TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms.

Published byCornelia Phillips Modified over 9 years ago

Similar presentations

Presentation on theme: "TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms."— Presentation transcript:

1 TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms

2 DES Top View LPT RPT Permutation Swap Round 1 Round 2 Round 16 Generate keys Initial Permutation 48-bit K1 48-bit K2 48-bit K16 Swap 32-bit halves Final Permutation 64-bit Output 48-bit K1 64-bit Input 56-bit Key …...

3 Per-Round Key Generation 28 bits 48 bits K i One round Circular Left Shift 28 bits Permutation with 8 bits Discard Initial Permutation of DES key C i-1 D i-1 C i D i Round 1,2,9,16: single shift Others: two bits

4 A DES Round 48 bits 32 bits 32 bits L n 32 bits R n 32 bits L n+1 32 bits R n+1 E S-Boxes P 48 bits K i One Round Encryption F Function

5 F Function 44444444 66666666 ++++++++ 66666666 S8S1S2S7S3S4S5S6 44444444 Permutation The permutation produces “spread” among the chunks/S-boxes! Key is XORed in eight 6- bit chunks with the expanded permuted RPT

6 S-Box n 48 bits ==> 32 bits. (8*6 ==> 8*4) n 2 bits used to select amongst 4 permutations for the rest of the 4-bit quantity 2 bits row S i i = 1,…8. I1 I2 I3 I4 I5 I6 O1 O2 O3 O4 4 bits column

7 Decryption n Apply the same operations with the keys K i in the reverse sequence: K 16 … K 1 n To generate keys in the reverse sequence, the bits are circularly shifted right (instead of left) during the key generation process.

8 DES Standard n Cipher Iterative Action : u Input:64 bits u Key:48 bits u Output:64 bits n Key Generation Box : u Input:56 bits u Output:48 bits Total 16 rounds

9 DES Box Summary n Simple, easy to implement: u Hardwaregigabits/second u Softwaremegabits/second n Supports several operation modes u ECB u CBC u OFB u CFB

10 What is a Brute force attack n Brute force attack u Algorithm is known but key is secret u Test all possible keys to recover plaintext from a given ciphertext u Correct key is found by testing candidate plaintexts for similarity to plaintext language (e.g. English encoded in ASCII) u A cipher is secure (un-breakable) if there is no method less expensive than a BF

11 Brute force attacks on DES n 1977: Diffie-Hellman u $20 M paper design u Search speed (2^38) keys/sec u Will recover one key/day u Cost per key = $50,000 (averaged over 1 year)

12 Brute force attacks on DES - 2 n 1993: Michael Weiner u Search speed (2^38) keys/sec -- $100K u Will recover one key/35hours u Cost per key = $6.59 (averaged over 1 year) n Other options u Speed (2^41.39) keys/sec -- $1M, 3.5 hours u Speed (2^44.71) keys/sec -- $10M, 21 mins

13 Brute force attacks on DES - 3 n 1997: DESCHALL u In response to RSA challenge, distributed effort u Searched 51.8% key space u Average speed overall = (2^32.16) = 4.8 bkeys/s u Max speed = (2^32.70) = 7 billion keys per sec u Machines involved = max. 14000 in single day u Time to find the key = 90 days

14 Brute force attacks on DES - 4 n 1998: Electronic Frontier Foundation (EFF) u $250K DES Cracker machine with 18,000 custom chips : first hardware design actually built (RSA challenge 1998) u Time to find the key 56.05 hours u Searched 24.8% key space u Ave speed (2^36.37) 88.8 b kps

15 To foil attacks on DES n NIST recommends 128 bits for symmetric key algorithms (1024 bits for asymmetric) n Keys should be generated properly n Usually keys are derived from a user- selected password or passphrase – which should have 128 bits entropy (16 different words), e.g. u sqrnf oikas ocmpe vflte krbqa jwf u iTb.\ / & / - } I t / P ; ^ + 2 2 q u serf bare qd jab weld hum jf sheet gallop neve

16 Double DES n Multiple encryption to compensate for the short basic DES key u Effective Key size = 128? u If yes, key search space = (2^128) K1 K2 K1 K2 n Plain text --------> T --------> C

17 Double DES – meet-in-the-middle attack n Given a (P,C) pair n Step 1: Calculate Te = E(K 1, P) – search space (2^56) n Step 2: Calculate Td = D(K 2, C) – search space (2^56) n Step 3: Check if Te = Td  K1 and K2 found, work needed: (2^57) n Memory requirement for storing T from step 1: (2^56) 64-bit blocks or (10^17) bytes

18 Triple DES n Multiple encryption compensates short key n Standard practice: E(K 3, D(K 2, E(K 1, P))) -- 168-bit DES n K 1 =K 3  Two key Triple DES – 112 bit E(K 1, D(K 2, E(K 1, P))) n To launch meet-in-the-middle attack T = D(K 2, E(K 1, P)) requires exploring a (2^112) search space.

19 DES3 Issues n Efficiency demands schemes with longer keys to begin with! n DES3 runs one third as fast as DES on the same platform n New candidates - RC5 (64 bit?), IDEA, AES

Download ppt "TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms."

Similar presentations

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.

Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
Announcement Homework 1 out, due 1/18 11:59pm If you purchased the textbooks, but it hasn’t arrived, please see TA for copies of the questions, Project.

Announcement Homework 1 out, due 1/18 11:59pm If you purchased the textbooks, but it hasn’t arrived, please see TA for copies of the questions, Project.
Review Overview of Cryptography Classical Symmetric Cipher

Review Overview of Cryptography Classical Symmetric Cipher
Announcement Grading adjusted –10% participation and two exams 20% each Newsgroup up Assignment upload webpage up Homework 1 will be released over the.

Announcement Grading adjusted –10% participation and two exams 20% each Newsgroup up Assignment upload webpage up Homework 1 will be released over the.
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.

1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 CS 255 Lecture 4 Attacks on Block Ciphers Brent Waters.

1 CS 255 Lecture 4 Attacks on Block Ciphers Brent Waters.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
CS 682 - Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.

CS Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Ads by Google