Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 20 Symmetric Encryption and Message Confidentiality.

Published byMorgan Elliott Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 20 Symmetric Encryption and Message Confidentiality."— Presentation transcript:

1

2 Chapter 20 Symmetric Encryption and Message Confidentiality

3 Symmetric Encryption also referred to as: also referred to as: conventional encryption conventional encryption secret-key or single-key encryption secret-key or single-key encryption only alternative before public-key encryption in 1970’s only alternative before public-key encryption in 1970’s still most widely used alternative still most widely used alternative has five ingredients: has five ingredients: plaintext plaintext encryption algorithm encryption algorithm secret key secret key ciphertext ciphertext decryption algorithm decryption algorithm

4 Cryptography classified along three independent dimensions: the type of operations used for transforming plaintext to ciphertext substitution – each element in the plaintext is mapped into another element transposition – elements in plaintext are rearranged the number of keys used sender and receiver use same key – symmetric sender and receiver each use a different key - asymmetric the way in which the plaintext is processed block cipher – processes input one block of elements at a time stream cipher – processes the input elements continuously

5 type of attackknown to cryptanalyst

6 Computationally Secure Encryption Schemes encryption is computationally secure if: encryption is computationally secure if: cost of breaking cipher exceeds value of information cost of breaking cipher exceeds value of information time required to break cipher exceeds the useful lifetime of the information time required to break cipher exceeds the useful lifetime of the information usually very difficult to estimate the amount of effort required to break usually very difficult to estimate the amount of effort required to break can estimate time/cost of a brute-force attack can estimate time/cost of a brute-force attack

7 Feistel Cipher Structure

8 Block Cipher Structure symmetric block cipher consists of: symmetric block cipher consists of: a sequence of rounds a sequence of rounds with substitutions and permutations controlled by key with substitutions and permutations controlled by key parameters and design features: parameters and design features: block size key size number of rounds subkey generation algorithm round function fast software encryption/decryption ease of analysis

9 most widely used encryption scheme adopted in 1977 by National Bureau of Standards now NIST FIPS PUB 46 algorithm is referred to as the Data Encryption Algorithm (DEA) minor variation of the Feistel network

10 Triple DES (3DES) first used in financial applications first used in financial applications in DES FIPS PUB 46-3 standard of 1999 in DES FIPS PUB 46-3 standard of 1999 uses three keys and three DES executions: uses three keys and three DES executions: C = E(K 3, D(K 2, E(K 1, P))) decryption same with keys reversed decryption same with keys reversed use of decryption in second stage gives compatibility with original DES users use of decryption in second stage gives compatibility with original DES users effective 168-bit key length, slow, secure effective 168-bit key length, slow, secure AES will eventually replace 3DES AES will eventually replace 3DES

11 Advanced Encryption Standard (AES)

12 AES Round Structure

13 Table 20.2 (a) S-box

14 Table 20.2 (b) Inverse S-box

15 Shift Rows on encryption left rotate each row of State by 0,1,2,3 bytes respectively decryption does reverse to move individual bytes from one column to another and spread bytes over columns

16 Mix Columns and Add Key mix columns mix columns operates on each column individually operates on each column individually mapping each byte to a new value that is a function of all four bytes in the column mapping each byte to a new value that is a function of all four bytes in the column use of equations over finite fields use of equations over finite fields to provide good mixing of bytes in column to provide good mixing of bytes in column add round key add round key simply XOR State with bits of expanded key simply XOR State with bits of expanded key security from complexity of round key expansion and other stages of AES security from complexity of round key expansion and other stages of AES

17 Supplementary Materials about AES A detailed description about AES can be found in the following website: A detailed description about AES can be found in the following website: https://engineering.purdue.edu/kak/compsec/NewLectures/L ecture8.pdf https://engineering.purdue.edu/kak/compsec/NewLectures/L ecture8.pdf https://engineering.purdue.edu/kak/compsec/NewLectures/L ecture8.pdf https://engineering.purdue.edu/kak/compsec/NewLectures/L ecture8.pdf

18 Stream Ciphers processes input elements continuously processes input elements continuously key input to a pseudorandom bit generator key input to a pseudorandom bit generator produces stream of random like numbers produces stream of random like numbers unpredictable without knowing input key unpredictable without knowing input key XOR keystream output with plaintext bytes XOR keystream output with plaintext bytes are faster and use far less code are faster and use far less code design considerations: design considerations: encryption sequence should have a large period encryption sequence should have a large period keystream approximates random number properties keystream approximates random number properties uses a sufficiently long key uses a sufficiently long key

19 Table 20.3 Source: http://www.cryptopp.com/benchmarks.html Speed Comparisons of Symmetric Ciphers on a Pentium 4

20 The RC4 Algorithm

21 Modes of Operation

22 Electronic Codebook (ECB) simplest mode simplest mode plaintext is handled b bits at a time and each block is encrypted using the same key plaintext is handled b bits at a time and each block is encrypted using the same key “codebook” because have unique ciphertext value for each plaintext block “codebook” because have unique ciphertext value for each plaintext block not secure for long messages since repeated plaintext is seen in repeated ciphertext not secure for long messages since repeated plaintext is seen in repeated ciphertext to overcome security deficiencies you need a technique where the same plaintext block, if repeated, produces different ciphertext blocks to overcome security deficiencies you need a technique where the same plaintext block, if repeated, produces different ciphertext blocks

23 Cipher Block Chaining (CBC)

24 Cipher Feedback (CFB)

25 Counter (CTR)

26 Location of Encryption

27 Key Distribution the means of delivering a key to two parties that wish to exchange data without allowing others to see the key the means of delivering a key to two parties that wish to exchange data without allowing others to see the key two parties (A and B) can achieve this by: two parties (A and B) can achieve this by: 1 a key could be selected by A and physically delivered to B 2 a third party could select the key and physically deliver it to A and B 3 if A and B have previously and recently used a key, one party could transmit the new key to the other, encrypted using the old key 4 if A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B

28 Key Distribution

29 Summary symmetric encryption principles symmetric encryption principles cryptography cryptography cryptanalysis cryptanalysis Feistel cipher structure Feistel cipher structure data encryption standard data encryption standard triple DES triple DES advanced encryption standard advanced encryption standard algorithm details algorithm details key distribution key distribution stream ciphers and RC4 stream ciphers and RC4 stream cipher structure stream cipher structure RC4 algorithm RC4 algorithm cipher block modes of operation cipher block modes of operation electronic codebook mode electronic codebook mode cipher block chaining mode cipher block chaining mode cipher feedback mode cipher feedback mode counter mode counter mode location of symmetric encryption devices location of symmetric encryption devices

Download ppt "Chapter 20 Symmetric Encryption and Message Confidentiality."

Similar presentations

“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
Cryptography and Network Security

Cryptography and Network Security
Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)

Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Cryptography and Network Security

Cryptography and Network Security
1 Pertemuan 06 Kriptografi tradisional Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 06 Kriptografi tradisional Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.

Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) - 2007 Jordan’s Campus.

Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
Encryption Schemes Second Pass Brice Toth 21 November 2001.

Encryption Schemes Second Pass Brice Toth 21 November 2001.
Symmetric Encryption and Message Confidentiality

Symmetric Encryption and Message Confidentiality

Similar presentations

Ads by Google