Chapter 2 Conventional Encryption 1 Outline Conventional Encryption
![Chapter 2 Conventional Encryption 1 Chapter 2 Conventional Encryption 1](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-1.jpg)
![Outline • • • Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Outline • • • Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-2.jpg)
![Symmetric Encryption • A. k. a. conventional / secret-key / single-key • Sender and Symmetric Encryption • A. k. a. conventional / secret-key / single-key • Sender and](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-3.jpg)
![Conventional Encryption Principles • An encryption scheme has five ingredients: – – – Plaintext Conventional Encryption Principles • An encryption scheme has five ingredients: – – – Plaintext](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-4.jpg)
![Some Basic Terminology • Cipher – Algorithm for transforming plaintext to ciphertext • Encipher Some Basic Terminology • Cipher – Algorithm for transforming plaintext to ciphertext • Encipher](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-5.jpg)
![Conventional Encryption Principles 6 Conventional Encryption Principles 6](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-6.jpg)
![Requirements • Two requirements for secure use of symmetric encryption: – A strong encryption Requirements • Two requirements for secure use of symmetric encryption: – A strong encryption](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-7.jpg)
![Cryptography • Characterize cryptographic systems by: – Type of encryption operations used • Substitution Cryptography • Characterize cryptographic systems by: – Type of encryption operations used • Substitution](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-8.jpg)
![Cryptanalysis • Objective – Recover key not just message • General approaches: – Cryptanalytic Cryptanalysis • Objective – Recover key not just message • General approaches: – Cryptanalytic](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-9.jpg)
![Cryptanalytic Attacks • Ciphertext only – Only know algorithm & ciphertext, is statistical, know Cryptanalytic Attacks • Ciphertext only – Only know algorithm & ciphertext, is statistical, know](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-10.jpg)
![More Definitions • Unconditional security – No matter how much computer power or time More Definitions • Unconditional security – No matter how much computer power or time](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-11.jpg)
![Brute Force Search (Exhaustive Key Search) • Always possible to simply try every key Brute Force Search (Exhaustive Key Search) • Always possible to simply try every key](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-12.jpg)
![Classical Substitution Ciphers • Letters of plaintext are replaced by other letters or numbers Classical Substitution Ciphers • Letters of plaintext are replaced by other letters or numbers](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-13.jpg)
![Caesar Cipher • Earliest known substitution cipher – By Julius Caesar • First attested Caesar Cipher • Earliest known substitution cipher – By Julius Caesar • First attested](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-14.jpg)
![Caesar Cipher • Define transformation (mapping scheme) as: abcdefghijklmnopqrstuvwxyz DEFGHIJKLMNOPQRSTUVWXYZABC • Assign each letter Caesar Cipher • Define transformation (mapping scheme) as: abcdefghijklmnopqrstuvwxyz DEFGHIJKLMNOPQRSTUVWXYZABC • Assign each letter](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-15.jpg)
![Cryptanalysis of Caesar Cipher • Only have 26 possible ciphers – Map A to Cryptanalysis of Caesar Cipher • Only have 26 possible ciphers – Map A to](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-16.jpg)
![Monoalphabetic Cipher • Rather than just shifting the alphabet • Could shuffle (jumble) the Monoalphabetic Cipher • Rather than just shifting the alphabet • Could shuffle (jumble) the](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-17.jpg)
![Monoalphabetic Cipher Security • • A total of 26! = 4^1026 keys With so Monoalphabetic Cipher Security • • A total of 26! = 4^1026 keys With so](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-18.jpg)
![Language Redundancy and Cryptanalysis • Human languages are redundant – e. g. "th lrd Language Redundancy and Cryptanalysis • Human languages are redundant – e. g. "th lrd](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-19.jpg)
![English Letter Frequencies 20 English Letter Frequencies 20](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-20.jpg)
![Use in Cryptanalysis • Key concept – Monoalphabetic substitution ciphers do not change relative Use in Cryptanalysis • Key concept – Monoalphabetic substitution ciphers do not change relative](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-21.jpg)
![Example Cryptanalysis • Given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ • Count relative letter frequencies (see Example Cryptanalysis • Given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ • Count relative letter frequencies (see](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-22.jpg)
