Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "CSE331: Introduction to Networks and Security Lecture 18 Fall 2002."— Presentation transcript:

1 CSE331: Introduction to Networks and Security Lecture 18 Fall 2002

2 CSE331 Fall 20022 Announcements Prof. Zdancewic will be out of town Nov. 5 th – 14 th Lectures will be covered by Prof. Gunter Aditya Chadha (course TA) will cover projects

3 CSE331 Fall 20023 Recap Cracking Polyalphabetic Ciphers –Kasiski Method of determining key length –Index of Coincidence Today: –Industrial Strength Encryption –Shared Key Cryptography

4 CSE331 Fall 20024 Kinds of Industrial Strength Crypto Shared Key Cryptography Public Key Cryptography Cryptographic Hashes

5 CSE331 Fall 20025 Shared Key Cryptography Sender & receiver use the same key Key must remain private Also called symmetric or secret key cryptography Often are block-ciphers –Process plaintext data in blocks Examples: DES, Triple-DES, Blowfish, Twofish, Rijndael, …

6 CSE331 Fall 20026 Shared Key Notation Encryption algorithm E : key x plain  cipher Notation: K{msg} = E(K, msg) Decryption algorithm D : key x cipher  plain D inverts E D(K, E(K, msg)) = msg Use capital “K” for shared (secret) keys Sometimes E is the same algorithm as D

7 CSE331 Fall 20027 Secure Channel: Shared Keys K AB AliceBart K AB {Hello!} K AB {Hi!}

8 CSE331 Fall 20028 Problems with Shared Key Crypto Compromised key means interceptors can decrypt any ciphertext they’ve acquired. –Change keys frequently to limit damage Distribution of keys is problematic –Keys must be transmitted securely –Use couriers? –Distribute in pieces over separate channels? Number of keys is O(n 2 ) where n is # of participants Potentially easier to break?

9 CSE331 Fall 20029 Data Encryption Standard (DES) Adopted as a standard in 1976 Security analyzed by the National Security Agency (NSA) –http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdfhttp://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf Key length is 56 bits –padded to 64 bits by using 8 parity bits Uses simple operators on (up to) 64 bit values –Simple to implement in software or hardware Input is processed in 64 bit blocks Based on a series of 16 rounds –Each cycle uses permutation & substitution to combine plaintext with the key

10 CSE331 Fall 200210 DES Encryption

11 CSE331 Fall 200211 One Round of DES (f of previous slide) Expansion S-box Permutation Permuted choice of key

12 CSE331 Fall 200212 Types of Permutations in DES Permutation Permuted Choice Expansion Permutation

13 CSE331 Fall 200213 DES S-Boxes Substitution table 6 bits of input replaced by 4 bits of output Which substitution is applied depends on the input bits Implemented as a lookup table –8 S-Boxes –Each S-Box has a table of 64 entries –Each entry specifies a 4-bit output

14 14 Use the same algorithm as encryption, but use k 16 … k 1 instead of k 1 … k 16 Proof that this works: –To obtain round j from j-1: –Rewrite in terms of round j-1: (1) R j-1 = L j (2) L j-1  f(R j-1, k j ) = R j L j-1  f(R j-1, k j )  f(R j-1, k j ) = R j  f(R j-1, k j ) L j-1 = R j  f(R j-1, k j ) L j-1 = R j  f(L j, k j ) DES Decryption (1) L j = R j-1 (2) R j = L j-1  f(R j-1, k j )

15 CSE331 Fall 200215 Problems with DES Key length too short: 56 bits –www.distributed.net broke a DES challenge in 1999 in under 24 hours (parallel attack)www.distributed.net Other problems –Bit-wise complementation of key produces bit-wise complemented ciphertext –Not all keys are good (half 0’s half 1’s) –Differential cryptanalysis: Carefully choose pairs of plaintext that differ in particular known ways (I.e. they are

16 CSE331 Fall 200216 Block Cipher Performance AlgorithmKey LengthBlock Size Rounds Clks/Byte Twofishvariable12816 18.1 Blowfishvariable641619.8 Square128 820.3 RC5-32/16variable643224.8 CAST-1281286416 29. 5 DES56641643 Serpent128,192,2561283245 SAFER (S)K-12812864852 FEAL-3264, 128643265 IDEA12864874 Triple-DES1126448116

17 CSE331 Fall 200217 Advanced Encryption Standard (AES) National Institute of Standards & Technology NIST –Computer Security Research Center (CSRC) –http://csrc.nist.gov/http://csrc.nist.gov/ –http://www.esat.kuleuven.ac.be/~rijmen/rijndael/http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ Uses the Rijndael algorithm –Invented by Belgium researchers Dr. Joan Daemen & Dr. Vincent Rijmen –Adopted May 26, 2002 –Key length: 128, 192, or 256 bits –Block size: 128, 192, or 256 bits

18 CSE331 Fall 200218 Public Key Cryptography Sender encrypts using a private key Receiver decrypts using a public key Only the private key must be kept secret –Public key can be distributed at will Also called asymmetric cryptography Can be used for digital signatures Examples: RSA, El Gamal, DSA Usually more expensive than secret key cryptography

19 CSE331 Fall 200219 Public Key Notation Encryption algorithm E : keyPub x plain  cipher Notation: K{msg} = E(K, msg) Decryption algorithm D : keyPriv x cipher  plain Notation: k{msg} = D(k,msg) D inverts E D(k, E(K, msg)) = msg Use capital “K” for public keys Use lower case “k” for private keys Sometimes E is the same algorithm as D

20 CSE331 Fall 200220 Secure Channel: Private Key K A,K B k A K A, K B k B AliceBart K B {Hello!} K A {Hi!}

21 CSE331 Fall 200221 Cryptographic Hashes Creates a hard-to-invert summary of input data Useful for integrity properties –Sender computes the hash of the data, transmits data and hash –Receiver uses the same hash algorithm, checks the result Like a check-sum or error detection code –Uses a cryptographic algorithm internally –More expensive to compute Sometimes called a Message Digest Examples: –Secure Hash Algorithm (SHA) –Message Digest (MD4, MD5)

Download ppt "CSE331: Introduction to Networks and Security Lecture 18 Fall 2002."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.

1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
CS 682 - Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.

CS Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.

What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) - 2007 Jordan’s Campus.

Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Decryption Algorithms Characterization Project ECE 526 spring 2007 Ravimohan Boggula,Rajesh reddy Bandala Southern Illinois University Carbondale.

Decryption Algorithms Characterization Project ECE 526 spring 2007 Ravimohan Boggula,Rajesh reddy Bandala Southern Illinois University Carbondale.
Encryption Schemes Second Pass Brice Toth 21 November 2001.

Encryption Schemes Second Pass Brice Toth 21 November 2001.

Similar presentations

Ads by Google