A block cipher

advertisement


1.
2.
3.
4.
5.
6.
Classical encryption techniques
Block ciphers and the data encryption standard
Basic concepts in number theory and finite fields
Advanced encryption standard
Block cipher operation
Pseudorandom number generation and stream ciphers
2





Symmetric Cipher Model
Substitution Techniques
Transposition Techniques
Rotor Machines
Steganography
3
Symmetric encryption is a form of cryptosystem in
which encryption and decryption are performed using the
same key. It is also known as conventional encryption.
 Symmetric
encryption transforms plaintext into
ciphertext using a secret key and an encryption algorithm.
Using the same key and a decryption algorithm, the
plaintext is recovered from the ciphertext.
 The two types of attack on an encryption algorithm are
cryptanalysis, based on properties of the encryption
algorithm, and brute-force, which involves trying all
possible keys.

4
Traditional (precomputer) symmetric ciphers use
substitution and/or transposition techniques. Substitution
techniques map plaintext elements (characters, bits) into
ciphertext
elements.
Transposition
techniques
systematically transpose the positions of plaintext
elements.
 Rotor machines are sophisticated precomputer hardware
devices that use substitution techniques.
 Steganography is a technique for hiding a secret message
within a larger one in such a way that others cannot
discern the presence or contents of the hidden message.

5
6





Plaintext: This is the original intelligible message or data
that is fed into the algorithm as input
Encryption algorithm: The encryption algorithm performs
various substitutions and transformations on the plaintext.
Secret key: The secret key is also input to the encryption
algorithm. The key is a value independent of the plaintext
and of the algorithm
Ciphertext: This is the scrambled message produced as
output. It depends on the plaintext and the secret key.
Decryption algorithm: This is essentially the encryption
algorithm run in reverse. It takes the ciphertext and the
secret key and produces the original plaintext.
7
8

1.
2.
3.
Cryptographic systems are characterized along three
independent dimensions:
The type of operations used for transforming
plaintext to ciphertext. (substitution, transposition).
The number of keys used (symmetric, public-key
encryption)
The way in which the plaintext is processed (block
cipher, stream cipher)
9
Cryptanalysis: Cryptanalytic attacks rely on the nature of
the algorithm plus perhaps some knowledge of the
general characteristics of the plaintext or even some
sample plaintext–ciphertext pairs. This type of attack
exploits the characteristics of the algorithm to attempt to
deduce a specific plaintext or to deduce the key being
used.
 Brute-force attack: The attacker tries every possible key
on a piece of cipher-text until an intelligible translation
into plaintext is obtained. On average, half of all possible
keys must be tried to achieve success.

10
11
A
brute-force attack involves trying every possible
key until an intelligible translation of the ciphertext
into plaintext is obtained. On average, half of all
possible keys must be tried to achieve success.
12
A substitution technique is one in which the letters of
plaintext are replaced by other letters or by numbers or
symbols.1 If the plaintext is viewed as a sequence of bits,
then substitution involves replacing plaintext bit patterns
with ciphertext bit patterns.
 Caesar Cipher
 For example,
 plain: meet me after the toga party
 cipher: PHHW PH DIWHU WKH WRJD SDUWB

13
14
Monoalphabetic Ciphers
 Playfair Cipher
 Hill Cipher
 Polyalphabetic Ciphers

15
16

An Army Signal Corp officer, Joseph Mauborgne, proposed
an improvement to the Vernam cipher that yields the
ultimate in security. Mauborgne suggested using a random
key that is as long as the message, so that the key need not
be repeated. In addition, the key is to be used to encrypt and
decrypt a single message, and then is discarded. Each new
message requires a new key of the same length as the
new message. Such a scheme, known as a one-time pad, is
unbreakable. It produces random output that bears no
statistical relationship to the plaintext. Because the
ciphertext contains no information whatsoever about the
plaintext, there is simply no way to break the code.
17

