1 / 33

Computer and Network Security/ Internet Security

Computer and Network Security/ Internet Security. Symmetric Encryption and Message Confidentiality. Overview. Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution.

morey
Download Presentation

Computer and Network Security/ Internet Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer and Network Security/ Internet Security Symmetric Encryption and Message Confidentiality Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  2. Overview • Conventional Encryption Principles • Conventional Encryption Algorithms • Cipher Block Modes of Operation • Location of Encryption Devices • Key Distribution Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  3. Conventional Encryption Principles • A conventional encryption scheme has five ingredients • Plain text • Encryption algorithms • Private keys • Cipher text • Decryption algorithm • Agents possess their private keys and share with another party • Security depends on the secrecy of the key, not the secrecy of the algorithm Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  4. Conventional Encryption Principles Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  5. Cryptography • Classified according to three independent dimensions: • The type of operations used for transforming plaintext to ciphertext • The number of keys used • symmetric (single key or secret- key or private-key) • asymmetric (two-keys, or public-key encryption) • The way in which the plaintext is processed Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  6. Cryptanalysis • Process of attempting to discover the plaintext or key • An encryption scheme is computationally secure if the ciphertext meets one of these criteria • cost of breaking the cipher exceeds the value of the information • time requires to break the cipher exceeds the useful lifetime of the information Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  7. Key Size (bits) Number of Alternative Keys Time required at 106 Decryption/µs 32 232 = 4.3 x 109 2.15 milliseconds 56 256 = 7.2 x 1016 10 hours 128 2128 = 3.4 x 1038 5.4 x 1018years 168 2168 = 3.7 x 1050 5.9 x 1030years Average time required for exhaustive key search Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  8. Feistel Cipher Structure • Virtually all conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973 • The realization of a Feistel Network depends on the choice of the following parameters and design features: (see next slide) Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  9. Feistel Cipher Structure • Block size: larger block sizes mean greater security • Key Size: larger key size means greater security • Number of rounds: multiple rounds offer increasing security • Subkey generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis. • Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  10. Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  11. Conventional Symmetric Encryption Algorithms • Data Encryption Standard (DES) • A widely used encryption scheme (to 2001) • ref. NIST paper • The algorithm is referred to the Data Encryption Algorithm (DEA) • DES is a block cipher • The plaintext is processed in 64-bit blocks • The key is 56-bits in length • No longer used for government transmissions Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  12. Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  13. Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  14. DES • The overall processing at each iteration: • Li= Ri-1 • Ri = Li-1 XOR F(Ri-1, Ki) • Concerns about: • The algorithm and the key length (56-bits) • http://www.mycrypto.net/encryption/des_crack.html Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  15. Time to break a code (106 decryptions/µs) Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  16. Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt) • C = ciphertext • P = Plaintext • EK[X] = encryption of X using key K • DK[Y] = decryption of Y using key K • Effective key length of 168 bits C = EK3[DK2[EK1[P]]] Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  17. Triple DEA Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  18. Advanced Encryption Standard • clear a replacement for DES was needed • have theoretical attacks that can break it • have demonstrated exhaustive key search attacks • can use Triple-DEA – but slow with small blocks • US NIST issued call for ciphers in 1997 • 15 candidates accepted in Jun 98 • 5 were shortlisted in Aug-99 • Rijndael was selected as the AES in Oct-2000 • issued as FIPS PUB 197 standard in Nov-2001 Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  19. The AES Cipher - Rijndael • designed by Rijmen-Daemen in Belgium • has 128/192/256 bit keys, 128 bit data • an iterative rather than feistel cipher • treats data in 4 groups of 4 bytes • operates an entire block in every round • designed to be: • resistant against known attacks • but see http://people.csail.mit.edu/tromer/papers/cache.pdf • speed and code compactness on many CPUs • design simplicity Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  20. Rijndael • processes data as 4 groups of 4 bytes (state) • best to think of a 128-bit block as consisting of a 4x4 matrix of bytes, arranged as follows: Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  21. Rijndael (cont) • Start with an AddRoundKey stage • has 9 rounds in which state undergoes: • byte substitution (1 S-box used on every byte) • shift rows (permute bytes between groups/columns) • mix columns (subs using matrix multipy of groups) • add round key (XOR state with key material) • initial XOR key material & incomplete last round • all operations can be combined into XOR and table lookups - hence very fast & efficient Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  22. Implementation Aspects • can efficiently implement on 8-bit CPU • byte substitution works on bytes using a table of 256 entries • shift rows is simple byte shifting • add round key works on byte XORs • mix columns requires matrix multiply in GF(28) which works on byte values, can be simplified to use a table lookup Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  23. Implementation Aspects • can efficiently implement on 32-bit CPU • redefine steps to use 32-bit words • can precompute 4 tables of 256-words • then each column in each round can be computed using 4 table lookups + 4 XORs • at a cost of 16Kb to store tables • designers believe this very efficient implementation was a key factor in its selection as the AES cipher Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  24. Summary • have considered: • the AES selection process • Overall structure of AES • implementation aspects Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  25. Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA) • 128-bit key • Used in PGP • Blowfish • Easy to implement • High execution speed • Run in less than 5K of memory Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  26. Other Symmetric Block Ciphers • RC5 • Suitable for hardware and software • Fast, simple • Adaptable to processors of different word lengths • Variable number of rounds • Variable-length key • Low memory requirement • High security • Data-dependent rotations • Cast-128 • Key size from 40 to 128 bits • The round function differs from round to round Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  27. Cipher Block Modes of Operation • Cipher Block Chaining Mode (CBC) • The input to the encryption algorithm is the XOR of the current plaintext block and the preceding ciphertext block. • Repeating pattern of 64-bits are not exposed Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  28. Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  29. Location of Encryption Device • Link encryption: • A lot of encryption devices • High level of security • Decrypt each packet at every switch • End-to-end encryption • The source encrypt and the receiver decrypts • Payload encrypted • Header in the clear • High Security: Both link and end-to-end encryption are needed Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  30. Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  31. Key Distribution • A key could be selected by A and physically delivered to B. • A third party could select the key and physically deliver it to A and B. • If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. • If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  32. Key Distribution (See Figure 2.10) • Session key: • Data encrypted with a one-time session key.At the conclusion of the session the key is destroyed • Permanent key: • Used between entities for the purpose of distributing session keys Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

  33. Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

More Related