Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Security Concept 
Mr.Gopal Sakarkar 
Mr. Gopal Sakarkar
Today’s Agenda 
• Introduction of Security Concept. 
• Principal of Security. 
• Classification of Security Attacks 
Mr. G...
Digital 
Security 
Computer 
Security 
Network 
Security 
Mr. Gopal Sakarkar
Need of Network Security 
• According to FBI statistics result (2007) , up 
to five billion dollars is lost each year due ...
So, what do you mean by NS? 
• It is vital component in information security 
for securing all information passed through ...
Principal of Security 
Mr. Gopal Sakarkar 
• Confidentiality 
• Authentication 
• Integrity 
• Non-repudiation
Confidentiality 
• It specifies that only sender and intended 
recipient(s) should be able to access the 
contents of mess...
Principal of Security 
Mr. Gopal Sakarkar 
• Confidentiality 
• Authentication 
• Integrity 
• Non-repudiation
Authentication 
• It help to establish proof of identities. 
e.g. : Login using Userid and Password. 
Mr. Gopal Sakarkar
Principal of Security 
Mr. Gopal Sakarkar 
• Confidentiality 
• Authentication 
• Integrity 
• Non-repudiation
Integrity 
• Integrity means that changes need to be done 
only by authorized entities and through 
authorized mechanisms....
Principal of Security 
Mr. Gopal Sakarkar 
• Confidentiality 
• Authentication 
• Integrity 
• Non-repudiation
Non-repudiation 
• Non- repudiation does not allow the sender or 
receiver of a message to refuse the claim of not 
sendin...
Classification of Security Attacks 
Mr. Gopal Sakarkar
Passive Attack 
• A passive attack make use of information from 
the system but does not affect system resource. 
Passive ...
Release of Message Contents 
Mr. Gopal Sakarkar 
Hi, I am Bob 
Hi, I am Bob 
Hi, I am Bob
Passive 
Attack 
Mr. Gopal Sakarkar 
Release of 
Message Contents 
Traffic Analysis
Traffic Analysis 
Mr. Gopal Sakarkar 
Meet me at 
Cinemax 
Phhw ph dw 
flqhpda 
Meet me 
at 
Cinemax
Active Attack 
• It involve some modification of data stream or creation of a 
Mr. Gopal Sakarkar 
false stream. 
Active 
...
Replay 
It involves passive capture of data unit and its 
subsequent retransmission to produce an unauthorized 
effect. 
M...
Active 
Attack 
Replay Modification 
Denial of 
Service Masquerade 
Mr. Gopal Sakarkar
Modification 
In which some portion of message is altered or that message 
are delayed or reordered to produce an unauthor...
Active 
Attack 
Replay Modification 
Denial of 
Service Masquerade 
Mr. Gopal Sakarkar
Denial of service 
It have a specific target (Server), in which prevents or 
inhabits the normal use or management of comm...
Active 
Attack 
Replay Modification 
Denial of 
Service Masquerade 
Mr. Gopal Sakarkar
Masquerade 
A masquerade is a type of attack where the attacker act as an authorized user system in order to gain access t...
Summary 
• Four goals have been defined for security 
i.e. Confidentiality , Authentication, Integrity, 
Non-repudiation. ...
For Further Reading 
• http://www.smartchip.com/flash/presentationV2.swf 
• http://buchananweb.co.uk/asmn/unit03.swf 
• ht...
31 
Conventional Encryption
32 
Caesar Cipher 
It is a substitution cipher invented by Julius Caesar. 
It replace each letter of the alphabet with the...
33 
Caesar Cipher 
Let , for each plaintext letter p, substitute the cipher letter : 
C=E(3,p)=(p+3) mod 26 
For generaliz...
34 
Caesar Cipher 
plain: abcdefghijklmnopqrstuvwxyz 
key: defghijklmnopqrstuvwxyzabc 
cipher: PHHW PH DIWHU WKH WRJD SDUW...
35 
“Rail-Fence” Cipher 
It is use substitution method , in which plaintext is written down 
As a sequence of diagonals an...
36 
“Rail-Fence” Cipher 
DISGRUNTLED EMPLOYEE 
D R L E O 
I G U T E M L Y E 
S N D P E 
DRLEOIGUTE MLYESNDPE
Steganography
What is Steganography? 
Stegosaurus: a covered lizard 
(but not a type of cryptography) 
Greek Words: 
STEGANOS – “Covered...
Modern Steganography Techniques 
Masking and Filtering: Is where information is hidden inside of a image using 
digital wa...
Basics of Modern Steganography 
fE: steganographic function "embedding" 
fE-1: steganographic function "extracting" 
cover...
Important Requirement for 
Steganographic System 
• Security of the hidden communication 
• size of the payload 
• Robustn...
Steganography Tools
45 
Basic Types of Ciphers 
• Transposition ciphers – rearrange bits 
or characters in the data 
• Substitution ciphers – ...
46 
Encryption Methods 
• The essential technology underlying virtually 
all automated network and computer security 
appl...
47 
Conventional Encryption 
Model
48 
Conventional Encryption 
Five components to the algorithm 
– Plaintext: The original message or data 
– Encryption alg...
