Lecture Data security and encryption - Chapter 31: Review 1-15

The contents of this chapter include all of the following: Symmetric ciphers, asymmetric ciphers, cryptographic data integrity algorithms, mutual trust, network security and internet security, system security, legal and ethical issues.

(CSE348)

Lectures 1-15

Course Outline

Part One: Symmetric Ciphers:

Provides a survey of symmetric encryption, including classical and modern algorithms The emphasis is on the two most important algorithms,

the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES).This part also covers the most important stream encryption

algorithm,RC4,and the important topic of

pseudorandom number generation.

Course Outline

Part Two: Asymmetric Ciphers:

Provides a survey of public-key algorithms, including RSA (Rivest-Shamir-Adelman) and elliptic curve.

Course Outline

Part Three: Cryptographic Data Integrity Algorithms:

Begins with a survey of cryptographic

hash functions This part then covers two approaches to data integrity that rely on

cryptographic hash functions: message

authentication codes and digital signatures.

Course Outline

Part Four: Mutual Trust:

Covers key management and key distribution topics and then covers user authentication techniques.

Course Outline

Part Five: Network Security and Internet Security:

Examines the use of cryptographic

algorithms and security protocols to provide security over networks and the Internet

Topics covered include transport-level

security, wireless network security, e-mail security, and IP security.

Course Outline

Part Six: System Security:

Deals with security facilities designed to

protect a

computer system from security threats,

including intruders, viruses, and worms This part also looks at firewall technology.

Course Outline

Part Seven: Legal and Ethical Issues:

Deals with the legal and ethical issues related

to computer and network security.

resources (includes hardware, software,

firmware, information/data, and

telecommunications)

Key Security Concepts

CIA Triad

• These three concepts form what is often referred

to as the CIA triad Figure above

• The three concepts embody the fundamental

security objectives for both data and for

information and computing services

• FIPS PUB 199 provides a useful

characterization of these three objectives in

terms of requirements and the definition of a loss

of security in each category

• A loss of integrity is the unauthorized

modification or destruction of information

CIA Triad

• Availability: Ensuring timely and reliable access

to and use of information A loss of availability is the disruption of access to or use of information

or an information system

• Although the use of the CIA triad to define

security objectives is well established, some in the security field feel that additional concepts

are needed to present a complete picture

CIA Triad

• Authenticity: The property of being genuine

and being able to be verified and trusted;

confidence in the validity of a transmission, a message, or message originator

CIA Triad

• Accountability: The security goal that

generates the requirement for actions of an entity to be traced uniquely to that entity

Computer Security Challenges

1. not simple

2. must consider potential attacks

3. procedures used counter-intuitive

4. involve algorithms and secret info

5. must decide where to deploy mechanisms

6. battle of wits between attacker / admin

7. not perceived on benefit until fails

8. requires regular monitoring

9. too often an after-thought

10. regarded as impediment to using system

– threat – a potential for violation of security

– attack – an assault on system security, a

Passive Attacks

Active Attacks

Symmetric Encryption

• Conventional / private-key / single-key

• sender and recipient share a common key

• all classical encryption algorithms are

Some Basic Terminology

• plaintext - original message

• ciphertext - coded message

• cipher - algorithm for transforming plaintext to ciphertext

• key - info used in cipher known only to sender/receiver

• encipher (encrypt) - converting plaintext to ciphertext

• decipher (decrypt) - recovering ciphertext from plaintext

• cryptography - study of encryption principles/methods

• cryptanalysis (codebreaking) - study of principles/

Symmetric Cipher Model

Symmetric Cipher Model

Ingredients of the symmetric cipher model

• plaintext - original message

• encryption algorithm – performs

substitutions/transformations on plaintext

• secret key – control exact

substitutions/transformations used in encryption algorithm

• ciphertext - scrambled message

Brute Force Search

• Brute-force attack involves trying every

possible key until an intelligible translation of the ciphertext into plaintext is obtained

• On average, half of all possible keys must be tried to achieve success

• Different time is required to conduct a force attack, for various common key sizes

brute-Brute Force Search

• Data Encryption Standard(DES) is 56

• Advanced Encryption Standard (AES) is 128

• Triple-DES is 168

Brute Force Search

• always possible to simply try every key

• most basic attack, proportional to key size

• assume either know / recognise plaintext

Key Size (bits) Number of Alternative

Keys

Time required at 1 decryption/µs

Time required at 106 decryptions/µs

Classical Substitution Ciphers

• where letters of plaintext are replaced by other letters or by numbers or symbols