The simplest such cipher is the rail fence technique, in
which the plaintext is written down as a sequence of
diagonals and then read off as a sequence of rows. For
example, to encipher the message “meet me after the
toga party” with a rail fence of depth 2, we write the
following:
m e m a t r h t g p r y
e t e f e t e o a a t
 The encrypted message is
MEMATRHTGPRYETEFETEOAAT
18
19
A plaintext message may be hidden in one of two ways.
The methods of steganography conceal the existence of
the message, whereas the methods of cryptography render
the message unintelligible to outsiders by various
transformations of the text.
 Character marking: Selected letters of printed or
typewritten text are over-written in pencil. The marks are
ordinarily not visible unless the paper is held at an angle
to bright light.
 Invisible ink: A number of substances can be used for
writing but leave no visible trace until heat or some
chemical is applied to the paper.
20

Pin punctures: Small pin punctures on selected letters
are ordinarily not visible unless the paper is held up in
front of a light.
 Typewriter correction ribbon: Used between lines typed
with a black ribbon, the results of typing with the
correction tape are visible only under a strong light.
The advantage of steganography is that it can be employed
by parties who have something to lose should the fact of
their secret communication (not necessarily the content)
be discovered. Encryption flags traffic as important or
secret or may identify the sender or receiver as someone
with something to hide.
21



Block Cipher Principles
The Data Encryption Standard
22
A block cipher is an encryption/decryption scheme in
which a block of plaintext is treated as a whole and used
to produce a ciphertext block of equal length.
 Many block ciphers have a Feistel structure. Such a
structure consists of a number of identical rounds of
processing. In each round, a substitution is performed on
one half of the data being processed, followed by a
permutation that interchanges the two halves. The original
key is expanded so that a different key is used for each
round.

23
The Data Encryption Standard (DES) has been the most
widely used encryption algorithm until recently. It
exhibits the classic Feistel structure. DES uses a 64-bit
block and a 56-bit key.
 Two important methods of cryptanalysis are differential
cryptanalysis and linear cryptanalysis. DES has been
shown to be highly resistant to these two types of attack.

24
Stream Ciphers and Block Ciphers
 A stream cipher is one that encrypts a digital data stream
one bit or one byte at a time.
 A block cipher is one in which a block of plaintext is
treated as a whole and used to produce a ciphertext block
of equal length. Typically, a block size of 64 or 128 bits is
used.

25
26
In the late 1960s, IBM set up a research project in
computer cryptography led by Horst Feistel. The project
concluded in 1971 with the development of an algorithm
with the designation LUCIFER [FEIS73], which was sold
to Lloyd’s of London for use in a cash-dispensing system,
also developed by IBM.
 In 1973, the National Bureau of Standards (NBS) issued a
request for proposals for a national cipher standard. IBM
submitted the results of its Tuchman–Meyer project. This
was by far the best algorithm proposed and was adopted
in 1977 as the Data Encryption Standard.

27

As with any encryption scheme, there are two inputs to
the encryption function: the plaintext to be encrypted and
the key. In this case, the plaintext must be 64 bits in
length and the key is 56 bits in length (Actually, the
function expects a 64-bit key as input. However, only 56
of these bits are ever used; the other 8 bits can be used as
parity bits or simply set arbitrarily).
28
29
30
31







Divisibility and The Division Algorithm
The Euclidean Algorithm
Modular Arithmetic
Groups, Rings, and Fields
Finite Fields of the Form GF(p)
Polynomial Arithmetic
Finite Fields of the Form GF(2^n)
32
Modular arithmetic is a kind of integer arithmetic that
reduces all numbers to one of a fixed set [0,...,n-1] for
some number n. Any integer outside this range is reduced
to one in this range by taking the remainder after division
by n.
 The greatest common divisor of two integers is the largest
positive integer that exactly divides both integers.
 A field is a set of elements on which two arithmetic
operations (addition and multiplication) have been defined
and which has the properties of ordinary arithmetic, such
as closure, associativity, commutativity, distributivity, and
having both additive and multiplicative inverses.
33

Finite fields are important in several areas of
cryptography. A finite field is simply a field with a finite
number of elements. It can be shown that the order of a
finite field (number of elements in the field) must be a
power of a prime p^n, where n is a positive integer.
 Finite fields of order p can be defined using arithmetic
mod p.
 Finite fields of order p^n, for n>1, can be defined using
arithmetic over polynomials.

