feistel Cipher Design Principles Block size – increasing size improves security, but slows cipher Key size – increasing size improves security, makes exhaustive key searching harder, but may slow cipher Number of rounds – increasing number improves security, but slows cipher Sub key generation – greater complexity can make analysis harder, but slows cipher Round function – greater complexity can make analysis harder, but slows cipher Fast software en/decryption & ease of analysis – are more recent concerns for practical use and testing

7 Data Encryption Standard (DES) Most widely used block cipher in world Adopted in 1977 by NBS (National Bureau of Standards), now NIST (National Institute of Standard and Technology) – as FIPS PUB 46 Encrypts 64-bit data using 56-bit key Has widespread use Has been considerable controversy over its security

8 DES History IBM developed Lucifer cipher – by team led by Feistel – used 64-bit data blocks with 128-bit key Then redeveloped as a commercial cipher with input from NSA (National Security Agency) and others In 1973 NBS issued request for proposals for a national cipher standard IBM submitted their revised Lucifer which was eventually accepted as the DES

9 DES Design Controversy DES standard is public However, there was considerable controversy over design – in choice of 56-bit key (vs. Lucifer 128-bit) – and because S -boxes design criteria were classified (hidden) Subsequent events and public analysis show in fact design was appropriate DES has become widely used, especially in financial applications

10 DES Encryption

11 Initial Permutation IP First step of the data computation IP reorders the input data bits Even bits to LH half, odd bits to RH half Quite regular in structure

12 DES Round Structure Uses two 32-bit L & R halves As for any Feistel cipher can describe as: L i = R i – 1 R i = L i – 1 xor F(R i – 1, K i ) Takes 32-bit R half and 48-bit sub key and: – expands R to 48-bits using perm E – adds to sub key – passes through 8 S-boxes to get 32-bit result – finally permutes this using 32-bit perm P

13 DES Round Structure (cont)

14 Substitution Boxes S Have 8 S-boxes which map 6 to 4 bits Each S-box is actually 4 little 4 bit boxes – outer bits 1 & 6 (row bits) select one rows – inner bits 2-5 (column bits) are substituted – result is 8 lots of 4 bits, or 32 bits Row selection depends on both data & key – feature known as autoclaving (auto keying)

15 DES Key Schedule Forms sub keys used in each round Consists of: – initial permutation of the key (PC1) which selects 56-bits in two 28-bit halves – 16 stages consisting of: selecting 24-bits from each half permuting them by PC2 for use in function f, rotating each half separately either 1 or 2 places depending on the key rotation schedule K

16 DES Decryption Decrypt must unwind steps of data computation With Feistel design, do encryption steps again Using sub keys in reverse order (SK16 … SK1) Note that IP undoes final FP step of encryption 1st round with SK16 undoes 16th encrypt round …. 16th round with SK1 undoes 1st encrypt round Then final FP undoes initial encryption IP Thus recovering original data value

17 Avalanche Effect Where a change of one input or key bit results in changing approx half output bits DES exhibits strong avalanche

18 Strength of DES – Key Size 56-bit keys have 2 56 = 7.2 x values Brute force search looks hard Recent advances have shown is possible – in 1997 on Internet in a few months – in 1998 on dedicated h/w in a few days – in 1999 above combined in 22hrs Still must be able to recognize plaintext Now considering alternatives to DES

19 Strength of DES – Timing Attacks A timing attack is one in which information about the key or plaintext is obtained by observing how long it takes a given implementation to perform decryptions on various cipher texts. Its so far unlikely that this technique will ever be successful against DES.

20 Strength of DES – Analytic Attacks Now have several analytic attacks on DES These utilise some deep structure of the cipher – by gathering information about encryptions – can eventually recover some/all of the sub-key bits – if necessary then exhaustively search for the rest Generally these are statistical attacks Include – differential cryptanalysis – linear cryptanalysis – related key attacks

21 Advanced Encryption Standard "It is very simple. But if you don't know what the key is it's virtually indecipherable." — Ruth Rendell

22 Origins Clear a replacement for DES was needed – have theoretical attacks that can break it – have demonstrated exhaustive key search attacks Can use Triple-DES – but slow with small blocks US NIST issued call for ciphers in candidates accepted in Jun 98 5 were shortlisted in Aug-99 Rijndael was selected as the AES in Oct-2000 Issued as standard in Nov-2001

23 AES Requirements Private key symmetric block cipher 128-bit data, 128/192/256-bit keys Stronger & faster than Triple-DES

24 The AES Cipher - Rijndael Designed by Rijmen-Daemen in Belgium Has 128/192/256 bit keys, 128 bit data An iterative rather than feistel cipher – treats data in 4 groups of 4 bytes – operates an entire block in every round Designed to be: – resistant against known attacks – speed and code compactness on many CPUs – design simplicity

25 Rijndael AES Cipher Processes data as 4 groups of 4 bytes (state) Has 9/11/13 rounds in which state undergoes: – byte substitution (1 S-box used on every byte) – shift rows (permute bytes between groups/columns) – mix columns (subs using matrix multiply of groups) – add round key (XOR state with key material) Initial XOR key material & incomplete last round All operations can be combined into XOR and table lookups - hence very fast & efficient

26 Demo 05/blockciphers/rijndael_ingles2004.swf 05/blockciphers/rijndael_ingles2004.swf

27 Relationship between S-DES and DES DES operates on 64-bit of input A 56-bit key is used, from which bit sub keys are calculated There is IP of 56 bits, followed by a sequence of shifts and permutations of 48 bits

28 Relationship between S-DES and DES (cont) Encryption Algorithm – Mapping F acts on 32 bits (n 1 n 2 … n 32 ) – After the Expansion/Permutation, the output of 48 bits is

29 Relationship between S-DES and DES (cont) Encryption Algorithm (cont...) – This matrix is added (XOR) to a 48-bit sub key – There are 8 rows corresponding to 8 S-boxes – Each S-box has 4 rows and 16 columns – The 1 st and last bit of a row of the preceding matrix pick out a row of an S-box – The middle 4 bits pick out a column