50 
Conventional Encryption 
M EK C DK M 
EK defined by an encrypting algorithm E 
DK defined by an decrypting algorithm D...
Today’s Agenda 
• Cryptography and Encryption 
• Encryption Principles 
• Feistel Cipher Structure 
• Data Encryption Stan...
Cryptography 
• It is a Greek word , means that “Secret 
Writing”. 
• Cryptography is an art and science for 
achieving se...
Encryption 
Encryption is a process of converting the plain text data in to ciphertext data. 
Mr. Gopal Sakarkar
Encryption Principles 
• An encryption scheme has five ingredients: 
– Plaintext 
– Encryption algorithm 
– Secret Key 
– ...
Average time required for exhaustive key 
search 
Mr. Gopal Sakarkar 
Key Size 
(bits) 
Number of 
Alternative Keys 
Time ...
Conventional Encryption Model 
Mr. Gopal Sakarkar
Cryptography Process Depend on…. 
1. The type of operations used for transforming plaintext to 
Mr. Gopal Sakarkar 
cipher...
Substitution Process 
Mr. Gopal Sakarkar
Transposition Techniques 
• Consider plain text message as a number 
A=0 , B=1, C=2……..Z=25. 
• Take plain text CAT = 
2 
...
Mr. Gopal Sakarkar 
6 24 1 
13 16 10 
20 17 15 
= 
Multiply two matrix 
6 24 1 
13 16 10 
20 17 15 
2 
0 
X 19 = 
31 
216 ...
• Now compute a mod 26 value of the above 
matrix. 
Mr. Gopal Sakarkar 
31 
216 
325 
mod 26 
5 
8 
= 13 
Now translate nu...
Exercise - II 
• Define a symmetric-key cryptography. 
• Distinguish between a block cipher and a stream 
cipher with an e...
Summary 
• Definition of Cryptography . 
• Working of encryption principal. 
• Substitution and transportation techniques ...
For Further Reading 
• http://buchananweb.co.uk/asmn/unit04.swf 
• http://www.youtube.com/watch?v=IzVCrSrZIX8 
• http://ww...
Confusion and Diffusion 
• Introduced by Claude Shannon to capture the two basic building blocks for any 
Mr. Gopal Sakark...
Approximate Alphabet Frequency 
Mr. Gopal Sakarkar
Feistel Cipher Structure 
• It is block cipher symmetric encryption algorithms, first described by 
Horst Feistel of IBM i...
Steps: 
1. Input of plaintext with length 2w bits and key K. 
2. Plaintext is divided into two halves L0 and R0. 
3. These...
Mr. Gopal Sakarkar
Exercise 
• List out the various Feistel ciphers Algorithm and explain each 
Mr. Gopal Sakarkar 
in brief.
For Further Reading 
• http://www.quadibloc.com/crypto/co040906.htm 
• http://www.encryptionanddecryption.com/encrypt_decr...
Data Encryption Standard (DES) 
I. It is a Block Cipher Symmetric algorithm. 
II. It takes 64 bits plaintext and 56 (64) b...
Plain Text (64 bits) 
Initial Permutation 
LPT RPT 
Key ( K) 16 Rounds 16 Rounds 
56 bits 
Final Permutation 
Cipher Text(...
DES Encryption Overview 
Mr. Gopal Sakarkar
An Example 
• Let M be the plain text message M = 0123456789ABCDEF, 
where M is in hexadecimal (base 16) format. 
Rewritin...
The EFF's US $ 250,000 DES cracking machine contained 1,856 custom chips 
and could brute force a DES key in a matter of d...
Triple-DES with Two-Keys 
• hence must use 3 encryptions 
– would seem to need 3 distinct keys 
• but can use 2 keys with ...
Triple DES
Summary 
• Security of data is depend on secrecy of key not on the 
Mr. Gopal Sakarkar 
encryption algorithm. 
• Feistel C...
For Further Reading 
• http://www.buchananweb.co.uk/asmn/unit03.swf 
• http://williamstallings.com/Crypt-Tut/Crypto%20Tuto...
Exercise - III 
• Explain a triple DES in detail. 
• Find out the various application in which DES is implemented. 
Mr. Go...
Blowfish 
Algorithm
The Blowfish Encryption 
Algorithm 
• Developed by Bruce Schneier 
• Keyed, symmetric block cipher 
• Designed in 1993 . 
...
The Blowfish Encryption 
Algorithm (cont.) 
• As a fast, free alternative to existing 
encryption algorithms. 
• Variable-...
The Blowfish Encryption 
Algorithm (cont.) 
• Fast: It used 32 bit microprocessors for 26 
clock cycles per byte. 
• Compa...
The Blowfish Encryption 
Algorithm (cont.) 
• Gained acceptance as a strong encryption 
algorithm. 
• Blowfish is unpatent...
7.07. Blowfish Key Schedule 
• uses a 32 to 448 bit key 
• used to generate 
– 18 32-bit subkeys stored in K-array Kj 
– f...
Blowfish Encryption 
• uses two primitives: addition & XOR 
• data is divided into two 32-bit halves L0 & R0 
for i = 1 to...
The Blowfish Algorithm
The Blowfish Algorithm: Encryption 
(cont) 
Diagram of Blowfish's F function
The Blowfish Algorithm: Encryption 
(cont) 
• Blowfish's F-function. 
