Presentation is loading. Please wait.

Presentation is loading. Please wait.

Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric."— Presentation transcript:

1 Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric cryptography. RSA — keys, encryption, decryption. (Proof of correctness not part of course.)

2 Feb 19, 2002Mårten Trolin2 This lecture Block ciphers Modes of operations First assignment Hash functions Digital signatures

3 Feb 19, 2002Mårten Trolin3 Block ciphers A block cipher B is an encryption function E key :{0,1} k  {0,1} l and a decryption function D key :{0,1} l  {0,1} k such that D key (E key (m)) = m. The value k is called block length. Usually k = l. Commonly used block ciphers include DES, 3DES and IDEA. Clear (plain) textCipher text Key

4 Feb 19, 2002Mårten Trolin4 Chaining ciphers What happens when the clear text is longer than the block length k? Most simple solution — encrypt each block separately. This mode is called ECB, Electronic Code Book Clear text Cipher text Enc Key

5 Feb 19, 2002Mårten Trolin5 Problems with ECB The main problem with ECB is that an adversary can change order or remove blocks without detection. The solution — link the encrypted blocks to each other. Most common option — Cipher Block Chaining, CBC

6 Feb 19, 2002Mårten Trolin6 Cipher Block Chaining A feedback is introduced to link the blocks together Clear text Cipher text Enc Key IV

7 Feb 19, 2002Mårten Trolin7 Cipher Block Chaining, cont. Let E key be the encryption function, D key be the decryption function, P i block i of the clear text and C i block i of the cipher text, i = 1, 2, 3... Encryption of block i: C i = E key (P i  C i-1 ) where C 0 = IV (initialization vector) Decryption of block i: P i = C i-1  D key (C i ) The Initialization Vector, IV = C 0, must be known to both parties and can be sent in clear.

8 Feb 19, 2002Mårten Trolin8 First assignment Implement encryption and decryption using your favourite block cipher (DES, 3DES, IDEA etc) for two modes (e.g., ECB and CBC) with a usable (not necessarily user-friendly!) command-line interface. Use an existing crypto library for the block cipher, but implement the chaining yourself! Examples of possible crypto libraries to use: openssl (for C) or JSSE (for Java). You can get a maximum of four points for the exam from this assignment.

9 Feb 19, 2002Mårten Trolin9 Rules for the assignment Choose your favourite language! –If you pick another language than C, C++, Pascal or Java, or another platform than UNIX/Linux or Windows/DOS, please contact me first! Solve the assignment either individually or in pairs. Hand in the solution no later than March 5 th. You lose one point per day if you hand in late. You can hand in your solution –By email to marten@nada.kth.se. –On a diskette at the lecture –As a link to a site that I can reach

10 Feb 19, 2002Mårten Trolin10 Rules for the assignment, cont. Please include –source code –executable –a brief description of the interface (just enough so that I can run it) –contact information –the amount of time you spent on the assignment (not used for grading, just to tune the difficulty of the assignments)

11 Feb 19, 2002Mårten Trolin11 Rules for the assignment, cont. Co-operation between groups is allowed only on a conceptual level –Example of things you may discuss: Is it easier to solve the assignment in Java than C? What is a good format to provide the key? Is this input format reasonable? –Example of things you may not discuss: Please show me your code so I can copy part of it! Please state the persons you have discussed the solution with. You may be asked to explain your solution orally.

12 Feb 19, 2002Mårten Trolin12 Hash functions A hash function computes a fixed length value from a variable length source –Example: Check sums in communication protocols –Indices in databases More convenient to handle a hash of a document instead of the document itself We will consider cryptographically secure hash functions.

13 Feb 19, 2002Mårten Trolin13 Hash functions, definition A hash function is a function f:{0,1}*  {0,1} n. The size of the output, n, is a property of the function. Common values are 128, 160 and 256. Commonly used hash functions are MD5, SHA and SHA-1

14 Feb 19, 2002Mårten Trolin14 Hash function — examples f(m) = first 40 bits of m f(m) = last 40 bits of m f(m) = XOR of the bytes of m

15 Feb 19, 2002Mårten Trolin15 Properties of good hash functions Let H be a hash function One-way –Given v, unfeasible to compute an x such that H(v) = x Collision-free –Unfeasible to find x 1 and x 2 such that H(x 1 ) = H(x 2 )

16 Feb 19, 2002Mårten Trolin16 Digital signatures Used to ensure authenticity. A digital signatures binds a document to a person. In a public key infrastructure (PKI), a person produces a digital signature using his private key The signature can be verified using the public key.

17 Feb 19, 2002Mårten Trolin17 How to sign a document d Compute the hash of d, v = H(d). Perform a private key operation on v. The result is a digital signature. What happens if the hash function is not one-way? Not collision free?

Download ppt "Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.

Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Feb 12, 2002Mårten Trolin1 Applied Cryptography Main goal –Give some practical experience on cryptographic technics used today. –Show how to use existing.

Feb 12, 2002Mårten Trolin1 Applied Cryptography Main goal –Give some practical experience on cryptographic technics used today. –Show how to use existing.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Feb 18, 2003Mårten Trolin1 Previous lecture Block ciphers Modes of operations First assignment Hash functions.

Feb 18, 2003Mårten Trolin1 Previous lecture Block ciphers Modes of operations First assignment Hash functions.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Cryptography Basic (cont)

Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 25, 2003Mårten Trolin1 Previous lecture – smart-cards Card-terminal authentication Card-issuer authentication.

Mar 25, 2003Mårten Trolin1 Previous lecture – smart-cards Card-terminal authentication Card-issuer authentication.

Similar presentations

Ads by Google