Computer and Network Security/ Internet Security

Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW

1

Computer and Network Security/ Internet Security

Symmetric Encryption and Message Confidentiality


2

Overview• Conventional Encryption Principles• Conventional Encryption

Algorithms• Cipher Block Modes of Operation• Location of Encryption Devices• Key Distribution


3

Conventional Encryption Principles

• A conventional encryption scheme has five ingredients– Plain text– Encryption algorithms– Private keys– Cipher text– Decryption algorithm

• Agents possess their private keys and share with another party

• Security depends on the secrecy of the key, not the secrecy of the algorithm


4

Conventional Encryption Principles


5

Cryptography• Classified according to three

independent dimensions:– The type of operations used for

transforming plaintext to ciphertext– The number of keys used

• symmetric (single key or secret- key or private-key)

• asymmetric (two-keys, or public-key encryption)– The way in which the plaintext is processed


6

Cryptanalysis• Process of attempting to discover the

plaintext or key• An encryption scheme is

computationally secure if the ciphertext meets one of these criteria– cost of breaking the cipher exceeds the

value of the information– time requires to break the cipher exceeds

the useful lifetime of the information


7

Average time required for exhaustive key

search

2.15 milliseconds232 = 4.3 x 10932

5.9 x 1030 years2168 = 3.7 x 10501685.4 x 1018 years2128 = 3.4 x 103812810 hours256 = 7.2 x 101656

Time required at 106 Decryption/µs

Number of Alternative Keys

Key Size (bits)


8

Feistel Cipher Structure• Virtually all conventional block

encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973

• The realization of a Feistel Network depends on the choice of the following parameters and design features:

(see next slide)


9

Feistel Cipher Structure• Block size: larger block sizes mean

greater security• Key Size: larger key size means greater

security• Number of rounds: multiple rounds offer

increasing security• Subkey generation algorithm: greater

complexity will lead to greater difficulty of cryptanalysis.

• Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern


10


11

Conventional Symmetric Encryption

Algorithms• Data Encryption Standard (DES)

– A widely used encryption scheme (to 2001)• ref. NIST paper

– The algorithm is referred to the Data Encryption Algorithm (DEA)

– DES is a block cipher– The plaintext is processed in 64-bit blocks– The key is 56-bits in length– No longer used for government

transmissions

http://findarticles.com/p/articles/mi_m0IKZ/is_3_107/ai_90984479/pg_2/?tag=content;col1

http://findarticles.com/p/articles/mi_m0IKZ/is_3_107/ai_90984479/pg_2/?tag=content;col1


12


13


14

DES• The overall processing at each

iteration:–Li = Ri-1–Ri = Li-1 XOR F(Ri-1, Ki)

• Concerns about:–The algorithm and the key length

(56-bits)• http://www.mycrypto.net/encryption/des_

crack.html

http://www.mycrypto.net/encryption/des_crack.html

http://www.mycrypto.net/encryption/des_crack.html


15

Time to break a code (106 decryptions/µs)


16

Triple DEA• Use three keys and three executions

of the DES algorithm (encrypt-decrypt-encrypt)

• C = ciphertext• P = Plaintext• EK[X] = encryption of X using key K• DK[Y] = decryption of Y using key K

• Effective key length of 168 bits

C = EK3[DK2[EK1[P]]]


17

Triple DEA


18

Advanced Encryption Standard

• clear a replacement for DES was needed– have theoretical attacks that can break it– have demonstrated exhaustive key search

attacks• can use Triple-DEA – but slow with small blocks• US NIST issued call for ciphers in 1997• 15 candidates accepted in Jun 98 • 5 were shortlisted in Aug-99 • Rijndael was selected as the AES in Oct-2000• issued as FIPS PUB 197 standard in Nov-2001


19

The AES Cipher - Rijndael • designed by Rijmen-Daemen in Belgium

• has 128/192/256 bit keys, 128 bit data

• an iterative rather than feistel cipher– treats data in 4 groups of 4 bytes– operates an entire block in every round

• designed to be:– resistant against known attacks

• but see http://people.csail.mit.edu/tromer/papers/cache.pdf

– speed and code compactness on many CPUs

– design simplicity

http://people.csail.mit.edu/tromer/papers/cache.pdf

http://people.csail.mit.edu/tromer/papers/cache.pdf


20

Rijndael• processes data as 4 groups of 4

bytes (state)• best to think of a 128-bit block as

consisting of a 4x4 matrix of bytes, arranged as follows:


21

Rijndael (cont)• Start with an AddRoundKey stage• has 9 rounds in which state undergoes:

– byte substitution (1 S-box used on every byte)

– shift rows (permute bytes between groups/columns)

– mix columns (subs using matrix multipy of groups)

– add round key (XOR state with key material) • initial XOR key material & incomplete last

round• all operations can be combined into XOR and

table lookups - hence very fast & efficient


22

Implementation Aspects• can efficiently implement on 8-bit

CPU– byte substitution works on bytes using

a table of 256 entries– shift rows is simple byte shifting– add round key works on byte XORs– mix columns requires matrix multiply

in GF(28) which works on byte values, can be simplified to use a table lookup


23

Implementation Aspects• can efficiently implement on 32-bit

CPU– redefine steps to use 32-bit words– can precompute 4 tables of 256-

words– then each column in each round can

be computed using 4 table lookups + 4 XORs

– at a cost of 16Kb to store tables• designers believe this very

efficient implementation was a key factor in its selection as the AES cipher


24

Summary• have considered:

– the AES selection process– Overall structure of AES– implementation aspects


25

Other Symmetric Block Ciphers

• International Data Encryption Algorithm (IDEA)– 128-bit key– Used in PGP

• Blowfish– Easy to implement– High execution speed – Run in less than 5K of memory


26

Other Symmetric Block Ciphers

• RC5– Suitable for hardware and software– Fast, simple– Adaptable to processors of different word lengths– Variable number of rounds– Variable-length key– Low memory requirement– High security– Data-dependent rotations

• Cast-128– Key size from 40 to 128 bits– The round function differs from round to round


27

Cipher Block Modes of Operation

• Cipher Block Chaining Mode (CBC)– The input to the encryption algorithm is the

XOR of the current plaintext block and the preceding ciphertext block.

– Repeating pattern of 64-bits are not exposed

ii1i1iiK1i

i1iiK

i1iKKiK

i1iki

PPCC][CDC)P(C][CD

)]P(C[ED][CD

]P[CEC


28


29

Location of Encryption Device

• Link encryption:– A lot of encryption devices– High level of security– Decrypt each packet at every switch

• End-to-end encryption– The source encrypt and the receiver decrypts– Payload encrypted– Header in the clear

• High Security: Both link and end-to-end encryption are needed


30


31

Key Distribution• A key could be selected by A and

physically delivered to B.• A third party could select the key and

physically deliver it to A and B.• If A and B have previously used a key, one

party could transmit the new key to the other, encrypted using the old key.

• If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.


32

Key Distribution (See Figure 2.10)

• Session key:– Data encrypted with a one-time

session key.At the conclusion of the session the key is destroyed

• Permanent key:– Used between entities for the purpose

of distributing session keys


33

Documents

Computer and Network Security/ Internet Security