Block Cipher Transmission Modes CSCI 5857: Encoding and Encryption.

Slides:



Advertisements
Similar presentations
Block Cipher Modes of Operation and Stream Ciphers
Advertisements

Chapter 4: Modes of Operation CS 472: Fall Encrypting a Large Massage 1.Electronic Code Book (ECB) 2.Cipher Block Chaining (CBC) 3.Output Feedback.
ECE454/CS594 Computer and Network Security
“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers
8.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Cryptography and Network Security Chapter 6 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
1 Lect. 9 : Mode of Operation. 2 Modes of Operation – ECB Mode  Electronic Code Book Mode Break a message into a sequence of plaintext blocks Each plaintext.
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Chapter 3 – Block Ciphers and the Data Encryption Standard Jen-Chang Liu, 2004 Adopted from lecture slides by Lawrie Brown.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Lecture 23 Symmetric Encryption
CS470, A.SelcukModes of Operation1 Encrypting with Block Ciphers CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
symmetric key cryptography
Cryptography and Network Security Chapter 6. Multiple Encryption & DES  clear a replacement for DES was needed theoretical attacks that can break it.
Slide 1 Stream Ciphers uBlock ciphers generate ciphertext Ciphertext(Key,Message)=Message  Key Key must be a random bit sequence as long as message uIdea:
Chapter 20 Symmetric Encryption and Message Confidentiality.
Lecture 4: Using Block Ciphers
TE/CS 536 Network Security Spring 2006 – Lectures 6&7 Secret Key Cryptography.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Block ciphers Structure of a multiround block cipher
3DES and Block Cipher Modes of Operation CSE 651: Introduction to Network Security.
Multiple Encryption & DES  clearly a replacement for DES was needed Vulnerable to brute-force key search attacks Vulnerable to brute-force key search.
Chapter 9: Algorithms Types and Modes Dulal C. Kar Based on Schneier.
Encryption Types & Modes Chapter 9 Encryption Types –Stream Ciphers –Block Ciphers Encryption Modes –ECB - Electronic Codebook –CBC - Cipher Block Chaining.
More About DES Cryptography and Network Security Reference: Sec 3.1 of Stallings Text.
Data Encryption Standard (DES) © 2000 Gregory Kesden.
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
1.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
BLOCK CIPHER SYSTEMS OPERATION MODES OF DATA ENCRYPTION STANDARD (DES)
Shambhu Upadhyaya Security – AES-CCMP Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 13)
Modes of Usage Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) 11 Coming up: Modes of.
Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.
Stream Ciphers and Block Ciphers A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream.
Cryptography and Network Security Chapter 6 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 23 Symmetric Encryption
Privacy and Integrity: “ Two Essences of Network Security” Presenter Prosanta Gope Advisor Tzonelih Hwang Quantum Information and Network Security Lab,
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
Cipher Transmission and Storage Modes Part 2: Stream Cipher Modes CSCI 5857: Encoding and Encryption.
Block Cipher Modes Last Updated: Aug 25, ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently.
Modes of Operation block ciphers encrypt fixed size blocks – eg. DES encrypts 64-bit blocks with 56-bit key need some way to en/decrypt arbitrary amounts.
Block Cipher Encrypting a large message Electronic Code Book (ECB) message m1 m2 m3 m4 m5 m6 c1 c2 c3 c4 c5 c6 E E E Secret.
CS480 Cryptography and Information Security
Algorithm Modes ECB, CBC, CFB, OFB.
Computer and Network Security
Outline Desirable characteristics of ciphers Stream and block ciphers
Block Cipher Modes CS 465 Make a chart for the mode comparisons
Block cipher and modes of encryptions
Cryptography and Network Security
Algorithm Types & Algorithm Modes
Symmetric-Key Encryption
Block vs Stream Ciphers
Block Ciphers: DES and AES
Counter Mode, Output Feedback Mode
Elect. Codebook, Cipher Block Chaining
Secret-Key Encryption
Presentation transcript:

Block Cipher Transmission Modes CSCI 5857: Encoding and Encryption

Outline Different modes of transmitting data over networks Limits of Electronic Codebook Mode Cipher Block Chaining for removing patterns Basic structure of stream ciphers –Cipher Feedback Mode –Output Feedback Mode –Counter Mode –Tradeoffs of different stream modes

