Stream Ciphers A5/1 LFSR

1 / 40

# Stream Ciphers A5/1 LFSR

## Stream Ciphers A5/1 LFSR

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
##### Presentation Transcript

1. Stream Ciphers A5/1 LFSR

2. SECURITY Cryptology We are here cryptanalysis cryptography symmetric asymmetric protocols stream block ciphers ciphers LFSR DES, 3DES, AES

3. Addition and subtraction are the same operation K = a,b K = a,b LCG LCG Ꚛ Ꚛ …x4, x3, x2, x1, x0  …x4, x3, x2, x1, x0   … y4, y3, y2, y1, y0  What’s in here?

4. LFSR – a series of flip-flops with feedback loops (not clocked) Output: Si 1 0 1 0 S0 = 0 Flip-flop holds: 1 0 0 0 clk 0 1 0 0 ?

5. Flip-Flops (i.e memory)‏ also called a latch S Q Q' R A flip-flop stores a bit by virtue of the feedback loop

6. 1 1 0 We string them together to make a shift register, each holds one bit each has an ‘in’ and an ‘out’ Whatever is stored is available on the output right now Whatever in on the input now will become the stored value on the next clock tick

7. Mathematically speaking: (not clocked) Output: Si 0 1 0 0 S0 = 0 S3 S1 S0 = ( ) S4 S2 S1 = ( ) S5 S4 S3 = ( )

8. Si+3 Si+1 Si = ( ) mod 2 period == 7, but we’d like >>7 General LFSR f1 f0 ffm-1 p1 Pm-1 p0 Sm-1 s1 s0 Arbitrary number of flip-flops, arbitrary choice for feedback

9. f1 f0 ffm-1 p1 Pm-1 p0 Sm-1 s1 s0 si Starting values for flip-flops pi Vector of choices for open/closed (feedback, or not?) Set by the standard

10. f1 f0 ffm-1 p1 Pm-1 p0 s1 s0 Sm-1 ) mod2 P0 P1 S0 (Sm-1 Pm-2 S1 Sm-2 Pm-1 + Sm + … + + ΞΞ ) mod2 P0 P1 S1 Pm-2 S2 Sm-1 Pm-1 + (Sm + … + + ΞΞ Sm+1 i+jPj Sm+i ΞΞ

11. SECURITY Cryptology We are here cryptanalysis cryptography symmetric asymmetric protocols stream block ciphers ciphers LFSR DES, 3DES, AES

12. Block Ciphers Deterministic algorithms which act on fixed size chunks of bits call blocks Transform specified by a symmetric key

13. Claude Shannon Claude Shannon, a researcher at AT&T Bell Laboratories, is the father of Computer Science. He completed his masters thesis "A Symbolic Analysis of Relay and Switching Circuits," at age 22, which was called "possibly the most important, and also the most famous, master's thesis of the century.“ - Harvard University Professor Howard Gardner.

14. Claude Shannon Information Theory and A Mathematical Theory of Communication and Communication Theory of Secrecy Systems

15. cryptographic algorithm(cipher) a mathematical function plus a key to en/decrypt The same plaintext encrypts to different ciphertext with different keys.

16. Secrecy of the key and strength of the cipher determine the security Cryptosystem - cryptographic algorithm, plus all possible keys and all the protocols that make it work comprise a cryptosystem (PGP)

17. Conventional cryptography uses a symmetric key

18. Symmetric-key is very fast useful for encrypting data that is not to be transmitted But, secure key distribution is the gotcha We still need a secure channel to tell the other party the key

19. Hybrid: Symmetric, block cipher key

20. Back to block ciphers…

21. Block Cipher Key K bits long | v  Chunk of n encrypted bits Chunk of n cleartext bits  Most are iterated meaning we do it over and over in a round with different keys, each derived from the original

22. Combine substitutions and transpositions (permutations) crypto-quote and jumble puzzles Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original Rounds alternate Horst Feistel, hence “Feistel network”

23. Combine substitutions and transpositions crypto-quote and jumble puzzles  transposition

24. Combine substitutions and transpositions crypto-quote and jumble puzzles  substitution

25. Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original

26. Horst Feistel, hence “Feistel network”

27. Substitution-permutation block cipher several alternating rounds of substitution and permutation Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original --wikipedia

28. A substitution box substitutes a small block of input bits with another block of output bits. 1-1 so it can be decrypted A permutation box takes the outputs of all the S-boxes of one round, permutes the bits, and feeds them into the S-boxes of the next round. Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original

29. Confusion refers to making the relationship between the key and the ciphertext as complex and as involved as possible Diffusion refers to the property that redundancy in the statistics of the plaintext is "dissipated" in the statistics of the ciphertext.

30. Confusion – a primary mechanism is substitution (cryptoquote) Diffusion - primary mechanism is transposition (jumble) A required property is that a small change in cleartext, yields a large change in encrypted text Ideally, if you flip an input bit, we would like a 50-50 chance that each output bit flips …an avalanche of changes

31. Bad: cleartext0x23 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0x99 0x26 0x11 0xcd 0x00 0x67 0x8e 0xee 0x30 0x02 0x44 0xc4 cleartext 0xa3 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0x99 0x26 0x11 0xcd 0x00 0x67 0x8e 0xef 0x30 0x02 0x44 0xc4 Causes a single bit to change in the ciphertext 1110 becomes 1111 A single bit changed: 0010 becomes 1010

32. Good: cleartext0x23 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0x99 0x26 0x11 0xcd 0x00 0x67 0x8e 0xee 0x30 0x02 0x44 0xc4 cleartext 0xa3 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0xc0 0x56 0xe2 0x80 0xdd 0xdd 0x19 0xb1 0x30 0x82 0x4c 0x25 Causes many changes A single bit changed: 0010 becomes 1010

33. Confusion – a primary mechanism is substitution (cryptoquote) Diffusion - primary mechanism is transposition (jumble) Substitution and diffusion are most common, but AES uses linear transformations

34. Data Encryption Standard - DES First cryptography in the public space proposed by IBM/NSA in 1974 U.S. government standard in 1977 ANSI standard in 1981 Gov’t standard until around 2000 Very widely distributed, implemented, studied

35. Data Encryption Standard - DES • block cipher using a 56-bit key • strong algorithm, but limited by key length • Unsecure today, hardware to defeat it • emerged in 1988 • 3DES – triple DES, still secure • most widely used https://www.youtube.com/watch?v=Sy0sXa73PZA&t=1s

36. 56 bit key | v DES  64 encrypted bits 64 bits clear Symmetric keys 16 rounds, all of which are the same Different subkey in each round

37. openssl(1) libcrypt.a(3) e.g. encrypt & decrypt with DES openssl des -e -a -in index.html -out index.html.enc openssl des –d –a –in index.html.enc –out /dev/pts/1