Lecture VI : Secret Key Cryptography
|
|
- Ronald Nichols
- 7 years ago
- Views:
Transcription
1 Lecture VI : Secret Key Cryptography Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University Spring 2012
2 Internet Security - Secret Key Cryptography 2 Outline Symmetric Block Cipher Principle Generic Algorithm Data Encryption Standard (DES) Advanced Encryption Standard (AES) Symmetric Block Cipher Operation Modes Electronic Code Book (ECB) Cipher Block Chaining (CBC) Output FeedBack (OFB) Cipher FeedBack (CFB)
3 Internet Security - Secret Key Cryptography 3 Generic Block Cipher : Principle Confusion Complicate relations between keys and ciphertext to prohibit cryptanalyst from gaining useful information of key from statistical analyses of ciphertext Insufficient for total protection Due to plaintext redundancy and other characteristics Example: Mono-alphabetic Cipher Diffusion Dissipate plaintext redundancy and other characteristics by defusing/masking them within entire ciphertext Techniques: Transportation re-ordering of plaintext fragments Composition merging dependency on plaintext fragments
4 Internet Security - Secret Key Cryptography 4 Generic Block Cipher : Repetitive Round Confusion Diffusion
5 Internet Security - Secret Key Cryptography 5 Data Encryption Standard (DES) Published by NIST in 1977 for commercial and unclassified US Government applications Designed by IBM based on Lucifer Cipher and NSA input A Symmetric Block Cipher with 64-bit (8-byte) input and output data blocks 56-bit (7-byte?) symmetric key = 8 ( 7 key bits + 1 odd-parity bit ) = 64 internal key bits Too Short! Insecure!! Efficient for hardware implementation (with export control) Inefficient for software implementation approx. 30KB/s for 500-MIP CPU
6 Internet Security - Secret Key Cryptography 6 Data Encryption Standard (DES) Initial / Final Permutation Shuffle input/output bits by table look-up NO security effect Round Key Generation Produce bit keys Takes different subset of 56-bit master key DES Internal Rounds Perform confusion by mangling S-boxes Perform diffusion by twopart shuffle and XOR
7 Internet Security - Secret Key Cryptography 7 Initial / Final Permutations Output Permutation = ( Input Permutation ) -1 Each permutation is an orderly Bryant-Tree permutation NO improvement of security
8 Internet Security - Secret Key Cryptography 8 Initial / Final Permutations(In detail)
9 Internet Security - Secret Key Cryptography 9 Generation of Round Keys Left Right Initial Permutation of 56-bit Master Key(PC1) Production of 2 28-bit Seed Keys Generation of 48-bit Round Keys by rotation and selection(pc2) Rounds 1, 2, 9, 16 use 1- bit left rotations Other rounds use 2-bit left rotations
10 Internet Security - Secret Key Cryptography 10 Feistel Cipher If round function F is a cryptographically secure pseudorandom function, with K i as seed [Luby & Rackoff] THREE rounds is sufficient to make the block cipher a pseudorandom permutation Ex.: MISTY1 uses a three-round Feistel network in its round function FOUR rounds is sufficient to make it a strong pseudorandom permutation.