Transmitting Encrypted Data Encrypted data transmitted one block at a time –Created by block cipher (AES, DES, etc.) –Blocks of size 64 or 128 bits Problems: A large message (such as a database) may consist of thousands of blocks –Each encrypted with same key –Patterns vulnerable to cryptanalysis Large blocks not efficient for network transmission –May be best if ciphertext generated/transmitted one byte at a time

Electronic Codebook Mode (ECB) Plaintext divided into N blocks of size n Each block encrypted individually with same key Recipient decrypts each block individually

Electronic Codebook Mode Advantages: –Each block can be encrypted/decrypted in parallel –Noise in one block affects no other block Disadvantage: vulnerable to cryptanalysis –Long messages often contain repeated blocks –Produce identical blocks of ciphertext Aha!

Cipher Block Chaining (CBC) Each block of plaintext XORed with previous ciphertext block before encryption Same plaintext block  different ciphertext

Cipher Block Chaining First block XORed with initialization vector (IV) –Must be known to sender, recipient –Must be different each time to avoid patterns Usually transmit in ECB mode as first block –Generate random IV

Cipher Block Chaining Equations: C 0 = E(K, IV) C i = E(K, P i  C i-1 ) IV = D(K, C 0 ) P 0 = D(K, C 1 )  IV P i = D(K, C i )  C i-1

Stream Cipher Generates ciphertext one bit at a time –Ciphertext transmitted in packets of any size –Can be decrypted before entire block arrives Key stream generator –Algorithm generates “random” key bits k 1 k 2 k 3 …k n from cipher key K –Specific to stream cipher (RC4, etc.) or based on existing block cipher (DES, AES)

Key Stream Generator

Block Cipher Stream Generators Uses existing block ciphers (AES or DES) Generates r-bit ciphertext from n-bit blocks –Usually last r bits of cyphertext created by block cipher Input to encryption algorithm usually depends on previous blocks to avoid patterns (like CBC mode) Input

Cipher Feedback Mode (CFB) Previous ciphertexts used to create shift register S Shift register contents encrypted with key Results placed in “temporary register” T

Cipher Feedback Mode (CFB) First r bits of T used to create byte key k i Byte key XORed with next r bits of plaintext to produce next r bits of ciphertext for transmission

Cipher Feedback Mode (CFB) Previous r bits of ciphertext added to end of shift register S –All other bits in S shifted left –First r bits discarded CiCi C i-1 C i-k C i-2  shifted left discarded r-bit C i transmitted Inserted at end of S for next plaintext b-bit shift register S

Cipher Feedback Mode (CFB) Initial contents of shift register S is initialization vector IV Rest of ciphertext depends on previous ciphertext

Cipher Feedback Mode (CFB) Decryption: Recipient uses previous ciphertext to create same shift register S –Encrypted with key –First r bits taken to create byte key k i –XORed with next r bits of ciphertext received to get next r bits of plaintext

Cipher Feedback Mode (CFB) Problem: CFB inherently sequential –Each block depends on previous block(s) –Cannot take advantage of parallel hardware to speed up encryption/decryption –Cannot generate key stream in advance while waiting for rest of message Solutions: Output Feedback Mode (OFB) Counter Mode (CTR)

Output Feedback Mode (OFB) Contents added to shift register taken directly from T Not dependent on the plaintext Could theoretically generate all of key stream in advance

Counter Mode (CTR) Use a simple counter to generate next bytes of ciphertext –Counter increments each time  different ciphertext generated –Know all counter values in advance  Generate all byte keys k i in advance

Counter Mode (CTR) Counter generates next n bits used in key generator –Encrypted with key –XORed with plaintext –Can select first r bits of result for stream transmission

Counter Mode (CTR) Sender and recipient must know initial counter value IV –Can be transmitted via ECB mode

Counter Mode (CTR) Sender/recipient increment counter in same way for each block encrypted/decrypted

OFB and CTR Vulnerabilities If opponent has single known plaintext P 1 and C 1 can then derive key stream as P 1  C 1 Can compute other plaintext P 2 from C 2 using P 1  P 2 = C 1  C 2 Must use different key each transmission Problem for any non-chained stream cipher C2C2 P1P1 C1C1

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.