• Splits the 32-bit input into four eight-bit quarte...
The Function F
RC5 
• It is symmetric key block encryption algorithm 
developed by Ron Rivest. 
• It is quite fast as it use only the pri...
RC5 Working 
• It used the plain text block size of 32,64, or 128 bits. 
• The key length can be 0 to 2040 bits. 
• Number...
Divide plain text into two block 
i.e. A ,B 
Add A & S[0] to produce C 
Add B & S[1] to produce D 
Start with i=1 
Check: ...
Lecture 3 Today’s Agenda 
Mr. Gopal Sakarkar 
• IDEA Algorithm. 
• Cipher Block Chaining. 
• Location of encryption device...
International Data Encryption Algorithm 
• It is one of the strongest cryptographic algorithm 
Mr. Gopal Sakarkar 
invente...
Working of IDEA 
1.It take a 64 bits plaintext block as input and then 
partition it into four part, say P1 to P4. 
2. P1 ...
Working 
Plain Text (64bits) 
Round 1 
Mr. Gopal Sakarkar 
K 1 
K 2 
K 6 
Round 2 …. 
K 7 
K 12 
………………. 
Round 6 K 43 
K ...
Working of Rounds 
• Each round has a series of operation on the data block 
Mr. Gopal Sakarkar 
using six keys. 
• Each r...
Sub-key Generation Round 
Unused 
(97-128 bits) … 
Mr. Gopal Sakarkar 
• First round 
Original 
Key (128 bits) 
K1(1-16 bi...
Mr. Gopal Sakarkar 
• Second round 
Unused 
Key (97-128 bits) 
K7 (97-112 bits) K8(113-128 bits) 
What about key k9, k10…k...
• The original key is exhausted . It is circular-left shifted by 25 
Position 1 Position 
… (65-128 bits) 
Mr. Gopal Sakar...
Exercise - IV 
• Explain in detail all eight round of sub key generation process. 
• Find out the strength of IDEA algorit...
• Note: 
• A permutation is "a re-arrangement of 
elements of a set". 
Exp. We do 4 x 3 x 2 x 1 = 24. 
• There are 24 diff...
• Taking the 4 letters, ABCD, write down all 
the permutations of 3 of these letters: 
ABC BAC CAB DAB 
ACB BCA CBA DBA 
A...
Working of Substitution method 
• S-Box= Substitution Box 
• Example #1: Solve the following system using the substitution...
• Step 2 
Using x + y = 20, erase x and write 10 + y since x = 10 + y 
We get 10 + y + y = 20 
10 + 2y = 20 
Minus 10 from...
• Step 2 
• Now you have y, you can replace its value into either equation to get 
x. 
Replacing y into x + y = 20 gives 
...
Algorithm Modes 
Algorithm 
Modes 
Mr. Gopal Sakarkar 
Electronic Code 
Book (ECB) 
Cipher Block 
Chaining (CBC) 
Cipher F...
Electronic Code 
Book (ECB) 
Mr. Gopal Sakarkar
Algorithm 
Modes 
Mr. Gopal Sakarkar 
Electronic Code 
Book (ECB) 
Cipher Block 
Chaining (CBC) 
Cipher FeedBack 
(CFB) 
O...
Cipher Block 
Chaining (CBC) 
• Message is broken into blocks 
• Linked together in encryption operation 
• Each previous ...
Cipher Block Chaining (CBC) 
Mr. Gopal Sakarkar
Advantages and Limitations of CBC 
• A ciphertext block depends on all blocks before it. 
• Any change to a block affects ...
Algorithm 
Modes 
Mr. Gopal Sakarkar 
Electronic Code 
Book (ECB) 
Cipher Block 
Chaining (CBC) 
Cipher FeedBack 
(CFB) 
O...
Cipher FeedBack 
(CFB) 
• Message is treated as a stream of bits 
• Added to the output of the block cipher 
• Result is f...
Cipher FeedBack (CFB) 
Mr. Gopal Sakarkar
Advantages and Limitations of CFB 
• Appropriate when data arrives in bits/bytes 
• Most common stream mode 
• limitation ...
Algorithm 
Modes 
Mr. Gopal Sakarkar 
Electronic Code 
Book (ECB) 
Cipher Block 
Chaining (CBC) 
Cipher FeedBack 
(CFB) 
O...
Output FeedBack (OFB) 
• Message is treated as a stream of bits 
• In CFB, the cipher text is fed into the next stage of 
...
OutpuMrt. GFoepael SdaBkarakacrk (OFB)
Key Distribution 
Symmetric schemes require both parties to share a 
Mr. Gopal Sakarkar 
common secret key 
Issue is how t...
Key Distribution 
• Given parties A and B have various key distribution 
alternatives: 
1. A can select key and physically...
Summary 
• IDEA is a strongest encryption algorithm only because of its 
Mr. Gopal Sakarkar 
key length. 
• Algorithm Mode...
Upcoming SlideShare
Loading in …5
×

Cryptography and Encryptions,Network Security,Caesar Cipher

Working of Cryptography and network security algorithms.

