## Continue your professional development with Scribd

Exclusive 60 day trial to the world's largest digital library.

Join 1+ million members and get unlimited* access to books, audiobooks.

Cancel anytime.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Successfully reported this slideshow.

Like this presentation? Why not share!

Just added to SlideShare
##
Continue your professional development with Scribd

Exclusive 60 day trial to the world's largest digital library.

Join 1+ million members and get unlimited* access to books, audiobooks.

Cancel anytime.

Working of Cryptography and network security algorithms.

No Downloads

Total views

10,838

On SlideShare

0

From Embeds

0

Number of Embeds

10

Shares

0

Downloads

622

Comments

0

Likes

24

No notes for slide

- 1. Security Concept Mr.Gopal Sakarkar Mr. Gopal Sakarkar
- 2. Today’s Agenda • Introduction of Security Concept. • Principal of Security. • Classification of Security Attacks Mr. Gopal Sakarkar
- 3. Digital Security Computer Security Network Security Mr. Gopal Sakarkar
- 4. Need of Network Security • According to FBI statistics result (2007) , up to five billion dollars is lost each year due to black holes . • Loss of important data. e.g. Credit Card, ATM Card • Confidential information of business have been stolen by competitors. e.g. ICICI vs HDFC • Last but not least : Important data stolen from military . Mr. Gopal Sakarkar
- 5. So, what do you mean by NS? • It is vital component in information security for securing all information passed through computers network. • It provide management policy for access controls protection for H/W, S/W & information in networking. Mr. Gopal Sakarkar
- 6. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
- 7. Confidentiality • It specifies that only sender and intended recipient(s) should be able to access the contents of message. e.g.: e-mail send by person A to person B. Mr. Gopal Sakarkar
- 8. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
- 9. Authentication • It help to establish proof of identities. e.g. : Login using Userid and Password. Mr. Gopal Sakarkar
- 10. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
- 11. Integrity • Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. e.g. Updating bank account information Mr. Gopal Sakarkar
- 12. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
- 13. Non-repudiation • Non- repudiation does not allow the sender or receiver of a message to refuse the claim of not sending or receiving that message. Mr. Gopal Sakarkar
- 14. Classification of Security Attacks Mr. Gopal Sakarkar
- 15. Passive Attack • A passive attack make use of information from the system but does not affect system resource. Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
- 16. Release of Message Contents Mr. Gopal Sakarkar Hi, I am Bob Hi, I am Bob Hi, I am Bob
- 17. Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
- 18. Traffic Analysis Mr. Gopal Sakarkar Meet me at Cinemax Phhw ph dw flqhpda Meet me at Cinemax
- 19. Active Attack • It involve some modification of data stream or creation of a Mr. Gopal Sakarkar false stream. Active Attack Replay Modification Denial of Service Masquerade
- 20. Replay It involves passive capture of data unit and its subsequent retransmission to produce an unauthorized effect. Mr. Gopal Sakarkar Transfer Rs.1000 to Alice. Transfer Rs.1000 to Darth.
- 21. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
- 22. Modification In which some portion of message is altered or that message are delayed or reordered to produce an unauthorized affect. Mr. Gopal Sakarkar Transfer Rs.1,000 to Darth. Transfer Rs.10,000 to Darth. Transfer Rs.10,000 to Darth
- 23. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
- 24. Denial of service It have a specific target (Server), in which prevents or inhabits the normal use or management of communication facilities. Mr. Gopal Sakarkar
- 25. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
- 26. Masquerade A masquerade is a type of attack where the attacker act as an authorized user system in order to gain access to it or to gain greater privileges than they are authorized for. Mr. Gopal Sakarkar
- 27. Summary • Four goals have been defined for security i.e. Confidentiality , Authentication, Integrity, Non-repudiation. • Security Attacks are classified in two parts Active and Passive. Mr. Gopal Sakarkar
