Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 10 September 21, 2004.

Published byLauren Terry Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 10 September 21, 2004."— Presentation transcript:

1 Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 10 September 21, 2004

2 Computer Science and Engineering Contents  DES assignment  More Student Presentations  Advanced Encryption Standard (AES)  Cryptographic Hash  Mehmet’s Presentation

3 Computer Science and Engineering DES Group Exercise What would be the 64-bit output of round 1 be using the plaintext and key given below (in hexadecimal format): P = 2D 75 F4 DB A3 3E 3F 89 K = D4 3C B1 9A E4 90 D7 C6

4 Computer Science and Engineering Student presentations  9/21 Mehmet  9/23 Padmaraj  9/28  9/30  10/5

5 Computer Science and Engineering Advanced Encryption Standard (ASE) -By mid 1990s, virtually all cryptologists agreed that DES needed to be replaced by an advanced encryption standard for the 21 st century -In 1997, NIST issued a request for candidate AES algorithms.

6 Computer Science and Engineering The minimum requirements for a proposed algorithm: - A symmetric-key cryptosystem - A block cipher - Capable of supporting a block size of 128 bits - Capable of supporting key length of 128, 192, and 256 bits - Available on a worldwide, non- exclusive, royalty-free basis

7 Computer Science and Engineering Criteria for Evaluation - Security -Soundness of the mathematical basis for an algorithm’s claimed strength -Research community search for flaws - Computational Efficiency - Memory Requirements - Flexibility - Simplicity

8 Computer Science and Engineering Advanced Encryption Standard (ASE) -NIST chose 15 algorithms for evaluation in the first round, 9 of them were descendants of DES -One was selected out of five made it to the second round -Rijndael (Rine dahl)  Vincent Rijmen & Joam Daemen -In 2001, it was formally adopted by US

9 Computer Science and Engineering ASE (cont) -Regular Rounds (9, 11, 13) -Additional final Round is different (10 th, 12 th, 14 th ) -Each regular round consists of 4 steps - Byte substitution (BSB) - Shift row (SR) - Mix column (MC) - Add Round key (ARK)

10 Computer Science and Engineering ASE Overview Plaintext (128)ARKSubkey0 Ciphertext (128)ARKSubkey10 SR BSB 9 rounds

11 Computer Science and Engineering Round i BSB ARKSubkeyi CM SR

12 Computer Science and Engineering State -128-bit block  4 x 4 matrix -128 bits  16 bytes  b0, b1, b2,.., b15 b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15

13 Computer Science and Engineering Key -128-bit key  4 x 4 matrix -128 bits  16 bytes  k0, k1, k2,.., k15 k0k4k8k12 k1k5k9k13 k2k6k10k14 k3k7k11k15

14 Computer Science and Engineering 4 Operations 1. s[i,j]  s’[i,j] (predefined substitution table, Table 10-11 page 663) 2. Rows – left circular shift 3. The 4 elements in each column are multiplied by a polynomial 4. Key is derived and added to each column

15 Computer Science and Engineering Exercise Using the table, Find the substitution of 6b, ff, 6e, 09

16 Computer Science and Engineering Shift Row b0b4b8b12 b5b9b13b1 b10b14b2b6 b15b3b7b11 b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15

17 Computer Science and Engineering Byte Representation as polynomial One byte  8 bits  B7, B6, B5, B4, B3, B2, B1, B0 B7x 7 + B6 x 6 + B5 x 5 + B4 x 4 + B3 x 3 + B2 x 2 + B1 x + B0 Example: E5 (hex) = 1110 0101 (binary) = x 7 + x 6 + x 5 + x 2 + 1 (poly)

18 Computer Science and Engineering Mix Column 2311 1231 1123 3112 = * Multiplying by 1  no change Multiplying by 2  shift left one bit Multiplying by 3  shift left one bit and XOR with original value More than 8 bits  100011011 is subtracted

19 Computer Science and Engineering Exercise 2311 1231 1123 3112 e5 a8 6f 33 = ? ? ? ? *

20 Computer Science and Engineering 6e 2c c6 95

21 Computer Science and Engineering Add Key b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15 k0k4k8k12 k1k5k9k13 k2k6k10k14 k3k7k11k15 b’ x bxbx kxkx = XOR

22 Computer Science and Engineering Example k = 1f 34 0c da 5a 29 bb 71 6e a3 90 f1 47 d6 8b 12 B = e5 a8 6f 33 0a 52 31 9c c2 75 f8 1e b0 46 de 3a B’ = fa 9c 63 9e 50 7b 8a ed ac d6 68 ef f7 90 55 28

23 Computer Science and Engineering Key Generation 4 bytes Circular left shift 1byte S-box X-OR Round constant

24 Computer Science and Engineering Round Constant Table RoundRound Constant (hex) 101 00 00 00 202 00 00 00 304 00 00 00 408 00 00 00 510 00 00 00 620 00 00 00 740 00 00 00 880 00 00 00 91b 00 00 00 Final36 00 00 00

25 Computer Science and Engineering Group Exercise Final 4 bytes = 47 d6 8b 12 After shift = d6 8b 12 47 Find the next sub key k = 1f 34 0c da 5a 29 bb 71 6e a3 90 f1 47 d6 8b 12

26 Computer Science and Engineering Cryptographic Hash Functions (take notes)  Message Digest Functions  Protect integrity  Users create a message digest or fingerprint of a digital document  Message Authentication Codes (MACs)  Protect both integrity and authenticity  MACs produce fingerprints based on both a given document and a secret key