34
35
36


Definition: Two integers
are relatively primeif their
only common positive
integer factor is 1.
Finding the Greatest
Common Divisor
37

Properties of Congruences
38
39
40
41
42
43
44
45
46
47
48
Finite Field Arithmetic
 AES Structure
 AES Transformation Functions
 AES Key Expansion
 An AES Example
 AES Implementation

49
AES is a block cipher intended to replace DES for
commercial applica-tions. It uses a 128-bit block size and
a key size of 128, 192, or 256 bits.
 AES does not use a Feistel structure. Instead, each full
round consists of four separate functions: byte
substitution, permutation, arithmetic opera-tions over a
finite field, and XOR with a key.

50
51
52
Multiple Encryption and Triple DES
 Electronic Code Book
 Cipher Block Chaining Mode
 Cipher Feedback Mode
 Output Feedback Mode
 Counter Mode
 XTS-AES Mode for Block-Oriented Storage Devices

53
Multiple encryption is a technique in which an encryption
algorithm is used multiple times. In the first instance,
plaintext is converted to ciphertext using the encryption
algorithm. This ciphertext is then used as input and the
algorithm is applied again. This process may be repeated
through any number of stages.
 Triple DES makes use of three stages of the DES
algorithm, using a total of two or three distinct keys.
 A mode of operation is a technique for enhancing the
effect of a crypto-graphic algorithm or adapting the
algorithm for an application, such as applying a block
cipher to a sequence of data blocks or a data stream.
54

Five modes of operation have been standardized by NIST
for use with symmetric block ciphers such as DES and
AES: electronic codebook mode, cipher block chaining
mode, cipher feedback mode, output feed-back mode, and
counter mode.
 Another
important mode, XTS-AES, has been
standardized by the IEEE Security in Storage Working
Group (P1619). The standard describes a method of
encryption for data stored in sector-based devices where
the threat model includes possible access to stored data by
the adversary.

55
56
Triple DES with Two Keys
Triple DES with Three Keys: A
number
of
Internet-based
applications have adopted threekey 3DES, including PGP and
S/MIME
57
58
59
60
61
62
63
64
65
66
67
Principles of Pseudorandom Number Generation
 Pseudorandom Number Generators
 Pseudorandom Number Generation Using a Block Cipher
 Stream Ciphers
 RC4
 True Random Number Generators

68
A capability with application to a number of
cryptographic functions is random or pseudorandom
number generation. The principle requirement for this
capability is that the generated number stream be
unpredictable.
 A stream cipher is a symmetric encryption algorithm in
which ciphertext output is produced bit-by-bit or byte-bybyte from a stream of plaintext input. The most widely
used such cipher is RC4.

69
Traditionally, the concern in the generation of a sequence
of allegedly random numbers has been that the sequence
of numbers be random in some well-defined statistical
sense. The following two criteria are used to validate that
a sequence of numbers is random:
 Uniform distribution:The distribution of bits in the
sequence should be uniform; that is, the frequency of
occurrence of ones and zeros should be approximately
equal.
 Independence:No one subsequence in the sequence can
be inferred from the others.

70
71
72

RC4 is used in the Secure Sockets Layer/Transport Layer
Security (SSL/TLS) standards that have been defined for
communication between Web browsers and servers. It is
also used in the Wired Equivalent Privacy (WEP)
protocol and the newer WiFi Protected Access (WPA)
protocol that are part of the IEEE 802.11 wireless LAN
standard. RC4 was kept as a trade secret by RSA Security.
73
Download