- 28. For Further Reading • http://www.smartchip.com/flash/presentationV2.swf • http://buchananweb.co.uk/asmn/unit03.swf • http://www.computing.co.uk/computing/video/2246841/network-security • http://en.kioskea.net/contents/courrier-electronique/fonctionnement-mta-mua.php3 • http://www.thepcmanwebsite.com/cgi-bin/web_tools/ascii.pl (converter) • http://bytes.com/topic/c/answers/769137-how-convert-alphabet-numbers • http://www.kerryr.net/pioneers/binary.htm • http://services.exeter.ac.uk/cmit/modules/the_internet/slides/ch01s01s04.html (packet working) Mr. Gopal Sakarkar
- 29. 31 Conventional Encryption
- 30. 32 Caesar Cipher It is a substitution cipher invented by Julius Caesar. It replace each letter of the alphabet with the letter standing thired Place further down the alphabet. Let numerical equivalency of letter A B C D E F G H …… z 0 1 2 3 4 5 6 7 25
- 31. 33 Caesar Cipher Let , for each plaintext letter p, substitute the cipher letter : C=E(3,p)=(p+3) mod 26 For generalize equation for encryption : C=E(k,p)= (p+k) mod 26 For generalize equation for decryption : P=D(k,C)=(C-K)mod 26
- 32. 34 Caesar Cipher plain: abcdefghijklmnopqrstuvwxyz key: defghijklmnopqrstuvwxyzabc cipher: PHHW PH DIWHU WKH WRJD SDUWB plain: MEET ME AFTER THE toga PARTY Video
- 33. 35 “Rail-Fence” Cipher It is use substitution method , in which plaintext is written down As a sequence of diagonals and then read off as a sequence of row.
- 34. 36 “Rail-Fence” Cipher DISGRUNTLED EMPLOYEE D R L E O I G U T E M L Y E S N D P E DRLEOIGUTE MLYESNDPE
- 35. Steganography
- 36. What is Steganography? Stegosaurus: a covered lizard (but not a type of cryptography) Greek Words: STEGANOS – “Covered” GRAPHIE – “Writing” • Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. • This can be achieve by concealing the existence of information within seemingly harmless carriers or cover • Carrier: text, image, video, audio, etc.
- 37. Modern Steganography Techniques Masking and Filtering: Is where information is hidden inside of a image using digital watermarks that include information such as copyright, ownership, or licenses. The purpose is different from traditional steganography since it is adding an attribute to the cover image thus extending the amount of information presented. Algorithms and Transformations: This technique hides data in mathematical functions that are often used in compression algorithms. The idea of this method is to hide the secret message in the data bits in the least significant coefficients. Least Significant Bit Insertion: The most common and popular method of modern day steganography is to make use of the LSB of a picture’s pixel information. Thus the overall image distortion is kept to a minimum while the message is spaced out over the pixels in the images. This technique works best when the image file is larger then the message file and if the image is grayscale.
- 38. Basics of Modern Steganography fE: steganographic function "embedding" fE-1: steganographic function "extracting" cover: cover data in which emb will be hidden emb: message to be hidden key: parameter of fE stego: cover data with the hidden message
- 39. Important Requirement for Steganographic System • Security of the hidden communication • size of the payload • Robustness against malicious and unintentional attacks
- 40. Steganography Tools
- 41. 45 Basic Types of Ciphers • Transposition ciphers – rearrange bits or characters in the data • Substitution ciphers – replace bits, characters, or blocks of characters with substitutes
- 42. 46 Encryption Methods • The essential technology underlying virtually all automated network and computer security applications is cryptography • Two fundamental approaches are in use: – Conventional Encryption, also known as symmetric encryption – Public-key Encryption, also known as asymmetric encryption
- 43. 47 Conventional Encryption Model
- 44. 48 Conventional Encryption Five components to the algorithm – Plaintext: The original message or data – Encryption algorithm: Performs various substitutions and transformations on the plaintext – Secret key: Input to the encryption algorithm. Substitutions and transformations performed depend on this key – Ciphertext: Scrambled message produced as output. depends on the plaintext and the secret key – Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext and the secret key to produce the original plaintext
- 45. 50 Conventional Encryption M EK C DK M EK defined by an encrypting algorithm E DK defined by an decrypting algorithm D For given K, DK is the inverse of EK, i.e., DK(EK(M))=M for every plain text message M
- 46. Today’s Agenda • Cryptography and Encryption • Encryption Principles • Feistel Cipher Structure • Data Encryption Standard (DES) Mr. Gopal Sakarkar
- 47. Cryptography • It is a Greek word , means that “Secret Writing”. • Cryptography is an art and science for achieving security by encoding the readable format data in to a non-readable form. Mr. Gopal Sakarkar
