Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security Prepared By: Prof. Ajaykumar T. Shah

Published byAda Matilda Lyons Modified over 8 years ago

Similar presentations

Presentation on theme: "Information Security Prepared By: Prof. Ajaykumar T. Shah"— Presentation transcript:

1 Information Security Prepared By: Prof. Ajaykumar T. Shah
Aforajayshahnirma.wordpress.com

2 Stream Cipher A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples: One Time Pad. In which the keystream ki is as long as the plaintext bit stream pi . If the cryptographic key stream is random, then this cipher is unbreakable by any means other than acquiring the key stream. However, the key stream must be provided to both users in advance via some independent and secure channel. Aforajayshahnirma.wordpress.com

3 Block Cipher A block cipher is one in which a block of plaintext is treated as a whole and used to produce a cipher text block of equal length. Typically, a block size of 8 or 64 bytes is used. As same as stream cipher, the two users share a symmetric encryption key. Plaintext: 227 bytes Block size: 16 bytes =227/16 = 14 blocks & 3 bytes Total Blocks 15 in which last block contain 3 bytes and padding bytes Aforajayshahnirma.wordpress.com

4

5 Difference Stream Cipher Block Cipher
Stream cipher operates on smaller Units of Plaintext Block cipher operates on larger block of data Faster than block cipher Slower than Stream Cipher Stream cipher processes the input element continuously producing output one element at a time Block cipher processes the input one block of element at a time, producing an output block for each input block Require less code Requires more code Only one time of key used. Reuse of key is possible Ex: One time pad Ex: DES (Data Encryption Standard) Application: SSL (secure connection on the web) Application: Database, file encryption. Stream cipher is more suitable for hardware implementation Easier to implement in software. Aforajayshahnirma.wordpress.com

6 Generate n-bit-n-bit block Substitution
Aforajayshahnirma.wordpress.com

7 Generate n-bit-n-bit block Substitution
Aforajayshahnirma.wordpress.com

8 Feistel Cipher Structure
Substitution: Each plaintext element or group of elements is uniquely replaced by a corresponding cipher text element or group of elements. Permutation: A sequence of plaintext elements is replaced by a permutation of that sequence. That is, no elements are added or deleted or replaced in the sequence, rather the order in which the elements appear in the sequence is changed. Aforajayshahnirma.wordpress.com

9 Feistel Cipher Structure cont…
Parameters and Design Features Block Size If Larger block is used security is greater but speed is reduced, normal 64 bit is used in block cipher method Key Size If Larger key is used security is greater but speed is reduced, default key length is 128 bits. Number of Rounds Security is increased by increasing the no. of rounds but typical size is 16 rounds. Subkey generation Round Function Aforajayshahnirma.wordpress.com

10

11 Aforajayshahnirma.wordpress.com

12 Diffusion and Confusion
To make the statistical relationship between the plaintext and cipher text as complex as possible in order to thwart attempts to discover the key. Can be achieved by a Permutation followed by a function Confusion To make the relationship between the statistics of the cipher text and the value of the encryption key as complex as possible to thwart attempts to discover the key. Can be achieved by a Substitution. Aforajayshahnirma.wordpress.com

13 Data Encryption Standard (DES)
DES Encryption Initial Permutation Details of Single Round Key Generation The Avalanche Effect Aforajayshahnirma.wordpress.com

14

15 Initial Permutation The permutation X = IP(M) The inverse permutation
Y = IP-1(X) = IP-1(IP(M)) The original ordering is restored Aforajayshahnirma.wordpress.com

16 Single Round F function Ri-1 is expanded to 48-bits using E.
The result is XORed with the 48-bit round key. The 48-bit is substituted by a 32-bit. The 32-bit is permuted by P.