11 Internet Security - Secret Key Cryptography 11 DES Computation Round Each Computation Round Division of 2 32-bit halves Mangling of right half
12 Internet Security - Secret Key Cryptography 12 Feistel function in DES Expansion Permutation - E
13 Internet Security - Secret Key Cryptography 13 DES S-Box
14 Internet Security - Secret Key Cryptography 14 DES S-Box example S Example: Input= Row = 01=1 Column=1100=12 Output=9=1001
15 Internet Security - Secret Key Cryptography 15 Real example of DES K[1] K = = (original key) E(R[0]) K+ = = (After deleting parity bits) K1 C0 XOR = E(R[0]) = (divide key in two parts) D0 = (now we should convert 48 bit output to 32 bits using S1... S8 tables) ( and shifting) K[n] C1 = XOR E(R[n]-1) =S1(B[1]) S2(B[2]) S3(B[3]) S4(B[4]) S5(B[5]) S6(B[6]) S7(B[7]) S8(B[8]) B[1] D1 = => S[1](01, 1110) = S[1][1][14] = 3 = 0011 B[2] => S[2](01, 0010)... = S[2][1][2 ] = 4 = 0100 B[3] C16 => S[3](11, 1010) = S[3][3][10] = 14 = 1110 B[4] D16 => = S[4](01, 0011) = S[4][1][3 ] = 5 = 0101 B[5] C1D1 => = S[5](10, ) = S[5][2][ ] = = (now applying PC-2 table) B[6] K1 = => S[6](00, ) = S[6][0][14] = 5 = B[7] K2 = => S[7](11, ) = S[7][3][ ] = 10 = B[8] => S[8](01, 1110). = S[8][1][14] = 9 = 1001 K[n] K16 XOR = E(R[n]-1) = (After apllying (now S we tables) have key of each round) f M = P(S[1](B[1])...S[8](B[8])) (Applying another 1111 permutation table) f IP = = (After first permutation) R[1] L0 = = 1100 L[0] 1100 XOR 0000 f(r[0] 0000, K[1] 1100 ) (Divide original message in two parts) R0 = XOR K[1] = (Key of first round) L[1] = R[0] = (and 1111 from 0000 last 1010 part 1010 we have 1111 L[1]) L[1] R[1] = R[0] L[0] = f(r[0],k[1]) (K[1] 0000 is bit 1010 so in order to compute f we need to expand R[0] to 48 bits) R[0] (so = L[1] 1111 has 0000 no computation and 0000 that s 1010 exactly 1010 why in each round just 32 bits of input data involve in f function) E(R[0]) continue = to next round (By applying E BIT-SELECTION TABLE)
16 Internet Security - Secret Key Cryptography 16 Triple-DES (TDES) Triple DES comprises three DES keys, K1, K2 and K3, each of 56 bits (excluding 8 parity bits). Encryption Algorithm : ciphertext = E K3 (D K2 (E K1 (plaintext))) Decryption Algorithm : plaintext = D K1 (E K2 (D K3 (ciphertext))) Keying Options [NIST SP-800] All three keys are independent. K1 and K2 are independent, and K3 = K1. All three keys are identical, K1 = K2 = K3 (equivalent to DES) option1 & 2 provide longer key lengths
17 Internet Security - Secret Key Cryptography 17 Outline Symmetric Block Cipher Principle Generic Algorithm Data Encryption Standard (DES) Advanced Encryption Standard (AES) Symmetric Block Cipher Operation Modes Electronic Code Book (ECB) Cipher Block Chaining (CBC) Output FeedBack (OFB) Cipher FeedBack (CFB)
18 Internet Security - Secret Key Cryptography 18 Advanced Encryption Standard Rijndael Block Size, N b : (128), 160, 192, 224, 256 Key Size, N k : (128), 160, (192), 224, (256) Round Number, N r : N r = 6 + max (N b N k ) Encryption/Decryption Rounds based on GF(2 8 ): 7 th Order Polynomials modulo m(x) = x 8 + x 4 + x 3 + x + 1 Key size (bytes) Plaintext block size (bytes) Number of rounds Round key size (bytes) Expanded key size (bytes) AES
19 Internet Security - Secret Key Cryptography 19 Rijndael : S-Box Octet Substitution Implemented as table lookup Inversion operation performed as another table lookup Operation Compute multiplicative Inverse of each octet: S 1 = M -1 mod m(x) Perform multiplication: 63 7C 77 7B F2 6B 6F C B FE D7 AB 76 CA 82 C9 7D FA F0 AD D4 A2 AF 9C A4 72 C0 B7 FD F F7 CC 34 A5 E5 F1 71 D C7 23 C A E2 EB 27 B C 1A 1B 6E 5A A0 52 3B D6 B3 29 E3 2F D1 00 ED 20 FC B1 5B 6A CB BE 39 4A 4C 58 CF D0 EF AA FB 43 4D F9 02 7F 50 3C 9F A8 51 A3 40 8F 92 9D 38 F5 BC B6 DA FF F3 D2 CD 0C 13 EC 5F C4 A7 7E 3D 64 5D F DC 22 2A EE B8 14 DE 5E 0B DB E0 32 3A 0A C C2 D3 AC E4 79 E7 C8 37 6D 8D D5 4E A9 6C 56 F4 EA 65 7A AE 08 BA E 1C A6 B4 C6 E8 DD 74 1F 4B BD 8B 8A 70 3E B F6 0E B9 86 C1 1D 9E E1 F D9 8E 94 9B 1E 87 E9 CE DF 8C A1 89 0D BF E D 0F B0 54 BB 16
20 Internet Security - Secret Key Cryptography 20 Rijndael : ShiftRow m n o p j k l d e f w x y z no shift m n o p k l j Cyclic shift by C1 (1) f Cyclic shift by C2 (2) z Cyclic shift by C3 (3) d e w x y ShiftRow operates on the rows of the State.