- 48. Encryption Encryption is a process of converting the plain text data in to ciphertext data. Mr. Gopal Sakarkar
- 49. Encryption Principles • An encryption scheme has five ingredients: – Plaintext – Encryption algorithm – Secret Key – Ciphertext – Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm. Mr. Gopal Sakarkar
- 50. Average time required for exhaustive key search Mr. Gopal Sakarkar Key Size (bits) Number of Alternative Keys Time required at 106 Decryption/μs 32 232 = 4.3 x 109 2.15 milliseconds 56 256 = 7.2 x 1016 10 hours 128 2128 = 3.4 x 1038 5.4 x 1018 years 168 2168 = 3.7 x 1050 5.9 x 1030 years
- 51. Conventional Encryption Model Mr. Gopal Sakarkar
- 52. Cryptography Process Depend on…. 1. The type of operations used for transforming plaintext to Mr. Gopal Sakarkar ciphertext. 1.1 Substitution 1.2 Transpose 2. The number of keys used 2.1 Symmetric (single key) 2.2Asymmetric(two-keys,orpublic-key encryption) 3. The way in which the plaintext is processed Block Cipher Stream Cipher
- 53. Substitution Process Mr. Gopal Sakarkar
- 54. Transposition Techniques • Consider plain text message as a number A=0 , B=1, C=2……..Z=25. • Take plain text CAT = 2 0 19 Take N x N matrix of randomly chosen keys. Mr. Gopal Sakarkar
- 55. Mr. Gopal Sakarkar 6 24 1 13 16 10 20 17 15 = Multiply two matrix 6 24 1 13 16 10 20 17 15 2 0 X 19 = 31 216 325
- 56. • Now compute a mod 26 value of the above matrix. Mr. Gopal Sakarkar 31 216 325 mod 26 5 8 = 13 Now translate number to alphabet 5=F, 8=I and 13= N i.e. cipher text is FIN
- 57. Exercise - II • Define a symmetric-key cryptography. • Distinguish between a block cipher and a stream cipher with an example. • Decrypt a above example by taking a inverse of 8 5 10 21 8 21 21 12 8 Mr. Gopal Sakarkar original matrix i.e. • Draw an algorithm , flowchart and write a C++ program for implementing Transposition Techniques.
- 58. Summary • Definition of Cryptography . • Working of encryption principal. • Substitution and transportation techniques . Mr. Gopal Sakarkar
- 59. For Further Reading • http://buchananweb.co.uk/asmn/unit04.swf • http://www.youtube.com/watch?v=IzVCrSrZIX8 • http://www.youtube.com/watch?v=ZdC7cnpYOwI&feature=related Mr. Gopal Sakarkar
- 60. Confusion and Diffusion • Introduced by Claude Shannon to capture the two basic building blocks for any Mr. Gopal Sakarkar cryptographic system. • Confusion - Confusion seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible, again to stop attempts to discover the key. • Diffusion - The mechanism of diffusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to prevent attempts to assume the key.
- 61. Approximate Alphabet Frequency Mr. Gopal Sakarkar
- 62. Feistel Cipher Structure • It is block cipher symmetric encryption algorithms, first described by Horst Feistel of IBM in 1973. • It is depends on the choice of the following parameters • Block size: larger block sizes mean greater security • Key Size: larger key size means greater security • Number of rounds: multiple rounds offer increasing security • Subkey generation algorithm: greater complexcity will lead to greater Mr. Gopal Sakarkar difficulty of cryptanalysis. • Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern.
- 63. Steps: 1. Input of plaintext with length 2w bits and key K. 2. Plaintext is divided into two halves L0 and R0. 3. These two halves pass through N round of processing to produce CipherText block. 4. The key K is derived from subkey generation algo. 5. These two halves combine by applying a round function ‘F’ on right half of data and then taking X-OR operation of the output of F with left half of data. Mr. Gopal Sakarkar
- 64. Mr. Gopal Sakarkar
- 65. Exercise • List out the various Feistel ciphers Algorithm and explain each Mr. Gopal Sakarkar in brief.
- 66. For Further Reading • http://www.quadibloc.com/crypto/co040906.htm • http://www.encryptionanddecryption.com/encrypt_decrypt_encyclopedia.ht Mr. Gopal Sakarkar ml
- 67. Data Encryption Standard (DES) I. It is a Block Cipher Symmetric algorithm. II. It takes 64 bits plaintext and 56 (64) bits as a key. III. It produce a 64 bits cipher text. IV. It consist of 16 steps , called round. Steps: 1. It take 64 bit plain text as given i/p to Initial Permutation Function (IPF). 2. IPF produce two halves, i.e. Left Plain Text (LPT) and Right Plain Text Mr. Gopal Sakarkar (RPT) 3.Now, each LPT and RPT goes through 16 rounds of encryption process with key K(56 bits). 4.At the end , LPT and RPT are rejoined and a final permutation (FP) is performed which is being the inverse of IP on the combined block. 5. Finally the result produced 64 bits cipher text.
