Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 8 September 14, 2004.

Published byJacob Hubbard Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 8 September 14, 2004."— Presentation transcript:

1 Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 8 September 14, 2004

2 Computer Science and Engineering Contents  Announcements  More on DES  Advanced Encryption Standard (AES)  Saeed’s Presentation

3 Computer Science and Engineering Guest Lecture on 9/16 Electronic Crimes – Secret Service

4 Computer Science and Engineering Five Security Articles IEEE Computer, June 2004 1.Securing the High-Speed Internet, pp 33 2.Computer Security in the Real World, pp 37 3.Worm Epidemics in High-Speed Networks, pp 48 4.Making the Gigabit IPsec VPN Architecture Secure, pp 54 5.A Quantitative Study of Firewall Configuration Errors, pp62

5 Computer Science and Engineering Solution of Group Work on 9/9 Find keys d and e for the RSA cryptosystem with p = 7 and q = 11. Solution P*q = 77 (p-1) * (q-1) = 60 d = 13 e = 37 13 * 37 = 481 = 1 mod 60

6 Computer Science and Engineering Does DES Work?  Differential Cryptanalysis Idea  Use two plaintext that barely differ  Study the difference in the corresponding cipher text  Collect the keys that could accomplish the change  Repeat

7 Computer Science and Engineering Handouts  3-round baby DES  Why the initial permutation?  Why 16 rounds?  Why these particular S-boxes?

8 Computer Science and Engineering Cracking DES During the period NBS was soliciting comments on the proposed algorithm, the creators of public key cryptography, Martin Hellman and Whitfield Diffie, registered some objections to the use of DES. Hellman wrote: "Whit Diffie and I have become concerned that the proposed data encryption standard, while probably secure against commercial assault, may be extremely vulnerable to attack by an intelligence organization" (letter to NBS, October 22, 1975).

9 Computer Science and Engineering Cracking DES (cont.) Diffie and Hellman then outlined a "brute force" attack on DES. (By "brute force" is meant that you try as many of the 2^56 possible keys as you have to before decrypting the ciphertext into a sensible plaintext message.) They proposed a special purpose "parallel computer using one million chips to try one million keys each" per second, and estimated the cost of such a machine at $20 million.

10 Computer Science and Engineering Cracking DES (cont.) In 1998, under the direction of John Gilmore of the EFF (Electronic Frontier Foundation), a team spent $220,000 and built a machine that can go through the entire 56-bit DES key space in an average of 4.5 days. On July 17, 1998, they announced they had cracked a 56-bit key in 56 hours. The computer, called Deep Crack, uses 27 boards each containing 64 chips, and is capable of testing 90 billion keys a second.

11 Computer Science and Engineering Cracking DES (cont.) In early 1999, Distributed. Net used the DES Cracker and a worldwide network of nearly 100,000 PCs to break DES in 22 hours and 15 minutes. The DES Cracker and PCs combined were testing 245 billion keys per second when the correct key was found. In addition, it has been shown that for a cost of one million dollars a dedicated hardware device can be built that can search all possible DES keys in about 3.5 hours. This just serves to illustrate that any organization with moderate resources can break through DES with very little effort these days.

12 Computer Science and Engineering The Birth of AES As computers became progressively faster and more powerful, it was recognized that a 56-bit key was simply not large enough for high security applications. As a result, NIST (New name of NBS) abandoned their official endorsement of DES in 1997 and began work on a replacement, to be called the Advanced Encryption Standard (AES). Despite the growing concerns about its vulnerability, DES is still widely used by financial services and other industries worldwide to protect sensitive on-line applications.

