Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSIT311: Spring 2010 Network Management and Security Ghulam Murtaza.

Published byJulian Webster Modified over 8 years ago

Similar presentations

Presentation on theme: "CSIT311: Spring 2010 Network Management and Security Ghulam Murtaza."— Presentation transcript:

1 CSIT311: Spring 2010 Network Management and Security Ghulam Murtaza

2 Agenda ●Recap ●DES ●Cryptographic modes ●RSA

3 Cryptography basics ●Terminology ●A unencrypted data or message in it’s original form is referred to as plaintext ●The process of disguising a message in such a way as to hide it substance is encryption. ●An encrypted message is ciphertext. ●Turning ciphertext back into plaintext is decryption. ●key space refers to the set of all possible keys that can be used to initialize it. For example, if an algorithm works using a key that is a string of 10 bits, then its key space is the set of all binary strings of length 10 stringbits M = message (plaintext), C = ciphertext

4 Ciphers we discussed

5 Frequency analysis ●Study of the frequency of letter or groups of letters in a ciphertext ●Characteristic distribution of letters that is roughly the same for almost all samples of that language ●English: E is very common ●X is uncommon ●Limitations of frequency analysis –Length –Ideal situation, –Frequency should be flat ●XOR cipher?

6 cryptanalysis ●Simple frequency analysis doesn’t work –If P is the most frequent letter in a ciphertext whose plaintext is in English –P= E ? –However E can be enciphered as different ciphertext letters at different points in the message ●The primary weakness of the Vigenère cipher –repeating nature of its key ● How to guess the key length

7 One Time pad or Vernam Cipher

8 Product Ciphers

9

10 Private Key cryptography

11 Private and public key cryptography

12 Digital Signatures ● Adds integrity to conversation ●Superior to hand written signature

13

14 Block Cipher Scheme Secret key Plaintext block of length N Cipher block of length N Encrypt Decrypt

15 DES (Data Encryption Standard) ●Published in 1977, standardized in 1979. ●Key: 64 bit quantity=8-bit parity+56-bit key –Every 8 th bit is a parity bit. ●64 bit input, 64 bit output. DES Encryption 64 bit M64 bit C 56 bits

16 Essentially a loop with 16 iterations called rounds.

17 There is an initial permutation IP before the first round has started.

18 Similarly there is a final permutation performed on the block after the last round.

19 Each round also generates a 48 bit subkey from the original 56-bit key

20 Each round breaks the message block into two halves, L and R, and concentrates on only one half of the message block

21 The round subjects R to a transformation, which is a function F of the subkey and R

22 The left side L is then set to XOR of itself and the result of F(Ki, R).

23 Finally, the two halves are swapped so that the other half can be processed in the next round

24 function DES_Encrypt (M, K) where M = (L, R) M = IP(M) for round = 1 to 16 do Ki = SK(K, round) L = L xor F(R, Ki) swap(L, R) end swap(L, R) M = IP -1 (M) return M end

25

26 Initial Permutation 585042342618102 605244362820124 625446383022146 645648403224168 57494133251791 595143352719113 615345372921135 635547393123157 ●First bit of output is 58 th bit of input, second is 50 th bit etc.

27 Final Permutation ●Final permutation is the inverse of the initial permutation, table is interpreted similarly 408481656246432 397471555236331 386461454226230 375451353216129 364441252206028 353431151195927 342421050185826 33141949175725

28 Key permutation ●The first operation on the key is to reduce it from 64-bits to 56.

29 Key permutation ●Every eighth bit of the key is used for parity, so they are removed before we use the key for encryption.

