Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

Similar presentations


Presentation on theme: "CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security."— Presentation transcript:

1 CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security

2 Cryptography Ciphers 1. Classic Substitution e.g., Caesar Cipher Transposition e.g., Route Cipher Hybrid 2. Modern Symmetric (Private Key) Stream Cipher e.g., RC4, A5/1 Block Cipher e.g., DES, AES Asymmetric (Public Key) e.g., RSA Hybrid

3 Symmetric vs. Asymmetric Algorithms Key Management: different / same key for encryption Speed Hybrid cryptosystem

4 Symmetric-Key Algorithms (Private-Key) Other terms for symmetric-key encryption are single- key, one-key and private-key encryption. Use of the latter term can sometimes conflict with the term private key in public key cryptography. Symmetric-key algorithms can be divided into:  Stream ciphers: encrypt the bits of the message one at a time.  Block ciphers: take a number of bits and encrypt them as a single unit.

5 Symmetric-Key Algorithms - Stream Ciphers (Private-Key) A stream cipher is a symmetric cipher where plaintext bits are combined with a pseudorandom cipher bit stream (keystream), typically by an exclusive-or (xor) operation. Algorithms: 1. StreamCipher(K) = S where K is the key and, S is the keystream 2. C = P S; as one-time pad where C is the ciphertext, and P is the plaintext The main idea is that the algorithm is used to generate the Stream Cipher. +

6 Symmetric-Key Algorithms - Stream Ciphers Types of Stream Ciphers 1. In a synchronous stream cipher, a stream of pseudo-random digits is generated independently of the plaintext and ciphertext messages, and then combined with the plaintext (to encrypt) or the ciphertext (to decrypt). Note: In the most common form, binary digits are used (bits), and the keystream is combined with the plaintext using the exclusive or operation (XOR). This is termed a binary additive stream cipher. (e.g., A5/1) 2. Asynchronous stream ciphers use several of the previous N ciphertext digits to compute the keystream. (e.g., Cipher-Feedback Mode)

7 Symmetric-Key Algorithms - Stream Ciphers Linear vs. Non-Linear Binary stream ciphers are often constructed using Linear Feedback Shift Registers (LFSRs) because they can be easily implemented in hardware. Because LFSRs are inherently linear, one technique for removing the linearity is to feed the outputs of several parallel LFSRs into a non- linear Boolean function.

8 Symmetric-Key Algorithms - Stream Ciphers Example(1): A5/1 1. A5/1 initialization: 1. Register X hold 19 bits of the key (x 0, x 1, x 2, …, x 18 ) 2. Register Y hold 22 bits of the key (y 0, y 1, y 2, …, y 21 ) 3. Register Z hold 23 bits of the key (z 0, z 1, z 2, …, z 22 ) 2. A5/1 keystream bit: 1. m = maj (x 8, y 10, z 10 ) 2. if (x 8 =m) then X steps 3. if (y 10 =m) then Y steps 4. if (z 10 =m) then Z steps 5. s = x 18 y 21 z Go to step 1 ++

9 Symmetric-Key Algorithms - Stream Ciphers Example(2): RC4 1. RC4 initialization: for i = 0 to 255 S[i] = i K[i] = key [ i mod N ] next i j = 0 for i = 0 to 255 j = ( j + S[i] + K[i] ) mod 256 swap ( S[i], S[j] ) next i i = j = 0 2. RC4 keystream byte: i = ( i + 1 ) mod 256 j = ( j + S[i] ) mod 256 swap ( S[i], S[j] ) t = ( S[i] + S[j] ) mod 256 keystreamByte = S[t] Note: The entire algorithm is byte based. key[i] for i=0, 1, …, N-1, where key[i] is a byte

10 Symmetric-Key Algorithms - Block Ciphers is a symmetric key cipher. operates on fixed-length groups of bits, termed blocks. a block cipher might take a (for example) 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext. The exact transformation is controlled using a second input — the secret key.

11 Symmetric-Key Algorithms - Block Ciphers DES (Data Encryption Standard) Runs 16 rounds. Each block consists of 64 bits. It uses a 56-bit key. In each round of DES:  Plaintext divided to L i and R i, and generate the subkey  Function F is composition of: 1. Expansion permutation (32bit → 48bit) 2. Addition of subkey (48bit 48bit) 3. S-boxes (map 6bits → 4bits) 4. P-box (change permutation) +

12 Symmetric-Key Algorithms - Block Ciphers DES – Initial Step A. Plaintext: Divide the plaintext into L and R parts; each of them 32 bits. B. Key: Divide the key into 2 parts LK and RK; each of them 28 bits. LK RK

13 Symmetric-Key Algorithms - Block Ciphers DES –Key Schedule Algorithm Defining the permutation LP as: (24 bits) Defining the permutation RP as: (24 bits) if i Є {1, 2, 9, 16} r i = otherwise 2 For each round i, the algorithm for generating the 48-bit subkey K i is: LK = cyclically left shift LK by r i bits RK = cyclically left shift RK by r i bits The left half of subkey K i consists of bits LP of LK The right half of subkey K i consists of bits RP of RK

14 Symmetric-Key Algorithms - Block Ciphers DES – Step 1 In each round of DES:  Plaintext divided to L i and R i ; each 32 bits  The new left half is the same old right half  Function F is composition of: F(R i-1, K i ) = P-box(S-boxes(Expand(R i-1 ) K i )) 1. Expansion permutation (32bit → 48bit) 2. Addition of subkey (48bit 48bit) 3. S-boxes (map 6bits → 4bits to offer protection) 4. P-box (change permutation) Expansion Permutation For each round i, we have the plaintext P i Change the permutation of R i from (32 bits): to (48 bits):

