Download
1 / 39
390 likes | 595 Views
Symmetric EncryptionFunctions. Lucifer DES 3DES RC2 RC4 Blowfish AES. Symmetric Functions: The Big Idea. M’ = f(M,key) M = f’(M’,key) Note: Same key encrypts and decrypts f=f’ or f≠f’ (some algorithms have a decrypt mode, some don’t need it). Symmetric Algorithms: History.
E N D
Symmetric EncryptionFunctions • Lucifer • DES • 3DES • RC2 • RC4 • Blowfish • AES • ...
Symmetric Functions: The Big Idea • M’ = f(M,key) • M = f’(M’,key) • Note: • Same key encrypts and decrypts • f=f’ or f≠f’ (some algorithms have a decrypt mode, some don’t need it).
Symmetric Algorithms: History • Pencil-and-paper Ciphers, Codebooks, and encryption machines were all symmetric. • Clearly, if you knew how to encrypt a message, you knew how to decrypt it, right?
German Enigma Machine • Set “code of the day” on dials. • Later models: Set additional code with plugs and wires. • Press a button with the letter to encrypt; the encrypted letter lights up. • Each key press advances the dials
Inside the Enigma • http://www.math.miami.edu/~harald/enigma/enigma.gif
Cryptography after WW2 • Academia largely disinterested • NSA Largest Employer of mathematicians in the world.
Cryptography and IBM • IBM hired by Lloyds of London to arrange security for a cash dispensing network (early ATM machines.) • IBM develops “Lucifer” cipher • Symmetric Algorithm • explicit encrypt/decrypt • 112 bit key • Substitution and transposition within 8-character blocks
Cryptography and NBS • National Bureau of Standards request proposals for a “Data Encryption Standard.” • IBM submits Lucifer to NBS • NBS submits Lucifer to NSA • NSA returns Lucifer with “tweaks” to substitution boxes and 56-bit key
Can you trust DES? • NSA said they made it “better.” • “Better” for who? • 56 bit key (was 112) • new sboxes (what was wrong with old ones?)
You could trust DES. • Lucifer was susceptible to differential cryptanalysis. • NSA couldn’t tell anybody! • Technique was secret until independently discovered by Adi Shamir • sbox changes differential cryptanalysis useless against DES • IBM published a paper on this in the 90s.
DES: A Fiestel Cipher H. Feistel, "Cryptography and Computer Privacy," Scientific American, v. 228, n. 5, May 73, pp. 15-23.
DES cracking • In the 1980s, it was hypothesized that someone could build a DES-cracking machine for $1M • In the 1990s, John Gilmore and & EFF built one for $250K. “Deep Crack.” Time to crack a key: 4-7 days. http://www.eff.org/descracker • Nevertheless, DES is still widely used. Why?
Strengthening DES • Triple DES (3DES) • Encrypt, Decrypt, Encrypt • M’ = f(f’(f(M,K1),K2),K3) • Set Key1=Key2 for DES compatibility • 3 keys = 168 bits
RC2, RC4 • “Ron’s Code” #2 & #4 • Secret, proprietary algorithms from RSA Security
RC2 • Block cipher. Keysize 40-2048 bites • Revealed in 1996 in anonymous Usenet posting • Probably leaked by reverse engineering Lotus Notes • Widely used because of “40-bit compromise” between Software Publisher’s Association and Commerce Department.
RC4 • Very fast stream cipher - generates a pseudorandom stream used for XORing. • Keysize 40-2048 bites • Revealed in 1994 in anonymous Usenet posting • Probably leaked by an engineer at Apple • Also part of the “40-bit” compromise.
RC5 • Invented by ... Ron Rivest • Variable Key Size; Variable # of rounds • Largely academic curiosity
AES • Advanced Encryption Standard • Multi-year open competition • Requirements: • Block cipher. • Variable-length keys and blocks (128, 192, 256, etc.) • Good in hardware or software.
AES Finalists • Twofish - Bruce Schneier • RC5 - Ron Rivest • MARS • Rijndael - Vincent Rijmen and Joan Daemen
Interesting things to note about AES • US picked a foreign-designed cipher as its standard. • Not a Fiestel cipher. “New Math” • AES is faster than DES, even with longer keys!
Other Block Ciphers • CAST-128 (RFC-2144), 64-bit block, 16-round, 128-bit key • Blowfish (Schneider, 64-bit block, 40-448 bit key)
Openness in Design • “Finally, I should note that publishing the design of a cipher inherently weakens it by providing an attacker with details of its operation. The most secure approach would be to design a cipher from scratch and keep both the algorithm and the keys secret. While designing a cryptosystem is fairly easy, evaluating it for loopholes is not. Governments and other very large institutions may have the resources to design and evaluate their own cryptosystem, but the rest of us are probably well advised to use published ciphers that have been publicly evaluated for weaknesses.” http://www.freesoft.org/CIE/Topics/145.htm
Modes of Operation • Defines how a block cipher is used on data longer than a block. • A strong cipher can be made less secure (not secure) with a bad mode of operation
Most Important Modes • ECB - Electronic Code Book • CBC - Cipher Block Chaining • CFB - Cipher Feed Back (XOR generator) • Counter Mode
Electronic Code Book http://www.freesoft.org/CIE/Topics/143.htm
ECB Demo ECB CBC original http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
To: Bank From: ATM Action: Deposit Amount: $100.00 To: Bank From: ATM Action: Deposit Amount: $900.00 Other problems with ECB • Replay attacks • Mauling “1” = 0011001 “9” = 0011101
Cipher Feedback Mode http://members.chello.at/s.peer/
Counter Mode http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
Privacy vs. Integrity • Need for the two to be distinguished was not evident back in the 1970s. • In some cases, the ability to change encrypted data may be sufficient.
RC4: Easiest there Is void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); Note: Decrypt and Encrypt are the same operation!
RC4 in Perl # Functional Style use Crypt::RC4; $encrypted = RC4( $passphrase, $plaintext ); $decrypt = RC4( $passphrase, $encrypted ); # OO Style use Crypt::RC4; $ref = Crypt::RC4->new( $passphrase ); $encrypted = $ref->RC4( $plaintext ); $ref2 = Crypt::RC4->new( $passphrase ); $decrypted = $ref2->RC4( $encrypted ); # process an entire file, $ref3 = Crypt::RC4->new( $passphrase ); while (<FILE>) { print $ref3->RC4($_); }
RC2: Block Encryption is Harder! void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *key, int enc); void RC2_encrypt(unsigned long *data,RC2_KEY *key); void RC2_decrypt(unsigned long *data,RC2_KEY *key); void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int enc);
EVP: OpenSSL Generic Cipher Algorithms int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv); int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv); int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv, int enc); int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
Perl Modules for Symmetric Encryption • Crypt::Blowfish • Crypt::CAST5 • Crypt::DES • Crypt::RC4 • Crypt::RC5 • Crypt::RC6 • Crypt::TripleDES • Crypt::Twofish