30 Key permutation ●Then the key is subjected to a permutation similar to the initial permutation that is applied to the message Left 5749413325179 1585042342618 1025951433527 1911360524436 Right 63554739312315 7625446383022 1466153453729 211352820124

31 Key permutation ●the key is split into two halves, C and D.

32 Key permutation ●After each round, each half is independently shifted to the left by either one or two bits ●The shift is rotational, so that bits that get shifted off of one end get placed back on the other end. Round #12345678910111213141516 Shifts1122222212222221

33 Subkey selection ●the subkey function is used to convert the key into a 48 bit block ●Some bits are discarded, 9,18,22,25,35,38,43,54 1417112415 3281562110 2319124268 1672720132 415231374755 304051453348 444939563453 464250362932 1 2 16

34 Cipher Function ●Each round works on only the right half of the block ●The 32 bit right half is expanded to meet the 48 bit subkey size.

35 32-48 bit Expansion ●Some bits from the input are duplicated at the output; ●Break R into 8, four bit chunks ●Expand to 6 bits by taking adjacent bits and concatenating them ●4 and 9 are concatenated to 5,6,7,8 to make a 6 bit output

36 S-Boxes ●The Key is XORed with the expanded R ●The output is divided into 8 six bit chunks ●Each chunk is fed into an S-box ●Each S-box produces a 4 bit output ●The exact derivation of these boxes are unknown. ●The first and last bits of a chunk are used to denote row ●Middle four bits determine the column 0123456789 10101 1212 1313 1414 1515 0 1441312151183105125907 1 0157414213110612119538 2 4114813621115129731050 3 1512824917511314100613

37 S-box continued ●Output of all S-boxes is concatenated ●A final permutation P is applied to the 32-bit quantity ●Why? 1672021 29122817 1152326 5183110 282414 322739 1913306 2211425

38

39 Initial and Final Permutations ●Initial permutation (IP) ●The initial permutation adds no strength to DES –Prove it. ●Final permutation FP = IP -1

40 Questions? ●How is decryption performed ●Why are the initial permutations needed ●Why do we need to permute the output from the S-boxes ●What is the logic behind the S-boxes ●Logic behind the selection of the S-Boxes remains unpublished secret ●Is it a good idea technically to publish it? ●Why is key length 56? ●How safe is that ●What sort of attacks are possible ●Tripple DES, how does it benefit

41 DES Box Summary ●Simple, easy to implement: –Hardware/gigabits/second, software/megabits/second ●56-bit key DES may be acceptable for non-critical applications but triple DES (DES3) should be secure for most applications today ●Supports several operation modes: ECB CBC, OFB, CFB

42 Encrypting a Large Message ●How do you encrypt a message larger than 64 bits ●Several schemes defined –ECB (Electronic Code Book) –CBC (Cipher Block Chaining Mode) –OFB (Output Feedback Mode) –CFB (Cipher Feedback Mode) –Stream Cipher

43 Electronic Code Book (ECB) ●Message is divided into blocks ●Most obvious, usually the worst method ●Each block is encrypted separately ●Decryptions is the exact opposite

44 Electronic Code Book (ECB) ●Identical plaintext blocks are encrypted to identical ciphertext blocks ●Leaves plaintext patterns in the ciphertext

45 Electronic Code Book (ECB) Original ECB mode Other modes A pixel-map version of the image on the left was encrypted with ECB mode to create the center image

46 ECB Problems ●Lack the basic protection against integrity attacks on the ciphertext at message level (i.e., multiple cipher blocks) ●Without additional integrity protection –cipher block substitution and rearrangement attacks –fabrication of specific information –Block replay

47 Example illustration ●Banks agree on a standard message transfer format Bank one: Sending1.5 Blocks Bank Two: Receiving1.5 Blocks Depositor’s Name6 Blocks Depositor’s Account2 Blocks Amount of Deposit1 Block ●Bank of Alice and Bank of Bob make the transactions. ●How can mallory use this information to get rich?

48 Example illustration ●Banks agree on a standard message transfer format Bank one: Sending1.5 Blocks Bank Two: Receiving1.5 Blocks Depositor’s Name6 Blocks Depositor’s Account2 Blocks Amount of Deposit1 Block ● Records all conversations ●Transfers $100 from Bank of Alice to his account in Bank of Bob ●Does it again.