![Many other substitution methods… • • Playfair Cipher Polyalphabetic Ciphers Vigenère Cipher Aids Kasiski Many other substitution methods… • • Playfair Cipher Polyalphabetic Ciphers Vigenère Cipher Aids Kasiski](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-23.jpg)
![Transposition Ciphers • Now consider classical transposition or permutation ciphers • These hide the Transposition Ciphers • Now consider classical transposition or permutation ciphers • These hide the](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-24.jpg)
![Rail Fence Cipher • Write message letters out diagonally over a number of rows Rail Fence Cipher • Write message letters out diagonally over a number of rows](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-25.jpg)
![Row Transposition Ciphers • A more complex transposition • Write letters of message out Row Transposition Ciphers • A more complex transposition • Write letters of message out](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-26.jpg)
![Product Ciphers (Hybrid Scheme) • Ciphers using substitutions or transpositions are not secure because Product Ciphers (Hybrid Scheme) • Ciphers using substitutions or transpositions are not secure because](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-27.jpg)
![Rotor Machines • Before modern ciphers, rotor machines were most common complex ciphers in Rotor Machines • Before modern ciphers, rotor machines were most common complex ciphers in](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-28.jpg)
![Hagelin Rotor Machine 29 Hagelin Rotor Machine 29](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-29.jpg)
![Steganography (藏头/尾诗) • An alternative to encryption • Hides existence of message – Using Steganography (藏头/尾诗) • An alternative to encryption • Hides existence of message – Using](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-30.jpg)
![Classical Feistel Cipher Structure • By Horst Feistel of IBM in 1973 – Virtually Classical Feistel Cipher Structure • By Horst Feistel of IBM in 1973 – Virtually](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-31.jpg)
![Feistel Cipher Structure • Block size – larger block sizes mean greater security • Feistel Cipher Structure • Block size – larger block sizes mean greater security •](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-32.jpg)
![33 33](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-33.jpg)
![Conventional Encryption Algorithms • Data Encryption Standard (DES) – The most widely used encryption Conventional Encryption Algorithms • Data Encryption Standard (DES) – The most widely used encryption](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-34.jpg)
![35 35](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-35.jpg)
![36 36](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-36.jpg)
![DES • Mathematically, the overall processing at each iteration: – Li = Ri-1 – DES • Mathematically, the overall processing at each iteration: – Li = Ri-1 –](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-37.jpg)
![Avalanche Effect • An important desirable property of encryption algorithm – A change of Avalanche Effect • An important desirable property of encryption algorithm – A change of](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-38.jpg)
![Time to break a code (106 decryptions/µs) 39 Time to break a code (106 decryptions/µs) 39](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-39.jpg)
![Strength of DES – Key Size • 56 -bit keys have 256 = 7. Strength of DES – Key Size • 56 -bit keys have 256 = 7.](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-40.jpg)
![Strength of DES – Analytic Attacks • Several analytic attacks utilizing some deep structure Strength of DES – Analytic Attacks • Several analytic attacks utilizing some deep structure](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-41.jpg)
![Alternatives to DES • A replacement for DES was needed – Have theoretical attacks Alternatives to DES • A replacement for DES was needed – Have theoretical attacks](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-42.jpg)
![Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decryptencrypt) Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decryptencrypt)](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-43.jpg)
![Triple DEA 44 Triple DEA 44](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-44.jpg)
![Alternatives to DES • Triple-DES – Slow • Use small blocks • AES Cipher Alternatives to DES • Triple-DES – Slow • Use small blocks • AES Cipher](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-45.jpg)
![Block vs. Stream Ciphers • Block ciphers – Process messages in blocks, each of Block vs. Stream Ciphers • Block ciphers – Process messages in blocks, each of](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-46.jpg)
![Ideal Block Cipher Expansion (E-table) Permutation (P-box) Substitution (S-box) 47 Ideal Block Cipher Expansion (E-table) Permutation (P-box) Substitution (S-box) 47](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-47.jpg)
