Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September.

Published byClemence Payne Modified over 8 years ago

Similar presentations

Presentation on theme: "IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September."— Presentation transcript:

1 IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September 4, 2002

2 1 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Encryption Question Context: You are a consultant working for a larger private-sector client. Your team is responsible for managing a network that supports a CRM (Customer Relationship Management) application, which often contains highly sensitive, often encrypted, financial information. A Hacker figures out the algorithm your client is using to encrypt outgoing emails and internal, sensitive information, and posts the algorithm on the Internet. Questions: Should this situation be of serious concern? Why or why not? What are some of the next steps your team should take?

3 2 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Chapter 2: Terminology and Background Encryption Algorithms Model of Conventional Encryption Process Cryptography Defined Dimensions of Cryptography Unconditional and Computational Security Example 1: Caesar Cipher Example 2: Columnar Transposition Characteristics of ‘Good’ Ciphers Chapter 2 Outline

4 3 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Terminology and Background Context: Suppose S (Sender) wants to send a message to R (Receiver). S entrusts the message to T (Transmission Medium) who will deliver it to R. An outsider O might try to access the message by Blocking, Intercepting, Modifying, or Fabricating it. [1]. Terminology: Encryption: Process of encoding a message so that its meaning is not obvious. [1] Decryption: The reverse process of Encryption – transforming an encrypted message into its normal, plaintext form. [1] Cryptosystem: A system for Encryption and Decryption. [1]

5 4 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Encryption Algorithms Encryption Algorithms: Some algorithms use a key K, so that the ciphertext message depends on both the original plaintext message and the key value, denoted C = E(K,P) [1]. - Symmetric: Encryption and Decryption keys are mirror processes. - Asymmetric: Decryption key inverts the Encryption process, such that converting ciphertext back to plaintext is not simply the reversing of the encryption steps. Key Secrecy: Security depends on the secrecy of the key, and not the secrecy of the algorithm. Key SizeNo of Alt KeysTime Req @ 10 6 Decryption/µs 32 2 32 = 4.3 x 10 9 2.15 milliseconds 56 2 56 = 7.2 x 10 16 10 hours 128 2 128 = 3.4 x 10 38 5.4 x 10 18 years 168 2 168 = 3.7 x 10 50 5.9 x 10 30 years

6 5 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Model of Conventional Encryption Process An encryption scheme has 5 major components: (1) Plaintext Input (2) Encryption Algorithm (3) Secret Key (4) Transmitted Ciphertext (5) Decryption Algorithm

7 6 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Cryptography Defined Cryptography Defined: Cryptanalysis: The process of attempting to discover X and/or Y, with the Ciphertext message X and the Encryption Key K. [2] Cryptanalyst studies encryption and encrypted messages, with the objective of revealing the hidden messages of the messages [1].

8 7 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Cryptographic Systems generally fall along three independent dimensions: The type of operations used for transforming plaintext to ciphertext. The number of keys used. - If both sender and receiver use the same key, the key is referred to as symmetric, single key, secret key, or conventional encryption. - If the sender and receiver each uses a different key, the system is referred to asymmetric, two key, or public-key encryption. The way in which the plaintext is processed. Dimensions of Cryptography

9 8 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Unconditional and Computational Security Unconditionally Secure: An encryption scheme is unconditionally secure if the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext. Computationally Secure: An encryption is said to be computationally secure if: - The cost of breaking the cipher exceeds the value of the encrypted information. - The time required to break the cipher exceeds the useful lifetime of the information.

10 9 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Classical Encryption Techniques Classical Techniques are based on two building blocks : Substitution: The letters of plaintext are replaced by other letters or by numbers or symbols. Of the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns [2]. Transposition: Some sort of permutation is performed on the letters of plaintext [2].

11 10 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Example 1: Caesar Cipher Caesar Cipher: Methodology: Each plaintext letter is substituted for a letter a fixed number of positions after it in the alphabet. [1] Example: Ci = E(Pi) = Pi + 3 Advantages and Disadvantages: - Simplicity in encrypting plain text - Simplicity in decoding ciphertext

12 11 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Example 2: Columnar Transposition Columnar Transposition: Methodology: The goal of a substitution is confusion. Transposition is an encryption method in which the letters of the message are rearranged. The goal in this case is diffusion [1]. Example: c1c2c3c4 c5c6cc7c8 c9c10c11c12

13 12 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Characteristics of ‘Good’ Ciphers Claude Shannon’s Characteristics of ‘Good’ Ciphers [1]: Principle 1: The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption. Principle 2: The set of keys and the enciphering algorithm should be free from complexity. Principle 3: The implementation of the process should be as simple as possible. Principle 4: Errors in ciphering should not propagate and cause corruption of further information in the message. Principle 5: The size of the enciphered text should be no larger than the text of the original message.

