CS 285 Network Security Block Cipher Modes of Operation - PowerPoint PPT Presentation

Cs 285 network security block cipher modes of operation
Download
1 / 24

  • 108 Views
  • Uploaded on
  • Presentation posted in: General

CS 285 Network Security Block Cipher Modes of Operation. Fall 2008. Introduction. How to encrypt a message with variable lengths Decompose the message into blocks, padding if necessary. How should the encryption/decryption process of each individual block interact with each other?

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

CS 285 Network Security Block Cipher Modes of Operation

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cs 285 network security block cipher modes of operation

CS 285 Network SecurityBlock Cipher Modes of Operation

Fall 2008


Introduction

Introduction

  • How to encrypt a message with variable lengths

    • Decompose the message into blocks, padding if necessary.

    • How should the encryption/decryption process of each individual block interact with each other?

      • Modes of operation


Ecb electronic codebook

ECB (Electronic Codebook)


Cbc cipher block chaining

CBC (Cipher Block Chaining)


Cfb cipher feedback

CFB (Cipher Feedback)

E


Cfb vs ofb

CFB vs. OFB

CFB

OFB


Ofb output feedback mode

OFB (Output Feedback Mode)

E


Ctr counter

CTR (Counter)


Confidentiality and integrity protection

Confidentiality and Integrity Protection

  • ECB

    • Same plaintext blocks produce same ciphertext blocks. This means that the data pattern is revealed. For example, ECB mode will reveal the image pattern if used to encrypt image files.

    • Rearranging the blocks is undetectable.

  • CBC

    • Random IV gurantees that even if the same message is repeated, the ciphertext is different.

    • Modifying ciphertext blocks and rearranging ciphertext blocks undetected are still possible.

  • CFB

    • No integrity protection; Better in detecting alterations than OFB

  • OFB

    • Able to make controlled changes to recovered plaintext. No integrity protection; not as good as CFB

  • CTR

    • Same as OFB


Application

ECB

Block oriented transmission

Not suitable for long messages or highly structured messages. Good for single values (e.g. keys)

CBC

Block-oriented transmission

General-purpose encryption

message authentication code design

CTR

Block-oriented transmission

Able to preprocess to generate one-time pad; Random access; High performance requirement; IPsec

CFB

Stream-oriented transmission,

no need for padding;

ciphertext has the same length of message;

pipeline is possible for encryption, thus good for low-latency real-time transmission encryption.

OFB

Stream-oriented transmission

transmission over noisy channel

Able to preprocess to generate one-time pad

Application


Cs 285 network security public key cryptography

CS 285 Network SecurityPublic-Key Cryptography

Fall 2008


Review of symmetric cryptography

Review of Symmetric Cryptography

  • How it works

    • Block cipher

      • Building blocks, design principle

  • How it could be used?

    • Encrypt a message to achieve confidentiality

    • Block cipher + mode of operation

  • Its strength

    • Key size, block size

  • Open issues

    • How to get the keys?


Motivation

Motivation

  • Two difficult problem associated with the secret-key crytosystem

    • Key distribution

    • Non-repudiation


Public key cryptography

Public-Key Cryptography

  • Diffie and Hellman achieved an important breakthrough in 1976.

  • The proposed scheme was radically different from all previous approaches to cryptography

    • It uses a pair of different keys in contrast to one shared key in symmetric encryption.

    • It is based on mathematical functions instead of substitution and permutation.

  • The proposed scheme is called

    pubic-key (asymmetric) cryptography


History

History

  • The scheme proposed by Diffie and Hellman is not a general-purpose encryption algorithm.

    • It can only provide secure secret key exchange.

  • Thus it presents a challenge for the cryptologists to design a general-purpose encryption algorithm that satisfies the public-key encryption requirements.

  • One of the first responses to the challenge was developed in 1977 by Rivest, Shamir, Adleman at MIT, so called RSA.


Public key cryptosystem model

Public-Key Cryptosystem Model

  • Public-key cryptosystem uses a pair of different but related keys

    • one for encryption + the other for decryption

    • one is placed in a pubic register (public key) + the other is kept secret (private key).

  • It is required that given only knowledge of the cryptographic algorithm and the public key, it is computationally infeasible to determine the private key.


Confidentiality

Confidentiality


Authentication

Authentication


Confidentiality authentication

Confidentiality + Authentication


Essential steps

Essential Steps

  • Generate a pair of keys

    • A generates the public key KUA, and the private key KRA.

  • Publish the public key, while keeping the private key secret.

    • Users have the access to a collection of public keys from their communication parties.

  • Use one of the above models to encrypt the message to achieve different security goals and deliver the message.


Requirement i

Requirement (I)

  • It is computationally infeasible for an opponent, knowing the public key KU, and the encryption and decryption algorithms E, D, to determine the companion private key KR.

  • It is computationally infeasible for an opponent, knowing the public key KU and the ciphertext C which is encrypted via this key C = E(KU, P), to determine the plaintext P.

  • For practical use, the following features are also preferred in a public-key encryption algorithm.

  • 1) It is computationally easy to generate a pair of keys (public key and private key).

  • 2) It is computationally easy to encrypt a message using either public or private key, and decrypt it

  • via the companion key.


Requirement ii

Requirement (II)

  • For practical use, the following features are also preferred in a public-key encryption algorithm.

  • It is computationally easy to generate a pair of keys (public key and private key).

  • It is computationally easy to encrypt a message using either public or private key, and decrypt it via the companion key.


Cs 285 network security block cipher modes of operation

Next…

  • Design of RSA

  • Design of Diffie-Hellman

  • Distribution of secret keys

  • Distribution of public keys


  • Login