Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.

Similar presentations


Presentation on theme: "CSE331: Introduction to Networks and Security Lecture 18 Fall 2002."— Presentation transcript:

1 CSE331: Introduction to Networks and Security Lecture 18 Fall 2002

2 CSE331 Fall 20022 Announcements Prof. Zdancewic will be out of town Nov. 5 th – 14 th Lectures will be covered by Prof. Gunter Aditya Chadha (course TA) will cover projects

3 CSE331 Fall 20023 Recap Cracking Polyalphabetic Ciphers –Kasiski Method of determining key length –Index of Coincidence Today: –Industrial Strength Encryption –Shared Key Cryptography

4 CSE331 Fall 20024 Kinds of Industrial Strength Crypto Shared Key Cryptography Public Key Cryptography Cryptographic Hashes

5 CSE331 Fall 20025 Shared Key Cryptography Sender & receiver use the same key Key must remain private Also called symmetric or secret key cryptography Often are block-ciphers –Process plaintext data in blocks Examples: DES, Triple-DES, Blowfish, Twofish, Rijndael, …

6 CSE331 Fall 20026 Shared Key Notation Encryption algorithm E : key x plain  cipher Notation: K{msg} = E(K, msg) Decryption algorithm D : key x cipher  plain D inverts E D(K, E(K, msg)) = msg Use capital “K” for shared (secret) keys Sometimes E is the same algorithm as D

7 CSE331 Fall 20027 Secure Channel: Shared Keys K AB AliceBart K AB {Hello!} K AB {Hi!}

8 CSE331 Fall 20028 Problems with Shared Key Crypto Compromised key means interceptors can decrypt any ciphertext they’ve acquired. –Change keys frequently to limit damage Distribution of keys is problematic –Keys must be transmitted securely –Use couriers? –Distribute in pieces over separate channels? Number of keys is O(n 2 ) where n is # of participants Potentially easier to break?

9 CSE331 Fall 20029 Data Encryption Standard (DES) Adopted as a standard in 1976 Security analyzed by the National Security Agency (NSA) –http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdfhttp://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf Key length is 56 bits –padded to 64 bits by using 8 parity bits Uses simple operators on (up to) 64 bit values –Simple to implement in software or hardware Input is processed in 64 bit blocks Based on a series of 16 rounds –Each cycle uses permutation & substitution to combine plaintext with the key

10 CSE331 Fall 200210 DES Encryption

11 CSE331 Fall 200211 One Round of DES (f of previous slide) Expansion S-box Permutation Permuted choice of key

12 CSE331 Fall 200212 Types of Permutations in DES Permutation Permuted Choice Expansion Permutation

13 CSE331 Fall 200213 DES S-Boxes Substitution table 6 bits of input replaced by 4 bits of output Which substitution is applied depends on the input bits Implemented as a lookup table –8 S-Boxes –Each S-Box has a table of 64 entries –Each entry specifies a 4-bit output

14 14 Use the same algorithm as encryption, but use k 16 … k 1 instead of k 1 … k 16 Proof that this works: –To obtain round j from j-1: –Rewrite in terms of round j-1: (1) R j-1 = L j (2) L j-1  f(R j-1, k j ) = R j L j-1  f(R j-1, k j )  f(R j-1, k j ) = R j  f(R j-1, k j ) L j-1 = R j  f(R j-1, k j ) L j-1 = R j  f(L j, k j ) DES Decryption (1) L j = R j-1 (2) R j = L j-1  f(R j-1, k j )

15 CSE331 Fall 200215 Problems with DES Key length too short: 56 bits –www.distributed.net broke a DES challenge in 1999 in under 24 hours (parallel attack)www.distributed.net Other problems –Bit-wise complementation of key produces bit-wise complemented ciphertext –Not all keys are good (half 0’s half 1’s) –Differential cryptanalysis: Carefully choose pairs of plaintext that differ in particular known ways (I.e. they are

16 CSE331 Fall 200216 Block Cipher Performance AlgorithmKey LengthBlock Size Rounds Clks/Byte Twofishvariable12816 18.1 Blowfishvariable641619.8 Square128 820.3 RC5-32/16variable643224.8 CAST-1281286416 29. 5 DES56641643 Serpent128,192,2561283245 SAFER (S)K-12812864852 FEAL-3264, 128643265 IDEA12864874 Triple-DES1126448116

17 CSE331 Fall 200217 Advanced Encryption Standard (AES) National Institute of Standards & Technology NIST –Computer Security Research Center (CSRC) –http://csrc.nist.gov/http://csrc.nist.gov/ –http://www.esat.kuleuven.ac.be/~rijmen/rijndael/http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ Uses the Rijndael algorithm –Invented by Belgium researchers Dr. Joan Daemen & Dr. Vincent Rijmen –Adopted May 26, 2002 –Key length: 128, 192, or 256 bits –Block size: 128, 192, or 256 bits

18 CSE331 Fall 200218 Public Key Cryptography Sender encrypts using a private key Receiver decrypts using a public key Only the private key must be kept secret –Public key can be distributed at will Also called asymmetric cryptography Can be used for digital signatures Examples: RSA, El Gamal, DSA Usually more expensive than secret key cryptography

19 CSE331 Fall 200219 Public Key Notation Encryption algorithm E : keyPub x plain  cipher Notation: K{msg} = E(K, msg) Decryption algorithm D : keyPriv x cipher  plain Notation: k{msg} = D(k,msg) D inverts E D(k, E(K, msg)) = msg Use capital “K” for public keys Use lower case “k” for private keys Sometimes E is the same algorithm as D

20 CSE331 Fall 200220 Secure Channel: Private Key K A,K B k A K A, K B k B AliceBart K B {Hello!} K A {Hi!}

21 CSE331 Fall 200221 Cryptographic Hashes Creates a hard-to-invert summary of input data Useful for integrity properties –Sender computes the hash of the data, transmits data and hash –Receiver uses the same hash algorithm, checks the result Like a check-sum or error detection code –Uses a cryptographic algorithm internally –More expensive to compute Sometimes called a Message Digest Examples: –Secure Hash Algorithm (SHA) –Message Digest (MD4, MD5)


Download ppt "CSE331: Introduction to Networks and Security Lecture 18 Fall 2002."

Similar presentations


Ads by Google