Presentation is loading. Please wait.

Presentation is loading. Please wait.

8. Cryptography part 21 Rotor Machines Combine Substitution and Transposition Methods produce ciphers that are very difficult to break Rotor Machines in.

Published byEric Tyler Modified over 8 years ago

Similar presentations

Presentation on theme: "8. Cryptography part 21 Rotor Machines Combine Substitution and Transposition Methods produce ciphers that are very difficult to break Rotor Machines in."— Presentation transcript:

1 8. Cryptography part 21 Rotor Machines Combine Substitution and Transposition Methods produce ciphers that are very difficult to break Rotor Machines in World War II: German “Enigma” and Japanese “Purple” Breaking by the Allies was a significant factor in the outcome of the war (Turing)

2 8. Cryptography part 22 Example of Rotor Machine

3 8. Cryptography part 23 Concealment Cipher Message within a message: Example – third word in each sentence matters: GMU students take the security class very seriously. They study a good eight hours a day, each day. They can break many of the classical ciphers.

4 8. Cryptography part 24 Symmetric (Secret Key) Cryptography

5 8. Cryptography part 25 Conditional Cryptography Cryptographic schemes that do not have a mathematical proof that they are 100% secure An opponent can break the scheme if unlimited text, computing power, and time is available Strength of the scheme relies on assumption that attacker does not have sufficient resources (text, time, computers, money, etc.) to break the scheme All modern practical cryptographic schemes are only conditionally secure

6 8. Cryptography part 26 Xor = Exclusive OR

7 8. Cryptography part 27 Notation A – Alice (a party) B – Bob (another party) E – Eve (eavesdropper / attacker) M – Message (plaintext, sometimes secret) K – Key (very secret) C – Cipher (ciphertext, seen by attacker) ENC – Encryption (secret / known) DEC – Decryption (secret / known) AUTH – Authentication (secret / known) VER – Verification (secret / known)

8 8. Cryptography part 28 Symmetric Encryption A encrypts the message M using the algorithm ENC with the key K to obtain the ciphertext C B decrypts the ciphertext C using the algorithm DEC with the key K to obtain the message M Key K is symmetric, secret, and known only to A and B

9 8. Cryptography part 29 DES (Data Encryption Standard) In 1973, NBS (National Bureau of Standards, now NIST) wrote an RFP (Request for Proposals) for a commercial encryption standard IBM proposed its strong Lucifer algorithm (developed by Feistel and others) NSA (National Security Agency) asked for a weaker Lucifer (by shortening the key) and also made changes to IBM’s algorithm Data Encryption Standard (DES) accepted in 1976 and expired 22 years later, in 1998

10 8. Cryptography part 210 DES Design Criteria Algorithm must: provide high level of security be completely specified Security of the algorithm must reside in the key Algorithm must be: available to all users adaptable for use in diverse applications efficiently implemented in hardware efficient to use able to be validated Exportable !

11 8. Cryptography part 211 DES in use DES is widely-used data encryption using a (secret) key judged so difficult to break by the U.S. government that it was restricted for export to other countries. There are 72,000,000,000,000,000 (72 quadrillion) or more possible encryption keys that can be used. For each given message, the key is chosen at random from among this enormous number of keys. Like other private key cryptographic methods, both the sender and receiver must know and use the same private key.

12 8. Cryptography part 212 DES Structure Block size – 64 bits Key size – 64 bit quantity=(8 bit parity)+(56 bit key) – Every 8th bit is a parity bit. – 16 round keys (48 bits) derived from key (56 bits) 16 iterations each consisting of scrambling the round-block (64 bits) with the round-key (48 bits) 64 bit input, 64 bit output.

13 8. Cryptography part 213 Multiple Encryption

14 8. Cryptography part 214 Multiple Encryption Major limitation of DES Key length is too short (56 bits). Question: So can we apply DES multiple times to increase the strength of encryption? Advantage: We could then preserve the existing investment in software and equipment.

15 8. Cryptography part 215 Double DES (I) Apply two iterations of DES with two keys K1 and K2 What if DES has a structure of an algebraic group, such that for each K1 and K2 there is a K3 with the property: Ek2(Ek1(P)) = Ek3(P) This is not the case (it was proved in 1992) but is the security level O(2112)?

