We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJada Richards
Modified over 3 years ago
Symmetric Encryption Prof. Ravi Sandhu
2 © Ravi Sandhu SECRET KEY CRYPTOSYSTEM Encryption Algorithm E Decryption Algorithm D Plain- text Plain- text Ciphertext INSECURE CHANNEL K K Secret Key shared by A and B SECURE CHANNEL A A B B
3 © Ravi Sandhu SECRET KEY CRYPTOSYSTEM confidentiality depends only on secrecy of the key size of key is critical secret key systems do not scale well with N parties we need to generate and distribute N*(N-1)/2 keys A and B can be people or computers
4 © Ravi Sandhu MASTER KEYS AND SESSION KEYS long-term or master keys prolonged use increases exposure session keys short-term keys communicated by means of long-term secret keys public key technology
5 © Ravi Sandhu CRYPTANALYSIS ciphertext only cryptanalyst only knows ciphertext known plaintext cryptanalyst knows some plaintext- ciphertext pairs chosen plaintext chosen ciphertext
6 © Ravi Sandhu KNOWN PLAINTEXT ATTACK 40 bit key requires * trials on average (exportable from USA) trials/secondtime required 120,000 years years days minutes seconds
7 © Ravi Sandhu KNOWN PLAINTEXT ATTACK 56 bit key requires * 10 ^16 trials on average (DES) trials/secondtime required years years years year hours
8 © Ravi Sandhu KNOWN PLAINTEXT ATTACK 80 bit key requires * trials on average (SKIPJACK) trials/secondtime required years years years years years
9 © Ravi Sandhu KNOWN PLAINTEXT ATTACK 128 bit key requires * trials on average (IDEA) trials/secondtime required years years years years years
10 © Ravi Sandhu DICTIONARY ATTACKS if keys are poorly chosen known plaintext attacks can be very simple often the users password is the key in a dictionary attack the cryptanalyst tries passwords from a dictionary, rather than all possible keys for a 20,000 word dictionary, 1 trial/second will crack a poor password in less than 3 hours
11 © Ravi Sandhu CURRENT GENERATION SECRET KEY CRYPTOSYSTEMS 64 bit data block size DES: 56 bit key Triple DES: 112 bit key Triple DES: 168 bit key Skipjack: 80 bit key IDEA: 128 bit key RC2: variable size key: 1 byte to 128 bytes many others
12 © Ravi Sandhu DOUBLE DES effective key size is only 57 bits due to meet- in-the-middle attack E E Plain- text Cipher- text Intermediate Ciphertext K1K2
13 © Ravi Sandhu TRIPLE DES effective key size is 112 bits due to meet-in- the-middle attack E D Plain- text Cipher- text K1K2 E K1
14 © Ravi Sandhu PERFECT SECRECY VERNAM ONE-TIME PAD Plain- text Plain- text Ciphertext KiSecret Key + Mi Ci + Ki Mi SECURE CHANNEL A B A B
15 © Ravi Sandhu PERFECT SECRECY VERNAM ONE-TIME PAD known plaintext reveals the portion of the key that has been used, but does not reveal anything about the future bits of the key has been used can be approximated
16 © Ravi Sandhu ADVANCED ENCRYPTION STANDARD New Advanced Encryption Standard under development by NIST must support key-block combinations of , , may support other combinations selection of Rijndaehl algorithm announced in 2000 will be in place in a couple of years
17 © Ravi Sandhu ELECTRONIC CODE BOOK (ECB) MODE E 64 bit Data block 56 bit key D 64 bit Data block OK for small messages identical data blocks will be identically encrypted
18 © Ravi Sandhu CIPHER BLOCK CHAINING (CBC) MODE E 64 bit Data block 56 bit key D 64 bit Data block bit previous ciphertext block 64 bit previous ciphertext block is the exclusive OR operation
19 © Ravi Sandhu CIPHER BLOCK CHAINING (CBC) MODE Needs an Initialization Vector (IV) to serve as the first feedback block IV need not be secret or random Integrity of the IV is important, otherwise first data block can be arbitrarily changed. IV should be changed from message to message, or first block of every message should be distinct
PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.
Block Cipher Modes of Operation and Stream Ciphers CSE 651: Introduction to Network Security.
1 DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970s as a US government standard The.
Network Security Essentials Chapter 2 Fourth Edition by William Stallings (Based on Lecture slides by Lawrie Brown)
Security – Keys, Digital Signatures and Certificates I CS3517 Distributed Systems and Security Lecture 19.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CLASSICAL ENCRYPTION TECHNIQUES
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
“Advanced Encryption Standard” & “Modes of Operation”
1. Classical encryption techniques 2. Block ciphers and the data encryption standard 3. Basic concepts in number theory and finite fields 4. Advanced.
Introduction to Protocols: Entity Authentication, Key Establishment, Integrity/Message Authentication, Confidentiality INFSCI 1075: Network Security –
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Appendix A: Introduction to cryptographic.
ISA 662 SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later.
1 Pretty Good Privacy (PGP) Security for Electronic .
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
8.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Mar 25, 2003Mårten Trolin1 Previous lecture – smart-cards Card-terminal authentication Card-issuer authentication.
Md. Kamrul Hasan Assistant Professor and Chairman Computer and Communication Engineering Dept. Network Security.
Aforajayshahnirma.wordpress.com Stream Cipher A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples: One.
DES is a block cipher, as shown in Figure Overview Figure 6.1 Encryption and decryption with DES.
8. Cryptography part 21 Rotor Machines Combine Substitution and Transposition Methods produce ciphers that are very difficult to break Rotor Machines in.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.2 Secret Key Cryptography.
Cryptography Basics (ch 2) IT443 – Network Security Administration Instructor: Bo Sheng 1.
1 Chapter 2 Symmetric Encryption. 2 Outline Symmetric Encryption Principles Symmetric Encryption Algorithms Cipher Block Modes of Operation Location of.
1 Cryptography encryption authentication digital signatures one-way functions hash algorithms key generation, exchange and management.
Chapter-2 Conventional Encryption Techniques BY:-H.M.Patel.
© 2017 SlidePlayer.com Inc. All rights reserved.