17 E-Step First divide the 32-bit block into eight 4-bit words.
Attach an additional bit on the left to each 4-bit word that is the last bit of the previous 4-bit word. Attach an additional bit to the right of each 4-bit word that is the beginning bit of the next 4-bit word. Aforajayshahnirma.wordpress.com

18 E-Step Cont… Expansion E 32 bits  48 bits 16 bits are reused.
Permutation P Aforajayshahnirma.wordpress.com

19 E-Step with S Boxes Cont…
Substitution 48 bits  32 bits 8 S-boxes Each S-box get 6 bits and Output 4 bits. Aforajayshahnirma.wordpress.com

20 Single Round of DES Algorithm

21 S-Boxes Aforajayshahnirma.wordpress.com

22 S-Boxes Aforajayshahnirma.wordpress.com

23 Working of S-Boxes Outer bits 1 & 6 (rowbits) select one rows
Inner bits 2-5 (colbits) are substituted Example : Input : The row is 01 (row 1) The column is 1100 (column 12) Output is 1001

24 Key Generation A 64-bit key used as input Every 8th bit is ignored.
Thus, the key is 56 bits. PC1 permute 56 bits into two 28-bit halves. Aforajayshahnirma.wordpress.com

25 DES Decryption Decryption uses the same algorithm as encryption.
Feistel cipher Round key schedule is reversed. Aforajayshahnirma.wordpress.com

26 The Avalanche Effect A small change of plaintext or key produces a significant change in the cipher text. DES exhibits a strong avalanche effect. Aforajayshahnirma.wordpress.com

27 The Avalanche Effect cont…
Example Aforajayshahnirma.wordpress.com

28 The Avalanche Effect cont…
Example Aforajayshahnirma.wordpress.com

29 The Strength of DES The Use of 56-bit keys
The Nature of the DES Algorithm Timing Attacks Aforajayshahnirma.wordpress.com

30 The Use of 56-bits Keys If the key length is 56-bit, we have 256= 7.2 x 1016 keys A single m/c performing one DES encryption / microsecond takes more than 1000 yrs to break the cipher. (brute-force attack becomes impractical) Diffie and Hellman - the same can be possible if we implement it by using parallel m/c with 1 million devices it takes 10 hours but the cost for developing it is too high ($20 million dollars) In 1998, Electronic Frontier Foundation (EFF) announced ‘DES cracker’ which can attack DES in 3 days. It was built for less than $250,000. EEF has published their detailed description of the M/C , enabling others to build their own crackers (making DES virtually worthless) Aforajayshahnirma.wordpress.com

31 Strength… Plain text Only English - easily automated
Has compressed before encryption - difficult to automate Data with numeric values - more difficult to automate To supplement brute force attack some degree of knowledge about plaintext is required. EEF addressed an alternatives to DES AES(key size is 128 ~ 256 bit) and triple DES (112 ~ 168 bit) Aforajayshahnirma.wordpress.com

32 Nature of DES Possibilities of cryptanalysis is done by finding the characteristics of DES Algorithm Learning of S-Box logic is complex Weakness of S-Box has not been discovered Aforajayshahnirma.wordpress.com

33 Block Cipher Design Principles
Criteria for S- Boxes. No output bit of any S-box should be too close a linear function of the input bits. Specifically, if we select any output bit and any subset of the six input bits, the fraction of inputs for which this output bit equals the XOR of these input bits should not be close to 0 or 1, but rather should be near 1/2. Each row of an S-box should include all 16 possible output bit combinations. If two inputs to an S-box differ in exactly one bit, the outputs must differ in at least two bits. Aforajayshahnirma.wordpress.com

34 Block Cipher Design Principles
If two inputs to an S-box differ in the two middle bits exactly, the outputs must differ in at least two bits. If two inputs to an S-box differ in their first two bits and are identical in their last two bits, the two outputs must not be the same. For any nonzero 6-bit difference between inputs, no more than eight of the 32 pairs of inputs exhibiting that difference may result in the same output difference. This is a criterion similar to the previous one, but for the case of three S-boxes. Aforajayshahnirma.wordpress.com

35 Cipher Block Modes of Operations
Electronic Code Book (ECB) Cipher Block Chaining Mode (CBC) Cipher Feedback Mode (CFB) Counter Mode Aforajayshahnirma.wordpress.com

36 Electronic Code Book (ECB)
Plaintext is handled one block at a time and each block of plaintext is encrypted using the same key. The term codebook is used because, for a given key, there is a unique cipher text for every bit block of plaintext. Therefore, we can imagine a gigantic codebook in which there is an entry for every possible -bit plaintext pattern showing its corresponding cipher text. Aforajayshahnirma.wordpress.com

