2 Contents Classical encryption techniques Block ciphers and the data encryption standardBasic concepts in number theory and finite fieldsAdvanced encryption standardBlock cipher operationPseudorandom number generation and stream ciphers
4 KEY POINTSSymmetric encryption is a form of cryptosystem in which encryption and decryption are performed using the same key. It is also known as conventional encryption.Symmetric encryption transforms plaintext into ciphertext using a secret key and an encryption algorithm. Using the same key and a decryption algorithm, the plaintext is recovered from the ciphertext.The two types of attack on an encryption algorithm are cryptanalysis, based on properties of the encryption algorithm, and brute-force, which involves trying all possible keys.
5 KEY POINTS (cont.)Traditional (precomputer) symmetric ciphers use substitution and/or transposition techniques. Substitution techniques map plaintext elements (characters, bits) into ciphertext elements. Transposition techniques systematically transpose the positions of plaintext elements.Rotor machines are sophisticated precomputer hardware devices that use substitution techniques.Steganography is a technique for hiding a secret message within a larger one in such a way that others cannot discern the presence or contents of the hidden message.
7 Plaintext: This is the original intelligible message or data that is fed into the algorithm as input Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext.Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithmCiphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key.Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the original plaintext.
9 CryptographyCryptographic systems are characterized along three independent dimensions:The type of operations used for transforming plaintext to ciphertext. (substitution, transposition).The number of keys used (symmetric, public-key encryption)The way in which the plaintext is processed (block cipher, stream cipher)
10 Cryptanalysis and Brute-Force Attack Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some sample plaintext–ciphertext pairs. This type of attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.Brute-force attack: The attacker tries every possible key on a piece of cipher-text until an intelligible translation into plaintext is obtained. On average, half of all possible keys must be tried to achieve success.
12 A brute-force attack involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. On average, half of all possible keys must be tried to achieve success.
13 SUBSTITUTION TECHNIQUES A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols.1 If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns.Caesar CipherFor example,plain: meet me after the toga partycipher: PHHW PH DIWHU WKH WRJD SDUWB
17 One-Time PadAn Army Signal Corp officer, Joseph Mauborgne, proposed an improvement to the Vernam cipher that yields the ultimate in security. Mauborgne suggested using a random key that is as long as the message, so that the key need not be repeated. In addition, the key is to be used to encrypt and decrypt a single message, and then is discarded. Each new message requires a new key of the same length as the new message. Such a scheme, known as a one-time pad, is unbreakable. It produces random output that bears no statistical relationship to the plaintext. Because the ciphertext contains no information whatsoever about the plaintext, there is simply no way to break the code.
18 TRANSPOSITION TECHNIQUES The simplest such cipher is the rail fence technique, in which the plaintext is written down as a sequence of diagonals and then read off as a sequence of rows. For example, to encipher the message “meet me after the toga party” with a rail fence of depth 2, we write the following:m e m a t r h t g p r ye t e f e t e o a a tThe encrypted message isMEMATRHTGPRYETEFETEOAAT
19 ROTOR MACHINES ex. Three-Rotor Machine with Wiring Represented by Numbered Contacts
20 STEGANOGRAPHYA plaintext message may be hidden in one of two ways. The methods of steganography conceal the existence of the message, whereas the methods of cryptography render the message unintelligible to outsiders by various transformations of the text.Character marking: Selected letters of printed or typewritten text are over-written in pencil. The marks are ordinarily not visible unless the paper is held at an angle to bright light.Invisible ink: A number of substances can be used for writing but leave no visible trace until heat or some chemical is applied to the paper.
21 Pin punctures: Small pin punctures on selected letters are ordinarily not visible unless the paper is held up in front of a light.Typewriter correction ribbon: Used between lines typed with a black ribbon, the results of typing with the correction tape are visible only under a strong light.The advantage of steganography is that it can be employed by parties who have something to lose should the fact of their secret communication (not necessarily the content) be discovered. Encryption flags traffic as important or secret or may identify the sender or receiver as someone with something to hide.
22 2. BLOCK CIPHERS AND THE DATA ENCRYPTION STANDARD Block Cipher PrinciplesThe Data Encryption Standard
23 KEY POINTSA block cipher is an encryption/decryption scheme in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.Many block ciphers have a Feistel structure. Such a structure consists of a number of identical rounds of processing. In each round, a substitution is performed on one half of the data being processed, followed by a permutation that interchanges the two halves. The original key is expanded so that a different key is used for each round.
24 KEY POINTS (cont.)The Data Encryption Standard (DES) has been the most widely used encryption algorithm until recently. It exhibits the classic Feistel structure. DES uses a 64-bit block and a 56-bit key.Two important methods of cryptanalysis are differential cryptanalysis and linear cryptanalysis. DES has been shown to be highly resistant to these two types of attack.
25 BLOCK CIPHER PRINCIPLES Stream Ciphers and Block CiphersA stream cipher is one that encrypts a digital data stream one bit or one byte at a time.A block cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. Typically, a block size of 64 or 128 bits is used.