21 Internet Security - Secret Key Cryptography 21 Rijndael : Mix Column Substitution of 4-Octet Columns Implemented as 1-4 Octet Table Lookup Octet-based Shifts & XORs Inversion operation performed as Another 1-4 Octet Table Lookup Octet-based Opp. Shifts & XORs Mathematical Basis: C(x) = 03x x x + 02
22 Internet Security - Secret Key Cryptography 22 Rijndael : Round Key In the Round Key addition the Round Key is bitwise XOR-ed to the State a 0,0 a 0,1 a 0,2 a 0,3 k 0,0 k 0,1 k 0,2 k 0,3 b 0,0 b 0,1 b 0,2 b 0,3 a 1,0 a 1,1 a 1,2 a 1,3 k 1,0 k 1,1 k 1,2 k 1,3 = b 1,0 b 1,1 b 1,2 b 1,3 a 2,0 a 2,1 a 2,2 a 2,3 k 2,0 k 2,1 k 2,2 k 2,3 b 2,0 b 2,1 b 2,2 b 2,3 a 3,0 a 3,1 a 3,2 a 3,3 k 3,0 k 3,1 k 3,2 k 3,3 b 3,0 b 3,1 b 3,2 b 3,3
23 Internet Security - Secret Key Cryptography 23 Rijndael : Key Expansion Use Initial Key to produce Key Set 0 Use Scrambling & Sequential XORs to produce Key Set i (I > 0) k 0 k 4 k 8 k 12 k 1 k 5 k 9 k 13 w 0 w 1 w 2 w 3 RotWord k 2 k 6 k 10 k 14 k 3 k 7 k 11 k 15 XOR Rcon SubWord w 4 w 5 w 6 w 7
24 Internet Security - Secret Key Cryptography 24 Outline Symmetric Block Cipher Principle Generic Algorithm Data Encryption Standard (DES) Advanced Encryption Standard (AES) Symmetric Block Cipher Operation Modes Electronic Code Book (ECB) Cipher Block Chaining (CBC) Output FeedBack (OFB) Cipher FeedBack (CFB)
25 Internet Security - Secret Key Cryptography 25 Modes of Operation Purpose modes of operation introduce standard methods to use symmetric block ciphers repetitively for protecting arbitrarily long messages Common Operation Modes (Guarantee only confidentiality) Electronic Code Book (ECB) Cipher Block Chaining (CBC) Output FeedBack (OFB) Cipher FeedBack (CFB) Counter (CTR) Other Operation Modes (many!) Encryption Modes Authentication Modes Authenticated Encryption Modes
26 Internet Security - Secret Key Cryptography 26 Electronic Code Book (ECB) Mode Operation Break plaintext into blocks Pad last non-integral block Encrypt each block separately using Block Cipher Concatenate ciphered blocks into ciphertext Decryption is exact inverse of Encryption Possible Use Rarely Possibly applied only to random un-correlated data
27 Internet Security - Secret Key Cryptography 27 ECB PB1 PBi-1 PBi PBn Enc Enc Enc Enc CB1 CBi-1 CBi CBn CB1 CBi-1 CBi CBn Dec Dec Dec Dec PB1 PBi-1 PBi PBn
28 Internet Security - Secret Key Cryptography 28 Electronic Code Book (ECB) Mode Example : Salary Database Pitfalls Passive : Partial Information Leaking Ciphertext Only Attackers can guess employee salary ranges Known / Chosen Plaintext Attackers can infer employee salary Active : Information Replacement Active Attackers can replace ciphertext blocks and thus corresponding plaintext blocks
29 Internet Security - Secret Key Cryptography 29 Cipher Block Chaining (CBC) Mode Operation Break plaintext into blocks Pad last non-integral block XOR each plaintext block with ciphertext block from last encryption operation Supply Initial Vector (IV) as input ciphertext block for first encryption operation Decryption is Encryption inverse with XOR performed AFTER block decryption
30 Internet Security - Secret Key Cryptography 30 CBC IV PB1 PBi-1 PBi PBn Enc Enc Enc Enc CB1 CBi-1 CBi CBn CB1 CBi-1 CBi CBn Dec Dec Dec Dec IV PB1 PBi-1 PBi PBn
31 Internet Security - Secret Key Cryptography 31 Output Feedback (OFB) Mode Operation Stream Cipher! Generate one-time pad segments using pseudo-random number generator with IV & Key Combine plaintext & one-time pad using XOR Advantage Pre-computation of one-time pad No synchronization Problem Disadvantage Easy to break!