37

38 Electronic Code Book (ECB)
The ECB method is ideal for a short amount of data, such as an encryption key. Thus, if you want to transmit a DES or AES key securely, ECB is the appropriate mode to use. The most significant characteristic of ECB is that if the same bit block of plaintext appears more than once in the message, it always produces the same cipher text. For lengthy messages, the ECB mode may not be secure. If the message is highly structured, it may be possible for a cryptanalyst to exploit these regularities. Aforajayshahnirma.wordpress.com

39 Cipher Block Changing Mode (CBC)
A simple way to satisfy this requirement is the cipher block chaining (CBC) mode. In this scheme, the input to the encryption algorithm is the XOR of the current plaintext block and the preceding cipher text block; the same key is used for each block. For decryption, each cipher block is passed through the decryption algorithm. The result is XORed with the preceding cipher text block to produce the plaintext block. To see that this works, we can write Aforajayshahnirma.wordpress.com

40 Initialization Vector

41 Cipher Feedback Block (CFB)
The input to the encryption function is a -bit shift register that is initially set to some initialization vector (IV). The leftmost (most significant) bits of the output of the encryption function are XORed with the first segment of plaintext P1 to produce the first unit of cipher text C1, which is then transmitted. In addition, the contents of the shift register are shifted left by s bits, and C1 is placed in the rightmost (least significant) s bits of the shift register. This process continues until all plaintext units have been encrypted. Aforajayshahnirma.wordpress.com

42 Cipher Feedback Block (CFB)
Aforajayshahnirma.wordpress.com

43 Cipher Feedback Block (CFB)
Aforajayshahnirma.wordpress.com

44 Counter Mode The counter is encrypted and then XORed with the plaintext block to produce the cipher text block; there is no chaining. For decryption, the same sequence of counter values is used, with each encrypted counter XORed with a cipher text block to recover the corresponding plaintext block. Thus, the initial counter value must be made available for decryption. Aforajayshahnirma.wordpress.com

45 Counter Mode Aforajayshahnirma.wordpress.com

46 Counter Mode Aforajayshahnirma.wordpress.com

47 Cryptanalytic Attacks.
Ciphertext-only attack Known-plaintext attack Chosen-plaintext attack Adaptive chosen plaintext attack Aforajayshahnirma.wordpress.com

48 Ciphertext only attack
The cryptanalyst has the cipher text of several messages, of all of which have been encrypted using the same encryption algorithm. The analyst may be able to capture one or more plaintext message as well as their encryptions. Better yet to assume the key used to encrypt the messages, in order to decrypt other messages encrypted with the same key. Aforajayshahnirma.wordpress.com

49 Known Plaintext attack
The cryptanalyst has access not only to the ciphertext of several messages, but also to the plaintext of those messages Job is to deduce the key used to encrypt the messages. OR an algorithm to decrypt any new messages encrypted with the same key. It is also referred to as a probable word attack. Aforajayshahnirma.wordpress.com

50 Chosen Plaintext attack
This is more powerful than a known plaintext attack because the cryptanalyst can chose specific plaintext blocks to encrypt. The cryptanalyst not only has access to the ciphertext and associated plaintext for several messages, but he also chooses the plaintext that gets encrypted. Aforajayshahnirma.wordpress.com

51 Adaptive Chosen Plaintext attack
Not only can the cryptanalyst choose the plaintext that is encrypted , but he can also modify his choice based on the result of the previous encryption. A cryptanalyst might just be able to choose one large block of the plaintext to be encrypted – in chosen plaintext attack. Aforajayshahnirma.wordpress.com

52 Double DES The simplest form of multiple encryption has two encryption stages and two keys. Given a plaintext P and two encryption keys K1 and K2, ciphertext C is generated as C = E(K2, E(K1, P)) Decryption requires that the keys be applied in reverse order: P = D(K1, D(K2, C))

53 Triple DES The simplest form of multiple encryption has three encryption stages and three keys. Given a plaintext P and three encryption keys K1, K2 and K3, ciphertext C is generated as C = E(K3, D(K2, E(K1, P))) Decryption Process is shown below P = D(K3, E(K2, D(K1, P)))

54 International Data Encryption Algorithm
IDEA is Block Cipher. Works on 64 bits plaintext blocks. Key is longer and consist of 128 bits. IDEA use Diffusion and Confusion for Encryption. Plaintext = 64 bits Total 4 block of Plaintext each containing 16bits. Plaintext = (p1,p2,p3,p4) Eight Round in Algorithm. 6 sub key is generated in each such round from the original key. Aforajayshahnirma.wordpress.com

