Information system security wk3-1
Upcoming SlideShare
Loading in...5
×
 

Information system security wk3-1

on

  • 196 views

If you have question

If you have question
Message me!

Statistics

Views

Total Views
196
Views on SlideShare
196
Embed Views
0

Actions

Likes
0
Downloads
6
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Information system security wk3-1 Information system security wk3-1 Presentation Transcript

  • IT346 Information System Security Week 3-1: Symmetric-Key Cryptography Faculty of Information Technology Page 1
  • Cryptography  Cryptography graph crypto “  Cryptography Cryptography ” 3 ‣ Symmetric Key Cryptography Key Cryptography ‣ Asymmetric Key Cryptography Key Cryptography Faculty of Information Technology Secret Public Page
  • Cryptography  Cryptanalysis Cryptography  Sensitive Data Faculty of Information Technology Page
  • Symmetric-Key Cryptography  Plaintext –  Encryption algorithm – (substitutions) (transformations) plaintext  Secret Key – substitutions/transformations encryption  Ciphertext – substitutions/transformations Key Key  Decryption – Plaintext Ciphertext encryption Encryp Decryp  tion C encryption  P tion E(P,K)  D(C,K) key Faculty of Information Technology Plaintex Page
  •  DES (Data Encryption Standard) ‣ Key size 56 bits 3-DES (Triple-DES)  ‣ Key size 112 bits  IDEA (International Data Encryption Algorithm) ‣ Key size 128 bits  AES (Advanced Encryption Standard) ‣ Key size 128, 192, 256 bits Faculty of Information Technology Page 5
  • DES Algorithm  DES Data Encryption Standard (Block cipher) Lucifer IBM Lucifer DES US NIST (US National Institute of Standards and Technology)  DES Faculty of Information Technology (Block Page 6
  • DES Overview 64-bit Plaintext … 64-bit Key Initial Permutation PC1 64 bit Round 0 64 bit Round 1 … K1 48 bit K2 48 bit 56 bit PC2 PC2 Left Circular Shift 56 bit 64 bit Round 15 56-bit Key 56-bit Key Left Circular Shift 56-bit Key K16 48 bit PC2 56 bit Left Circular Shift 64 bit 32-bit Swap 64 bit Inverse Initial Permutation … 64-bit Ciphertext Faculty of Information Technology Page 7
  • DES Overview  Data Block 1)Data Block (IP) 2)Data Block DES Algorithm bits Initial Permutation 16 (substitution) (permutation) key 3)Data Block 4)Data Block Permutation  Key Block Faculty of Information Technology 48 bits Inverse Initial DES Algorithm Page 8
  • Data Block Data Block  16 Round 0 64-bit L0 (32 bits) R0 (32 bits) f K1 XOR Round 1 L1=R0 R1=(L0 XOR f(R0,K1)) f K2 XOR L2=R3 Faculty of Information Technology R2=(L1 XOR f(R1,K2)) Page 9
  • Data Block  K  f(Ri,Ki-1)  Faculty of Information Technology f (Round 0 – 15) (Ri) bits f(Ri,Ki-1) (Li) XOR XOR (Ri+1) (Ri) (Li+1) Page 10
  • Data f Block  (Ri) f bits bits key  Key bits bits XOR bits (substitution) bits  (Permutation) Faculty of Information Technology Page 11
  • Data Block  f S-box f 8 map 6 bits 4 bits S(18 09 12 3d 11 17 38 39) = 5fd25e03 Faculty of Information Technology Page 12
  • Data Block Faculty of Information Technology Page 13
  • Key Block  subkeys DES key initial permutation (Permutation Choice 1, PC1) 56bits 2 28bit ‣ 16 : ‣ • • Faculty of Information Technology 28 bit 1 2 key rotation schedule 24 bits PC2 data block Page 14