32 Internet Security - Secret Key Cryptography 32 OFB IV PB1 PBi-1 PBi PBn S0 Si-1 S i Enc Enc Enc Sn Enc CB1 CBi-1 CBi CBn IV Enc Enc Enc CB1 CBi-1 CBi CBn S0 Si-1 Si Sn Enc PB1 PBi-1 PBi PBn
33 Internet Security - Secret Key Cryptography 33 CTR Counter Counter+(i-1) Counter+i Counter+n Enc Enc Enc Enc PB1 PBi-1 PBi PBn CB1 CBi-1 CBi CBn Counter Counter+(i-1) Counter+i Counter+n Enc Enc Enc Enc CB1 PBi-1 PBi PBn CB1 CBi-1 CBi CBn
34 Internet Security - Secret Key Cryptography 34 Cipher Feedback (CFB) Mode Operation Revision of OFB Generate a one-time pad segment using previous ciphertext segment Advantage/ Disadvantage Eliminate weakness of XOR Comprimise between OFB and CBC
35 Internet Security - Secret Key Cryptography 35 CFB IV PB1 PBi-1 PBi PBn Enc Enc Enc Enc CB1 CBi-1 CBi CBn IV CB1 CBi-1 CBi CBn Enc Enc Enc Enc PB1 PBi-1 PBi PBn
36 Internet Security - Secret Key Cryptography 36 Authenticated Encryption (AE) Modes Combine Data Confidentiality with Data Integrity (Authenticity) Naïve composition of these two modes may be vulnerable to attacks Consider Authenticated Encryption (AE) Modes: CCM (Counter with CBC-MAC) GCM (Galois/Counter Mode ) What else can be done using AE modes? Sometimes we wish not only to encrypt & authenticate messages Also embed auxiliary data that can be authenticated but unencrypted. Authenticated Encryption with Associated Data (AEAD scheme) For more information, please refer to the website:
37 Internet Security - Secret Key Cryptography 37 CCM (Counter with CBC-MAC) CMAC (Auth.) K PB1 PBi-1 PBi PBn DES DES DES DES Counter Mode T=MAC, also aka the tag Tlen=bit length of T MSBs(X)= the s leftmost bits of the bit string X Counter 1 Counter+(i-1) Counter+i Counter+n DES DES DES DES PB1 PBi-1 PBi PBn CB1 CBi-1 CBi CBn T=MSB(Tlen) Counter 0 K DES MSB(Tlen) T
Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.7
Written By: Adam Berent Advanced Encryption Standard by Example V.1.7 1.0 Preface The following document provides a detailed and easy to understand explanation of the implementation of the AES (RIJNDAEL)
More informationAdvanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.5
Written By: Adam Berent Advanced Encryption Standard by Example V.1.5 1.0 Preface The following document provides a detailed and easy to understand explanation of the implementation of the AES (RIJNDAEL)
More informationVisa Smart Debit/Credit Certificate Authority Public Keys
CHIP AND NEW TECHNOLOGIES Visa Smart Debit/Credit Certificate Authority Public Keys Overview The EMV standard calls for the use of Public Key technology for offline authentication, for aspects of online
More informationNetwork Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 3 Symmetric Cryptography General Description Modes of ion Data ion Standard (DES)
More informationHow To Encrypt With A 64 Bit Block Cipher
The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric
More informationBlock encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015
CS-4920: Lecture 7 Secret key cryptography Reading Chapter 3 (pp. 59-75, 92-93) Today s Outcomes Discuss block and key length issues related to secret key cryptography Define several terms related to secret
More informationThe Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) All of the cryptographic algorithms we have looked at so far have some problem. The earlier ciphers can be broken with ease on modern computation systems. The DES
More informationLecture 4 Data Encryption Standard (DES)
Lecture 4 Data Encryption Standard (DES) 1 Block Ciphers Map n-bit plaintext blocks to n-bit ciphertext blocks (n = block length). For n-bit plaintext and ciphertext blocks and a fixed key, the encryption
More informationNetwork Security: Secret Key Cryptography
1 Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York schulzrinne@cs.columbia.edu Columbia University, Fall 2000 c 1999-2000, Henning Schulzrinne Last modified September
More informationCryptography and Network Security Block Cipher
