1 / 10

Computer and Network Security Lecture 5: DES, 3-DES, AES, Chosen-Ciphertext Attacks, RSA

This lecture covers the topics of Data Encryption Standard (DES), Triple DES (3-DES), Advanced Encryption Standard (AES), chosen-ciphertext attacks, and public-key encryption with RSA.

trevorbrown
Download Presentation

Computer and Network Security Lecture 5: DES, 3-DES, AES, Chosen-Ciphertext Attacks, RSA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMSC 414Computer and Network SecurityLecture 5 Jonathan Katz

  2. Administrative stuff • JCE 1.4.2 available • Extension for HW1 • See HW1 FAQ • Generate randomness yourself (not using KeyGenerator) using SecureRandom class • Implement modes yourself, using only calls to DES (via “hack” using ECB)

  3. Data Encryption Standard (DES) • Developed in 1977 by NBS • 56-bit key, 64-bit input/output • A 64-bit key is derived from 56 random bits • One bit in each octet is a parity-check bit • The “short” key length is a major concern…

  4. Concerns about DES • Short key length • DES “cracker”, built for $250K, can break DES in days • Distributing the computation makes it faster • Does not mean “DES is insecure” • Some (theoretical) attacks have been found • Non-public design process

  5. 3-DES • Expands the key length • Now, key K = (K1, K2); |K| = 112 • The “new” block cipher is just: • EK1,K2(m) = DESK1(DES-1K2(DESK1(m))) • This is a permutation, and invertible • Fairly slow…

  6. AES • Public contest sponsored by NIST in ’97 • Narrowed to 5 finalists • 4 years of intense analysis • Efficiency and security taken into account • 128-bit key length and 128-bit block size (minimum) • Rijndael selected as the AES • Supports variety of block/key sizes

  7. Other block ciphers? • No compelling reason to use anything other than AES, in general • Unless (possibly) you have very specific performance requirements • Even then, think twice

  8. Chosen-ciphertext attacks • None of the DES modes of encryption are secure against chosen-ciphertext attacks • Examples… • The one-time pad is not secure against chosen-ciphertext attacks either… • Encryption does not provide integrity!

  9. Public-Key Encryption, RSA

  10. Some basic number theory • Modular arithmetic, ZN, and Z*N • Simple computations with large numbers • (N), Fermat’s theorem

More Related