![Substitution-Permutation (S-P) Ciphers • S-P: substitution-permutation – Two primitive cryptographic operations • Substitution (S-box) Substitution-Permutation (S-P) Ciphers • S-P: substitution-permutation – Two primitive cryptographic operations • Substitution (S-box)](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-48.jpg)
![Confusion and Diffusion • Cipher needs to completely obscure statistical properties of the original Confusion and Diffusion • Cipher needs to completely obscure statistical properties of the original](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-49.jpg)
![Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA) – 128 -bit key Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA) – 128 -bit key](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-50.jpg)
![Other Symmetric Block Ciphers • RC 5 – Suitable for hardware and software – Other Symmetric Block Ciphers • RC 5 – Suitable for hardware and software –](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-51.jpg)
![Cipher Block Chaining Modes of Operation • Cipher Block Chaining (CBC) Mode – The Cipher Block Chaining Modes of Operation • Cipher Block Chaining (CBC) Mode – The](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-52.jpg)
![53 53](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-53.jpg)
![Location of Encryption Device • Link encryption: – A lot of encryption devices – Location of Encryption Device • Link encryption: – A lot of encryption devices –](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-54.jpg)
![55 55](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-55.jpg)
![Key Distribution 1. Physical delivery § § A key could be selected by A Key Distribution 1. Physical delivery § § A key could be selected by A](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-56.jpg)
![Session and Permanent Key • Session key: – Data encrypted with a one-time session Session and Permanent Key • Session key: – Data encrypted with a one-time session](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-57.jpg)
![58 58](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-58.jpg)
![Recommended Reading • Scneier, B. Applied Cryptography, New York: Wiley, 1996 • Mel, H. Recommended Reading • Scneier, B. Applied Cryptography, New York: Wiley, 1996 • Mel, H.](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-59.jpg)
- Slides: 59
![Chapter 2 Conventional Encryption 1 Chapter 2 Conventional Encryption 1](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-1.jpg)
Chapter 2 Conventional Encryption 1
![Outline Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Outline • • • Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-2.jpg)
Outline • • • Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution 2
![Symmetric Encryption A k a conventional secretkey singlekey Sender and Symmetric Encryption • A. k. a. conventional / secret-key / single-key • Sender and](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-3.jpg)
Symmetric Encryption • A. k. a. conventional / secret-key / single-key • Sender and recipient share a common key • All classical encryption algorithms are secretkey-based • Was the only type prior to the invention of public-key in 1970’s • By far most widely used 3
![Conventional Encryption Principles An encryption scheme has five ingredients Plaintext Conventional Encryption Principles • An encryption scheme has five ingredients: – – – Plaintext](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-4.jpg)
Conventional Encryption Principles • An encryption scheme has five ingredients: – – – Plaintext Encryption algorithm Secret key Ciphertext Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm – Why? 4
![Some Basic Terminology Cipher Algorithm for transforming plaintext to ciphertext Encipher Some Basic Terminology • Cipher – Algorithm for transforming plaintext to ciphertext • Encipher](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-5.jpg)
Some Basic Terminology • Cipher – Algorithm for transforming plaintext to ciphertext • Encipher (encrypt) – Converting plaintext to ciphertext • Decipher (decrypt) – Recovering ciphertext from plaintext • Cryptography – Study of encryption principles/methods • Cryptanalysis (codebreaking) – Study of principles/ methods of deciphering ciphertext without knowing key • Cryptology – Field of both cryptography and cryptanalysis 5
![Conventional Encryption Principles 6 Conventional Encryption Principles 6](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-6.jpg)
Conventional Encryption Principles 6
![Requirements Two requirements for secure use of symmetric encryption A strong encryption Requirements • Two requirements for secure use of symmetric encryption: – A strong encryption](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-7.jpg)
Requirements • Two requirements for secure use of symmetric encryption: – A strong encryption algorithm – A secret key known only to sender and receiver • Mathematically we have: Y = EK(X) X = DK(Y) • Assume encryption algorithm is known • Implies a secure channel to distribute key 7