  • Be the first to comment

Cryptography and Encryptions,Network Security,Caesar Cipher

  1. 1. Security Concept Mr.Gopal Sakarkar Mr. Gopal Sakarkar
  2. 2. Today’s Agenda • Introduction of Security Concept. • Principal of Security. • Classification of Security Attacks Mr. Gopal Sakarkar
  3. 3. Digital Security Computer Security Network Security Mr. Gopal Sakarkar
  4. 4. Need of Network Security • According to FBI statistics result (2007) , up to five billion dollars is lost each year due to black holes . • Loss of important data. e.g. Credit Card, ATM Card • Confidential information of business have been stolen by competitors. e.g. ICICI vs HDFC • Last but not least : Important data stolen from military . Mr. Gopal Sakarkar
  5. 5. So, what do you mean by NS? • It is vital component in information security for securing all information passed through computers network. • It provide management policy for access controls protection for H/W, S/W & information in networking. Mr. Gopal Sakarkar
  6. 6. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  7. 7. Confidentiality • It specifies that only sender and intended recipient(s) should be able to access the contents of message. e.g.: e-mail send by person A to person B. Mr. Gopal Sakarkar
  8. 8. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  9. 9. Authentication • It help to establish proof of identities. e.g. : Login using Userid and Password. Mr. Gopal Sakarkar
  10. 10. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  11. 11. Integrity • Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. e.g. Updating bank account information Mr. Gopal Sakarkar
  12. 12. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  13. 13. Non-repudiation • Non- repudiation does not allow the sender or receiver of a message to refuse the claim of not sending or receiving that message. Mr. Gopal Sakarkar
  14. 14. Classification of Security Attacks Mr. Gopal Sakarkar
  15. 15. Passive Attack • A passive attack make use of information from the system but does not affect system resource. Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
  16. 16. Release of Message Contents Mr. Gopal Sakarkar Hi, I am Bob Hi, I am Bob Hi, I am Bob
  17. 17. Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
  18. 18. Traffic Analysis Mr. Gopal Sakarkar Meet me at Cinemax Phhw ph dw flqhpda Meet me at Cinemax
  19. 19. Active Attack • It involve some modification of data stream or creation of a Mr. Gopal Sakarkar false stream. Active Attack Replay Modification Denial of Service Masquerade
  20. 20. Replay It involves passive capture of data unit and its subsequent retransmission to produce an unauthorized effect. Mr. Gopal Sakarkar Transfer Rs.1000 to Alice. Transfer Rs.1000 to Darth.
  21. 21. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
  22. 22. Modification In which some portion of message is altered or that message are delayed or reordered to produce an unauthorized affect. Mr. Gopal Sakarkar Transfer Rs.1,000 to Darth. Transfer Rs.10,000 to Darth. Transfer Rs.10,000 to Darth
  23. 23. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
  24. 24. Denial of service It have a specific target (Server), in which prevents or inhabits the normal use or management of communication facilities. Mr. Gopal Sakarkar
  25. 25. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
  26. 26. Masquerade A masquerade is a type of attack where the attacker act as an authorized user system in order to gain access to it or to gain greater privileges than they are authorized for. Mr. Gopal Sakarkar
  27. 27. Summary • Four goals have been defined for security i.e. Confidentiality , Authentication, Integrity, Non-repudiation. • Security Attacks are classified in two parts Active and Passive. Mr. Gopal Sakarkar
  28. 28. For Further Reading • http://www.smartchip.com/flash/presentationV2.swf • http://buchananweb.co.uk/asmn/unit03.swf • http://www.computing.co.uk/computing/video/2246841/network-security • http://en.kioskea.net/contents/courrier-electronique/fonctionnement-mta-mua.php3 • http://www.thepcmanwebsite.com/cgi-bin/web_tools/ascii.pl (converter) • http://bytes.com/topic/c/answers/769137-how-convert-alphabet-numbers • http://www.kerryr.net/pioneers/binary.htm • http://services.exeter.ac.uk/cmit/modules/the_internet/slides/ch01s01s04.html (packet working) Mr. Gopal Sakarkar
  29. 29. 31 Conventional Encryption
  30. 30. 32 Caesar Cipher It is a substitution cipher invented by Julius Caesar. It replace each letter of the alphabet with the letter standing thired Place further down the alphabet. Let numerical equivalency of letter A B C D E F G H …… z 0 1 2 3 4 5 6 7 25
  31. 31. 33 Caesar Cipher Let , for each plaintext letter p, substitute the cipher letter : C=E(3,p)=(p+3) mod 26 For generalize equation for encryption : C=E(k,p)= (p+k) mod 26 For generalize equation for decryption : P=D(k,C)=(C-K)mod 26
  32. 32. 34 Caesar Cipher plain: abcdefghijklmnopqrstuvwxyz key: defghijklmnopqrstuvwxyzabc cipher: PHHW PH DIWHU WKH WRJD SDUWB plain: MEET ME AFTER THE toga PARTY Video
  33. 33. 35 “Rail-Fence” Cipher It is use substitution method , in which plaintext is written down As a sequence of diagonals and then read off as a sequence of row.
