Counter With Cipher Block Chaining-MAC

Slides:



Advertisements
Similar presentations
“Advanced Encryption Standard” & “Modes of Operation”
Advertisements

Submission doc.: IEEE 11-12/1253r1 November 2012 Dan Harkins, Aruba NetworksSlide 1 Why Use SIV for 11ai? Date: Authors:
Lecture 23 Symmetric Encryption
Cryptography and Network Security
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
Message Authentication Requirements Disclosure Release of message contents to any person or process not possessing the appropriate cryptographic key Traffic.
S. Muftic Computer Networks Security 1 Lecture 4: Message Confidentiality and Message Integrity Prof. Sead Muftic.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Chapter 20 Symmetric Encryption and Message Confidentiality.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
Shambhu Upadhyaya Security – AES-CCMP Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 13)
Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.
1 Symmetric-Key Encryption CSE 5351: Introduction to Cryptography Reading assignment: Chapter 3 Read sections first (skipping 3.2.2)
1 Symmetric-Key Encryption CSE 5351: Introduction to Cryptography Reading assignment: Chapter 2 Chapter 3 (sections ) You may skip proofs, but are.
Cryptography and Network Security
@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.
Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 21 – Network Security.
Block Cipher Modes Last Updated: Aug 25, ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently.
1 /24 May Systems Architecture WPA / WPA 2(802.11i) Burghard Güther, Tim Hartmann
Message Authentication Code
CSE 4905 WiFi Security II WPA2 (WiFi Protected Access 2)
IPSecurity.
Modes of Operation.
OSA vs WEP WPA and WPA II Tools for hacking
CSCE 715: Network Systems Security
Presented by: Dr. Munam Ali Shah
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Sixth Edition by William Stallings.
Block Cipher Modes CS 465 Make a chart for the mode comparisons
MAC: Message Authentication Code
Cryptography Lecture 12.
Cryptography and Network Security
Cryptography Lecture 10.
Block cipher and modes of encryptions
March 2018 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [SG SECN Call for Proposals] Date Submitted:
Algorithm Types & Algorithm Modes
Security Of Wireless Sensor Networks
Symmetric-Key Encryption
Block vs Stream Ciphers
ADVANCED ENCRYPTION STANDARDADVANCED ENCRYPTION STANDARD
SOFTWARE IMPLEMENTATION OF OCB MODE
Security of Wireless Sensor Networks
Cryptography Lecture 12.
Topic 13: Message Authentication Code
Cryptography Lecture 9.
Cryptography Lecture 11.
Basics Of Symmetric Encryption
July 15, 2019 doc.: IEEE r0 May, 2002 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [AES.
Cryptanalysis Network Security.
Pseudorandom Numbers Network Security.
One-way Hash Function Network Security.
Hash Function Requirements
CRYPTOGRAPHY & NETWORK SECURITY
Counter Mode, Output Feedback Mode
Advanced Encryption Standard
Digital Signature Standard (DSS)
Cipher-Based MAC Network Security.
Elect. Codebook, Cipher Block Chaining
The RC4 Algorithm Network Security.
Stream Cipher Structure
Key Exchange, Man-in-the-Middle Attack
Feistel Cipher Structure
Message Authentication
Data Encryption Standard (DES)
Simple Hash Functions Network Security.
The Use of Random Numbers
Secret-Key Encryption
Presentation transcript:

Counter With Cipher Block Chaining-MAC Network Security

Counter With Cipher Block Chaining-MAC Objectives of the Topic After completing this topic, a student will be able to describe working of Counter with Cipher Block Chaining-MAC.

Counter With Cipher Block Chaining-MAC Figures and material in this topic have been adapted from “Network Security Essentials : Applications and Standards”, 2014, by William Stallings.

Counter With Cipher Block Chaining-MAC The Counter with Cipher Block Chaining-Message Authentication Code (CCM) mode of operation, was standardized by NIST specifically to support security requirements of IEEE 802.11 WiFi wireless local area networks.

Counter With Cipher Block Chaining-MAC It can be used in any networking application requiring authenticated encryption. It is defined in NIST SP 800-38C.

Counter With Cipher Block Chaining-MAC CCM is a variation of the encrypt-and-MAC approach to authenticated encryption. It is referred to as an authenticated encryption mode.

Counter With Cipher Block Chaining-MAC “Authenticated encryption” is a term used to describe encryption systems that protect confidentiality and authenticity of communications simultaneously .

Counter With Cipher Block Chaining-MAC The key algorithmic ingredients of CCM are AES encryption algorithm, the Counter mode (CTR) of operation, and the CMAC authentication algorithm. A single key K is used for both encryption and MAC algorithms.

Counter With Cipher Block Chaining-MAC Key algorithmic ingredients CMAC authentication algorithm CTR mode of operation AES encryption algorithm

Counter With Cipher Block Chaining-MAC The input to the CCM encryption process consists of three elements. 1. Data that will be both authenticated and encrypted. This is the plaintext message P of data block.

Counter With Cipher Block Chaining-MAC 2. Associated data A that will be authenticated but not encrypted. An example is a protocol header that must be transmitted in the clear for proper protocol operation but which needs to be authenticated.

Counter With Cipher Block Chaining-MAC 3. A nonce N that is assigned to the payload and the associated data. This is a unique value that is different for every instance during lifetime of a protocol association and is intended to prevent replay attacks.

Counter With Cipher Block Chaining-MAC Authentication For authentication, the input includes the nonce, the associated data, and the plaintext. This input is formatted as a sequence of blocks B0 through Br.

Counter With Cipher Block Chaining-MAC The first block contains the nonce plus some formatting bits that indicate the lengths of the N, A, and P elements. This is followed by zero or more blocks that contain A, followed by zero of more blocks that contain P.

Counter With Cipher Block Chaining-MAC The resulting sequence of blocks serves as input to the CMAC algorithm, which produces a MAC value with length Tlen, which is less than or equal to the block length.

Counter With Cipher Block Chaining-MAC Authentication

Counter With Cipher Block Chaining-MAC Encryption For encryption, a sequence of counters is generated that must be independent of the nonce. The authentication tag is encrypted in CTR mode using the single counter Ctr0 .

Counter With Cipher Block Chaining-MAC The Tlen most significant bits of the output are XORed with the tag to produce an encrypted tag. The remaining counters are used for the CTR mode encryption of the plaintext.

Counter With Cipher Block Chaining-MAC The encrypted plaintext is concatenated with the encrypted tag to form the ciphertext output.

Counter With Cipher Block Chaining-MAC Encryption

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.