![Cryptography Characterize cryptographic systems by Type of encryption operations used Substitution Cryptography • Characterize cryptographic systems by: – Type of encryption operations used • Substitution](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-8.jpg)
Cryptography • Characterize cryptographic systems by: – Type of encryption operations used • Substitution / transposition / product – Some examples will be discussed later – Number of keys used • Single-key or secret / two-key or public – Way in which plaintext is processed • Block / stream 8
![Cryptanalysis Objective Recover key not just message General approaches Cryptanalytic Cryptanalysis • Objective – Recover key not just message • General approaches: – Cryptanalytic](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-9.jpg)
Cryptanalysis • Objective – Recover key not just message • General approaches: – Cryptanalytic attack – Brute-force attack 9
![Cryptanalytic Attacks Ciphertext only Only know algorithm ciphertext is statistical know Cryptanalytic Attacks • Ciphertext only – Only know algorithm & ciphertext, is statistical, know](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-10.jpg)
Cryptanalytic Attacks • Ciphertext only – Only know algorithm & ciphertext, is statistical, know or can identify plaintext • Known plaintext – Know/suspect plaintext & ciphertext • Chosen plaintext – Select plaintext and obtain ciphertext • Chosen ciphertext – Select ciphertext and obtain plaintext • Chosen text – Select plaintext or ciphertext to en/decrypt 10
![More Definitions Unconditional security No matter how much computer power or time More Definitions • Unconditional security – No matter how much computer power or time](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-11.jpg)
More Definitions • Unconditional security – No matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext • Computational security – Given limited computing resources (e. g. time needed for calculations is greater than the age of universe), the cipher cannot be broken 11
![Brute Force Search Exhaustive Key Search Always possible to simply try every key Brute Force Search (Exhaustive Key Search) • Always possible to simply try every key](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-12.jpg)
Brute Force Search (Exhaustive Key Search) • Always possible to simply try every key • Most basic attack, proportional to key size • Assume either know / recognize plaintext Key Size (bits) Number of Alternative Keys Average time (1/2) Time required at 1 decryption/µs 106 decryptions/µs 32 232 = 4. 3 109 231 µs = 35. 8 minutes 2. 15 milliseconds 56 256 = 7. 2 1016 255 µs = 1142 years 10. 01 hours 128 2128 = 3. 4 1038 2127 µs = 5. 4 1024 years 5. 4 1018 years 168 2168 = 3. 7 1050 2167 µs = 5. 9 1036 years 5. 9 1030 years 26! = 4 1026 2 1026 µs = 6. 4 1012 years 26 letters (permutation) 6. 4 106 years 12
![Classical Substitution Ciphers Letters of plaintext are replaced by other letters or numbers Classical Substitution Ciphers • Letters of plaintext are replaced by other letters or numbers](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-13.jpg)
Classical Substitution Ciphers • Letters of plaintext are replaced by other letters or numbers or symbols – A popular TV show? • If plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns • Let’s take a look at several real schemes… 13
![Caesar Cipher Earliest known substitution cipher By Julius Caesar First attested Caesar Cipher • Earliest known substitution cipher – By Julius Caesar • First attested](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-14.jpg)
Caesar Cipher • Earliest known substitution cipher – By Julius Caesar • First attested use in military affairs • Replaces each letter by the 3 rd letter following • Example: meet me after the toga party PHHW PH DIWHU WKH WRJD SDUWB 14
![Caesar Cipher Define transformation mapping scheme as abcdefghijklmnopqrstuvwxyz DEFGHIJKLMNOPQRSTUVWXYZABC Assign each letter Caesar Cipher • Define transformation (mapping scheme) as: abcdefghijklmnopqrstuvwxyz DEFGHIJKLMNOPQRSTUVWXYZABC • Assign each letter](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-15.jpg)
Caesar Cipher • Define transformation (mapping scheme) as: abcdefghijklmnopqrstuvwxyz DEFGHIJKLMNOPQRSTUVWXYZABC • Assign each letter a number abcdefghij k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • Mathematical form of Caesar cipher: c = E(p) = (p + k) mod (26) p = D(c) = (c – k) mod (26) One mapping scheme one key/cipher How many possible keys/ciphers are there? 15
![Cryptanalysis of Caesar Cipher Only have 26 possible ciphers Map A to Cryptanalysis of Caesar Cipher • Only have 26 possible ciphers – Map A to](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-16.jpg)
Cryptanalysis of Caesar Cipher • Only have 26 possible ciphers – Map A to A, B, …, or Z • Could simply try each in turn • A brute force search – Given ciphertext, just try all shifts of letters – Need to recognize when have plaintext • e. g. break ciphertext “GCUA VQ DTGCM” • One student works on one cipher each 16
