Presentation is loading. Please wait.

Presentation is loading. Please wait.

 We spoke about defense challenges  Crypto introduction o Secret key, public algorithms o Symmetric, asymmetric crypto, one-way hashes  Attacks on cryptography.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: " We spoke about defense challenges  Crypto introduction o Secret key, public algorithms o Symmetric, asymmetric crypto, one-way hashes  Attacks on cryptography."— Presentation transcript:

1  We spoke about defense challenges  Crypto introduction o Secret key, public algorithms o Symmetric, asymmetric crypto, one-way hashes  Attacks on cryptography o Cyphertext-only, known plaintext, chosen plaintext, MITM, brute-force  Types of ciphers o Mix of substitution and transposition o Monoalphabetic, homophonic, polygram, polyalphabetic

2  Bpqa kzgxbwozixpg ammua zmit miag. Em eivb uwzm!  Answer 1: o The call of death is a call of love. Death can be sweet if we answer it in the affirmative, if we accept it as one of the great eternal forms of life and transformation. o Broken by using frequency analysis

3  Bpqa kzgxbwozixpg ammua zmit miag. Em eivb uwzm!  Answer 2: o This cryptography seems real easy. We want more! o Ceasar cipher with offset 18, symmetric o Q: If we use offset 18 to encrypt and offset 8 to decrypt how is this symmetric crypto?

4  Polyalphabetic – many monoalphabetic ciphers are used sequentially o First mapping is used for the first letter, second mapping for the second letter and so on o XOR is a polyalphabetic cipher in binary domain

5  Polyalphabetic cipher with infinite key o Combine letters from the message with the letters from an infinite key, randomly generated o Never reuse the key o Key needs to be generated using a very good RNG (to avoid any patterns)  This cipher cannot be broken  Sender and receiver must be perfectly synchronized

6  Stream ciphers: polyalphabetic o Work on message a bit or a byte at a time o Same bit/byte will encrypt differently, depending on the position of the key  Block ciphers: polygram o Work on message block by block o Block size is usually the same as key size o Same plaintext block may encrypt into the same ciphertext block, depending on the cipher mode  Assume XOR with the key

7 plaintext key ciphertext S A N T A C L A U S S U P E R C A L I F R A G I L I S T I C L V D Y S F M M D Y K B U C M L E U D V Bonus question: What was the encryption algorithm I used here?

8  If Eve can get hold of plaintext/cyphertext pair she can retrieve the key  Keystream is generated continuously and is the function of the secret stored inside the RNG  Key should be pseudorandom – hard to break but easily reproduced for decryption  Security depends entirely on RNG generating the key

9

10 Internal State Output Function Next State Function Key Keystream

11  Keystream is generated from the key K  Sender and receiver must be synchronized  One-bit error in ciphertext produces one- bit error in plaintext  Upon loss of synchronization both sides start afresh with a new key  Any deletions and insertions will cause loss of synchronization  Mallory can toggle/change bits

12 Internal State Output Function Key + PiPi CiCi

13  Internal state is the function only of the previous n ciphertext bits and depends on the key K  Decryption keystream generator will completely synchronize with encryption generator after receiving n bits  Advantage: o Recovery from loss of bits after n bits  Drawback: o Error extension – one-bit error in ciphertext produces n errors in plaintext o Mallory can replay messages

14  We need to generate a sequence that looks random but is reproducible  There shouldn’t be any obvious regularities, otherwise Eve can learn the pattern after seeing several numbers, and guess the next ones  We would like to cover the whole range of numbers (e.g. 2 n if the number has n bits)

15  Generators of the form o A period of a generator is number of steps before it repeats the sequence o If a, b and m are properly chosen, this generator will be maximal period generator and have period of m o It has been proven that any polynomial congruential generator can be broken

16  Used for cryptography today  A shift register is transformed in every step through feedback function o Contents are shifted one bit to the right, the bit that “falls out” is the output o New leftmost bit is XOR of some bits in the shift register - tap sequence o If we choose a proper tap sequence period will be 2 n -1

17 1111 0111 1 1011 1 0101 1 1010 1 1101 0 0110 1 0011 0 1001 1 0100 1 0010 0 0001 0 1000 1 1100 0 1110 0 1111 0

18  Proper tap sequences are those where a polynomial from a tap sequence + 1 is a primitive polynomial in GF(2)  There are tables of primitive polynomials  LFSR is fast in hardware but slow in software  LFSR are not themselves secure but they are used as building blocks in encryption algorithms

