Security Cipher Modes ECB Electronic Code Book Mode

Security

Cipher Modes • ECB –Electronic Code Book Mode. Break the entire file into blocks, and encode every block individually. • Problems. The example in the book. You can replace a block if it is good for you.

CBC – Cipher block chaining • Encryption: – C 0 = E(P 0 xor IV). – C 1 = E(P 1 xor C 0), and so on. – IV is transmitted in plain text. • Decryption: – P 0 = IV xor D(C 0) – P 1 = C 0 xor D(C 1), and so on. • So, same message won’t result in the same code.

Stream Cipher Mode • • T 0 = E(IV). T 1 = E(T 0), and so on. C = P xor T. Don’t use the same stream twice.

Counter mode • Ti = E(IV+i). • Ci = Pi xor Ti. • The advantage is that you can randomly access any block. • Used by Skype. Often called ICM (Integer counter mode). • ECB also supports random access. Does it have the same problem as ECB? No, because the Ivs are different.

Public Key / Private Key • Talking about Skype, how do you think that two Skype users can share the same AES key?

Public Key / Private Key • Everyone has a public key and private key. • With B’s public key (pk. B) A can encode data that only B can decode with his private key (sk. B) because other people does not have B’s private key. • D_sk. B[E_pk. B(W)] = W • E_pk. B[D_sk. B(W)] = W

Public Key /Private key • So, A can choose a 128 -bit string W as the session key and send E_pk. B(W) to B. B runs the decryption algorithm to get D_sk. B[E_pk. B(W)] = W. • Skype actually asks two ends to both contribute 128 bits to make the 256 -bit session key.

The RSA algorithm • Most common, the RSA algorithm is used to get the public key/private key. 1. Choose two large primes, p and q. 2. Compute n=pq and z=(p-1)(q-1). 3. Choose a large number relatively prime to z and call it d. 4. Find e such that ed = 1 mod z. (such e must exist) • (e, n) is the public key for encoding and (d, n) is the private key for decoding.

The RSA algorithm • • To encrypt a message M, C=M^e mod n. To decrypt from C, M = C^d mod n. D_sk. B[E_pk. B(M)] = M E_pk. B[D_sk. B(M)] = M.

Why is RSA secure? • The problem is, given (d, n), can you figure out e? • It is difficult. • You can try to find p and q given n. If you indeed can, then you get z. Given z and d, you get e. • But it is difficult to factor large numbers.