Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cracking DES Cryptosystem A cryptosystem is made of these parts: Two parties who want to communicate over an insecure channel An encryption algorithm that.

Published byMeredith McCarthy Modified over 9 years ago

Similar presentations

Presentation on theme: "Cracking DES Cryptosystem A cryptosystem is made of these parts: Two parties who want to communicate over an insecure channel An encryption algorithm that."— Presentation transcript:

1 Cracking DES Cryptosystem A cryptosystem is made of these parts: Two parties who want to communicate over an insecure channel An encryption algorithm that transforms the plaintext into ciphertext A decryption algorithm that reverses the process

2 Cracking DES Cryptosystem A good electronic cryptosystem should only be vulnerable to brute-force attacks that are computationally infeasible A given implementation, or other details not handled by the cryptosystem, may introduce weaknesses Can allow a more sophisticated variant of a brute-force algorithm

3 Overview of DES Cryptosystem DES is the US Federal Data Encryption Standard, dating from 1977 Developed by the NSA under the aegis of the NIST (NBS) 56-bit symmetric cipher, based on two parties (Alice and Bob) having a shared key

4 Outline of DES Cryptosystem The plaintext, a string of length 64 bits, is transformed with a fixed Initial Permutation 16 iterations (or rounds) of a function are computed. This involves parts of the transformed plaintext, parts of the secret (the shared key), other fixed functions (permutations and expansions), and the XOR operation The final string is given an Inverse Permutation

5 Outline of DES Cryptosystem The decryption process is the same as the encryption process, with all steps performed in reverse order The decryptor is, or should be, the only other possessor of the shared key Since the only mathematical operation is XOR, this is very fast in a dedicated hardware implementation

6 Details of DES Cryptosystem The heart of DES is the function performed for 16 iterations It contains a non-linear substitution algorithm, defined by eight fixed shift registers (S-boxes) The S-boxes juggle 6 XOR’ed bits from the permuted plaintext and the key for that round Changing one input bit changes at least two output bits

7 An S-Box: S1 Input String 010101 Binary RowBinary Column S-Box output value Dec:12 Bin: 1100 Input String 010100 Binary RowBinary Column S-Box output value Dec:6 Bin: 0110

8 That’s enough DES details Really Here’s a puppy

9 Greta

10 Difficulties in Cracking DES DES is a moderately strong cipher 2 56 possible keys Unsophisticated brute-force algorithm average case : 2 55 operations 36,028,797,018,963,968 operations Wouldn’t it be nice to be able to cheat?

11 Cracking DES There a few things that make a smart brute- force approach computationally feasible: Parallelizable Fast in hardware Plaintext recognizer circuitry These factors help weed out many keys quickly

12 Parallelizable Testing one candidate key does not depend on testing other keys Divide and Conquer – if you have n DES- cracking units, each unit gets 1/n of the potential key-space The time to crack also gets divided by n

13 Fast in hardware DES only consists of permutations, shifts, and XOR operations Speed of actual custom-built search unit – it can do one decryption in 16 clock cycles 2.5 million keys per second at 40 MHz

14 Plaintext recognizer An attacker needs to define criteria about the plaintext: This is what flags a candidate plaintext Configurable in controlling software ASCII text is easiest – you know the high bit of any given byte will always be zero

15 Details of a DeepCrack chip 24 search units on a chip Each search unit takes 2 8-byte blocks of ciphertext and a potential key If the first decrypted block is not “interesting”, the search unit increments the key and tries the block again If the first block is “interesting”, then the second block is tried with the same key

16 What’s “interesting?” Each chip is initialized with a plaintext recognizer: a lookup table defining which of 256 permutations of a byte are interesting A standard email will be numbers, letters, and a few punctuation marks Easy for ASCII – may grow more difficult if Unicode sees more adoption

17 Controlling software The DES cracker is initialized and monitored by a standard PC It defines the plaintext lookup table, restarts search units after “interesting” results, and records the “interesting” values for further examination

18 Putting a DES cracker together 24 search units in a chip 64 chips on a VMEbus board 12 boards to a chassis Two chassis cost $210,000 as the first-run prototype built by the EFF in 1997 Could check 92,160,000,000 keys per second Average case: 4.524 days

19 Securing against this attack This technique is dependent on the plaintext (ASCII, etc.) and on the speed of hardware It does not make any given n-bit encryption algorithm feasible– it just makes this one easier. Triple-DES is a 112-bit cipher – this machine can’t come close

20 Greta again

21 Bibliography Diffie, Whitfield. Privacy on the Line. Cambridge, Massachusetts: The MIT Press, 1998 Stinson, Douglas. Cryptography: Theory and Practice. New York: CRC Press, 1995 Electronic Frontier Foundation. Cracking DES. O’Reilly and Associates, 1998. Primarily a public domain publication

Download ppt "Cracking DES Cryptosystem A cryptosystem is made of these parts: Two parties who want to communicate over an insecure channel An encryption algorithm that."

Similar presentations

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
The Advanced Encryption Standard (AES) Simplified.

The Advanced Encryption Standard (AES) Simplified.
Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)

Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)
Data Encryption Standard (DES)

Data Encryption Standard (DES)
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.

Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Cryptography and Network Security

Cryptography and Network Security
AES clear a replacement for DES was needed

AES clear a replacement for DES was needed
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.

1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
CS 682 - Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.

CS Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.
ICS 454 Principles of Cryptography Advanced Encryption Standard (AES) (AES) Sultan Almuhammadi.

ICS 454 Principles of Cryptography Advanced Encryption Standard (AES) (AES) Sultan Almuhammadi.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) - 2007 Jordan’s Campus.

Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)

Similar presentations

Ads by Google