19 plaintext key S A N T A C L A U S S U P E R

20 plaintext key ciphertext S A N T A C L A U S S U P E R L V D Y S

21 plaintext key ciphertext S A N T A C L A U S L V D Y SV G Q Z K S U P E R

22 plaintext key ciphertext S A N T A C L A U S L V D Y SV G Q Z K S U P E R L V D Y S

23 plaintext key ciphertext S U P E R S A N T A C L A U S L V D Y SV G Q Z KL V D Y SV G Q Z K

24 SSSSSSSS round substitution permutation

25  Electronic Code Book (ECB)  Cipher Block Chaining (CBC)  k-bit Cipher Feedback Mode (CFB)  k-bit Output Feedback Mode (OFB)  Things to consider: o Can we encrypt/decrypt efficiently (as soon as bits arrive) o How hard it is to break encryption o What if a bit is flipped on the channel o What if we lose a bit on the channel

26  Store mapping for every possible block o Fast encryption/decryption – just a table lookup o Ability to process text in any order and in parallel o Table size could be enormous so we need to make the mapping depend on the key  Eve can detect which blocks map to other blocks, by seeing several plaintext and corresponding ciphertext messages  Due to language redundancy even partial decryption might provide enough information  Bit error invalidates one block  Bit loss/addition is not recoverable

27 Bank A Bank B E K (M)D K (C) Mallory Transfer $100 to my account in Bank B 12B7 7783 38AC CDC7  Mallory does this couple of times, looks for similar block sequences.  She can now replay 12B7 7783 38AC CDC7 at will

28 Bank A Bank B E K (M)D K (C) Mallory Transfer $100 to my account in Bank B 3231 12B7 7783 38AC CDC7  Bank adds timestamps  Mallory picks specific blocks of message carrying his name and account number and replaces those in other messages between Bank A and Bank B

29  Problem with ECB is that Mallory can replace, add or drop blocks at will  Chaining prevents this by adding feedback o Each ciphertext block depends on all previous blocks  Also, with CBC, same plaintext blocks will encrypt to different ciphertext blocks thus obscuring patterns in plaintext

30 + plaintext key ciphertext ++ IV Initialization vector (IV) is just a block of random numbers, to ensure that no messages have the same beginning. Both the sender and the receiver must use the same IV. Encryption

31 key ciphertext Decryption plaintext ++

32  An error in plaintext affects the rest of the message but is easily spotted and removed after decryption  An error in ciphertext affects one block and several bits of plaintext key ciphertext plaintext ++ Error extension

33  Mallory can: o Add blocks o Drop blocks o Introduce bit errors  Bit loss/addition is not recoverable

34 input queue + key output block plaintext 1 Ciphertext unit (k bits) is added to the right to input queue, and next plaintext unit is processed ciphertext 2

35  IV must be unique, otherwise it opens a vulnerability  If a k-bit unit is lost or added, next n/k-1 units will be garbled but then the algorithm will recover from error  One-bit error in ciphertext produces one- bit error in plaintext and n/k-1 subsequent plaintext units are garbled (n is the block size, k is the unit size)

36  Similar to CFB but unit is taken from the output queue, not from the ciphertext input queue + key ciphertext plaintext 1 IV is placed in input queue and encrypted, leftmost unit is XOR-ed with one plaintext unit and sent output block

37 input queue + key output block plaintext 2 1 Leftmost unit from the output block is added to the right to input queue, and next plaintext unit is processed ciphertext

38  Output block generation can be done offline, plaintext is then just XOR-ed when it arrives  One-bit error in ciphertext produces one- bit error in plaintext  Bit loss/addition is not recoverable

39  Stream ciphers can be analysed mathematically and can be efficiently implemented in hardware  Block ciphers are more general and can be efficiently implemented in software  ECB is easiest and fastest but also weakest. Can be used for encrypting random data, such as other keys.  CBC is good for encrypting files, no danger of lack of synchronization  CFB is good for encrypting streams of characters  OFB is good if error propagation cannot be tolerated

Download ppt " We spoke about defense challenges  Crypto introduction o Secret key, public algorithms o Symmetric, asymmetric crypto, one-way hashes  Attacks on cryptography."

Similar presentations

ECE454/CS594 Computer and Network Security

ECE454/CS594 Computer and Network Security
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.

Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Digital Kommunikationselektroink TNE027 Lecture 6 (Cryptography) 1 Cryptography Algorithms Symmetric and Asymmetric Cryptography Algorithms Data Stream.

Digital Kommunikationselektroink TNE027 Lecture 6 (Cryptography) 1 Cryptography Algorithms Symmetric and Asymmetric Cryptography Algorithms Data Stream.
 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.
Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,

Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers.

Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Similar presentations

Ads by Google