![Monoalphabetic Cipher Rather than just shifting the alphabet Could shuffle jumble the Monoalphabetic Cipher • Rather than just shifting the alphabet • Could shuffle (jumble) the](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-17.jpg)
Monoalphabetic Cipher • Rather than just shifting the alphabet • Could shuffle (jumble) the letters arbitrarily • Each plaintext letter maps to a different random ciphertext letter • Hence key is 26 letters long Plain: a b c d e f g h i j k l m n o p q r s tuvwxyz Cipher: D K V Q F I B J W P E S C X H T M Y A U OLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA • How many possible keys in total? 17
![Monoalphabetic Cipher Security A total of 26 41026 keys With so Monoalphabetic Cipher Security • • A total of 26! = 4^1026 keys With so](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-18.jpg)
Monoalphabetic Cipher Security • • A total of 26! = 4^1026 keys With so many keys, one might think it is secure But would be !!!WRONG!!! Problem is language characteristics 18
![Language Redundancy and Cryptanalysis Human languages are redundant e g th lrd Language Redundancy and Cryptanalysis • Human languages are redundant – e. g. "th lrd](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-19.jpg)
Language Redundancy and Cryptanalysis • Human languages are redundant – e. g. "th lrd s m shphrd shll nt wnt" • Letters are not equally commonly used • In English – – E is by far the most common letter Followed by T, R, N, I, O, A, S Other letters like Z, J, K, Q, X are fairly rare Which set of characters are most commonly used in Chinese? • Have tables of single, double & triple letter frequencies for various languages 19
![English Letter Frequencies 20 English Letter Frequencies 20](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-20.jpg)
English Letter Frequencies 20
![Use in Cryptanalysis Key concept Monoalphabetic substitution ciphers do not change relative Use in Cryptanalysis • Key concept – Monoalphabetic substitution ciphers do not change relative](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-21.jpg)
Use in Cryptanalysis • Key concept – Monoalphabetic substitution ciphers do not change relative letter frequencies – Discovered by Arabian scientists in 9 th century – Calculate letter frequencies for ciphertext – Compare counts/plots against known values • Caesar cipher looks for common peaks/troughs – Peaks at: A-E-I triple, NO pair, RST triple – Troughs at: JK, X-Z • Monoalphabetic must identify each letter – Tables of common double/triple letters help 21
![Example Cryptanalysis Given ciphertext UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ Count relative letter frequencies see Example Cryptanalysis • Given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ • Count relative letter frequencies (see](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-22.jpg)
Example Cryptanalysis • Given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ • Count relative letter frequencies (see text) – Guess which two individual letters are for e & t (with the highest frequencies)? • P&Z – Guess what “ZW” is for? • “th” and hence “ZWP” is “the” – Proceed with trial and error finally get: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow 22
![Many other substitution methods Playfair Cipher Polyalphabetic Ciphers Vigenère Cipher Aids Kasiski Many other substitution methods… • • Playfair Cipher Polyalphabetic Ciphers Vigenère Cipher Aids Kasiski](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-23.jpg)
Many other substitution methods… • • Playfair Cipher Polyalphabetic Ciphers Vigenère Cipher Aids Kasiski Method Autokey Cipher One-Time Pad 23
![Transposition Ciphers Now consider classical transposition or permutation ciphers These hide the Transposition Ciphers • Now consider classical transposition or permutation ciphers • These hide the](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-24.jpg)
Transposition Ciphers • Now consider classical transposition or permutation ciphers • These hide the message – By rearranging the letter order – Without altering the actual letters used • Does the cipher text have the same frequency distribution as the original text? • Is it subject to the language frequency cryptanalysis? 24
![Rail Fence Cipher Write message letters out diagonally over a number of rows Rail Fence Cipher • Write message letters out diagonally over a number of rows](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-25.jpg)
Rail Fence Cipher • Write message letters out diagonally over a number of rows • Then read off cipher row by row – E. g. write message out as: m e m a t r h t g p r y e t e f e t e o a a t • Giving ciphertext MEMATRHTGPRY ETEFETEOAAT 25
![Row Transposition Ciphers A more complex transposition Write letters of message out Row Transposition Ciphers • A more complex transposition • Write letters of message out](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-26.jpg)
Row Transposition Ciphers • A more complex transposition • Write letters of message out in rows over a specified number of columns • Then reorder the columns according to some key before reading off the rows Key: 3 4 2 1 5 6 7 Plaintext: a t t a c k p o column, s t p o n e Read starting from the 3 rd then the 4 th one, and sod on. u n t i l t w o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ Method (algorithm) is not a secret, but key is the key! 26