  34. 34. 36 “Rail-Fence” Cipher DISGRUNTLED EMPLOYEE D R L E O I G U T E M L Y E S N D P E DRLEOIGUTE MLYESNDPE
  35. 35. Steganography
  36. 36. What is Steganography? Stegosaurus: a covered lizard (but not a type of cryptography) Greek Words: STEGANOS – “Covered” GRAPHIE – “Writing” • Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. • This can be achieve by concealing the existence of information within seemingly harmless carriers or cover • Carrier: text, image, video, audio, etc.
  37. 37. Modern Steganography Techniques Masking and Filtering: Is where information is hidden inside of a image using digital watermarks that include information such as copyright, ownership, or licenses. The purpose is different from traditional steganography since it is adding an attribute to the cover image thus extending the amount of information presented. Algorithms and Transformations: This technique hides data in mathematical functions that are often used in compression algorithms. The idea of this method is to hide the secret message in the data bits in the least significant coefficients. Least Significant Bit Insertion: The most common and popular method of modern day steganography is to make use of the LSB of a picture’s pixel information. Thus the overall image distortion is kept to a minimum while the message is spaced out over the pixels in the images. This technique works best when the image file is larger then the message file and if the image is grayscale.
  38. 38. Basics of Modern Steganography fE: steganographic function "embedding" fE-1: steganographic function "extracting" cover: cover data in which emb will be hidden emb: message to be hidden key: parameter of fE stego: cover data with the hidden message
  39. 39. Important Requirement for Steganographic System • Security of the hidden communication • size of the payload • Robustness against malicious and unintentional attacks
  40. 40. Steganography Tools
  41. 41. 45 Basic Types of Ciphers • Transposition ciphers – rearrange bits or characters in the data • Substitution ciphers – replace bits, characters, or blocks of characters with substitutes
  42. 42. 46 Encryption Methods • The essential technology underlying virtually all automated network and computer security applications is cryptography • Two fundamental approaches are in use: – Conventional Encryption, also known as symmetric encryption – Public-key Encryption, also known as asymmetric encryption
  43. 43. 47 Conventional Encryption Model
  44. 44. 48 Conventional Encryption Five components to the algorithm – Plaintext: The original message or data – Encryption algorithm: Performs various substitutions and transformations on the plaintext – Secret key: Input to the encryption algorithm. Substitutions and transformations performed depend on this key – Ciphertext: Scrambled message produced as output. depends on the plaintext and the secret key – Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext and the secret key to produce the original plaintext
  45. 45. 50 Conventional Encryption M EK C DK M EK defined by an encrypting algorithm E DK defined by an decrypting algorithm D For given K, DK is the inverse of EK, i.e., DK(EK(M))=M for every plain text message M
  46. 46. Today’s Agenda • Cryptography and Encryption • Encryption Principles • Feistel Cipher Structure • Data Encryption Standard (DES) Mr. Gopal Sakarkar
  47. 47. Cryptography • It is a Greek word , means that “Secret Writing”. • Cryptography is an art and science for achieving security by encoding the readable format data in to a non-readable form. Mr. Gopal Sakarkar
  48. 48. Encryption Encryption is a process of converting the plain text data in to ciphertext data. Mr. Gopal Sakarkar
  49. 49. Encryption Principles • An encryption scheme has five ingredients: – Plaintext – Encryption algorithm – Secret Key – Ciphertext – Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm. Mr. Gopal Sakarkar
  50. 50. Average time required for exhaustive key search Mr. Gopal Sakarkar Key Size (bits) Number of Alternative Keys Time required at 106 Decryption/μs 32 232 = 4.3 x 109 2.15 milliseconds 56 256 = 7.2 x 1016 10 hours 128 2128 = 3.4 x 1038 5.4 x 1018 years 168 2168 = 3.7 x 1050 5.9 x 1030 years
  51. 51. Conventional Encryption Model Mr. Gopal Sakarkar
  52. 52. Cryptography Process Depend on…. 1. The type of operations used for transforming plaintext to Mr. Gopal Sakarkar ciphertext. 1.1 Substitution 1.2 Transpose 2. The number of keys used 2.1 Symmetric (single key) 2.2Asymmetric(two-keys,orpublic-key encryption) 3. The way in which the plaintext is processed Block Cipher Stream Cipher
  53. 53. Substitution Process Mr. Gopal Sakarkar
  54. 54. Transposition Techniques • Consider plain text message as a number A=0 , B=1, C=2……..Z=25. • Take plain text CAT = 2 0 19 Take N x N matrix of randomly chosen keys. Mr. Gopal Sakarkar
  55. 55. Mr. Gopal Sakarkar 6 24 1 13 16 10 20 17 15 = Multiply two matrix 6 24 1 13 16 10 20 17 15 2 0 X 19 = 31 216 325
  56. 56. • Now compute a mod 26 value of the above matrix. Mr. Gopal Sakarkar 31 216 325 mod 26 5 8 = 13 Now translate number to alphabet 5=F, 8=I and 13= N i.e. cipher text is FIN
  57. 57. Exercise - II • Define a symmetric-key cryptography. • Distinguish between a block cipher and a stream cipher with an example. • Decrypt a above example by taking a inverse of 8 5 10 21 8 21 21 12 8 Mr. Gopal Sakarkar original matrix i.e. • Draw an algorithm , flowchart and write a C++ program for implementing Transposition Techniques.