Cryptography and Network Security Block Cipher Xiang-Yang Li Modern Private Key Ciphers Stream ciphers The most famous: Vernam cipher Invented by Vernam, ( AT&T, in 1917) Process the message bit by bit
More informationRijndael Encryption implementation on different platforms, with emphasis on performance
Rijndael Encryption implementation on different platforms, with emphasis on performance KAFUUMA JOHN SSENYONJO Bsc (Hons) Computer Software Theory University of Bath May 2005 Rijndael Encryption implementation
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard
More informationThe Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) Conception - Why A New Cipher? Conception - Why A New Cipher? DES had outlived its usefulness Vulnerabilities were becoming known 56-bit key was too small Too slow
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction
More information1 Data Encryption Algorithm
Date: Monday, September 23, 2002 Prof.: Dr Jean-Yves Chouinard Design of Secure Computer Systems CSI4138/CEG4394 Notes on the Data Encryption Standard (DES) The Data Encryption Standard (DES) has been
More informationOverview of Symmetric Encryption
CS 361S Overview of Symmetric Encryption Vitaly Shmatikov Reading Assignment Read Kaufman 2.1-4 and 4.2 slide 2 Basic Problem ----- ----- -----? Given: both parties already know the same secret Goal: send
More informationSeChat: An AES Encrypted Chat
Name: Luis Miguel Cortés Peña GTID: 901 67 6476 GTG: gtg683t SeChat: An AES Encrypted Chat Abstract With the advancement in computer technology, it is now possible to break DES 56 bit key in a meaningful
More informationKALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard
KALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard Dr. Gavekort c/o Vakiopaine Bar Kauppakatu 6, 41 Jyväskylä FINLAND mjos@iki.fi Abstract. We have discovered that the
More informationHow To Understand And Understand The History Of Cryptography
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/
More informationAES Cipher Modes with EFM32
AES Cipher Modes with EFM32 AN0033 - Application Note Introduction This application note describes how to implement several cryptographic cipher modes with the Advanced ion Standard (AES) on the EFM32
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationSecret File Sharing Techniques using AES algorithm. C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002
Secret File Sharing Techniques using AES algorithm C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002 1. Feature Overview The Advanced Encryption Standard (AES) feature adds support
More information6.857 Computer and Network Security Fall Term, 1997 Lecture 4 : 16 September 1997 Lecturer: Ron Rivest Scribe: Michelle Goldberg 1 Conditionally Secure Cryptography Conditionally (or computationally) secure
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide
More informationNetwork Security. Modes of Operation. Steven M. Bellovin February 3, 2009 1
Modes of Operation Steven M. Bellovin February 3, 2009 1 Using Cryptography As we ve already seen, using cryptography properly is not easy Many pitfalls! Errors in use can lead to very easy attacks You
More informationCryptography and Network Security Chapter 3
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon
More informationHow To Attack A Block Cipher With A Key Key (Dk) And A Key (K) On A 2Dns) On An Ipa (Ipa) On The Ipa 2Ds (Ipb) On Pcode)
Cryptography and Network Security Chapter 6 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 6 Block Cipher Operation Many savages at the present day regard
More informationTable of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationCryptography and Network Security Chapter 12
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he
More informationMAC. SKE in Practice. Lecture 5
MAC. SKE in Practice. Lecture 5 Active Adversary Active Adversary An active adversary can inject messages into the channel Active Adversary An active adversary can inject messages into the channel Eve
More informationTalk announcement please consider attending!