55 BLOCK DIAGRAM Input Plaintext(64 bits)
P1 (16 bits) P2 (16 bits) P3 (16 bits) P4 (16 bits) K1 K6 Round 1 K7 K12 Round 2 K43 K48 Round 8 K49 K52 Output Transformation C1 (16 bits) C2 (16 bits) C3 (16 bits) C4 (16 bits) Input Ciphertext(64 bits)

56 Details of Single Round in IDEA
Step1: Multiply P1 and K1 (P1 * K1) Step2: Add P2 and K2 (P2 + K2) Step3: Add P3 and K3 (P3 + K3) Step4: Multiply P4 and K4 (P4 * K4) Step5: XOR the result of step 1 and step 3 Step6: XOR the result of step 2 and step 4 Step7: Multiply the result of step 5 with K5. Step8: Add the result of step 6 and step 7. Step9: Multiply the result of step 8 with K6. Step10: Add the result of step 7 and step 9. Step11: XOR the result of step 1 and step 9. Step12: XOR the result of step 3 and step 9. Step13: XOR the result of step 2 and step 10. Step14: XOR the result of step 4 and step 10. Aforajayshahnirma.wordpress.com

57 Structure of Single Round in IDEA
P P P P4 XOR MULTIPLICATION ADD C C C C4

58 Strength of IDEA IDEA uses a 128 bits key, which is double than the key size of DES. Thus, to break into IDEA, 2128 (i.e. 1038) encryption operations would be required. As before, even if we assume that to obtain the correct key, only half of the possible keys need to be examined and tried out, a single computer performing one IDEA encryption per microsecond would require more than years to break IDEA! Aforajayshahnirma.wordpress.com

59 RC RC4 was designed by Ron Rivest of RSA Security in 1987.
RC4 is known as “Rivest Cipher 4”. RC5 is the modified version of RC4. Word Size in bits (Encry 2-word blocks at a time): 16, 32, 64 No. of Rounds: 0-255 No. 0f 8-bit Bytes in the key: 0-255 Aforajayshahnirma.wordpress.com

60 RC5 RC5 use only primitive computer operations such as addition, substation, XOR, shift, etc. RC5 requires less memory for execution and therefore suitable not only for desktop computer but also for smart cards and other devices that have a small memory capacity. Parameter Allowed Values Word size in bits (RC5 encrypt 2 word at a time) 16, 32, 64 Number of Rounds 0-255 Number of 8-bit bytes in the key Aforajayshahnirma.wordpress.com

61 Encryption using RC5

62 Key Generation in RC5

63 BLOWFISH Blowfish was design on the following objectives:
FAST: Blowfish encryption rate on 32-bit microprocessors is 26 clock cycles per byte. COMPACT: Blowfish can execute in less than 5kb memory. SIMPLE: Blowfish uses only primitives operations, such as addition XOR, and table lookup, making its design and implementation simple. SECURE: Blowfish has a variable key length up to a maximum of 448 bits long, making it both flexible and secure. Aforajayshahnirma.wordpress.com

64 BLOWFISH Encryption

65 Function F in Blowfish Aforajayshahnirma.wordpress.com

66 Advance Encryption Standard
AES Evaluation Security: Actual Security compared to other submitted standard. Randomness: The extent to which the algorithm output indistinguishable from a random permutation on the input block. Soundness of the mathematical basis for the algorithm’s security. Aforajayshahnirma.wordpress.com

67 Advance Encryption Standard
Cost: Licensing requirements: When the AES is issued, the algorithm specified the AES shall be available on a worldwide, non –exclusive, royalty free basis. Computational efficiency: The evaluation of computational efficiency will be applicable to both hardware and software implementation. Memory requirements: The memory requirement for implementing the algorithm in hardware and software will be considered. Aforajayshahnirma.wordpress.com

68 Advance Encryption Standard
Algorithm and Implementation characteristics: This category includes a variety of considerations, including flexibility; suitability for a variety of hardware and software implementations; and simplicity, which will make an analysis of security more straight forward. Aforajayshahnirma.wordpress.com

