Upload
clyde-strickland
View
229
Download
0
Embed Size (px)
Citation preview
NETWORK SECURITY
OutlineOutline
Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution
Conventional Encryption Conventional Encryption PrinciplesPrinciples
An encryption scheme has five ingredients: Plaintext: The original message or data
Encryption algorithm: Performs various substitutions and
transformations on the plaintext
Secret Key: Input to the encryption algorithm
Ciphertext: Scrambled message produced as output
Decryption algorithm: Encryption algorithm run in reverse
Security depends on the secrecy of the key, not
the secrecy of the algorithm
Conventional Encryption Conventional Encryption PrinciplesPrinciples
CryptographyCryptography
Classified along three independent dimensions: The type of operations used for transforming plaintext to
ciphertext
substitution / transposition 代换 / 置换 The number of keys used
symmetric (single key)
asymmetric (two-keys, or public-key encryption)
The way in which the plaintext is processed
block / stream
CryptanalysisCryptanalysis
Process of attempting to discover the
plaintext or key
An encryption scheme is computationally
secure if the ciphertext meets one of
these criteria cost of breaking the cipher exceeds the value of
the information
time requires to break the cipher exceeds the
useful lifetime of the information
Attacks On Encrypted MsgsAttacks On Encrypted Msgs
Average time required for Average time required for exhaustiveexhaustive key search key search
Key Size (bits)
Number of Alternative Keys
Time required at 106 Decryption/µs
32 232 = 4.3 x 109 2.15 milliseconds
56 256 = 7.2 x 1016 10 hours
128 2128 = 3.4 x 1038 5.4 x 1018 years
168 2168 = 3.7 x 1050 5.9 x 1030 years
Feistel Cipher StructureFeistel Cipher Structure
Virtually all conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973
The realisation of a Fesitel Network depends on the choice of the following parameters and design features .
第 i 轮加密变换: Li = Ri - 1
Ri = Li - 1 F(Ri - 1,Ki)
Feistel Cipher StructureFeistel Cipher Structure
Block size: larger block sizes mean greater security Key Size: larger key size means greater security Number of rounds: multiple rounds offer
increasing security Subkey generation algorithm: greater complexity
will lead to greater difficulty of cryptanalysis. Fast software encryption/decryption: the speed
of execution of the algorithm becomes a concern
Conventional Encryption Conventional Encryption AlgorithmsAlgorithms
Data Encryption Standard (DES) The most widely used encryption scheme DES is a block cipher The plaintext is processed in 64-bit blocks The key is 56-bits in length
数据加密标准 DES
C = DES (K, M)• Block size = 64 bits• Key size = 56 bits• Number of rounds = 16• IP - Initial Permutation• IP-1 - The inverse of IP• f - A nonlinear
function
• Ki - Round i subkey (48 bits)
• Each Feistel block can be described as
Li = Ri-1
Ri = Li-1 f (Ri-1, Ki)
32-bit Swap
数据加密标准 DES
明文 64 位输入
初始置换 IP
Feistel Cipher
初始逆置换 IP - 1
密文 64 位输出
初始密钥 64 位
移位变换 16 次
产生 16 个 48 位子密钥
DES 简化示意图
数据加密标准 DES-The Initial Permutation
How to read this table?The 58th bit of input x will be the 1st bit of output IP(x), the 50th bit of x is the second bit of IP(x), etc.
even bits to LH half, odd bits to RH half Do not affect security
数据加密标准 DES - Feistel Block
In Round i, Separate message block into two 32-bit halves, Li and Ri
Introduce a “complex” nonlinear function f f has two inputs: Ri and a 48-bit round key, Ki
“adding” Li and the output of f
Li+1 = Ri
Ri+1 = Li f(Ri, Ki+1)
Li-1 Ri-1
f
Li Ri
Ki+1
数据加密标准 DES - Nonlinear Function
f(Ri-1, Ki) : (32 bits, 48 bits) 32 bits
expand R to 48 bits R’ using permutation and repetition
R’ XOR with K subdivide the result into 8 blocks of 6 bits
each each 6-bit block goes through a S-box to
produce 4 bits permute the 32-bit string
数据加密标准 DES - Nonlinear Function
f(Ri-1, Ki) : (32 bits, 48 bits) 32 bits
数据加密标准 DES - Nonlinear Function
f(Ri-1, Ki) : (32 bits, 48 bits) 32 bitsRi - 1 ( 32bit )
数据加密标准 DES - Expansion
数据加密标准 DES - S-Box
• There are eight S-boxes.• Each takes 6 bits to 4 bits.
• Take the 6-bit input b1, b2, b3, b4, b5, b6
• Interpret b1 b6 as a row number, between 0 and 3.
• Interpret b2 b3 b4 b5 as a column number, 0 through 15.
S-box 1: Bit Bits 2, 3, 4, 5: 1 6 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7 0 1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8 1 0 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0 1 1 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
数据加密标准 DES - S-Box
example:
S2(010010)= 0111
S5(111101)= 0101
数据加密标准 DES - S-Box
数据加密标准 DES - Permutation
置换函数 P 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 19 13 30 6 22 11 4 25
How to read this table? The 16th bit of input x will be the 1st bit of output P(x),
the 7th bit of x is the second bit of P(x), etc.