49 Example illustration ●Banks agree on a standard message transfer format Bank one: Sending1.5 Blocks Bank Two: Receiving1.5 Blocks Depositor’s Name6 Blocks Depositor’s Account2 Blocks Amount of Deposit1 Block ●Identifies identical messages which represent his money transfer. ●Once isolated this message can be inserted into the communication stream at will.

50 Example illustration ●Banks agree on a standard message transfer format Bank one: Sending1.5 Blocks Bank Two: Receiving1.5 Blocks Depositor’s Name6 Blocks Depositor’s Account2 Blocks Amount of Deposit1 Block ●Time stamp?

51 Example illustration ●Banks agree on a standard message transfer format Bank one: Sending1.5 Blocks Bank Two: Receiving1.5 Blocks Depositor’s Name6 Blocks Depositor’s Account2 Blocks Amount of Deposit1 Block ●Block Replay –Example Record 12345678910111213 Timest amp Sending Bank Receiving Bank Depositors nameDepositors AccountAmount

52 Example illustration ●Mallory replaces block 5-12 with his name and Account number –Does not need to know original depositor –Does not need to know what the amount is ●Block Replay –Example Record 12345678910111213 Timest amp Sending Bank Receiving Bank Depositors nameDepositors AccountAmount

53 Cipher Block Chaining (CBC) ●Chaining adds a feedback mechanism ●Results of encryption from previous block are fed into encryption of current block

54 Cipher Block Chaining (CBC) ●Resulting cipher text is dependent on the current plaintext as well as the previous blocks as well.

55 Cipher Block Chaining (CBC) ●The IV (initialization vector) is a random number to ensure each message is encrypted uniquely.

56 CBC Decryption ●Cipher block is decrypted normally ●Also saved in a feedback register ●Next cipher block is decrypted, it is XORed with feedback register

57 CBC Problems ●Encryption is serial, cannot be parallelized ●Message must be padded ●Loss sync of block boundary garbles the rest of the stream ●Single bit error at encryption is not significant? ●Single bit error in ciphertext?

58 CBC Problems ●Encryption is serial, cannot be parallelized ●Message must be padded ●Loss sync of block boundary garbles the rest of the stream ●Single bit error at encryption is not significant? ●Single bit error in ciphertext? –Single bit error effects one block and one bit of the recovered plaintext –Block with the error is completely garbled –Subsequent block has a 1 bit error in the same position as error

59 CBC Problems

60 ●If a bit is added or lost from the cipher-text stream, then all subsequent blocks are garbled.

61 Output Feedback Mode (OFB) ●Encryption is performed by XORing the message with the pad generated by OFB ●Like a Random Number Generator...

62 OFB Properties ●Advantages –Allow pre-computing of pseudo-random stream (One-Time Pad); XOR can be implemented very efficiently –No error propagation problem as in CBC –Flipping a bit in ciphertext produces a flipped bit in the plaintext at the same location –Message can arrive in arbitrarily sized chunks –Allow in-time encrypt/decrypt due to bit-wise computation (versus the fixed blocks)

63 Cipher Feedback mode ●When data is to be processed in smaller chunks ●Initially queue is filled with IV similar to CBC

64 Cipher Feedback mode ●When data is to be processed in smaller chunks ●Queue is encrypted

65 Cipher Feedback mode ●When data is to be processed in smaller chunks ●Left most 8 bits are XORed with the first 8 bits of input

66 Cipher Feedback mode ●When data is to be processed in smaller chunks ●8 left most bits are discarded, output fed back.

67 Cipher Feedback mode ●When data is to be processed in smaller chunks ●Ciphertext depends on all the preceding plaintext

68 CFB Properties ●Advantage compared with CBC. –With k=8, errors on one byte of ciphertext only affect 8 more bytes beyond. –Error in plaintext is reversed at decryption –Synchronization errors? ●Disadvantage compared with OFB. –Random stream can no longer be computed in advance.