16 8. Cryptography part 216 Double DES (II) Meet-in-the-Middle Attack: For given M and C – search only O(256) pairs of keys K 1 and K 2 at the intermediate point I Encrypt M under all 2 56 options for K1 – Denote the results by X 1, X 2,..., X 2 Decrypt C under all 2 56 options for K2 – Denote the results by Y 1, Y 2,..., Y 2

17 8. Cryptography part 217 Double DES (III) Meet-in-the-Middle Attack (continued): Sort the values X 1, X 2,..., X 2 Sort the values Y 1, Y 2,... Find collisions between values of X i and Y j – there should be about (2 112 / 2 64 ) = 2 48 collisions Mark the 2 48 potential candidates for key-pair K 1 / K 2 Take another pair M’ and C’, and repeat this -- test with the new pair and the suspected 2 48 key-pairs The second test will pin down the correct pair K 1 / K 2 (the success rate will be (2 48 / 2 64 ) = 2 -16 )

18 8. Cryptography part 218 Double DES (IV) Meet-in-the-Middle Attack (continued): Time requirement of attack – for encryptions, decryptions, sorting, and comparing: O(2 64 ) steps Space requirement of attack – for keeping the encryption and decryption values: O(2 60 ) bytes Although attack is not practical – it is high enough to consider Double-DES insecure

19 8. Cryptography part 219 Triple-DES (I) EEE Mode: – DES Encrypt-Encrypt-Encrypt with three keys K 1, K 2, K 3 (168 bits) and strength O (2 110 ) against Meet-in-the- Middle – Not compatible with regular DES

20 8. Cryptography part 220 Triple-DES (II) EDE Mode: DES Encrypt-Decrypt-Encrypt with two keys K 1, & K 2 Properties: Two keys (112 bits) Strength O(2 110 ) against Meet-in-the-Middle Compatible with regular DES when K 1 = K 2

21 8. Cryptography part 221 E-D-E versus E-E-E Why E-D-E? – Initial and final permutations would cancel each other out with EEE (minor advantage to EDE) EDE compatible with single DES if same keys. Only 2 different Keys needed with E-D-E

22 8. Cryptography part 222 Triple DES Not Ideal... Efficiency demands schemes with longer keys! Runs one third as fast as DES on the same platform New candidates numerous - RC5, IDEA, two-fish, CAST, etc New AES

23 8. Cryptography part 223 Modes of Block Cipher Operations Encrypting a Large Message The base algorithms encrypt a fixed size block -- one block at a time. This is the Electronic Code Book (ECB) repeated plaintext blocks results in repeated ciphertext blocks Other modes “chain” to avoid this CBC (Cipher Block Chaining Mode) OFB (Output Feedback Mode) CFB (Cipher Feedback Mode) Encryption does not guarantee integrity!

24 8. Cryptography part 224 ECB Divide and conquer ! (M 1 == M 3 ) => (C 1 == C 3 ) giving information to eavesdroppers

25 8. Cryptography part 225 ECB Properties Disadvantage: If c i =c J, then p i =p J 1. Can reorder blocks 2. Can substitute (fabricated information) blocks to affect plaintext Advantage: No error propagation. Two serious flaws, one advantage!

26 8. Cryptography part 226 ECB problem

27 8. Cryptography part 227 CBC Encryption

28 8. Cryptography part 228 CBC Decryption

29 8. Cryptography part 229 CBC Properties Chaining dependency – Each ciphertext block depends on all preceding plaintext blocks – To change a bit in m i, change the corresponding bit in c i-1. The side effect is that m i-1 will be garbled. Error propagation – Each error in c j affects decipherment of m j and m j+1. Error recovery – An error in c j doesn’t propagate beyond c j+1. – Can recover from loss of cipher text blocks.

30 8. Cryptography part 230 OFB

31 8. Cryptography part 231 OFB Properties OFB stream generated: – IV (transmitted in the clear) – pad 1 =e(IV, key) – pad 2 =e(pad1, key) – pad i =e(padi-1,key) Chaining dependencies – Key stream is plaintext-independent – Allow pre-computing of pseudo-random stream (One-Time Pad); XOR can be implemented very efficiently No error propagation problem as in CBC What if ciphertext is garbled or lost? – If garbled, only plaintext bits are garbled. – If lost or duplicated, it is no linger synchronized, so everything is lost.

32 8. Cryptography part 232 CFB

33 8. Cryptography part 233 CFB Properties Chaining dependencies – Ciphertext block c j depends on all preceding plaintext blocks. Error propagation Bit error in one ciphertext block affects the next few Error recovery Can recover from bit errors after several blocks Can resynchronize after loss of blocks.

Download ppt "8. Cryptography part 21 Rotor Machines Combine Substitution and Transposition Methods produce ciphers that are very difficult to break Rotor Machines in."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.

Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.2 Secret Key Cryptography.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.2 Secret Key Cryptography.
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Week 2 - Friday.  What did we talk about last time?  Substitution ciphers  Vigenère ciphers  One-time pad.

Week 2 - Friday.  What did we talk about last time?  Substitution ciphers  Vigenère ciphers  One-time pad.
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.

Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,

Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.

Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.

1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers.

Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.

Similar presentations

Ads by Google