Symmetric Block Cipher Algorithms DES Data Encryption Standard 3DES Triple DES AES Advanced Encryption Standard... Data Encryption Standard DES most widely used block cipher in wo
Trang 1Network Security
Essentials Chapter 2
Fourth Edition
by William Stallings(Based on Lecture slides by
Lawrie Brown)
Trang 3Symmetric Encryption
or conventional / private-key / single-key
sender and recipient share a common key
all classical encryption algorithms are
Trang 4Some Basic Terminology
plaintext - original message
ciphertext - coded message
cipher - algorithm for transforming plaintext to ciphertext
encipher (encrypt) - converting plaintext to ciphertext
decipher (decrypt) - recovering ciphertext from plaintext
cryptography - study of encryption principles/methods
cryptanalysis (codebreaking) - study of principles/
cryptology - field of both cryptography and cryptanalysis
Trang 5Symmetric Cipher Model
Trang 6 two requirements for secure use of
symmetric encryption:
mathematically have:
assume encryption algorithm is known
implies a secure channel to distribute key
Trang 7 can characterize cryptographic system by:
Trang 9Cryptanalytic Attacks
know or can identify plaintext
Trang 10 An encryption scheme: computationally
secure if
value of information
the lifetime of information
Trang 11Brute Force Search
Ke y Si z e ( bi ts) Number of
A lternati ve Ke y s
Ti me required at 1
de cry pti on/ µs
Time requi red at 106
Trang 12Feistel Cipher Structure
Horst Feistel devised the feistel cipher
partitions input block into two halves
implements Shannon’s S-P net concept
Trang 13Feistel Cipher Structure
Trang 14Feistel Cipher Design Elements
block size: 128 bits
key size: 128 bits
Trang 15Symmetric Block Cipher
Algorithms
DES (Data Encryption Standard)
3DES (Triple DES)
AES (Advanced Encryption Standard)
Trang 16Data Encryption Standard (DES)
most widely used block cipher in world
adopted in 1977 by NBS (now NIST)
encrypts 64-bit data using 56-bit key
has widespread use
has considerable controversy over its
security
Trang 17DES History
IBM developed Lucifer cipher
then redeveloped as a commercial cipher with input from NSA and others
in 1973 NBS issued request for proposals for a national cipher standard
IBM submitted their revised Lucifer which was eventually accepted as the DES
Trang 18DES Design Controversy
although DES standard is public,
considerable controversy over design
subsequent events and public analysis show in fact design was appropriate
use of DES has flourished
Trang 19Time to Break a DES Code
Trang 20Multiple Encryption & DES
clear a replacement for DES was needed
AES is a new cipher alternative
encryption with DES implementations
Trang 21 could use 2 DES encrypts on each block
issue of reduction to single stage
and have “meet-in-the-middle” attack
Trang 22Triple-DES with Two-Keys
hence must use 3 encryptions
but can use 2 keys with E-D-E sequence
standardized in ANSI X9.17 & ISO8732
no current known practical attacks
become basis of future attacks
Trang 23Triple-DES with Three-Keys
although no practical attacks on two-key Triple-DES have some concerns
can use Triple-DES with Three-Keys to avoid even these
has been adopted by some Internet
applications, eg PGP, S/MIME
Trang 24Triple DES
Trang 25Origins
Trang 26The AES Cipher - Rijndael
Trang 27AES Encryption
Process
Trang 28AES Structure
Trang 29AES Structure
Trang 30AES Round
Trang 31Random Numbers
Trang 32Pseudorandom Number
Generators (PRNGs)
often use deterministic algorithmic
techniques to create “random numbers”
known as “pseudorandom numbers”
created by “Pseudorandom Number
Generators (PRNGs)”
Trang 33Random & Pseudorandom
Number Generators
Trang 35Stream Cipher Structure
Trang 36Stream Cipher Properties
some design considerations are:
properly designed, can be as secure as a block cipher with same size key
but usually simpler & faster
Trang 38processed a byte at a time
Trang 39RC4 Key Schedule
starts with an array S of numbers: 0 255
use key to well and truly shuffle
S forms internal state of the cipher
Trang 40RC4 Encryption
encryption continues shuffling array values
sum of shuffled pair selects "stream key" value from permutation
XOR S[t] with next byte of message to
Trang 41RC4 Overview
Trang 42RC4 Security
claimed secure against known attacks
result is very non-linear
since RC4 is a stream cipher, must never reuse a key
have a concern with WEP, but due to key handling rather than RC4 itself
Trang 43Modes of Operation
block ciphers encrypt fixed size blocks
need some way to en/decrypt arbitrary
amounts of data in practise
NIST SP 800-38A defines 5 modes
have block and stream modes
to cover a wide variety of applications
can be used with any block cipher
Trang 44The Most Important Modes
Electronic Codebook Mode (ECB)
Cipher Block Chaining Mode (CBC)
Cipher Feedback Mode (CFB)
Counter Mode (CTR)
Trang 45Electronic Codebook Book (ECB)
message is broken into independent
blocks which are encrypted
each block is a value which is substituted, like a codebook, hence name
each block is encoded independently of
the other blocks
uses: secure transmission of single values
Trang 46Advantages and Limitations of
ECB
message repetitions may show in ciphertext
become a code-book analysis problem
weakness is due to the encrypted message blocks being independent
main use is sending a few blocks of data
Trang 47Cipher Block Chaining (CBC)
message is broken into blocks
linked together in encryption operation
each previous cipher blocks is chained
with current plaintext block, hence name
use Initial Vector (IV) to start process
uses: bulk data encryption, authentication
Trang 48Cipher Block
Chaining
(CBC)
Trang 49Cipher FeedBack (CFB)
128 etc) to be fed back
Trang 50Cipher
FeedBack (CFB-s)
Trang 51Advantages and Limitations of
CFB
appropriate when data arrives in bits/bytes
most common stream mode
Limitation: need to stall while doing block encryption after every n-bits
note that the block cipher is used in
errors propagate for several blocks after
the error
Trang 52Counter (CTR)
a “new” mode, though proposed early on
similar to OFB but encrypts counter value rather than any feedback value
must have a different key & counter value for every plaintext block (never reused)
uses: high-speed network encryptions
Trang 53Counter (CTR)
Trang 54Advantages and Limitations of
CTR
efficiency
random access to encrypted data blocks
provable security (good as other modes)
but must ensure never reuse key/counter values, otherwise could break (cf OFB)
Trang 55Output Feedback Mode (OFB)