69 Advance Encryption Standard
General Security Software implementations Restricted-space environments Hardware implementations Attacks on implementations Encryption versus decryption Key agility Other versatility and flexibility Potential for instruction-level parallelism Aforajayshahnirma.wordpress.com

70 AES Encryption Process
State

71 AES Round Contains Byte Substitution Row Shift Column mixing
Round Key Addition Aforajayshahnirma.wordpress.com

72 AES Data Structure Aforajayshahnirma.wordpress.com

73 AES Data Structure Aforajayshahnirma.wordpress.com

74 AES Encryption And Decryption

75

76 AES Bites Level Operations

77 AES Row and Column Operations
Shift Row Transformation AES Row and Column Operations Aforajayshahnirma.wordpress.com

78 Shift Column Transformation
Aforajayshahnirma.wordpress.com

79 There are two distinct requirements for a sequence of random numbers:
A number of network security algorithms and protocols based on cryptography make use of random binary numbers: Key distribution and reciprocal authentication schemes Session key generation Generation of keys for the RSA public-key encryption algorithm Generation of a bit stream for symmetric stream encryption There are two distinct requirements for a sequence of random numbers: Randomness Unpredictability

80 Randomness The generation of a sequence of allegedly random numbers being random in some well-defined statistical sense has been a concern Two criteria are used to validate that a sequence of numbers is random: Uniform distribution The frequency of occurrence of ones and zeros should be approximately equal Independence No one subsequence in the sequence can be inferred from the others Aforajayshahnirma.wordpress.com

81 Unpredictability The requirement is not just that the sequence of numbers be statistically random, but that the successive members of the sequence are unpredictable With “true” random sequences each number is statistically independent of other numbers in the sequence and therefore unpredictable True random numbers have their limitations, such as inefficiency, so it is more common to implement algorithms that generate sequences of numbers that appear to be random Care must be taken that an opponent not be able to predict future elements of the sequence on the basis of earlier elements Aforajayshahnirma.wordpress.com

82 Pseudorandom numbers Cryptographic applications typically make use of algorithmic techniques for random number generation. These algorithms are deterministic and therefore produce sequences of numbers that are not statistically random. If the algorithm is good, the resulting sequences will pass many reasonable tests of randomness. Such numbers are referred to as pseudorandom numbers. Aforajayshahnirma.wordpress.com

83 True Random Number Generator (TRNG)
A TRNG takes as input a source that is effectively random; the source is often referred to as an entropy source. In essence, the entropy source is drawn from the physical environment of the computer and could include things such as keystroke timing patterns, disk electrical activity, mouse movements, and instantaneous values of the system clock. The source, or combination of sources, serve as input to an algorithm that produces random binary output. The TRNG may simply involve conversion of an analog source to a binary output. The TRNG may involve additional processing to overcome any bias in the source; Aforajayshahnirma.wordpress.com

84 True Random Number Generator (TRNG)
Aforajayshahnirma.wordpress.com

85 Pseudorandom Number Generator (PRNG)
PRNG takes as input a fixed value, called the seed, and produces a sequence of output bits using a deterministic algorithm. Typically, as shown, there is some feedback path by which some of the results of the algorithm are feed back as input as additional output bits are produced. The important thing to note is that the output bit stream is determined solely by the input value or values, so that an adversary who knows the algorithm and the seed can reproduce the entire bit stream. Aforajayshahnirma.wordpress.com

86 End of the Unit-2 Aforajayshahnirma.wordpress.com

Download ppt "Information Security Prepared By: Prof. Ajaykumar T. Shah"

Similar presentations

“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
Cryptography and Network Security

Cryptography and Network Security
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Chapter 3 – Block Ciphers and the Data Encryption Standard Jen-Chang Liu, 2004 Adopted from lecture slides by Lawrie Brown.

Chapter 3 – Block Ciphers and the Data Encryption Standard Jen-Chang Liu, 2004 Adopted from lecture slides by Lawrie Brown.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Computer Security CS 426 Lecture 3

Computer Security CS 426 Lecture 3
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Schemes Second Pass Brice Toth 21 November 2001.

Encryption Schemes Second Pass Brice Toth 21 November 2001.
CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security
Lecture 3: Cryptographic Tools

Lecture 3: Cryptographic Tools
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Similar presentations

Ads by Google