Talk announcement please consider attending! Where: Maurer School of Law, Room 335 When: Thursday, Feb 5, 12PM 1:30PM Speaker: Rafael Pass, Associate Professor, Cornell University, Topic: Reasoning Cryptographically
More informationThe Advanced Encryption Standard: Four Years On
The Advanced Encryption Standard: Four Years On Matt Robshaw Reader in Information Security Information Security Group Royal Holloway University of London September 21, 2004 The State of the AES 1 The
More informationDeveloping and Investigation of a New Technique Combining Message Authentication and Encryption
Developing and Investigation of a New Technique Combining Message Authentication and Encryption Eyas El-Qawasmeh and Saleem Masadeh Computer Science Dept. Jordan University for Science and Technology P.O.
More informationModes of Operation of Block Ciphers
Chapter 3 Modes of Operation of Block Ciphers A bitblock encryption function f: F n 2 Fn 2 is primarily defined on blocks of fixed length n To encrypt longer (or shorter) bit sequences the sender must
More informationNetwork Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)
Network Security Security Crytographic algorithms Security Services Secret key (DES) Public key (RSA) Message digest (MD5) privacy authenticity Message integrity Secret Key Encryption Plain text Plain
More informationIJESRT. [Padama, 2(5): May, 2013] ISSN: 2277-9655
IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY Design and Verification of VLSI Based AES Crypto Core Processor Using Verilog HDL Dr.K.Padama Priya *1, N. Deepthi Priya 2 *1,2
More informationARCHIVED PUBLICATION
ARCHIVED PUBLICATION The attached publication, FIPS Publication 46-3 (reaffirmed October 25, 1999), was withdrawn on May 19, 2005 and is provided here only for historical purposes. For related information,
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond
More informationError oracle attacks and CBC encryption. Chris Mitchell ISG, RHUL http://www.isg.rhul.ac.uk/~cjm
Error oracle attacks and CBC encryption Chris Mitchell ISG, RHUL http://www.isg.rhul.ac.uk/~cjm Agenda 1. Introduction 2. CBC mode 3. Error oracles 4. Example 1 5. Example 2 6. Example 3 7. Stream ciphers
More informationCommon Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/
Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP
More informationEvaluation of the RC4 Algorithm for Data Encryption
Evaluation of the RC4 Algorithm for Data Encryption Allam Mousa (1) and Ahmad Hamad (2) (1) Electrical Engineering Department An-Najah University, Nablus, Palestine (2) Systems Engineer PalTel Company,
More informationWhite Paper. Shay Gueron Intel Architecture Group, Israel Development Center Intel Corporation
White Paper Shay Gueron Intel Architecture Group, Israel Development Center Intel Corporation Intel Advanced Encryption Standard (AES) New Instructions Set Intel AES New Instructions are a set of instructions
More informationDesigning Hash functions. Reviewing... Message Authentication Codes. and message authentication codes. We have seen how to authenticate messages:
Designing Hash functions and message authentication codes Reviewing... We have seen how to authenticate messages: Using symmetric encryption, in an heuristic fashion Using public-key encryption in interactive
More informationDesign and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL
Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL 1 N. Radhika, 2 Obili Ramesh, 3 Priyadarshini, 3 Asst.Profosser, 1,2 M.Tech ( Digital Systems & Computer Electronics), 1,2,3,
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. #01 Lecture No. #10 Symmetric Key Ciphers (Refer
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationNetwork Security - ISA 656 Introduction to Cryptography
Network Security - ISA 656 Angelos Stavrou September 18, 2007 Codes vs. K = {0, 1} l P = {0, 1} m C = {0, 1} n, C C E : P K C D : C K P p P, k K : D(E(p, k), k) = p It is infeasible to find F : P C K Let
More informationImplementation of Full -Parallelism AES Encryption and Decryption
Implementation of Full -Parallelism AES Encryption and Decryption M.Anto Merline M.E-Commuication Systems, ECE Department K.Ramakrishnan College of Engineering-Samayapuram, Trichy. Abstract-Advanced Encryption
More informationlundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal
Symmetric Crypto Pierre-Alain Fouque Birthday Paradox In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal N=365, about 23 people are
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationCryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.
Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:
More informationCSC474/574 - Information Systems Security: Homework1 Solutions Sketch
CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher
More informationEnhancing Advanced Encryption Standard S-Box Generation Based on Round Key
Enhancing Advanced Encryption Standard S-Box Generation Based on Round Key Julia Juremi Ramlan Mahmod Salasiah Sulaiman Jazrin Ramli Faculty of Computer Science and Information Technology, Universiti Putra
More informationAN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES
HYBRID RSA-AES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh
More informationAES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications
General Description The AES core implements Rijndael encoding and decoding in compliance with the NIST Advanced Encryption Standard. Basic core is very small (start at 800 Actel tiles). Enhanced versions
More informationSAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK
SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY
More informationModern Block Cipher Standards (AES) Debdeep Mukhopadhyay
Modern Block Cipher Standards (AES) Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Introduction
More informationAuthentication and Encryption: How to order them? Motivation
Authentication and Encryption: How to order them? Debdeep Muhopadhyay IIT Kharagpur Motivation Wide spread use of internet requires establishment of a secure channel. Typical implementations operate in
More informationSERVER CERTIFICATES OF THE VETUMA SERVICE
Page 1 Version: 3.4, 19.12.2014 SERVER CERTIFICATES OF THE VETUMA SERVICE 1 (18) Page 2 Version: 3.4, 19.12.2014 Table of Contents 1. Introduction... 3 2. Test Environment... 3 2.1 Vetuma test environment...
More informationData Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin. www.itmr.ac.in
01 0110 0001 01101 WHITE PAPER ON Data Encryption Prepared by Mohammed Samiuddin www.itmr.ac.in Contents INTRODUCTION... 2 NEED FOR DATA ENCRYPTION... 3 DUE CARE... 3 REPUTATIONAL RISK... 3 REGULATORY
More informationIntel Advanced Encryption Standard (AES) New Instructions Set
White Paper Shay Gueron Mobility Group, Israel Development Center Intel Corporation Intel Advanced Encryption Standard (AES) New Instructions Set Intel AES New Instructions are a set of instructions available
More informationCryptographic Engine
Cryptographic Engine HIGHLIGHTS This section of the manual contains the following major topics: 1.0 Introduction... 2 2.0 Registers... 4 3.0 Theory of Operation... 12 4.0 Module Operation... 27 5.0 Operation
More informationIntroduction. Where Is The Threat? Encryption Methods for Protecting Data. BOSaNOVA, Inc. Phone: 866-865-5250 Email: info@theq3.com Web: www.theq3.
Introduction Within the last ten years, there has been a vast increase in the accumulation and communication of digital computer data in both the private and public sectors. Much of this information has
More informationNetwork Security. Omer Rana
Network Security Omer Rana CM0255 Material from: Cryptography Components Sender Receiver Plaintext Encryption Ciphertext Decryption Plaintext Encryption algorithm: Plaintext Ciphertext Cipher: encryption
More informationAuthenticated encryption
Authenticated encryption Dr. Enigma Department of Electrical Engineering & Computer Science University of Central Florida wocjan@eecs.ucf.edu October 16th, 2013 Active attacks on CPA-secure encryption
More informationUSB HID to PS/2 Scan Code Translation Table
Key Name HID Usage Page HID Usage ID PS/2 Set 1 Make* PS/2 Set 1 Break* PS/2 Set 2 Make PS/2 Set 2 Break System Power 01 81 E0 5E E0 DE E0 37 E0 F0 37 System Sleep 01 82 E0 5F E0 DF E0 3F E0 F0 3F System
More informationLecture 9 - Message Authentication Codes
Lecture 9 - Message Authentication Codes Boaz Barak March 1, 2010 Reading: Boneh-Shoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,
More informationCIS433/533 - Computer and Network Security Cryptography
CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and
More informationF3 Symmetric Encryption
F3 Symmetric Encryption Cryptographic Algorithms: Overview During this course two main applications of cryptographic algorithms are of principal interest: Encryption of data: transforms plaintext data
More information2009-2010. SSL Firewalls
& 2009-2010 & ( ) SSL Firewalls :. :.. byte 0x01 : 1,. 1 , :,, : ( ) ). : : (Confidentiality) (Integrity) (Availability) :.,,. :. :...,,. :,,. 2 (Identification) (Authentication).,,, )... (Authorization)