15 Symmetric-Key Algorithms - Block Ciphers DES – Step 2 In each round of DES:  Plaintext divided to L i and R i ; each 32 bits  The new left half is the same old right half  Function F is composition of: F(R i-1, K i ) = P-box(S-boxes(Expand(R i-1 ) K i )) 1. Expansion permutation (32bit → 48bit) 2. Addition of subkey (48bit 48bit) 3. S-boxes (map 6bits → 4bits to offer protection) 4. P-box (change permutation) Addition of Subkey For each round i, we have the right part of the plaintext R i after the expansion, and the subkey for this round K i (both of them are 48 bits.) Find: K i R i +

16 Symmetric-Key Algorithms - Block Ciphers DES – Step 3 In each round of DES:  Plaintext divided to L i and R i ; each 32 bits  The new left half is the same old right half  Function F is composition of: F(R i-1, K i ) = P-box(S-boxes(Expand(R i-1 ) K i )) 1. Expansion permutation (32bit → 48bit) 2. Addition of subkey (48bit 48bit) 3. S-boxes (map 6bits → 4bits to offer protection) 4. P-box (change permutation) S-boxes The main purpose of S-boxes is to offer protection against cryptanalytic. There are 8 distinct S-boxes that are used in each round. (look at the appendix) For each round i Each of the S-Box takes only 6 bits from the output and map them to 4 bits. In: 6 bits × 8 S-box = 48 bits Out: 4 bits × 8 S-box = 32 bits

17 Symmetric-Key Algorithms - Block Ciphers DES – Step 4 In each round of DES:  Plaintext divided to L i and R i ; each 32 bits  The new left half is the same old right half  Function F is composition of: F(R i-1, K i ) = P-box(S-boxes(Expand(R i-1 ) K i )) 1. Expansion permutation (32bit → 48bit) 2. Addition of subkey (48bit 48bit) 3. S-boxes (map 6bits → 4bits to offer protection) 4. P-box (change permutation) 4. P-boxes For each round i, there are 32 bits out from the S-Boxes: Change their permutation from: to:

18 Symmetric-Key Algorithms - Block Ciphers DES – Final Step In each round of DES:  Plaintext divided to L i and R i ; each 32 bits  The new left half is the same old right half  Function F is composition of: F(R i-1, K i ) = P-box(S-boxes(Expand(R i-1 ) K i )) 1. Expansion permutation (32bit → 48bit) 2. Addition of subkey (48bit 48bit) 3. S-boxes (map 6bits → 4bits to offer protection) 4. P-box (change permutation) Constructing the ciphertext For each round i L i = R i-1 R i = L i-1 F(R i-1, K i ) Repeat the five steps 16 rounds. At the end, the Ciphertext will be the combination of L 16 and R 16 +

19 Symmetric-Key Algorithms - Block Ciphers Triple DES In DES: C = E (P, K) ; encrypt the plaintext P with the key K P = D (C, K) ; for decryption It takes 2 55 key search to attack DES Moving to encryption with two keys according to: C = E (E (P, K 1 ), K 2 )wasn’t secure, WHY? Triple DES has 112-bit key and is defined as: C = E (D (E (P,K 1 ), K 2 ), K 1 ) Triple DES is popular today. But with the coming of the AES, it should fade from use over time. 1.C = E(D(E(P,K 1 ), K 2 ), K1) 2.P = D(E(D(C,K1),K2),K1)

20 Symmetric-Key Algorithms - Block Ciphers Modes 1. ECB (Electronic Codebook) Mode  Suppose we have multiple plaintext block P 0, P 1, P 2, …, P N, and a fixed key K We encrypt using the formula: C i = E(P i, K)for i = 0, 1, 2, …, N We decrypt using the formula: P i = D(C i, K) for i = 0, 1, 2, …, N  Problem: in case C i = C j the attacker knows that P i = P j Solution: add a random text to the plaintexts P i = P j, so C i ≠ C j

21 Symmetric-Key Algorithms - Block Ciphers Modes 2. CBC (Cipher Block Chaining) Mode  The ciphertext from a block is used to obscure the plaintext of the next block before it is encrypted. The formulas are: C i = E(P i C i-1, K)for i = 0, 1, 2, …, N P i = D(C i, K) C i-1 for i = 0, 1, 2, …, N  What is about C 0 ; we don’t have C -1 ?  An initialization vector, or IV, is used to take the place of C -1.  IV should be randomly selected, and it sends as the first block.  Problem: if a single-bit error causes two entire blocks to be garbled; it is a big problem in wireless environment. Solution: Use stream ciphers

22 Symmetric-Key Algorithms - Block Ciphers Integrity Block ciphers used for confidentiality and integrity. A message authentication code, or MAC, uses a block cipher to ensure data integrity by encrypting the data un CBC mode, and use the final block only, called MAC. C 0 = E(P 0 IV, K), C 1 = E(P 1 C 0, K), … C N-1 = E(P N-1 C N-2, K) = MAC The recipient repeats the process on the plaintext and re-calculate the MAC. A hashed MAC, or HMAC, is another standard approach to integrity


Download ppt "CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security."

Similar presentations


Ads by Google