![Product Ciphers Hybrid Scheme Ciphers using substitutions or transpositions are not secure because Product Ciphers (Hybrid Scheme) • Ciphers using substitutions or transpositions are not secure because](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-27.jpg)
Product Ciphers (Hybrid Scheme) • Ciphers using substitutions or transpositions are not secure because of language characteristics • Hence consider using several ciphers in succession to make harder, but: – Two substitutions make a more complex substitution – Two transpositions make a more complex transposition – But a substitution followed by a transposition makes a new much harder cipher • This is the bridge from classical to modern ciphers! 27
![Rotor Machines Before modern ciphers rotor machines were most common complex ciphers in Rotor Machines • Before modern ciphers, rotor machines were most common complex ciphers in](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-28.jpg)
Rotor Machines • Before modern ciphers, rotor machines were most common complex ciphers in use • Widely used in WW 2 – German Enigma, Allied Hagelin, Japanese Purple • Implemented a very complex, varying substitution cipher • Used a series of cylinders, each giving one substitution, which rotated and changed after each letter was encrypted • With 3 cylinders have 263=17576 alphabets 28
![Hagelin Rotor Machine 29 Hagelin Rotor Machine 29](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-29.jpg)
Hagelin Rotor Machine 29
![Steganography 藏头尾诗 An alternative to encryption Hides existence of message Using Steganography (藏头/尾诗) • An alternative to encryption • Hides existence of message – Using](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-30.jpg)
Steganography (藏头/尾诗) • An alternative to encryption • Hides existence of message – Using only a subset of letters/words in a longer message marked in some way – Using invisible ink – Hiding in LSB in graphic image or sound file • Has drawbacks – High overhead to hide relatively few info bits 30
![Classical Feistel Cipher Structure By Horst Feistel of IBM in 1973 Virtually Classical Feistel Cipher Structure • By Horst Feistel of IBM in 1973 – Virtually](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-31.jpg)
Classical Feistel Cipher Structure • By Horst Feistel of IBM in 1973 – Virtually all conventional block encryption algorithms (including DES) use this structure • The realization of a Feistel Network depends on – the choice of a number of parameters and design features 31
![Feistel Cipher Structure Block size larger block sizes mean greater security Feistel Cipher Structure • Block size – larger block sizes mean greater security •](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-32.jpg)
Feistel Cipher Structure • Block size – larger block sizes mean greater security • Key Size – larger key size means greater security • Number of rounds – multiple rounds offer increasing security • Subkey generation algorithm – greater complexity will lead to greater difficulty of cryptanalysis. • Fast software encryption/decryption – the speed of execution of the algorithm becomes a concern 32
![33 33](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-33.jpg)
33
![Conventional Encryption Algorithms Data Encryption Standard DES The most widely used encryption Conventional Encryption Algorithms • Data Encryption Standard (DES) – The most widely used encryption](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-34.jpg)
Conventional Encryption Algorithms • Data Encryption Standard (DES) – The most widely used encryption scheme – The algorithm is reffered to as the Data Encryption Algorithm (DEA) – DES is a block cipher – The plaintext is processed in 64 -bit blocks – The key is 56 -bits in length (original version) 34
![35 35](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-35.jpg)
35
![36 36](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-36.jpg)
36
![DES Mathematically the overall processing at each iteration Li Ri1 DES • Mathematically, the overall processing at each iteration: – Li = Ri-1 –](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-37.jpg)
DES • Mathematically, the overall processing at each iteration: – Li = Ri-1 – Ri = Li-1 F(Ri-1, Ki) • Concerns about: – The algorithm and the key length (56 -bits) 37
![Avalanche Effect An important desirable property of encryption algorithm A change of Avalanche Effect • An important desirable property of encryption algorithm – A change of](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-38.jpg)
Avalanche Effect • An important desirable property of encryption algorithm – A change of one input or key bit results in changing approx half output bits – Making attacks by guessing keys impossible • DES exhibits strong avalanche 38
![Time to break a code 106 decryptionsµs 39 Time to break a code (106 decryptions/µs) 39](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-39.jpg)