More informationTechnical Specification Digital Video Broadcasting (DVB); Content Scrambling Algorithms for DVB-IPTV Services using MPEG2 Transport Streams
TS 103 127 V1.1.1 (2013-05) Technical Specification Digital Video Broadcasting (DVB); Content Scrambling Algorithms for DVB-IPTV Services using MPEG2 Transport Streams 2 TS 103 127 V1.1.1 (2013-05) Reference
More informationEfficient Software Implementation of AES on 32-bit Platforms
Efficient Software Implementation of AES on 32-bit Platforms Guido Bertoni, Luca Breveglieri Politecnico di Milano, Milano - Italy Pasqualina Lilli Lilli Fragneto AST-LAB of ST Microelectronics, Agrate
More informationIronKey Data Encryption Methods
IronKey Data Encryption Methods An IronKey Technical Brief November 2007 Information Depth:Technical Introduction IronKey is dedicated to building the world s most secure fl ash drives. Our dedication
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationCryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 12 Block Cipher Standards
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationEMV (Chip-and-PIN) Protocol
EMV (Chip-and-PIN) Protocol Märt Bakhoff December 15, 2014 Abstract The objective of this report is to observe and describe a real world online transaction made between a debit card issued by an Estonian
More informationThe Encryption Technology of Automatic Teller Machine Networks
Software Engineering 4C03 Winter 2005 The Encryption Technology of Automatic Teller Machine Networks Researcher: Shun Wong Last revised: April 2nd, 2005 1 Introduction ATM also known as Automatic Teller
More informationSERVER CERTIFICATES OF THE VETUMA SERVICE
Page 1 Version: 3.5, 4.11.2015 SERVER CERTIFICATES OF THE VETUMA SERVICE 1 (18) Page 2 Version: 3.5, 4.11.2015 Table of Contents 1. Introduction... 3 2. Test Environment... 3 2.1 Vetuma test environment...
More informationSL-8800 HDCP 2.2 and HDCP 1.x Protocol Analyzer for HDMI User Guide
SL-8800 HDCP 2.2 and HDCP 1.x Protocol Analyzer for HDMI Simplay-UG-02003-A July 2015 Contents 1. Overview... 4 1.1. SL-8800 HDCP Protocol Analyzer Test Equipment... 4 1.2. HDCP 2.2/HDCP 1.x Protocol Analyzer
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationTransitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths
NIST Special Publication 800-131A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths Elaine Barker and Allen Roginsky Computer Security Division Information
More informationChapter 2 Overview of Bluetooth Security
Chapter 2 Overview of Bluetooth Security The basic Bluetooth security configuration is done by the user who decides how a Bluetooth device will implement its connectability and discoverability options.
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 13
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 13 Some More Secure Channel Issues Outline In the course we have yet only seen catastrophic
More informationCLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY
CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,
More informationDisk Encryption. Adnan Vaseem Alam. Master of Science in Communication Technology. Scrutinizing IEEE Standard 1619\XTS-AES
Disk Encryption Scrutinizing IEEE Standard 1619\XTS-AES Adnan Vaseem Alam Master of Science in Communication Technology Submission date: June 2009 Supervisor: Danilo Gligoroski, ITEM Norwegian University
More informationA NEW HASH ALGORITHM: Khichidi-1
A NEW HASH ALGORITHM: Khichidi-1 Abstract This is a technical document describing a new hash algorithm called Khichidi-1 and has been written in response to a Hash competition (SHA-3) called by National
More informationURL encoding uses hex code prefixed by %. Quoted Printable encoding uses hex code prefixed by =.
ASCII = American National Standard Code for Information Interchange ANSI X3.4 1986 (R1997) (PDF), ANSI INCITS 4 1986 (R1997) (Printed Edition) Coded Character Set 7 Bit American National Standard Code
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationETSI TS 102 176-2 V1.2.1 (2005-07)
TS 102 176-2 V1.2.1 (2005-07) Technical Specification Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 2: Secure channel protocols and algorithms
More informationA NEW DNA BASED APPROACH OF GENERATING KEY-DEPENDENT SHIFTROWS TRANSFORMATION
A NEW DNA BASED APPROACH OF GENERATING KEY-DEPENDENT SHIFTROWS TRANSFORMATION Auday H. Al-Wattar 1, Ramlan Mahmod 2, Zuriati Ahmad Zukarnain3, and Nur Izura Udzir4, 1 Faculty of Computer Science and Information
More information: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT
Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More information