210 likes | 215 Views
Information Security and Management (Abstract) 5. Advanced Encryption Standard 6. Contemporary Symmetric Ciphers. Chih-Hung Wang Fall 2011. Famous Symmetric Ciphers. AES (Advanced Encryption Standard) Triple DES Other symmetric block ciphers (ex. IDEA 、 Blowfish 、 RC5 、 CAST-
E N D
Information Security and Management(Abstract)5. Advanced Encryption Standard6. Contemporary Symmetric Ciphers Chih-Hung Wang Fall 2011
Famous Symmetric Ciphers • AES (Advanced Encryption Standard) • Triple DES • Other symmetric block ciphers (ex. IDEA、Blowfish、RC5、CAST- 128…etc.)
AES • Next generation encryption standard of NIST/FIPS • It will replace the use of DES in the following 30 years • The sensitive information protected by AES cannot be revealed within 100 years • It is selected by the competition from international selection process
AES Requirements • Block cipher • 128-bit block • 128/192/256-bit keys • It is equal to Triple DES at least on security and is more efficient • Provide descriptions and analysis • Provide three implementations in two languages (reference and optimized in C,optimized in Java) • IF selected, royalty free world wide
Final AES Selection • Rijndael • Block cipher with block size 128 bits • Accept 128-, 192-, 256-bit length keys • Easy to implement in H/W
The Implementation of Crypto Algorithms (W32) • http://us.cryptosoft.de/ • Different platforms: win16, win32, linux, OS/2,… • Triple DES, Rijndael, Safer+, Blowfish, Cast-128, … • Old version • Crypto++: a C++ Class Library of Cryptographic Primitives • Version 5.6.1 (2010/8/9) • http://www.cryptopp.com/ • Microsoft CryptoAPI
More AES Information • NIST AES Homepage • http://csrc.nist.gov/encryption/aes/ • Rijndael Specification Those who are interested in the AES specification (i.e., what will be in the standard) should refer to the Draft FIPS for the AES. • Test Values • Supporting Documentation • Rijndael Developers' Contact Information • Rijndael Code: C/C++/Java/Visual Basic • FIPS 197 • http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf • AES proposal • http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf
Practice • Reading Project • Rijndael Specification : download from http://csrc.nist.gov/encryption/aes/ • Programming/testing Project • Download Rijndael source code (C/C++) from Rijndael homepage or other web sites. • Modify and refine the source code from web sites such that it can be used to encipher and decipher a message. • Write a report that includes the address of web sits, source code and testing results.
Triple DES • Double DES
Triple DES • Double DES: reduction to a single key • It would be possible to find a key K3 such that • With 264 possible inputs, how may different mappings? (264)! > (101020) • It is reasonable to assume that if DES is used twice with different keys, it will produce one of the many mappings that is not defined by a single application of DES.
Meet-in-the-Middle Attack • Works whenever use a cipher twice [DIFF77] • Since X = EK1[P] = DK2[C] • Attack by encrypting P with all keys and store • Then decrypt C with keys and match X value • Can show takes O(256) steps
Triple DES • Triple DES with two keys • C=EK1[DK2[EK1[P]]] • P=DK1[EK2[DK1[C]]]
Triple DES • Standardized in ANSI X9.17 & ISO 8732 • No current known practical attacks • The cost of a brute-force key search on triple DES: 2112 (51033) • Has been adopted by some Internet applications, eg PGP, S/MIME
Other symmetric block ciphers • IDEA • International Data Encryption Algorithm • A symmetric block cipher developed by Xuejia Lai and James Massey of the Swiss Federal Institute of Technology. • One of a number of conventional encryption algorithms that have been proposed in recent years to replace DES. • IDEA is included in PGP. • 128-bit key to encrypt data in blocks of 64 bits
Other symmetric block ciphers • Blowfish • A symmetric block cipher developed by Bruce Schneier. • Characteristics • Fast • Compact: can run less than 5K of memory. • Simple • Variably secure: the key length is variable and can be as long as 448 bits. This allows a tradeoff between higher speed and higher security. • 64-bits block cipher
Other symmetric block ciphers • RC5 • A symmetric encryption algorithm developed by Ron Rivest. • Adaptable to processors of different word lengths. • Variable number of rounds. • Variable-length key • Low memory requirement • Suitable for smart cards