Time to break a code (106 decryptions/µs) 39
![Strength of DES Key Size 56 bit keys have 256 7 Strength of DES – Key Size • 56 -bit keys have 256 = 7.](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-40.jpg)
Strength of DES – Key Size • 56 -bit keys have 256 = 7. 2 x 1016 values – Brute force search looks hard • Recent advances have shown possibilities – In 1997 on the Internet in a few months – In 1998 on dedicated h/w (EFF) in a few days – In 1999 above combined in 22 hrs! • Still must be able to recognize plaintext 40
![Strength of DES Analytic Attacks Several analytic attacks utilizing some deep structure Strength of DES – Analytic Attacks • Several analytic attacks utilizing some deep structure](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-41.jpg)
Strength of DES – Analytic Attacks • Several analytic attacks utilizing some deep structure of the cipher – By gathering information about encryptions – Can eventually recover some/all of the sub-key bits – If necessary then exhaustively search for the rest • Statistical attacks – Differential cryptanalysis – Linear cryptanalysis – Related key attacks • Must now consider alternatives to DES 41
![Alternatives to DES A replacement for DES was needed Have theoretical attacks Alternatives to DES • A replacement for DES was needed – Have theoretical attacks](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-42.jpg)
Alternatives to DES • A replacement for DES was needed – Have theoretical attacks that can break it – have demonstrated exhaustive key search attacks • A strengthened DES – Triple-DEA (Triple-DES) 42
![Triple DEA Use three keys and three executions of the DES algorithm encryptdecryptencrypt Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decryptencrypt)](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-43.jpg)
Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decryptencrypt) C = EK 3[DK 2[EK 1[P]]] • • C = ciphertext P = Plaintext EK[X] = encryption of X using key K DK[Y] = decryption of Y using key K • Effective key length of 168 bits (3 x 56) 43
![Triple DEA 44 Triple DEA 44](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-44.jpg)
Triple DEA 44
![Alternatives to DES TripleDES Slow Use small blocks AES Cipher Alternatives to DES • Triple-DES – Slow • Use small blocks • AES Cipher](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-45.jpg)
Alternatives to DES • Triple-DES – Slow • Use small blocks • AES Cipher – Rijndael – Designed by Joan. Daemen and Vincent Rijmen in Belgium – Has 128/192/256 -bit keys, 128 -bit data – An iterative rather than feistel cipher • Processes data as block of 4 columns of 4 bytes • Operates on entire data block in every round 45
![Block vs Stream Ciphers Block ciphers Process messages in blocks each of Block vs. Stream Ciphers • Block ciphers – Process messages in blocks, each of](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-46.jpg)
Block vs. Stream Ciphers • Block ciphers – Process messages in blocks, each of which is then en/decrypted – Like a substitution on very big characters • 64 -bits or more – Need a table of 2^64 entries for a 64 -bit block • Instead, create from smaller building blocks – Using the idea of a product cipher – Many current ciphers are block ciphers • A wide range of applications • Stream ciphers – Process messages a bit or byte at a time when en/decrypting 46
![Ideal Block Cipher Expansion Etable Permutation Pbox Substitution Sbox 47 Ideal Block Cipher Expansion (E-table) Permutation (P-box) Substitution (S-box) 47](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-47.jpg)
Ideal Block Cipher Expansion (E-table) Permutation (P-box) Substitution (S-box) 47
![SubstitutionPermutation SP Ciphers SP substitutionpermutation Two primitive cryptographic operations Substitution Sbox Substitution-Permutation (S-P) Ciphers • S-P: substitution-permutation – Two primitive cryptographic operations • Substitution (S-box)](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-48.jpg)
Substitution-Permutation (S-P) Ciphers • S-P: substitution-permutation – Two primitive cryptographic operations • Substitution (S-box) • Permutation (P-box) – Introduced by Claude Shannon in 1949 paper – Form the basis of modern block ciphers – Provide confusion & diffusion of message & key 48
![Confusion and Diffusion Cipher needs to completely obscure statistical properties of the original Confusion and Diffusion • Cipher needs to completely obscure statistical properties of the original](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-49.jpg)
Confusion and Diffusion • Cipher needs to completely obscure statistical properties of the original message – A one-time pad does this • More practically, Shannon suggested combining S & P elements to obtain: – Diffusion • Dissipates statistical structure of plaintext over bulk of ciphertext – Confusion • Makes relationship between ciphertext and key as complex as possible 49
![Other Symmetric Block Ciphers International Data Encryption Algorithm IDEA 128 bit key Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA) – 128 -bit key](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-50.jpg)
Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA) – 128 -bit key – Used in PGP • Blowfish – Easy to implement – High execution speed – Run in less than 5 K of memory 50
![Other Symmetric Block Ciphers RC 5 Suitable for hardware and software Other Symmetric Block Ciphers • RC 5 – Suitable for hardware and software –](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-51.jpg)
Other Symmetric Block Ciphers • RC 5 – Suitable for hardware and software – Fast, simple – Adaptable to processors of different word lengths – Variable number of rounds – Variable-length key – Low memory requirement – High security – Data-dependent rotations • Cast-128 – Key size from 40 to 128 bits – The round function differs from round to round 51
![Cipher Block Chaining Modes of Operation Cipher Block Chaining CBC Mode The Cipher Block Chaining Modes of Operation • Cipher Block Chaining (CBC) Mode – The](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-52.jpg)
Cipher Block Chaining Modes of Operation • Cipher Block Chaining (CBC) Mode – The input to the encryption algorithm is the XOR of the current plaintext block and the preceding ciphertext block. – Repeating pattern of 64 -bits are not exposed 52
![53 53](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-53.jpg)
53
![Location of Encryption Device Link encryption A lot of encryption devices Location of Encryption Device • Link encryption: – A lot of encryption devices –](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-54.jpg)
Location of Encryption Device • Link encryption: – A lot of encryption devices – High level of security – Decrypt each packet at every switch • End-to-end encryption – The source encrypts and the receiver decrypts – Payload encrypted – Header in the clear • High Security – Both link and end-to-end encryption are needed 54
![55 55](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-55.jpg)
55
![Key Distribution 1 Physical delivery A key could be selected by A Key Distribution 1. Physical delivery § § A key could be selected by A](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-56.jpg)
Key Distribution 1. Physical delivery § § A key could be selected by A and physically delivered to B. A third party could select the key and physically deliver it to A and B. 2. Network transfer § § § If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. If A and B each has an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. Diffie-Hellman key exchange 56
![Session and Permanent Key Session key Data encrypted with a onetime session Session and Permanent Key • Session key: – Data encrypted with a one-time session](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-57.jpg)
Session and Permanent Key • Session key: – Data encrypted with a one-time session key – At the conclusion of the session, the key is destroyed • Permanent key: – Used between entities for the purpose of distributing session keys 57
![58 58](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-58.jpg)
58
![Recommended Reading Scneier B Applied Cryptography New York Wiley 1996 Mel H Recommended Reading • Scneier, B. Applied Cryptography, New York: Wiley, 1996 • Mel, H.](https://slidetodoc.com/presentation_image_h/8fb9e7763a8a91edd35c74bff51e3c2f/image-59.jpg)
Recommended Reading • Scneier, B. Applied Cryptography, New York: Wiley, 1996 • Mel, H. X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001 59
Conventional encryption principles
Conventional encryption and message confidentiality
Confidentiality with symmetric encryption
Conventional encryption
Conventional encryption model
Sentence outline examples
Labelling theory
Romans outline by chapter
Research proposal
Give me liberty chapter 27 outline
Methodology chapter outline
Chapter 38 a world without borders outline
Vbscript
Hunger games discussion questions
Chapter 31 societies at crossroads outline
Ap world history chapter 28 outline
Observation research method
Chapter 1 outline
Chapter 1 outline
Chapter 30
Chapter 2 outline
Outline book of acts
24 chapter outline
24 chapter outline
Apush chapter 16 conquering a continent outline
Veracrypt traveler disk setup
Homomorphic encryption standard
Advantages of asymmetric encryption
Placement of encryption function in cryptography
Outlook 365
Making good encryption algorithms
Lest we remember: cold boot attacks on encryption keys
Elgamal example
Public key encryption
Rsa algorithm in java
Encoding encryption and hashing
Encryption decrypti
Crc encryption
Encryption
Homomorphic encryption tutorial
Encryption wizard
Encryption
Ibm cloud object storage replication
Honey encryption algorithm
Homomorphic encryption tutorial
Hill cipher decryption code
Symmetric encryption java
Craig gentry homomorphic encryption
Encryption levels
Elgamal encryption calculator
Classical encryption techniques in network security
Barracuda ess
Aes des
Rc lucifer
What is encryption
Number theory encryption
Modern block cipher in cryptography
Pkix architectural model
Bank encryption standards
International data encryption algorithm