  58. 58. Summary • Definition of Cryptography . • Working of encryption principal. • Substitution and transportation techniques . Mr. Gopal Sakarkar
  59. 59. For Further Reading • http://buchananweb.co.uk/asmn/unit04.swf • http://www.youtube.com/watch?v=IzVCrSrZIX8 • http://www.youtube.com/watch?v=ZdC7cnpYOwI&feature=related Mr. Gopal Sakarkar
  60. 60. Confusion and Diffusion • Introduced by Claude Shannon to capture the two basic building blocks for any Mr. Gopal Sakarkar cryptographic system. • Confusion - Confusion seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible, again to stop attempts to discover the key. • Diffusion - The mechanism of diffusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to prevent attempts to assume the key.
  61. 61. Approximate Alphabet Frequency Mr. Gopal Sakarkar
  62. 62. Feistel Cipher Structure • It is block cipher symmetric encryption algorithms, first described by Horst Feistel of IBM in 1973. • It is depends on the choice of the following parameters • Block size: larger block sizes mean greater security • Key Size: larger key size means greater security • Number of rounds: multiple rounds offer increasing security • Subkey generation algorithm: greater complexcity will lead to greater Mr. Gopal Sakarkar difficulty of cryptanalysis. • Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern.
  63. 63. Steps: 1. Input of plaintext with length 2w bits and key K. 2. Plaintext is divided into two halves L0 and R0. 3. These two halves pass through N round of processing to produce CipherText block. 4. The key K is derived from subkey generation algo. 5. These two halves combine by applying a round function ‘F’ on right half of data and then taking X-OR operation of the output of F with left half of data. Mr. Gopal Sakarkar
  64. 64. Mr. Gopal Sakarkar
  65. 65. Exercise • List out the various Feistel ciphers Algorithm and explain each Mr. Gopal Sakarkar in brief.
  66. 66. For Further Reading • http://www.quadibloc.com/crypto/co040906.htm • http://www.encryptionanddecryption.com/encrypt_decrypt_encyclopedia.ht Mr. Gopal Sakarkar ml
  67. 67. Data Encryption Standard (DES) I. It is a Block Cipher Symmetric algorithm. II. It takes 64 bits plaintext and 56 (64) bits as a key. III. It produce a 64 bits cipher text. IV. It consist of 16 steps , called round. Steps: 1. It take 64 bit plain text as given i/p to Initial Permutation Function (IPF). 2. IPF produce two halves, i.e. Left Plain Text (LPT) and Right Plain Text Mr. Gopal Sakarkar (RPT) 3.Now, each LPT and RPT goes through 16 rounds of encryption process with key K(56 bits). 4.At the end , LPT and RPT are rejoined and a final permutation (FP) is performed which is being the inverse of IP on the combined block. 5. Finally the result produced 64 bits cipher text.
  68. 68. Plain Text (64 bits) Initial Permutation LPT RPT Key ( K) 16 Rounds 16 Rounds 56 bits Final Permutation Cipher Text(64 bits) DES Algorithm Mr. Gopal Sakarkar
  69. 69. DES Encryption Overview Mr. Gopal Sakarkar
  70. 70. An Example • Let M be the plain text message M = 0123456789ABCDEF, where M is in hexadecimal (base 16) format. Rewriting M in binary format, we get the 64-bit block of text: • M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 Mr. Gopal Sakarkar 1110 1111 • L = 0000 0001 0010 0011 0100 0101 0110 0111 • R= 1000 1001 1010 1011 1100 1101 1110 1111 The first bit of M is "0". The last bit is "1". We read from left to right. Let K be the hexadecimal key K = 133457799BBCDFF1 K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001 Cipher Text: 85E813540F0AB405. Online Example
  71. 71. The EFF's US $ 250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips. Mr. Gopal Sakarkar
  72. 72. Triple-DES with Two-Keys • hence must use 3 encryptions – would seem to need 3 distinct keys • but can use 2 keys with E-D-E sequence – C = EK1[DK2[EK1[P]]] – no encrypt & decrypt equivalent in security – if K1=K2 then can work with single DES • standardized in ANSI X9.17 & ISO8732 • no current known practical attacks
  73. 73. Triple DES
  74. 74. Summary • Security of data is depend on secrecy of key not on the Mr. Gopal Sakarkar encryption algorithm. • Feistel Cipher Structure is basic structure for any symmentric encryption algo. • DES algorithm also called as DEA has been a cryptographic alog. used from over four decades. • It was adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46 (FIPS PUB 46).
  75. 75. For Further Reading • http://www.buchananweb.co.uk/asmn/unit03.swf • http://williamstallings.com/Crypt-Tut/Crypto%20Tutorial%20- Mr. Gopal Sakarkar %20JERIC.swf • http://orlingrabbe.com/des.htm (IMP) • http://www.tero.co.uk/des/explain.php
  76. 76. Exercise - III • Explain a triple DES in detail. • Find out the various application in which DES is implemented. Mr. Gopal Sakarkar
  77. 77. Blowfish Algorithm
  78. 78. The Blowfish Encryption Algorithm • Developed by Bruce Schneier • Keyed, symmetric block cipher • Designed in 1993 . • Can be used as a drop-in replacement for DES.