27 Computer Science and Engineering Message Digest Functions  Checksums  fingerprint of a message  If the message changes, the checksum will not match  Most checksums are good in detecting accidental changes made to a message  They are not designed to prevent an adversary from intentionally changing a message resulting a message with the same checksum  Message digests are designed to protect against this possibility

28 Computer Science and Engineering One-Way Hash Functions Example M = “Elvis” H(M) = (“E” + “L” + “V” + “I” + “S”) mod 26 H(M) = (5 + 12 + 22 + 9 + 19) mod 26 H(M) = 67 mod 26 H(M) = 15 H M H(M) = h

29 Computer Science and Engineering Collision Example x = “Viva” Y = “Vegas” H(x) = H(y) = 2 H xH(x) H yH(y) =

30 Computer Science and Engineering Collision-resistant, One-way hash functions  Given M, it is easy to compute h  Given any h, it is hard to find any M such that H(M) = h  Given M1, it is difficult to find M2 (not identical to M1) such that H(M1) = H(M2) Functions that satisfy these criteria are called message digest. They produce a fixed-length digest (fingerprint)

31 Computer Science and Engineering The Secure Hash Algorithm (SHA-1) SHA-1 A message composed of b bits 160-bit message digest

32 Computer Science and Engineering Step 1 -- Padding  Padding  the total length of a padded message is multiple of 512  Every message is padded even if its length is already a multiple of 512  Padding is done by appending to the input:  A single bit, 1  Enough additional bits, all 0, to make the final 512 block exactly 448 bits long  A 64-bit integer representing the length of the original message in bits

33 Computer Science and Engineering Example  M = 01100010 11001010 1001 (20 bits)  Padding is done by appending to the input:  A single bit, 1  427 0s  A 64-bit integer representing 20  Pad(M) = 01100010 11001010 10011000 … 00010100

34 Computer Science and Engineering Example  Length of M = 500 bits  Padding is done by appending to the input:  A single bit, 1  459 0s  A 64-bit integer representing 500  Length of Pad(M) = 1024 bits

35 Computer Science and Engineering Initialize 85 32-bit words (Hexa)  H0 = 67452301  H1 = EFCDAB89  H2 = 98BADCFE  H3 = 10325476  H4 = C3D2E1F0  K0 – K19 = 5A827999  K20 – K39 = 6ED9EBA1  K40 – K59 = 8F1BBCDC  K60 – K79 = CA62C1D6

36 Computer Science and Engineering Step 2 -- Dividing Pad(M)  Pad (M) = B 1, B 2, B 3, …, B n  Each B i denote a 512-bit block  Each B i is divided into 16 32-bit words W 0, W 1, …, W 15

37 Computer Science and Engineering Step 3 – Use W 0 - W 15 to compute W 16 – W 79  To Compute word W j (16<=j<=79):  W j-3, W j-8, W j-14, W j-16 are XORed  The result is circularly left shifted one bit

38 Computer Science and Engineering Step 4 – Copy H0 – H4 into A,B,C,D,E  A = H0  B = H1  C = H2  D = H3  D = H4

39 Computer Science and Engineering Step 5 – Four functions  For j = 0, 19 f j (B,C,D) = (B AND C) OR ( B AND D) OR (C AND D)  For j = 20, 39 f j (B,C,D) = (B XOR C XOR D)  For j = 40, 59 f j (B,C,D) = (B AND C) OR ((NOT B) AND D)  For j = 60, 79 f j (B,C,D) = (B XOR C XOR D)

40 Computer Science and Engineering Step 6 – Loop For j = 0 to 79 Do TEMP = Circular_left_shift_5 (A) + f j (B,C,D) + E + W j + K j E = D; D = C; C = Circular_left_shift_30(B); B = A; A = TEMP Done +  addition (ignore overflow)

41 Computer Science and Engineering Step 7 – Final H0 = H0 + A H1 = H1 + B H2 = H2 + C H3 = H3 + D H4 = H4 + E

42 Computer Science and Engineering Done Once these steps have been performed on each 512-bit block (B 1, B 2, …, B n ) of the padded message in turn, the 160-bit message digest is given by H0 H1 H2 H3 H4

43 Computer Science and Engineering Message Authentication Codes (MACs)  A message authentication code (MAC) is a key- dependent message digest function: MAC(M,K) = h

44 Computer Science and Engineering A MAC Based on a Block Cipher M1 Encrypt K M1 Encrypt K XOR M1 Encrypt K XOR … MAC

Download ppt "Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 10 September 21, 2004."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Chapter 3  Symmetric Key Cryptosystems 1 Overview  Modern symmetric-key cryptosystems o Data Encryption Standard (DES)  Adopted in 1976  Block size.

Chapter 3  Symmetric Key Cryptosystems 1 Overview  Modern symmetric-key cryptosystems o Data Encryption Standard (DES)  Adopted in 1976  Block size.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5

Cryptography and Network Security Chapter 5
The Advanced Encryption Standard (AES) Simplified.

The Advanced Encryption Standard (AES) Simplified.
Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)

Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.

PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
Cryptography and Network Security

Cryptography and Network Security
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.

Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.

Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.
AES clear a replacement for DES was needed

AES clear a replacement for DES was needed
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Information Security and Management 11

Information Security and Management 11
Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.

Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part I.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part I.
Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.

Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.

Similar presentations

Ads by Google