69 Modular Arithmetic ●Public key algorithms are based on modular arithmetic. –where numbers "wrap around" after they reach a certain value ●Modular addition. ●Modular multiplication. ●Modular exponentiation.

70 Modular Addition ●Addition modulo (mod) K ●Additive inverse of a number: addition mod K yields 0. ●Encrypt by adding a number modulo K ●“Decrypt” by adding inverse.

71 Modular Multiplication ●Multiplication modulo K ●Only multiplication by 1, 3,7,9 works as a cipher ●Why? ●Multiplicative inverse: multiplication mod K yields 1 ●Only some numbers have inverse ●If K is large, how do you find inverse

72 Modular Multiplication ●Use Euclid’s algorithm to find inverse –Given x, n, it finds y such that x  y mod n = 1 ●What is special about numbers 1,3,7,9? ●They do not share any common factors other than 1 ●All number relatively prime to n will have mod n multiplicative inverse

73 Totient Function ●x, m relative prime: no other common factor than 1 ●Totient function ø(n): number of integers less than n relatively prime to n –if n is prime, ø(n)=n-1 –if n=p  q, and p, q are primes, ø(n)=(p-1)(q-1) –Why is that?

74 Totient Function ●x, m relative prime: no other common factor than 1 ●Totient function ø(n): number of integers less than n relatively prime to n –if n is prime, ø(n)=n-1 –if n=p  q, and p, q are primes, ø(n)=(p-1)(q-1) –Why is that? –Total numbers = p*q –Exclude those numbers that are not relatively prime to n –Multiples of p, q –P multiples of q less than pq –Q multiples of p less than pq –P+q-1 numbers –ø(n)=(p-1)(q-1)

75 Modular Exponentiation ●x y mod n = x y mod ø(n) mod n ●if y = 1 mod ø(n) then x y mod n = x mod n

76 RSA (Rivest, Shamir, Adleman) ●The most popular one. ●Support both public key encryption and digital signature. ●Assumption/theoretical basis: –Factoring a big number is hard. ●Variable key length (usually 512 bits). ●Variable plaintext block size. –Plaintext must be “smaller” than the key. –Ciphertext block size is the same as the key length.

77 What Is RSA? ●To generate key pair: –Step 1: To create a public key, we start by getting two very large prime numbers, p and q (>= 256 bits each). –Let n = p*q, keep your p and q to yourself! –For public key, choose e that is relatively prime to ø(n) =(p-1)(q-1), let pub = –For private key, find d that is the multiplicative inverse of e mod ø(n), i.e., e*d = 1 mod ø(n), let priv =

78 How Does RSA Work? ●Given pub = and priv = –encryption: c = m e mod n, m < n –decryption: m = c d mod n –signature: s = m d mod n, m < n –verification: m = s e mod n

79 Why Does RSA Work? ●Given pub = and priv = –n =p*q, ø(n) =(p-1)(q-1) –e*d = 1 mod ø(n) –x e  d = x mod n –encryption: c = m e mod n –decryption: m = c d mod n = m e  d mod n = m mod n = m (since m < n) –digital signature (similar)

80 Why Is RSA Secure? ●Factoring 512-bit number is very hard! ●But if you can factor big number n then given public key, you can find d, hence the private key by: –Knowing factors p, q, such that, n = p*q –Then ø(n) =(p-1)(q-1) –Then d such that e*d = 1 mod ø(n)

Download ppt "CSIT311: Spring 2010 Network Management and Security Ghulam Murtaza."

Similar presentations

“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)

Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)
 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.
Announcement Homework 1 out, due 1/18 11:59pm If you purchased the textbooks, but it hasn’t arrived, please see TA for copies of the questions, Project.

Announcement Homework 1 out, due 1/18 11:59pm If you purchased the textbooks, but it hasn’t arrived, please see TA for copies of the questions, Project.
Review Overview of Cryptography Classical Symmetric Cipher

Review Overview of Cryptography Classical Symmetric Cipher
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.

Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Cryptography & Number Theory

Cryptography & Number Theory
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Similar presentations

Ads by Google