  79. 79. The Blowfish Encryption Algorithm (cont.) • As a fast, free alternative to existing encryption algorithms. • Variable-length key. • From 32 bits to 448 bits.
  80. 80. The Blowfish Encryption Algorithm (cont.) • Fast: It used 32 bit microprocessors for 26 clock cycles per byte. • Compact : It need less than 5 kb memory for execution. • Simple : It used primitive operations ,such as addition , XOR ,etc. • Secure : It has variable length key upto 448 bits long. • Freely available source code Mr. Gopal Sakarkar
  81. 81. The Blowfish Encryption Algorithm (cont.) • Gained acceptance as a strong encryption algorithm. • Blowfish is unpatented and license-free, and is available free for all uses. • No effective cryptanalysis has been found to date. • More attention is now given to block ciphers with a larger block size, such as AES or Twofish.
  82. 82. 7.07. Blowfish Key Schedule • uses a 32 to 448 bit key • used to generate – 18 32-bit subkeys stored in K-array Kj – four 8x32 S-boxes stored in Si,j • key schedule consists of: – initialize P-array and then 4 S-boxes using pi – XOR P-array with key bits (reuse as needed) – loop repeatedly encrypting data using current P & S and replace successive pairs of P then S values – requires 521 encryptions, hence slow in re-keying
  83. 83. Blowfish Encryption • uses two primitives: addition & XOR • data is divided into two 32-bit halves L0 & R0 for i = 1 to 16 do Ri = Li-1 XOR Pi; Li = F[Ri] XOR Ri-1; L17 = R16 XOR P18; R17 = L16 XOR i17; • where F[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) + S4,a
  84. 84. The Blowfish Algorithm
  85. 85. The Blowfish Algorithm: Encryption (cont) Diagram of Blowfish's F function
  86. 86. The Blowfish Algorithm: Encryption (cont) • Blowfish's F-function. • Splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. • Outputs are added modulo 232 and XORed to produce the final 32-bit output. • Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.
  87. 87. The Function F
  88. 88. RC5 • It is symmetric key block encryption algorithm developed by Ron Rivest. • It is quite fast as it use only the primitive computer operation i.e. XOR , addition, shift etc. • It used variable number of round and variable bit-size key. • It required less memory for execution so that it not only used for desktop computer but also for smart card and other devices. » 125 Mr. Gopal Sakarkar
  89. 89. RC5 Working • It used the plain text block size of 32,64, or 128 bits. • The key length can be 0 to 2040 bits. • Number of rounds can be from 0 to 255. Mr. Gopal Sakarkar
  90. 90. Divide plain text into two block i.e. A ,B Add A & S[0] to produce C Add B & S[1] to produce D Start with i=1 Check: Is i>r ? Mr. Gopal Sakarkar 1. XOR C & D to produce E 4.XOR D & F to produce G 2. Circular left shift E by D bits 3. Add E & S[2] to produce F 5. Circular left shift G by F bits 6. Add G & S[2i+1] to produce H Increment i by 1 Call F as C (i.e. C=F) Call H as D (i.e. D=H) Stop Yes No
  91. 91. Lecture 3 Today’s Agenda Mr. Gopal Sakarkar • IDEA Algorithm. • Cipher Block Chaining. • Location of encryption devices. • Key Distribution
  92. 92. International Data Encryption Algorithm • It is one of the strongest cryptographic algorithm Mr. Gopal Sakarkar invented in 1992. • It is Block Cipher Symmetric cryptographic alog. with 64 bits plain text and 128 bits length key. • It is used both substitution and transposition techniques for encryption
  93. 93. Working of IDEA 1.It take a 64 bits plaintext block as input and then partition it into four part, say P1 to P4. 2. P1 to P4 are the inputs to the first round of the Mr. Gopal Sakarkar algorithm. 3. It has eight round of encryption processing. 4. Each round use six-sub keys generated from original key having 16 bits length. 5. Final step consist of an Output Transformation Which use just four sub-keys , K49 to K52.
  94. 94. Working Plain Text (64bits) Round 1 Mr. Gopal Sakarkar K 1 K 2 K 6 Round 2 …. K 7 K 12 ………………. Round 6 K 43 K 48 Output Transformation K 49 K 52 P1(16 bits) P2(16 bits) P3(16 bits) P4(16 bits) …. …. …. …. C1(16 bits) C2(16 bits) C3(16 bits) C4(16 bits) Cipher Text (64bits)
  95. 95. Working of Rounds • Each round has a series of operation on the data block Mr. Gopal Sakarkar using six keys. • Each round perform a lot of mathematical action such as Multiplication, Addition and X-OR. • Each round is divided into 14 steps.
  96. 96. Sub-key Generation Round Unused (97-128 bits) … Mr. Gopal Sakarkar • First round Original Key (128 bits) K1(1-16 bits) K2(17-32 bits) K6(81-96 bits)
  97. 97. Mr. Gopal Sakarkar • Second round Unused Key (97-128 bits) K7 (97-112 bits) K8(113-128 bits) What about key k9, k10…k12 for second round ? Conti….