  • DES Decryption (decryption)  Block Cipher  DES (encryption) (decryption) (encryption) subkeys (K1 … K16)  Hardware Faculty of Information Technology decryption subkeys Encryption K16 … K1 Page 15
  • DES Decryption  DES decryption Encryption ‣ ‣ ‣ ‣ ‣ DES Initial Permutation decryption Inverse Initial Permutation encryption Round 0 K16 Round encryption …. Round 15 K1 Round encryption Inverse Initial Permutation decryption Faculty of Information Technology Page 16
  • Avalanche Effect  Avalanche Effect   DES Faculty of Information Technology encryption algorithm input key bit bits output Avalanche Effect Page 17
  • Strength of DES – Key Size  Key 56-bit 256 = 7.2 x 1016  brute force search brute DES Algorithm  force search 1997 Internet ‣ 1998 ‣ ‣ key Distribution.net EFF hardware 1999 Distribution.net Faculty of Information Technology EFF Page 18
  • DES  bits ‣ Key DES DES Bit  crack bits crack DES bit Bit DES DES Triple-DES ( DES) Faculty of Information Technology Page 19
  • Triple-DES (3DES) with Two-Keys  Triple-DES DES DES DES  key  ‣  Triple- Faculty of Information Technology C = EK1(DK2(EK1(P))) Encryption Encrypt-Decrypt-Encrypt K1 = K2 DES Triple-DES Page 20
  • Triple-DES (3DES) with Two-Keys  Key Encryption 3DES 64-bit Plaintext DES Encryption Key 1 DES Decryption Key 2 DES Encryption Key 1 64-bit Ciphertext Faculty of Information Technology Page 21
  • AES (Advance Encryption Standard)  AES (Advance Encryption Standard) AES  DES break NIST data block DES NIST bit   Faculty of Information Technology Rijndael Page 22
  • AES  AES Bytes  Data Block bits = 16 bytes ‣ Data Block 16 bytes x 4 ‣ bytes Current State out in in in in s s s s s s s bytesout out out ‣ Current State s 0 4 8 12 0,0 0,1 0,2 0,3 0,0 0,1 0,2 0,3 in1 in5 in9 in13 s10 s1,1 s1,2 s1,3 s10 s1,1 s1,2 s1,3 in2 in6 in10 in14 s2,0 s2,1 s2,2 s2,3 s2,0 s2,1 s2,2 s2,3 in3 in7 in11 in15 s3,0 s3,1 s3,2 s3,3 s3,0 s3,1 s3,2 s3,3 State ciphertext input State Array encryption Faculty of Information Technology 0 4 8 12 out1 out5 out9 out13 Current out2 out6 out10 out14 out3 out7 out11 out15 output Page 23
  • AES bits = 16 bytes Key Block 16 bytes ‣ x4 ‣ Key k4 k8 k12 k1 k5 k9 k13 k2  Key Block k0 k6 k10 k14 k3 k7 k11 k15 w0 w1 w2 w3 (Key Expansion) f + + + + w4 w5 w6 w7 word 44 words k k k k (1kword = 32 bits = 4 k k k w w bytes)k k k k Key Expansion Key Expansion 0 4 8 12 1 5 9 13 0 2 k3 6 10 1 … w43 14 k7 k11 k15 Faculty of Information Technology Page 24
  • AES AES (Initial Round)  AddRoundKey ‣ (Rounds)  ‣ SubBytes, ShiftRows, MixColumns AddRoundKey (Final Rounds)  ‣  Faculty of Information Technology SubBytes, ShiftRows AddRoundKey ( MixColumns) round key (sub-key Page 25
  • AES (Initial Round) (Rounds) (Final Round) Mix Columns Faculty of Information Technology Page 26
  • AES AddRoundKey  XOR round ‣ ‣ key Key words = 16 bytes w Faculty of Information Technology Page 27
  • AES SubBytes  ‣ non-linear substitution lookup table ‣ Faculty of Information Technology Page 28
  • AES ShiftRows  ‣ ,3 ‣ Faculty of Information Technology Page 29
  • AES MixColumns  ‣ ‣ Faculty of Information Technology Page 30