• or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit

patterns

Caesar Cipher

• Substitution ciphers form the first of the

fundamental building blocks

• Core idea is to replace one basic unit

(letter/byte) with another

• Whilst the early Greeks described several substitution ciphers

Classical Cipher Techniques

• have considered:

– monoalphabetic substitution ciphers

• cryptanalysis using letter frequencies

– Playfair cipher

• Cryptanalysis of Playfair Cipher

– Polyalphabetic Ciphers

– Vigenère Cipher

Monoalphabetic Cipher

• rather than just shifting the alphabet

• could shuffle (jumble) the letters arbitrarily

• each plaintext letter maps to a different random ciphertext letter

• hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz

Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters

Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

Playfair Cipher

Ø not even the large number of keys in a

monoalphabetic cipher provides security

Ø one approach to improving security was to encrypt multiple letters

Ø the Playfair Cipher is an example

Ø invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair

Polyalphabetic Ciphers

Ø polyalphabetic substitution ciphers

Ø improve security using multiple cipher alphabets

Ø make cryptanalysis harder with more alphabets

to guess and flatter frequency distribution

Ø use a key to select which alphabet is used for each letter of the message

Ø use each alphabet in turn

Ø repeat from start after end of key is reached

Vigenère Cipher

• simplest polyalphabetic substitution cipher

• effectively multiple caesar ciphers

• key is multiple letters long K = k1 k2 kd

• ith letter specifies ith alphabet to use

• use each alphabet in turn

• repeat from start after d letters in message

Other Classical Cipher

Kasiski Method

• For some centuries the Vigenère cipher was le chiffre indéchiffrable (the unbreakable cipher)

• As a result of a challenge, it was broken by

Charles Babbage (the inventor of the computer)

in 1854

• but kept secret (possibly because of the

Crimean War - not the first time governments

have kept advances to themselves!)

The method was independently reinvented by a

Kasiski Method

• However lack of major advances meant that

various polyalphabetic substitution ciphers were used into the 20C

• One very famous incident was the breaking of the Zimmermann telegram in WW1 which

resulted in the USA entering the war

• If two identical sequences of plaintext letters

occur at a distance that is an integer multiple of the keyword length

• They will generate identical ciphertext

sequences

40

Rotor Machines

• Before modern ciphers, rotor machines were most common complex ciphers in use

• widely used in WW2

– German Enigma, Allied Hagelin, Japanese Purple

• implemented a very complex, varying

substitution cipher

• used a series of cylinders, each giving one substitution, which rotated and changed after each letter was encrypted

• with 3 cylinders have 263=17576 alphabets

• Steganography is an alternative to encryption which hides the very existence of a message by some means

• There are a large range of techniques for doing this

• Steganography has a number of drawbacks

when compared to encryption

• The advantage of steganography is that it can

be employed by parties who have something to lose

• should the fact of their secret communication

(not necessarily the content) be discovered

Modern Block Ciphers

Ø now look at modern block ciphers

Ø one of the most widely used types of

cryptographic algorithms

Ø provide secrecy /authentication services

Ø focus on DES (Data Encryption Standard)

Ø We will see block cipher design principles

Block vs Stream Ciphers

• block ciphers process messages in blocks, each

of which is then en/decrypted

• like a substitution on very big characters

– 64-bits or more

• stream ciphers process messages a bit or byte

at a time when en/decrypting

• many current ciphers are block ciphers

– better analysed

– broader range of applications

Block vs Stream Ciphers

Ø A block cipher is one in which a block of

plaintext is treated as a whole and used to

produce a ciphertext block of equal length

Ø Typically, a block size of 64 or 128 bits is used

Ø As with a stream cipher, the two users share a

symmetric encryption key

Block Cipher Principles

Ø Most symmetric block ciphers are based on a

Feistel Cipher Structure

Ø needed since must be able to decrypt ciphertext

to recover messages efficiently

Ø block ciphers look like an extremely large

substitution

Ø would need table of 264 entries for a 64-bit block

Ø instead create from smaller building blocks

Ø using idea of a product cipher

Confusion and Diffusion

• The terms diffusion and confusion were

introduced by Claude Shannon

• To capture the two basic building blocks for any cryptographic system

• Shannon's concern was to thwart cryptanalysis based on statistical analysis

Every block cipher involves a transformation of a

Confusion and Diffusion

of plaintext over bulk of ciphertext

ciphertext and key as complex as possible

Feistel Cipher Structure

Feistel Cipher Structure

• Horst Feistel devised the feistel cipher

– based on concept of invertible product cipher

• partitions input block into two halves

– process through multiple rounds which

– perform a substitution on left data half

– based on round function of right half & subkey

– then have permutation swapping halves

• implements Shannon’s S-P net concept

Feistel Cipher Design Elements

Data Encryption Standard

DES Encryption Overview

DES Encryption Overview

• The overall scheme for DES encryption is

illustrated in Stallings Figure

• which takes as input 64-bits of data and of

key

• The left side shows the basic process for

enciphering a 64-bit data block which consists of:

• an initial permutation (IP) which shuffles

the 64-bit input block

• 16 rounds of a complex key dependent

round function involving substitutions &

permutations

a final permutation, being the inverse of IP 56

DES Encryption Overview

• The right side shows the handling of the

56-bit key and consists of:

• an initial permutation of the key (PC1)

which selects 56-bits out of the 64-bits

input, in two 28-bit halves

• 16 stages to generate the 48-bit subkeys

using a left circular shift and a permutation

of the two 28-bit halves

Advanced Encryption Standard

(AES)

– the AES selection process

– the details of Rijndael – the AES cipher

– looked at the steps in each round

– Four AES stages are discussed

The AES Cipher - Rijndael

• designed by Rijmen-Daemen in Belgium

• has 128/192/256 bit keys, 128 bit data

• an iterative rather than feistel cipher

– processes data as block of 4 columns of 4 bytes

– operates on entire data block in every round

• designed to be:

– resistant against known attacks

– speed and code compactness on many CPUs

AES

Encryption

Process

AES Structure

Ø After the final stage, State is copied to an output

Ø The key is expanded into 44/52/60 lots of 32-bit words

Ø with 4 used in each round

Ø The ordering of bytes within a matrix is by

column

62

AES Structure

Ø So, for example, the first four bytes of a 128-bit plaintext input to the encryption cipher occupy the first column of the in matrix

Ø the second four bytes occupy the second

column, and so on

Ø Similarly, the first four bytes of the expanded

AES Structure

Ø The data computation then consists of an “add round key” step, then 9/11/13 rounds with all 4 steps

Ø and a final 10th /12th /14th step of byte subs + mix cols + add round key

Ø This can be viewed as alternating XOR key & scramble data bytes operations

Ø All of the steps are easily reversed, and can be efficiently implemented using XOR’s & table

lookups

64

AES Structure

Ø data block of 4 columns of 4 bytes is state

Ø key is expanded to array of words

Ø has 9/11/13 rounds in which state undergoes:

l byte substitution (1 S-box used on every byte)

l shift rows (permute bytes between groups/columns)

l mix columns (subs using matrix multiply of groups)

l add round key (XOR state with key material)

l view as alternating XOR key & scramble data bytes

AES Structure

Ø Stallings Figure 5.3 shows the structure of

AES in more detail

Ø The cipher consists of N rounds, where the

number of rounds depends on the key

length:

Ø 10 rounds for a 16-byte key;

Ø 12 rounds for a 24-byte key;

Ø and 14 rounds for a 32-byte key

AES Structure

Ø The final round contains only 3

transformation

Ø There is a initial single transformation

(AddRoundKey) before the first round

Ø Which can be considered Round 0

Ø Each transformation takes one or more 4 x 4

matrices as input and produces a 4 x 4

Ø each of which is a distinct 4 x 4 matrix

Ø Each round key serve as one of the inputs to

the AddRoundKey transformation in each

Some Comments on AES

1. an iterative rather than feistel cipher

2. key expanded into array of 32-bit words

1 four words form round key in each round

3. 4 different stages are used as shown

4. has a simple structure

5. only AddRoundKey uses key

6. AddRoundKey a form of Vernam cipher

7. each stage is easily reversible

8. decryption uses keys in reverse order

Four Stages of AES

• Four different stages are used, one of

permutation and three of substitution:

– Substitute bytes: Uses an S-box to perform

a byte-by-byte substitution of the block

– ShiftRows: A simple permutation

– MixColumns: A substitution that makes use

of arithmetic over

– AddRoundKey: A simple bitwise XOR of the

current block with a portion of the expanded

Number Theory

• have considered:

– Number Theory

– divisibility & GCD

– modular arithmetic with integers

– Euclid’s algorithm for GCD & Inverse

– Group

– Field

73

Multiple Encryption & DES

Ø Given the potential vulnerability of DES to a

Multiple Encryption & DES

Ø Another alternative, which would preserve the

existing investment in software and equipment

Ø To use multiple encryption with DES and multiple keys

Ø Widely accepted triple DES (3DES) approach is examined