  98. 98. • The original key is exhausted . It is circular-left shifted by 25 Position 1 Position … (65-128 bits) Mr. Gopal Sakarkar bits. Original Key(128 bits) 128 circular-left shifted by 25 bits Now start allocating fresh sub-key from K7 to K12 New Key(128 bits) K9(1-16 bits) K10(17-32 bits) K12(49-64 bits) Unused
  99. 99. Exercise - IV • Explain in detail all eight round of sub key generation process. • Find out the strength of IDEA algorithm. Mr. Gopal Sakarkar
  100. 100. • Note: • A permutation is "a re-arrangement of elements of a set". Exp. We do 4 x 3 x 2 x 1 = 24. • There are 24 different ways that the letters can be arranged. • We can write 4!, which is read as "four factorial." Mr. Gopal Sakarkar
  101. 101. • Taking the 4 letters, ABCD, write down all the permutations of 3 of these letters: ABC BAC CAB DAB ACB BCA CBA DBA ABD BAD CAD DAC ADB BDA CDA DCA ACD BCD CBD DBC ADC BDC CDB DCB Mr. Gopal Sakarkar
  102. 102. Working of Substitution method • S-Box= Substitution Box • Example #1: Solve the following system using the substitution method x + y = 20 x − y = 10 Step 1 You have two equations. Pick either the first or the second equation and solve for either x or y. Since I am the one solving it, I have decided to choose the equation at the bottom (x − y = 10) and I will solve for x x − y = 10 Add y to both sides x − y + y = 10 + y x = 10 + y Mr. Gopal Sakarkar
  103. 103. • Step 2 Using x + y = 20, erase x and write 10 + y since x = 10 + y We get 10 + y + y = 20 10 + 2y = 20 Minus 10 from both sides 10 − 10 + 2y = 20 − 10 2y = 10 Divide both sides by 2 y = 5 Mr. Gopal Sakarkar
  104. 104. • Step 2 • Now you have y, you can replace its value into either equation to get x. Replacing y into x + y = 20 gives x + 5 = 20 Minus 5 from both sides x + 5 − 5 = 20 − 5 x = 15 The solution to the system is x = 15 and y = 5 Indeed 15 + 5 = 20 and 15 − 5 = 10 • H/W: Solve the following system using the substitution method 3x + y = 10 -4x − 2y = 2 Mr. Gopal Sakarkar
  105. 105. Algorithm Modes Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB) Work on block cipher Work on stream cipher
  106. 106. Electronic Code Book (ECB) Mr. Gopal Sakarkar
  107. 107. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
  108. 108. Cipher Block Chaining (CBC) • Message is broken into blocks • Linked together in encryption operation • Each previous cipher blocks is chained with current plaintext Mr. Gopal Sakarkar block, hence name • Use Initial Vector (IV) to start process -IV has no special meaning , used to make each message unique only. • Uses: bulk data encryption, authentication
  109. 109. Cipher Block Chaining (CBC) Mr. Gopal Sakarkar
  110. 110. Advantages and Limitations of CBC • A ciphertext block depends on all blocks before it. • Any change to a block affects all following ciphertext blocks • Need Initialization Vector (IV) – which must be known to sender & receiver – if sent in clear, attacker can change bits of first block, and change IV to compensate – hence IV must either be a fixed value – or must be sent encrypted in ECB mode before rest of Mr. Gopal Sakarkar message
  111. 111. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
  112. 112. Cipher FeedBack (CFB) • Message is treated as a stream of bits • Added to the output of the block cipher • Result is feed back for next stage (hence name) • Standard allows any number of bit (1,8, 64 or 128 etc) to be feed back – denoted CFB-1, CFB-8, CFB-64, CFB-128 etc Uses: stream data encryption, authentication Mr. Gopal Sakarkar
  113. 113. Cipher FeedBack (CFB) Mr. Gopal Sakarkar
  114. 114. Advantages and Limitations of CFB • Appropriate when data arrives in bits/bytes • Most common stream mode • limitation is need to install while do block encryption after Mr. Gopal Sakarkar every n-bits • Note that the block cipher is used in encryption mode at both ends • Errors propagate for several blocks after the error.
  115. 115. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
  116. 116. Output FeedBack (OFB) • Message is treated as a stream of bits • In CFB, the cipher text is fed into the next stage of Mr. Gopal Sakarkar encryption process. • But in the OFB, the output of the IV encryption process is fed into the next stage of encryption process • Output of cipher is added to message • Output is then feed back (hence name) • Feedback is independent of message • uses: stream encryption on noisy channels.
  117. 117. OutpuMrt. GFoepael SdaBkarakacrk (OFB)
  118. 118. Key Distribution Symmetric schemes require both parties to share a Mr. Gopal Sakarkar common secret key Issue is how to securely distribute this key Often secure system failure due to a break in the key distribution scheme.
  119. 119. Key Distribution • Given parties A and B have various key distribution alternatives: 1. A can select key and physically deliver to B 2. third party can select & deliver key to A & B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B Mr. Gopal Sakarkar
  120. 120. Summary • IDEA is a strongest encryption algorithm only because of its Mr. Gopal Sakarkar key length. • Algorithm Modes of Operation – ECB, CBC, CFB, OFB Key distribution is centralize storage of keys .

×