Symmetric Encryption Lesson Introduction ●Block cipher primitives ●DES ●AES ●Encrypting large message ●Message integrity.

Slides:



Advertisements
Similar presentations
DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Advertisements

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.2 Secret Key Cryptography.
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard
Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)
Data Encryption Standard (DES)
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Secret Key Cryptography
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
Announcement Homework 1 out, due 1/18 11:59pm If you purchased the textbooks, but it hasn’t arrived, please see TA for copies of the questions, Project.
Review Overview of Cryptography Classical Symmetric Cipher
Announcement Grading adjusted –10% participation and two exams 20% each Newsgroup up Assignment upload webpage up Homework 1 will be released over the.
Chapter 5 Cryptography Protecting principals communication in systems.
AES clear a replacement for DES was needed
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Lecture 23 Symmetric Encryption
Review What is security: history and definition Security policy, mechanisms and services Security models.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Network Security Chapter
Encryption Schemes Second Pass Brice Toth 21 November 2001.
CSE 651: Introduction to Network Security
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
CSCI 5857: Encoding and Encryption
Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Chapter 3 – The Data Encryption.
Chapter 20 Symmetric Encryption and Message Confidentiality.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security PART VII.
TE/CS 536 Network Security Spring 2006 – Lectures 6&7 Secret Key Cryptography.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Multiple Encryption & DES  clearly a replacement for DES was needed Vulnerable to brute-force key search attacks Vulnerable to brute-force key search.
Data Encryption Standard (DES) © 2000 Gregory Kesden.
BLOCK CIPHER SYSTEMS OPERATION MODES OF DATA ENCRYPTION STANDARD (DES)
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security.
Stream Ciphers and Block Ciphers A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream.
TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms.
Le Trong Ngoc Security Fundamentals (2) Encryption mechanisms 4/2011.
Lecture 23 Symmetric Encryption
Chapter 2 (C) –Advanced Encryption Standard. Origins clearly a replacement for DES was needed –have theoretical attacks that can break it –have demonstrated.
© Information Security Group, ICU1 Block Cipher- introduction  DES Description: Feistel, S-box Exhaustive Search, DC and LC Modes of Operation  AES Description:
DES Analysis and Attacks CSCI 5857: Encoding and Encryption.
Block Cipher- introduction
1 The Data Encryption Standard. 2 Outline 4.1 Introduction 4.4 DES 4.5 Modes of Operation 4.6 Breaking DES 4.7 Meet-in-the-Middle Attacks.
Network Security Lecture 3 Secret Key Cryptography
Block Ciphers and the Data Encryption Standard. Modern Block Ciphers  One of the most widely used types of cryptographic algorithms  Used in symmetric.
Message Authentication Codes CSCI 5857: Encoding and Encryption.
1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.
Lecture 4 Data Encryption Standard (DES) Dr. Nermin Hamza
6b. Practical Constructions of Symmetric-Key Primitives.
Algorithm Types & Algorithm Modes
Elect. Codebook, Cipher Block Chaining
Presentation transcript:

Symmetric Encryption Lesson Introduction ●Block cipher primitives ●DES ●AES ●Encrypting large message ●Message integrity

Block Cipher Scheme

Block Cipher Primitives Confusion: ●An encryption operation where the relationship between the key and ciphertext is obscured Achieved with substitution

Block Cipher Primitives Diffusion: ●An encryption operation where the influence of one plaintext bit is spread over many ciphertext bits with the goal of hiding statistical properties of the plaintext Achieved with permutation

Block Cipher Primitives ●Both confusion and diffusion by themselves cannot provide (strong enough) security ●Round: combination of substitution and permutation, and do so often enough so that a bit change can affect every output bit

Block Cipher Quiz A block cipher should... Select all correct answers to complete that statement. Keep the algorithm secret Use a few rounds, each with a combination of substitution and permutation Use permutation to achieve diffusion Use substitution to achieve confusion

Data Encryption Standard ●Published in 1977, standardized in 1979 ●Key: 64 bit quantity=8-bit parity+56-bit key ●Every 8 th bit is a parity bit ●64 bit input, 64 bit output

Data Encryption Standard

Decryption ●Apply the same operations key sequence in reverse: ●Round 1 of decryption uses key of the last round in encryption ●Each round: ●Input: R n+1 |L n+1 ●Due to the swap operation at the end of encryption ●Output: R n |L n ●The swap operation at the end will produce the correct result: L|R

XOR Quiz key = FA F2 Hi = FA F2 = Hi encrypted = Use the XOR function and the given key to encrypt the word “Hi”.

Mangler Function

S-Box (Substitute and Shrink)

S-Box Quiz Output: Input: For the given input, determine the output.

Security of DES ●Key space is too small (2 56 keys) ●Exhaustive key search relative easy with today’s computers ●S-box design criteria have been kept secret ●Highly resistant to cryptanalysis techniques published years after DES

Triple DES ●K 1 =K 3 results in an equivalent 112-bit DES which provides a sufficient key space ●Distinct K 1, K 2, K 3 results in an even stronger 168-bit DES ●Can run as a single DES with K 1 = K 2

DES Quiz To decrypt using DES, same algorithm is used, but with per-round keys used in the reversed order Check all the statements that are true: The logics behind the S-boxes are well-known and verified Each round of DES contains both substitution and permutation operations With Triple DES the effective key length can be 56, 112, and 168

Advanced Encryption Standard ●In 1997, the U.S. National Institute for Standards and Technology (NIST) put out a public call for a replacement to DES ●It narrowed down the list of submissions to five finalists, and ultimately chose an algorithm (Rijndael) that is now known as the Advanced Encryption Standard (AES) ●New (Nov. 2001) symmetric-key NIST standard, replacing DES ●Processes data in 128 bit blocks ●Key length can be 128, 192, or 256 bits

Advanced Encryption Standard

AES Round

●A Stick Figure Guide to AES ●

AES Encryption Quiz To decrypt using AES, just run the same algorithm in the same order of operations Check all the statements that are true: AES is much more efficient than Triple DES AES can support key length of 128, 192, 256 Each operation or stage in AES is reversible

Encrypting a Large Message ●Break a message into blocks ●Apply block cipher on the blocks ●Is that it?

Encrypting a Large Message

ECB Problem #2 ●Lack the basic protection against integrity attacks on the ciphertext at message level (i.e., multiple cipher blocks) ●Without additional integrity protection ●cipher block substitution and rearrangement attacks ●fabrication of specific information

Encrypting a Large Message

CBC Decryption

General K-Bit Cipher Feedback Mode (CFB)

Protecting Message Integrity ●Only send last block of CBC (CBC residue) along with the plaintext ●Any modification in plaintext result in a CBC residue computed by the receiver to be different from the CBC residue from the sender ●Ensures integrity

Protecting Message Integrity ●Simply sending all CBC blocks (for confidentiality) replicating last CBC block (for integrity) does not work ●Should use two separate secret keys: one for encryption and the other for generating residue (two encryption passes) ●Or, CBC (message|hash of message)

CBC Quiz CBC is more secure than ECB We can have both confidentiality and integrity protection with CBC by using just one key Put a check next to the statements that are true:

Symmetric Encryption Lesson Summary ●Need both confusion and diffusion ●DES: input 64-bit, key 56-bit; encryption and decryption same algorithms but reversed per-round key sequence ●AES: input 128-bit, key 128/192/256 bits; decryption the reverse/inverse of encryption ●Use cipher-block-chaining to encrypt a large message ●Last CBC block can be use as MIC; use different keys for integrity and confidentiality

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.