Presentation is loading. Please wait.

Presentation is loading. Please wait.

Encryption and Security. Outline Overview of encryption –Terminology –History –Common issues Secret-key encryption –Block and stream ciphers –DES –RC5.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Encryption and Security. Outline Overview of encryption –Terminology –History –Common issues Secret-key encryption –Block and stream ciphers –DES –RC5."— Presentation transcript:

1 Encryption and Security

2 Outline Overview of encryption –Terminology –History –Common issues Secret-key encryption –Block and stream ciphers –DES –RC5

3 Overview Intro, history and terminology Symmetric-key encryption –Techniques –DES, RC5 Public-key encryption –RSA, hash functions, digital signatures Key exchange, certificates, PKI

4 Overview Types of attacks and countermeasures Application layers –S-HTTP, SSL Steganography and digital watermarking Security and trust

5 Terminology Code –Replacement based on words or semantic structures Cipher –Replacement based on symbols

6 Terminology Cryptography –The science of encrypting or hiding secrets. Cryptanalysis –The science of decrypting messages or breaking codes and ciphers. Cryptology –The combination of the two.

7 Terminology Plaintext – an unencrypted message Cyphertext – an encrypted message Security: a combination of –Authentication –Access control

8 Three eras of cryptology Pre-WWII –Cryptography as a craft –Widely used, but few provable techniques 1940s-1970 –Secret key encryption introduced –Information theory used to characterize security 1970-present –Public key systems introduced

9 Early cryptography Caesar cipher –Replace each letter l with l +3 mod 26 –“Attack at dawn” becomes –Dwwdfn dw gdzq Two components: –Algorithm: Shift characters by a fixed amount –Key: the fixed amount. Note: Knowing the algorithm (but not the key) makes this cipher much easier to crack –26 possibilities vs 26!

10 Weaknesses of the Caesar Cipher Word structure is preserved. –Break message into equal-length blocks. dww dfn dwg dzq Letter frequency is a big clue –e,t,a,o most common English letters. –Using a single key preserves frequency. Solution: use multiple keys –E.g. shift by (3,5,7) “Attack at dawn” becomes dya dhr dyk dbu Better, but frequency information still present. An attacker that knows the block size can separate out characters encoded with different keys.

11 Caesar Cipher The Caesar cipher is still useful as a way to prevent people from unintentionally reading something. –ROT-13 –By decrypting, the user agrees that they want to view the content. Fundamental problem: key length is shorter than the message.

12 Vernam Cipher 1920’s: introduction of the one-time pad. Randomly generated key –Same length as message –XORed with message Theoretically unbreakable –Attacker can do no better than guessing –Ciphertext gives no information about plaintext.

13 Vernam Cipher Example: winning lottery number is 117 –1110101 (7 bits) –Randomly generated key: 0110101 –XOR: 1000000 No two bits are encoded with the same mapping – an attacker has no frequency information to help guess the key. Problem: keys are very large. –How to distribute this key? –Shared source of randomness?

14 Symmetric Key Encryption The Caesar Cipher and the one-time pad are examples of symmetric-key (secret-key) encryption. Single key shared by all users. Fast How to distribute keys?

15 Keyspace The keyspace is the set of all possible keys. –Caesar cipher: keyspace = {0,1,2,…,25} –Vernam cipher: |keyspace| = 2 n –1 Size of the keyspace helps us estimate security. –Assumption: exhaustive search is the only way to find a key.

16 Substitution Ciphers Symbols are replaced by other symbols according to a key. –Caesar cipher is a substitution cipher. To escape frequency analysis, we can use a homophonic substitution cipher –Map symbols to multiple symbols. –e.g 0 -> {01, 10}, 1->{00,11} –011010010 becomes: 011100101101011110 –Advantage: frequencies hidden –Disadvantage: message and key are longer –Substitution is said to add confusion Measure of the relationship between plaintext and ciphertext

17 Transposition Ciphers A transposition cipher is one that permutes the symbols of the message according to a preset pattern. –“Attack at dawn” becomes “cda tka wan tat” –Helps avoid detection of symbols based on correspondence. ‘q’ followed by ‘u’. –Said to increase diffusion Reduce redundancies in plaintext.

18 Product ciphers By themselves, substitution and transposition ciphers are relatively insecure. By combining these operations, we can produce a secure cipher. –This is how DES works. M -> Sub(M) -> Trans(Sub(M)). –Might go through multiple rounds.

