1 / 12

Encrypting & Authenticating with Block Ciphers

Encrypting & Authenticating with Block Ciphers. CS 519 Cryptography and Network Security Instructor: Ali Aydin Selcuk. How to Encrypt with a Block Cipher?. Electronic Codebook (ECB) Mode: The naive way.

conway
Download Presentation

Encrypting & Authenticating with Block Ciphers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Encrypting & Authenticatingwith Block Ciphers CS 519 Cryptography and Network Security Instructor: Ali Aydin Selcuk Modes of Operation & MACs

  2. How to Encrypt with a Block Cipher? Electronic Codebook (ECB) Mode: • The naive way. • The plaintext is divided into blocks Pi ,each block is encrypted independently:Ci = E(Pi)Pi = D(Ci) • Problem: Leaks information about identical blocks Modes of Operation & MACs

  3. An Illustration – The Plaintext Modes of Operation & MACs

  4. An Illustration – ECB Encrypted Modes of Operation & MACs

  5. Cipher Block Chaining (CBC) • Add randomization to the plaintext by mixing with the previous ciphertext: Ci = E(PiCi-1) Pi = D(Ci) Ci-1 • Initialization Vector (IV): used instead of C0 when encrypting/decrypting the first block. (not a secret) • Most common mode in practice • Features: • Error propagation: 1 wrong bit corrupts 1 block + 1 bit • Allows random access to the ciphertext • Decryption is parallelizable Modes of Operation & MACs

  6. An Illustration – CBC Encrypted Modes of Operation & MACs

  7. Output Feedback (OFB) Mode • Block cipher is used as the PRNG in a stream cipher. • A key stream is generated from the output: Oi = E(Oi-1) Ci = Pi Oi Pi = Ci Oi • IV used for O0 • Features: • Error propagation minimal (bit for bit) • Preprocessing possible (may be good for multimedia) • Doesn’t allow random access; not parallelizable Modes of Operation & MACs

  8. Cipher Feedback (CFB) Mode • A key stream is generated from the ciphertext: Oi = E(Ci-1) Ci = Pi Oi Pi = Ci Oi • IV used for C0 • Features: • Error propagation: 1 bit + 1 block • Allows random access • Decryption is parallelizable Modes of Operation & MACs

  9. Counter (CTR) Mode • A key stream is generated by encrypting a counter: Ci = Pi E(IV + i) Pi = Ci E(IV + i) • Features: • Error propagation minimal (bit for bit) • Preprocessing possible • Allows random access • Both encryption and decryption are parallelizable Modes of Operation & MACs

  10. Message Authentication Codes (MAC) • A keyed function of a message. • Sender of a message m computes MACK(m) and appends it to the message • Verification: The receiver also computes MACK(m) & compares to the received value. • Security of a MAC: An attacker shouldn’t be able to generate a valid (m, MACK(m)), even after seeing many valid message-MAC pairs, possibly of his choice. Modes of Operation & MACs

  11. MACs (cont’d) • MAC keys are symmetric. Hence, doesn’t provide non-repudiation. (unlike digital signatures) • MAC function doesn’t need to be invertible. • A MACed message is not necessarily encrypted. How to obtain a MAC from a block cipher? Suggestion: • divide message into blocks • compute a checksum by adding (or xoring) them • encrypt the checksum Is this construction secure? Modes of Operation & MACs

  12. CBC-MAC • Compute the CBC over the message • The last output block is the MAC • IV: fixed or random? • Bellare-Rogaway (1994): CBC-MAC is provably secure if the underlying block cipher is secure Other alternatives: • ECB? • OFB/CTR? • CFB? Modes of Operation & MACs

More Related