数据加密标准 DES - Key Schedule
8-byte key has 8 parity check bits :8 , 16 , 24 , 32 , 40 , 48 , 56 , 64
Each has 28 bits
Number of shifts are dependent on i for each Ki
56-bit key K
Permutation PC1
Permutation PC2
C0 D0
Cyclic L Shift Cyclic L Shift
K1
C1 D1
56
48
数据加密标准 DES - Key Schedule
PC1
PC2
9,18,22,25
35,38,43,54
数据加密标准 DES - example
设明文M=(0123456789ABCDEF)16=
K=(133457799BBCDFF1)16=
0 0 0 0 0 0 0 10 0 1 0 0 0 1 10 1 0 0 0 1 0 10 1 1 0 0 1 1 11 0 0 0 1 0 0 11 0 1 0 1 0 1 11 1 0 0 1 1 0 11 1 1 0 1 1 1 1
0 0 0 1 0 0 1 10 0 1 1 0 1 0 00 1 0 1 0 1 1 10 1 1 1 1 0 0 11 0 0 1 1 0 1 11 0 1 1 1 1 0 01 1 0 1 1 1 1 11 1 1 1 0 0 0 1
数据加密标准 DES - example
第 1 轮: [R1,L1]=(EF4A6544F0AAF0AA)16
第 2 轮: [R2,L2]=(CC017709EF4A6544)16
第 3 轮: [R3,L3]=(A25C0BF4CC017709)16
第 4 轮: [R4,L4]=(77220045A25C0BF4)16
第 5 轮: [R5,L5]=(8A4FA63777220045)16
……
第 16 轮: [R16,L16]=(0A4CD99543423234)16
C=(85E813540F0AB405) 16
Triple DEATriple DEA
Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt)
C = ciphertext P = Plaintext EK[X] = encryption of X using key K DK[Y] = decryption of Y using key K
Effective key length of 168 bits
C = EK3[DK2[EK1[P]]]
Triple DEATriple DEA
Other Symmetric Block Other Symmetric Block CiphersCiphers
Advanced Encryption Standard
NIST (国家标准技术协会) call for proposals in
1997
Nov, 2001 – Rijndael
Symmetric block cipher (128 bits) and key
lengths 128, 192, 256
Other Symmetric Block Other Symmetric Block CiphersCiphers
4Transformations: Substitute Bytes Shift Rows Mix Columns Add Round Key
flash 演示
Other Symmetric Block Other Symmetric Block CiphersCiphers
International Data Encryption Algorithm (IDEA) 128-bit key Used in PGP
Blowfish Easy to implement High execution speed Run in less than 5K of memory
Other Symmetric Block Other Symmetric Block CiphersCiphers
RC5 Suitable for hardware and software 适合软硬件实现 Fast, simple 快速、简单 Adaptable to processors of different word lengths
适合不同字长的处理器 Variable number of rounds 可变循环次数 Variable-length key 可变密钥长度 Low memory requirement 低存储器要求 High security 高安全性 Data-dependent rotations 依赖于数据的循环
Cipher Block Modes of Cipher Block Modes of OperationOperation
Electronic Codebook Book 电码本模式 (ECB) message is broken into independent
blocks which are encrypted 将信息划分成独立的分组进行加密
each block is encoded independently of the other blocks 每一分组单独进行加密 Ci = DESK1 (Pi)
uses: secure transmission of single values
Cipher Block Modes of Cipher Block Modes of OperationOperation(ECB)
Cipher Block Modes of Cipher Block Modes of OperationOperation
Cipher Block Chaining Mode (CBC)
The input to the encryption algorithm is the XOR
of the current plaintext block and the preceding
ciphertext block.
Repeating pattern of 64-bits are not exposed
Cipher Block Modes of OperationCipher Block Modes of Operation CFB
Cipher FeedBack 密码反馈模式 (CFB)
message is treated as a stream of bits
result is feed back for next stage
standard allows any number of bit (1,8 or
64 or whatever) to be feed back denoted CFB-1, CFB-8, CFB-64 etc
Cipher FeedBack (CFB)Cipher FeedBack (CFB)
Cipher FeedBack (CFB)Cipher FeedBack (CFB)
Location of Encryption Location of Encryption DeviceDevice
Link encryption: A lot of encryption devices High level of security Decrypt each packet at every switch
End-to-end encryption The source encrypt and the receiver decrypts Payload encrypted Header in the clear
High Security: Both link and end-to-end encryption are needed (see Figure 2.9)
Key DistributionKey Distribution
1. A key could be selected by A and physically delivered to B.
2. A third party could select the key and physically deliver it to A and B.
3. If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key.
4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.
Key DistributionKey Distribution
Session key: Data encrypted with a one-time session key. At
the conclusion (结束) of the session the key is
destroyed
Permanent key: Used between entities for the purpose of
distributing session keys