19 Block Ciphers The ciphers we have seen so far are known as block ciphers. Plaintext is broken into blocks of size k. Each block is encrypted separately. Advantages: random access, potentially high security Disadvantages: larger block size needed, patterns retained throughout messages.

20 Stream Ciphers A stream cipher encodes a symbol based on both the key and the encoding of previous symbols. –C i = M i XOR K i XOR M i-1 Advantages: –can work on smaller block sizes – little memory/processing/buffering needed. Disadvantages: –Random access difficult, hard to use large keys. –Sender and receiver must be synchronized Inserted bits can lead to errors.

21 Combinations Many ciphers combine stream and block properties. –Work on multiple symbols, but contain a feedback loop. Electronic Code Book (ECB) –Pure block cipher, no feedback plaintextE key ciphertextplaintext E -1 key

22 Cipher-block Chaining XOR previous block –Chaining dependency – order matters. –Some error propagation plaintext Ekey ciphertext E -1 key XOR plaintext

23 Cipher-Block Chaining Also incorporated into block ciphers. Makes tampering easier to detect. –Helps prevent substitution and impersonation attacks. Secret key can also be used to construct a running-key generator. –Longer sequence of pseudo-random numbers. –Can be used to build a one-time pad.

24 Modifications to CBC Cipher feedback –Shift register is used to store data. –r-bit are shifted into mask of size m. –Allows a small number of bits to be immediately sent. Output feedback –Like cipher feedback, but uses output of encryption function. –Eliminates error propagation.

25 DES Data Encryption Standard –DEA is actually the algorithm. First commercial-grade algorithm with open implementation details. Uses a 64-bit key with 8 parity bits, for an effective key of 56 bits. –Keyspace = 2 56 = 10 17

26 DES Is a combination of a product cipher and a Feistel cipher. –Product cipher: transposition and substitution. –Feistel cipher: Iterates through a number of rounds of a product cipher mapping (L,R) to (R’, L’) 16 rounds Block size=48 –In each round, a different 48-bit subkey is selected from the 56-bit key.

27 Security of DES Keyspace is approximately 10 17 Thought to be secure in 70’s. Recently, 56-bit DES broken in under 1 day. –Combination of distributed.net & EFF’s DeepCrack. Able to search several billion keys per second.

28 Extensions to DES 3DES –Message is run through DES 3 times –C = k 3 (k 2 (k 1 (M))) –Backwards-compatible with DES if all three keys are the same. –Keyspace is 10 42 –Drawback: bit-oriented operations are slow to implement in software

29 RC5 Symmetric encryption algorithm Word-oriented block cipher. Can vary word length, number of rounds, and key length. Goals: fast, easy to understand and implement, flexible, low memory requirements, secure. Uses stream techniques to modify data

30 RC5 Uses three mathematical operations: –Two’s complement addition –XOR –Left cyclic rotation by variable amounts. These are all fast operations that are directly supported by most modern processors.

31 RC5 Algorithm Parameters: K (key), w (word length), r (number of rounds) Input: a 2w length plaintext in registers A and B. Output: a 2w length ciphertext. 1. Expand K into a table S[2(r+1)] keys. To encrypt: –A =A + S[0]; B = B + S[1] –For i = 1 to r do A = ((A xor B) << B) + S[2 * i] B = ((B xor A) << A) + S[2*i + 1] Decryption is the same thing in reverse.

32 RC5 Simple algorithm – key is the data-dependent rotations. Keys are accessed sequentially, allowing for small caches. Security still unclear, but looks good. –56-bit key: 250 days by distributed.net –64-bit key: 1747 days by distributed.net 1.02x10^11 keys/sec, 1.5 x10^19 keyspace –72-bit key in progress. 4.8x10^10 keys/sec, 4x10^21 keyspace 100% in 788,747 days = 2160 years

33 Summary Secret-key algorithms (DES, RC5) have been widely studied. –Fast –Potentially highly secure –Well-understood. –Excellent for repeated communication. –Hard to use in open environments, one-shot communications –Works for hiding secrets; what about signing things? Public-key encryption evolved as an answer to this problem.

Download ppt "Encryption and Security. Outline Overview of encryption –Terminology –History –Common issues Secret-key encryption –Block and stream ciphers –DES –RC5."

Similar presentations

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.

Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Making “Good” Encryption Algorithms

Making “Good” Encryption Algorithms
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption

Similar presentations

Ads by Google