13 Computer Science and Engineering DES Group Exercise What would be the 64-bit output of round 1 be using the plaintext and key given below (in hexadecimal format): P = 2D 75 F4 DB A3 3E 3F 89 K = D4 3C B1 9A E4 90 D7 C6

14 Computer Science and Engineering Advanced Encryption Standard (ASE) -NIST, call 1997 -One was selected out of five -Rijndael (Rine dahl)  Vincent Rijmen & Joam Daemen -In 2001, it was formally adopted by US -9, 11, 13 cycles (rounds) for keys of 128, 192, 256 bits

15 Computer Science and Engineering ASE (cont) -Each cycle consists of 4 steps - Byte substitution (BSB) - Shift row (SR) - Mix column (MC) - Add Round key (ARK)

16 Computer Science and Engineering ASE Overview Plaintext (128)ARKSubkey0 Ciphertext (128)ARKSubkey10 SR BSB 9 rounds

17 Computer Science and Engineering Round i BSB ARKSubkeyi CM SR

18 Computer Science and Engineering State -128-bit block  4 x 4 matrix -128 bits  b0, b1, b2,.., b15 b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15

19 Computer Science and Engineering 4 Operations 1. s[i,j]  s’[i,j] (predefined substitution table, Table 10-11 page 663) 2. Rows – left circular shift 3. The 4 elements in each column are multiplied by a polynomial 4. Key is derived and added to each column

20 Computer Science and Engineering Exercise Using the table, Find the substitution of 6b, ff, 6e, 09

21 Computer Science and Engineering Shift Row 15913 610142 111537 164812 15913 261014 371115 481216

22 Computer Science and Engineering Mix Column 2311 1231 1123 3112 = * Multiplying by 1  no change Multiplying by 2  shift left one bit Multiplying by 3  shift left one bit and XOR with original value More than 8 bits  100011011 is subtracted

23 Computer Science and Engineering Exercise 2311 1231 1123 3112 e5 a8 6f 33 = ? ? ? ? *

24 Computer Science and Engineering Add Key b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15 k0k4k8k12 k1k5k9k13 k2k6k10k14 k3k7k11k15 b’ x bxbx kxkx = XOR

25 Computer Science and Engineering Example k = 1f 34 0c da 5a 29 bb 71 6e a3 90 f1 47 d6 8b 12 B = e5 a8 6f 33 0a 52 31 9c c2 75 f8 1e b0 46 de 3a B’ = fa 9c 63 9e 50 7b 8a ed ac d6 68 ef f7 90 55 28

26 Computer Science and Engineering Key Generation 4 bytes Circular left shift 1byte S-box X-OR Round constant

27 Computer Science and Engineering Round Constant Table RoundRound Constant (hex) 101 00 00 00 202 00 00 00 304 00 00 00 408 00 00 00 510 00 00 00 620 00 00 00 740 00 00 00 880 00 00 00 91b 00 00 00 Final36 00 00 00

28 Computer Science and Engineering Group Exercise Final 4 bytes = 47 d6 8b 12 After shift = d6 8b 12 47 Find the next sub key k = 1f 34 0c da 5a 29 bb 71 6e a3 90 f1 47 d6 8b 12

Download ppt "Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 8 September 14, 2004."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
The Advanced Encryption Standard (AES) Simplified.

The Advanced Encryption Standard (AES) Simplified.
Modern Cryptography.

Modern Cryptography.
Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.

Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.
Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.

Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
CS 682 - Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.

CS Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
Encryption Schemes Second Pass Brice Toth 21 November 2001.

Encryption Schemes Second Pass Brice Toth 21 November 2001.
CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Kevin Orr JT Schratz AES ENCRYPTION. OVERVIEW History Algorithm Uses Brute Force Attack.

Kevin Orr JT Schratz AES ENCRYPTION. OVERVIEW History Algorithm Uses Brute Force Attack.
Lecture 5 Overview Does DES Work? Differential Cryptanalysis Idea – Use two plaintext that barely differ – Study the difference in the corresponding.

Lecture 5 Overview Does DES Work? Differential Cryptanalysis Idea – Use two plaintext that barely differ – Study the difference in the corresponding.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)

Similar presentations

Ads by Google