Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Java implemented key collision attack on the Data Encryption Standard (DES) John Loughran, Tom Dowling NUI, Maynooth, Co. Kildare, Ireland PPPJ ‘03.

Published byEugenia Hood Modified over 8 years ago

Similar presentations

Presentation on theme: "A Java implemented key collision attack on the Data Encryption Standard (DES) John Loughran, Tom Dowling NUI, Maynooth, Co. Kildare, Ireland PPPJ ‘03."— Presentation transcript:

1 A Java implemented key collision attack on the Data Encryption Standard (DES) John Loughran, Tom Dowling NUI, Maynooth, Co. Kildare, Ireland PPPJ ‘03

2 17 th June 2003Java implemented DES attack2 Java Cryptography Used Java Cryptographic Extension (JCE) based on Java Cryptographic Architecture (JCA) Contains java.security and javax.crypto packages Used Austrian IAIK version of the JCE Contains classes which simplify encryption process E.g. factory methods to return instances of a class as: Cipher cryptObject = Cipher.getInstance(“DES”);

3 17 th June 2003Java implemented DES attack3 Data Encryption Standard (DES) DES is a symmetric block cipher Same key for encryption and decryption Works on blocks of fixed length DES has 2 56 different keys = 70 000 000 000 000 000

4 17 th June 2003Java implemented DES attack4 Birthday Paradox Brute force attack: Try all 2 56 possible keys 70 000 000 000 000 Birthday attack: Reduces complexity of attack to 2 28 i.e. sqrt(2 56 ) ~ 200 000 000 For a set with n (2 56 for DES) possible keys In two subsets of randomly generated keys of size sqrt(n) (2 28 for DES) Probability of a match is 0.63 [Stallings, 2003]

5 17 th June 2003Java implemented DES attack5 The Biham Algorithm A known plaintext header is used E.g. Postcript file header: “%!PS-Ado” This plaintext header is encrypted using 2 28 different random DES keys Resulting (ciphertext, key) pairs stored in a table Compare 2 28 incoming ciphertexts of the same header whose keys are unknown with table When a match is found the corresponding key is returned The key can be used to decrypt the message or even substitute a favourable message

6 17 th June 2003Java implemented DES attack6 Implementing the Attack Used the JCE to generate the keys as: KeyGenerator keyGen = KeyGenerator.getInstance(“DES”); keyGen.init(new SecureRandom()); Key key = keyGen.generateKey(); Stored (ciphertext, key) pairs in Hashtables Searching complexity of O(1)

7 17 th June 2003Java implemented DES attack7 Memory Considerations Unable to keep a Hashtable with 2 28 pairs in memory Even using a Pentium 4, 2 GHz, 1 GB RAM, 60 GB HD With virtual memory set to 4 GB Despite increasing Java heap size to max using switch at runtime: C:\>java –Xms 1640m –Xmx 1640m CrackDES

8 17 th June 2003Java implemented DES attack8 Multiple Hashtable Approach 2 14 Hashtables each containing 2 14 (ciphertext, key) pairs were generated During generations pairs were allocated to a particular Hashtable based on the mod 16394 of the hashCode() of the ciphertext Hashtables were finally stored on disk as files bightable000000.ser to bightable016383.ser after various merging operations

9 17 th June 2003Java implemented DES attack9

10 17 th June 2003Java implemented DES attack10 Finding a Key Arrays of ciphertexts of the same plaintext header were generated to simulate incoming ciphertexts with unknown keys Each ciphertext was examined as follows: Its hashCode() mod 16384 was obtained The corresponding Hashtable was read in and searched If a matching ciphertext was found the corresponding key was returned

11 17 th June 2003Java implemented DES attack11

12 17 th June 2003Java implemented DES attack12 Time Considerations To speed up the search process the “incoming” ciphertexts were split up into arrays such that Each array contained ciphertexts whose hashCode() mod 16384 were the same Thus only one Hashtable needs to be read in for each array This reduced the estimated time needed to find a key from 6.2 years to 2.3 hours!

13 17 th June 2003Java implemented DES attack13 Space Optimisation Storing only the key value as a Long object rather than a Key object reduced the space required for the Hashtables from an estimated 55 GB to 8 GB This necessitates creating a Key object from the returned key value using SecretKey methods from the JCE

14 17 th June 2003Java implemented DES attack14 Conclusions Biham algorithm implemented successfully in Java Use of JCE in cryptanalysis demonstrated Space and time optimisations mean that DES can now be cracked in 2 hours on a single PC using Java Possible future work on implementation of a parallel search using a distributed system

15 17 th June 2003Java implemented DES attack15 Website This presentation and the full text of the thesis including references and appendices can be downloaded from my website:- http://homepage.eircom.net/~johnloughran

Download ppt "A Java implemented key collision attack on the Data Encryption Standard (DES) John Loughran, Tom Dowling NUI, Maynooth, Co. Kildare, Ireland PPPJ ‘03."

Similar presentations

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.
Cryptography encryption authentication digital signatures

Cryptography encryption authentication digital signatures
Conventional Encryption: Algorithms

Conventional Encryption: Algorithms
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea 34901784 443099

Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.
Cryptanalysis of the Playfair Cipher Using an Evolutionary Algorithm By: Benjamin Rhew.

Cryptanalysis of the Playfair Cipher Using an Evolutionary Algorithm By: Benjamin Rhew.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Decryption Algorithms Characterization Project ECE 526 spring 2007 Ravimohan Boggula,Rajesh reddy Bandala Southern Illinois University Carbondale.

Decryption Algorithms Characterization Project ECE 526 spring 2007 Ravimohan Boggula,Rajesh reddy Bandala Southern Illinois University Carbondale.
Network Security Chapter

Network Security Chapter
L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.

L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.
CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security

Similar presentations

Ads by Google