1 / 24

CS 285 Network Security Block Cipher Modes of Operation

CS 285 Network Security Block Cipher Modes of Operation. Fall 2008. Introduction. How to encrypt a message with variable lengths Decompose the message into blocks, padding if necessary. How should the encryption/decryption process of each individual block interact with each other?

adele-madden
Download Presentation

CS 285 Network Security Block Cipher Modes of Operation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS 285 Network SecurityBlock Cipher Modes of Operation Fall 2008

  2. Introduction • How to encrypt a message with variable lengths • Decompose the message into blocks, padding if necessary. • How should the encryption/decryption process of each individual block interact with each other? • Modes of operation

  3. ECB (Electronic Codebook)

  4. CBC (Cipher Block Chaining)

  5. CFB (Cipher Feedback) E

  6. CFB vs. OFB CFB OFB

  7. OFB (Output Feedback Mode) E

  8. CTR (Counter)

  9. Confidentiality and Integrity Protection • ECB • Same plaintext blocks produce same ciphertext blocks. This means that the data pattern is revealed. For example, ECB mode will reveal the image pattern if used to encrypt image files. • Rearranging the blocks is undetectable. • CBC • Random IV gurantees that even if the same message is repeated, the ciphertext is different. • Modifying ciphertext blocks and rearranging ciphertext blocks undetected are still possible. • CFB • No integrity protection; Better in detecting alterations than OFB • OFB • Able to make controlled changes to recovered plaintext. No integrity protection; not as good as CFB • CTR • Same as OFB

  10. ECB Block oriented transmission Not suitable for long messages or highly structured messages. Good for single values (e.g. keys) CBC Block-oriented transmission General-purpose encryption message authentication code design CTR Block-oriented transmission Able to preprocess to generate one-time pad; Random access; High performance requirement; IPsec CFB Stream-oriented transmission, no need for padding; ciphertext has the same length of message; pipeline is possible for encryption, thus good for low-latency real-time transmission encryption. OFB Stream-oriented transmission transmission over noisy channel Able to preprocess to generate one-time pad Application

  11. CS 285 Network SecurityPublic-Key Cryptography Fall 2008

  12. Review of Symmetric Cryptography • How it works • Block cipher • Building blocks, design principle • How it could be used? • Encrypt a message to achieve confidentiality • Block cipher + mode of operation • Its strength • Key size, block size • Open issues • How to get the keys?

  13. Motivation • Two difficult problem associated with the secret-key crytosystem • Key distribution • Non-repudiation

  14. Public-Key Cryptography • Diffie and Hellman achieved an important breakthrough in 1976. • The proposed scheme was radically different from all previous approaches to cryptography • It uses a pair of different keys in contrast to one shared key in symmetric encryption. • It is based on mathematical functions instead of substitution and permutation. • The proposed scheme is called pubic-key (asymmetric) cryptography

  15. History • The scheme proposed by Diffie and Hellman is not a general-purpose encryption algorithm. • It can only provide secure secret key exchange. • Thus it presents a challenge for the cryptologists to design a general-purpose encryption algorithm that satisfies the public-key encryption requirements. • One of the first responses to the challenge was developed in 1977 by Rivest, Shamir, Adleman at MIT, so called RSA.

  16. Public-Key Cryptosystem Model • Public-key cryptosystem uses a pair of different but related keys • one for encryption + the other for decryption • one is placed in a pubic register (public key) + the other is kept secret (private key). • It is required that given only knowledge of the cryptographic algorithm and the public key, it is computationally infeasible to determine the private key.

  17. Confidentiality

  18. Authentication

  19. Confidentiality + Authentication

  20. Essential Steps • Generate a pair of keys • A generates the public key KUA, and the private key KRA. • Publish the public key, while keeping the private key secret. • Users have the access to a collection of public keys from their communication parties. • Use one of the above models to encrypt the message to achieve different security goals and deliver the message.

  21. Requirement (I) • It is computationally infeasible for an opponent, knowing the public key KU, and the encryption and decryption algorithms E, D, to determine the companion private key KR. • It is computationally infeasible for an opponent, knowing the public key KU and the ciphertext C which is encrypted via this key C = E(KU, P), to determine the plaintext P. • For practical use, the following features are also preferred in a public-key encryption algorithm. • 1) It is computationally easy to generate a pair of keys (public key and private key). • 2) It is computationally easy to encrypt a message using either public or private key, and decrypt it • via the companion key.

  22. Requirement (II) • For practical use, the following features are also preferred in a public-key encryption algorithm. • It is computationally easy to generate a pair of keys (public key and private key). • It is computationally easy to encrypt a message using either public or private key, and decrypt it via the companion key.

  23. Next… • Design of RSA • Design of Diffie-Hellman • Distribution of secret keys • Distribution of public keys

More Related