- 100 Views
- Uploaded on
- Presentation posted in: General

CS 285 Network Security Block Cipher Modes of Operation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

CS 285 Network SecurityBlock Cipher Modes of Operation

Fall 2008

- How to encrypt a message with variable lengths
- Decompose the message into blocks, padding if necessary.
- How should the encryption/decryption process of each individual block interact with each other?
- Modes of operation

E

CFB

OFB

E

- ECB
- Same plaintext blocks produce same ciphertext blocks. This means that the data pattern is revealed. For example, ECB mode will reveal the image pattern if used to encrypt image files.
- Rearranging the blocks is undetectable.

- CBC
- Random IV gurantees that even if the same message is repeated, the ciphertext is different.
- Modifying ciphertext blocks and rearranging ciphertext blocks undetected are still possible.

- CFB
- No integrity protection; Better in detecting alterations than OFB

- OFB
- Able to make controlled changes to recovered plaintext. No integrity protection; not as good as CFB

- CTR
- Same as OFB

ECB

Block oriented transmission

Not suitable for long messages or highly structured messages. Good for single values (e.g. keys)

CBC

Block-oriented transmission

General-purpose encryption

message authentication code design

CTR

Block-oriented transmission

Able to preprocess to generate one-time pad; Random access; High performance requirement; IPsec

CFB

Stream-oriented transmission,

no need for padding;

ciphertext has the same length of message;

pipeline is possible for encryption, thus good for low-latency real-time transmission encryption.

OFB

Stream-oriented transmission

transmission over noisy channel

Able to preprocess to generate one-time pad

CS 285 Network SecurityPublic-Key Cryptography

Fall 2008

- How it works
- Block cipher
- Building blocks, design principle

- Block cipher
- How it could be used?
- Encrypt a message to achieve confidentiality
- Block cipher + mode of operation

- Its strength
- Key size, block size

- Open issues
- How to get the keys?

- Two difficult problem associated with the secret-key crytosystem
- Key distribution
- Non-repudiation

- Diffie and Hellman achieved an important breakthrough in 1976.
- The proposed scheme was radically different from all previous approaches to cryptography
- It uses a pair of different keys in contrast to one shared key in symmetric encryption.
- It is based on mathematical functions instead of substitution and permutation.

- The proposed scheme is called
pubic-key (asymmetric) cryptography

- The scheme proposed by Diffie and Hellman is not a general-purpose encryption algorithm.
- It can only provide secure secret key exchange.

- Thus it presents a challenge for the cryptologists to design a general-purpose encryption algorithm that satisfies the public-key encryption requirements.
- One of the first responses to the challenge was developed in 1977 by Rivest, Shamir, Adleman at MIT, so called RSA.

- Public-key cryptosystem uses a pair of different but related keys
- one for encryption + the other for decryption
- one is placed in a pubic register (public key) + the other is kept secret (private key).

- It is required that given only knowledge of the cryptographic algorithm and the public key, it is computationally infeasible to determine the private key.

- Generate a pair of keys
- A generates the public key KUA, and the private key KRA.

- Publish the public key, while keeping the private key secret.
- Users have the access to a collection of public keys from their communication parties.

- Use one of the above models to encrypt the message to achieve different security goals and deliver the message.

- It is computationally infeasible for an opponent, knowing the public key KU, and the encryption and decryption algorithms E, D, to determine the companion private key KR.
- It is computationally infeasible for an opponent, knowing the public key KU and the ciphertext C which is encrypted via this key C = E(KU, P), to determine the plaintext P.
- For practical use, the following features are also preferred in a public-key encryption algorithm.
- 1) It is computationally easy to generate a pair of keys (public key and private key).
- 2) It is computationally easy to encrypt a message using either public or private key, and decrypt it
- via the companion key.

- For practical use, the following features are also preferred in a public-key encryption algorithm.
- It is computationally easy to generate a pair of keys (public key and private key).
- It is computationally easy to encrypt a message using either public or private key, and decrypt it via the companion key.

- Design of RSA
- Design of Diffie-Hellman
- Distribution of secret keys
- Distribution of public keys