Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presentation Road Map 1 Authenticated Encryption 2 Message Authentication Code (MAC) 3 Authencryption and its Application 4 4 5 Objective Modes of Operation.

Published byCassandra Short Modified over 9 years ago

Similar presentations

Presentation on theme: "Presentation Road Map 1 Authenticated Encryption 2 Message Authentication Code (MAC) 3 Authencryption and its Application 4 4 5 Objective Modes of Operation."— Presentation transcript:

1

2 Presentation Road Map 1 Authenticated Encryption 2 Message Authentication Code (MAC) 3 Authencryption and its Application 4 4 5 Objective Modes of Operation

3 Privacy and Integrity: “ Two Essence of Network Security” Presenter Prosanta Gope Advisor Tzonelih Hwang Quantum Information and Network Security Lab, NCKU,2015

4 Flash Back

5 Message Authentication message authentication is concerned with: – protecting the integrity of a message – validating identity of originator – non-repudiation of origin (dispute resolution) Possible ways to accomplish “ Message Authentication ” 1. CBC-Residue, or CMAC (authentication using a block cipher). 2. HMAC ( authentication using a hash function).

6 Problems of Integrity Re-Visited

7 6 Message Authentication Integrity: M interferes with the transmission (modifies the message, or inserts a new one) interferes with the transmission (modifies the message, or inserts a new one) AliceBob How can Bob be sure that M really comes from Alice?

8 7 Sometimes: more important than secrecy! AliceBank transfer 1000 $ to Eve transfer 1000 $ to Bob Of course: usually we want both secrecy and integrity.

9 Part 1  Cryptography 8 ECB Cut and Paste Suppose plaintext is Alice digs Bob. Trudy digs Tom. Assuming 64-bit blocks and 8-bit ASCII: P 0 = “Alice di”, P 1 = “gs Bob. ”, P 2 = “Trudy di”, P 3 = “gs Tom. ” Ciphertext: C 0,C 1,C 2,C 3 Trudy cuts and pastes: C 0,C 3,C 2,C 1 Decrypts as Alice digs Tom. Trudy digs Bob.

10 CBC Residue

11 Cipher Block Chaining (CBC)

12 Ensuring Integrity Only Send Plain text M(m1,…m6) + CBC residue: (figure 4-12) The receiver computes the CBC residue from the plain text and compare it with the received CBC residue.

13 IF we Need Both the Privacy and Integrity Then what do ?

14 Solution 1.Perform Encryption using the secret Key K1. 2.Create CBC-Residue using another Secret Key K2. Note that: Unfortunately, the above approaches require twice the cryptographic power of encryption alone.

15 Offering Integrity Using Hash Function

16 What is Hash? Hashes are also called one-way hashes because once they are created they cannot be reversed. This means that a hash cannot be deciphered to determine the contents of the original message. Therefore hashes can only be used to compare data.

17 Basic Hash Function Diagram

18 Message Authentication Code A common solution for achieving message authenticity and integrity is to use a message authentication code (MAC). A MAC can be viewed as a cryptographically secure checksum of a message. 17

19 Message Authentication Code Cont.. Computing a MAC requires authorized senders and receivers to share a secret key, and this key is part of the input to a MAC computation. The sender computes a MAC over the packet with the secret key and includes the MAC with the packet. A receiver sharing the same secret key recomputed the MAC and compares it with the received MAC value. 18

20 19 Alice Bob (m, t=Tag k (m)) k k m є {0,1}* k is chosen randomly from some set T Vrfy k (m) є {yes,no} Message Authentication Codes – the idea

21 20 Warning: MACs do not offer protection against the “replay attacks”. AliceBob (m, t)... Since Vrfy has no state (or “memory”) there is no way to detect that (m,t) is not fresh! This problem has to be solved by the higher-level application (methods: time-stamping, sequence numbers...). This problem has to be solved by the higher-level application (methods: time-stamping, sequence numbers...).

22

23 raw CBC Construction 1: encrypted CBC-MAC F(k,  ) m[0]m[1]m[3]m[4]  F(k,  )  F(k 1,  ) tag

24 cascade Construction 2: NMAC (nested MAC) FFF m[0]m[1]m[3]m[4] F F tag >> > > k t ll fpad > k1k1 t

25 Privacy and Integrity: “ Two Essence of Network Security” Presenter Prosanta Gope Advisor Tzonelih Hwang Quantum Information and Network Security Lab, NCKU,2015

26 Flash Back

27 Presentation Road Map 1 Authenticated Encryption 2 Message Authentication Code (MAC) and Hash Function 3 Network Security and It’s Issues 4 4 5 Objective Modes of Operation

28 .

29 Conventional Ways

30 Generic Composition

31 Which One is the Best?

32 Generic Composition

33 M M C C Hash How about that?

34 Problem Statements If there exists n number of blocks All the approaches either needs 2n encryptions or an additional Cryptographic Primitive like Hash.

35 Can we reduce the number of Encryption? Or Can we avoid to use of any additional Cryptographic Primitive

36 Yes, We Can Do It!

37 How ?

38 Single –Pass Authenticated Encryption Mode

39 State of the Art Single-Pass AE Scheme IAPM OCB

40 Introduction to Whitening

41 If you know the plaintext and if you also have the cipher corresponding to that. Can you get the encryption key? P P Enc C C K

42 “Whitening” What’s that? Whitening is the technique of XORing some key material with the input to a block, and XORing some other key material with the out put. P P Enc C C K1 K2 K

43 Usage This technique forces an attacker to guess not only the encryption key, but also the whitening values. It also makes the cipher randomize.

44 IAPM (integrity aware parallelizable mode)

45 OCB ( Offset Codebook Mode) Checksum = M 1 ⊕ … ⊕ M m. http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-faq.htm

46 OCB Cont. 45

47 Thanks!

Download ppt "Presentation Road Map 1 Authenticated Encryption 2 Message Authentication Code (MAC) 3 Authencryption and its Application 4 4 5 Objective Modes of Operation."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Chapter 4: Modes of Operation CS 472: Fall 2012. Encrypting a Large Massage 1.Electronic Code Book (ECB) 2.Cipher Block Chaining (CBC) 3.Output Feedback.

Chapter 4: Modes of Operation CS 472: Fall Encrypting a Large Massage 1.Electronic Code Book (ECB) 2.Cipher Block Chaining (CBC) 3.Output Feedback.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.

Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.

Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Message Authentication,

Message Authentication,
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Hash Functions Nathanael Paul Oct. 9, 2002. Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.

Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Similar presentations

Ads by Google