14 13 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Chapter 3: Background Stream and Block Ciphers Defined Feistel Cipher Structure Feistel Algorithm DES Structure DES Algorithm DES Round Details DES Weaknesses Time To Break A Code Block Cipher Modes of Operations Chapter 3 Outline

15 14 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Background Context: Chapter 2 introduced the basic concepts of encryption and cryptanalysis. These approaches are suitable for short, simple messages, but are inappropriate for situations requiring more complex security requirements.

16 15 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Stream and Block Ciphers Defined Stream and Block Ciphers: Stream Cipher: Encrypts a digital data stream one byte at a time [2]. Block Cipher: Encrypts blocks of plaintext, treated as a whole and used to produce a ciphertext block of equal length [2].

17 16 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Feistel Cipher Structure Stream and Block Ciphers: Virtually all symmetric block encryption algorithms in current use, including DES, are based on the Feistel block cipher [2]. Realization of the Feistel Network depends on the choice of the following design factors: -Block size: larger block sizes mean greater security - Key Size: larger key size means greater security - Number of rounds: multiple rounds offer increasing security - Subkey generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis. - Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern

18 17 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Feistel Algorithm Feistel Algorithm: (1) Plaintext Input is divided into 2 halves. Halves of data are passed through n rounds of processing to produce ciphertext. (2) Substitution is produced on the Left side of data. (3) This is achieved by applying a round function to the Right half of data, and taking the Exclusive Or of the output with the Left. (4) Finally, a permutation is performed that consists of the interchange of the two halves of data.

19 18 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only DES Structure Data Encryption Standard (DES): The most widely used encryption scheme DES is a block cipher The plaintext is processed in 64-bit blocks The key is 56-bits in length Achieves its strength from repeated rounds of substitution and permutation

20 19 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only DES Algorithm DES Algorithm: (1) Input feeds are parsed into 64-bit blocks. 64-bit data blocks are permuted by an Initial Permutation stage. (2) Blocks are transformed using a 64-bit key. In reality, only 56-bits of this key are used (8 parity bits are dropped (it is assumed that these parity bits contain no information about the key)). (3) Data blocks are split. Each half is scrambled independently. The key is applied to one half, and the two are swapped. The process is repeated 16 times.

21 20 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only DES Round Details DES Algorithm [1]: (1) Blocks are transformed using a 64-bit key. (2) Blocks are broken into 32-bit halves: Left and Right. The key is shifted by a number of bits and permuted. (3) 32-Bit Right half is expanded to 48 bits, and combined with the Key. The result is condensed and combined with Left.

22 21 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only DES Weaknesses Data Encryption Standard (DES): Complements Weak/Semi-Weak Keys Key Clustering

23 22 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Time to Break a Code

24 23 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Block Cipher Modes of Operations Block Cipher Modes of Operations: DES is a basic building block of security. Four ‘modes’ have been design to cover a wide range of possible DES applications. MODEDESC Electronic Cookbook (ECB)Each block of 64 plaintext is encoded independently using the same key. Cipher Block Chaining (CBC)Input to the algorithm is the XOR of the next 64 bits of plaintext and the preceding 64 bits of plaintext. Cipher Feedback (CFB)Input is processed J bits at a time. Preceding ciphertext is used as input to the algorithm to produce pseudorandom output, which is XORed with Plaintext to produce the next unit of ciphertext. Output Feedback (OFB)Similar to CFB, except that the input to the algorithm is the preceding DES output.

25 24 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only [1] Pfleeger, Charles. Security In Computing, Prentice Hall, 1997. Chapter 2-3. [2] Stallings, William. Cryptography and Network Security, Prentice Hall, 1999. Chapter 2-3 Resources

Download ppt "IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September."

Similar presentations

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Making “Good” Encryption Algorithms

Making “Good” Encryption Algorithms
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
Cryptography and Network Security

Cryptography and Network Security
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Ref: STAL03More Concepts of Cryptography and Cryptanalysis 1 Reference –William Stallings, Cryptography and Network Security, 3rd Edition, Prentice Hall.

Ref: STAL03More Concepts of Cryptography and Cryptanalysis 1 Reference –William Stallings, Cryptography and Network Security, 3rd Edition, Prentice Hall.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Cryptography Block Ciphers and Feistel Functions.

Cryptography Block Ciphers and Feistel Functions.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Similar presentations

Ads by Google