27 THE DATA ENCRYPTION STANDARD In the late 1960s, IBM set up a research project in computer cryptography led by Horst Feistel. The project concluded in 1971 with the development of an algorithm with the designation LUCIFER [FEIS73], which was sold to Lloyd’s of London for use in a cash-dispensing system, also developed by IBM.In 1973, the National Bureau of Standards (NBS) issued a request for proposals for a national cipher standard. IBM submitted the results of its Tuchman–Meyer project. This was by far the best algorithm proposed and was adopted in 1977 as the Data Encryption Standard.
28 DES EncryptionAs with any encryption scheme, there are two inputs to the encryption function: the plaintext to be encrypted and the key. In this case, the plaintext must be 64 bits in length and the key is 56 bits in length (Actually, the function expects a 64-bit key as input. However, only 56 of these bits are ever used; the other 8 bits can be used as parity bits or simply set arbitrarily).
32 3. BASIC CONCEPTS IN NUMBER THEORY AND FINITE FIELDS Divisibility and The Division AlgorithmThe Euclidean AlgorithmModular ArithmeticGroups, Rings, and FieldsFinite Fields of the Form GF(p)Polynomial ArithmeticFinite Fields of the Form GF(2^n)
33 KEY POINTSModular arithmetic is a kind of integer arithmetic that reduces all numbers to one of a fixed set [0,...,n-1] for some number n. Any integer outside this range is reduced to one in this range by taking the remainder after division by n.The greatest common divisor of two integers is the largest positive integer that exactly divides both integers.A field is a set of elements on which two arithmetic operations (addition and multiplication) have been defined and which has the properties of ordinary arithmetic, such as closure, associativity, commutativity, distributivity, and having both additive and multiplicative inverses.
34 KEY POINTS (cont.)Finite fields are important in several areas of cryptography. A finite field is simply a field with a finite number of elements. It can be shown that the order of a finite field (number of elements in the field) must be a power of a prime p^n, where n is a positive integer.Finite fields of order p can be defined using arithmetic mod p.Finite fields of order p^n, for n>1, can be defined using arithmetic over polynomials.
49 4. ADVANCED ENCRYPTION STANDARD Finite Field ArithmeticAES StructureAES Transformation FunctionsAES Key ExpansionAn AES ExampleAES Implementation
50 KEY POINTSAES is a block cipher intended to replace DES for commercial applica-tions. It uses a 128-bit block size and a key size of 128, 192, or 256 bits.AES does not use a Feistel structure. Instead, each full round consists of four separate functions: byte substitution, permutation, arithmetic opera-tions over a finite field, and XOR with a key.
54 KEY POINTSMultiple encryption is a technique in which an encryption algorithm is used multiple times. In the first instance, plaintext is converted to ciphertext using the encryption algorithm. This ciphertext is then used as input and the algorithm is applied again. This process may be repeated through any number of stages.Triple DES makes use of three stages of the DES algorithm, using a total of two or three distinct keys.A mode of operation is a technique for enhancing the effect of a crypto-graphic algorithm or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream.
55 KEY POINTS (cont.)Five modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES: electronic codebook mode, cipher block chaining mode, cipher feedback mode, output feed-back mode, and counter mode.Another important mode, XTS-AES, has been standardized by the IEEE Security in Storage Working Group (P1619). The standard describes a method of encryption for data stored in sector-based devices where the threat model includes possible access to stored data by the adversary.
68 6. PSEUDORANDOM NUMBER GENERATION ANDSTREAMCIPHERS Principles of Pseudorandom Number GenerationPseudorandom Number GeneratorsPseudorandom Number Generation Using a Block CipherStream CiphersRC4True Random Number Generators
69 KEY POINTSA capability with application to a number of cryptographic functions is random or pseudorandom number generation. The principle requirement for this capability is that the generated number stream be unpredictable.A stream cipher is a symmetric encryption algorithm in which ciphertext output is produced bit-by-bit or byte-by-byte from a stream of plaintext input. The most widely used such cipher is RC4.
70 RANDOMNESSTraditionally, the concern in the generation of a sequence of allegedly random numbers has been that the sequence of numbers be random in some well-defined statistical sense. The following two criteria are used to validate that a sequence of numbers is random:Uniform distribution:The distribution of bits in the sequence should be uniform; that is, the frequency of occurrence of ones and zeros should be approximately equal.Independence:No one subsequence in the sequence can be inferred from the others.
73 RC4 (Ron Rivest, 1987)RC4 is used in the Secure Sockets Layer/Transport Layer Security (SSL/TLS) standards that have been defined for communication between Web browsers and servers. It is also used in the Wired Equivalent Privacy (WEP) protocol and the newer WiFi Protected Access (WPA) protocol that are part of the IEEE wireless LAN standard. RC4 was kept as a trade secret by RSA Security.