- 68. Plain Text (64 bits) Initial Permutation LPT RPT Key ( K) 16 Rounds 16 Rounds 56 bits Final Permutation Cipher Text(64 bits) DES Algorithm Mr. Gopal Sakarkar
- 69. DES Encryption Overview Mr. Gopal Sakarkar
- 70. An Example • Let M be the plain text message M = 0123456789ABCDEF, where M is in hexadecimal (base 16) format. Rewriting M in binary format, we get the 64-bit block of text: • M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 Mr. Gopal Sakarkar 1110 1111 • L = 0000 0001 0010 0011 0100 0101 0110 0111 • R= 1000 1001 1010 1011 1100 1101 1110 1111 The first bit of M is "0". The last bit is "1". We read from left to right. Let K be the hexadecimal key K = 133457799BBCDFF1 K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001 Cipher Text: 85E813540F0AB405. Online Example
- 71. The EFF's US $ 250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips. Mr. Gopal Sakarkar
- 72. Triple-DES with Two-Keys • hence must use 3 encryptions – would seem to need 3 distinct keys • but can use 2 keys with E-D-E sequence – C = EK1[DK2[EK1[P]]] – no encrypt & decrypt equivalent in security – if K1=K2 then can work with single DES • standardized in ANSI X9.17 & ISO8732 • no current known practical attacks
- 73. Triple DES
- 74. Summary • Security of data is depend on secrecy of key not on the Mr. Gopal Sakarkar encryption algorithm. • Feistel Cipher Structure is basic structure for any symmentric encryption algo. • DES algorithm also called as DEA has been a cryptographic alog. used from over four decades. • It was adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46 (FIPS PUB 46).
- 75. For Further Reading • http://www.buchananweb.co.uk/asmn/unit03.swf • http://williamstallings.com/Crypt-Tut/Crypto%20Tutorial%20- Mr. Gopal Sakarkar %20JERIC.swf • http://orlingrabbe.com/des.htm (IMP) • http://www.tero.co.uk/des/explain.php
- 76. Exercise - III • Explain a triple DES in detail. • Find out the various application in which DES is implemented. Mr. Gopal Sakarkar
- 77. Blowfish Algorithm
- 78. The Blowfish Encryption Algorithm • Developed by Bruce Schneier • Keyed, symmetric block cipher • Designed in 1993 . • Can be used as a drop-in replacement for DES.
- 79. The Blowfish Encryption Algorithm (cont.) • As a fast, free alternative to existing encryption algorithms. • Variable-length key. • From 32 bits to 448 bits.
- 80. The Blowfish Encryption Algorithm (cont.) • Fast: It used 32 bit microprocessors for 26 clock cycles per byte. • Compact : It need less than 5 kb memory for execution. • Simple : It used primitive operations ,such as addition , XOR ,etc. • Secure : It has variable length key upto 448 bits long. • Freely available source code Mr. Gopal Sakarkar
- 81. The Blowfish Encryption Algorithm (cont.) • Gained acceptance as a strong encryption algorithm. • Blowfish is unpatented and license-free, and is available free for all uses. • No effective cryptanalysis has been found to date. • More attention is now given to block ciphers with a larger block size, such as AES or Twofish.
- 82. 7.07. Blowfish Key Schedule • uses a 32 to 448 bit key • used to generate – 18 32-bit subkeys stored in K-array Kj – four 8x32 S-boxes stored in Si,j • key schedule consists of: – initialize P-array and then 4 S-boxes using pi – XOR P-array with key bits (reuse as needed) – loop repeatedly encrypting data using current P & S and replace successive pairs of P then S values – requires 521 encryptions, hence slow in re-keying
- 83. Blowfish Encryption • uses two primitives: addition & XOR • data is divided into two 32-bit halves L0 & R0 for i = 1 to 16 do Ri = Li-1 XOR Pi; Li = F[Ri] XOR Ri-1; L17 = R16 XOR P18; R17 = L16 XOR i17; • where F[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) + S4,a
- 84. The Blowfish Algorithm
- 85. The Blowfish Algorithm: Encryption (cont) Diagram of Blowfish's F function
- 86. The Blowfish Algorithm: Encryption (cont) • Blowfish's F-function. • Splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. • Outputs are added modulo 232 and XORed to produce the final 32-bit output. • Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.
- 87. The Function F
- 88. RC5 • It is symmetric key block encryption algorithm developed by Ron Rivest. • It is quite fast as it use only the primitive computer operation i.e. XOR , addition, shift etc. • It used variable number of round and variable bit-size key. • It required less memory for execution so that it not only used for desktop computer but also for smart card and other devices. » 125 Mr. Gopal Sakarkar
- 89. RC5 Working • It used the plain text block size of 32,64, or 128 bits. • The key length can be 0 to 2040 bits. • Number of rounds can be from 0 to 255. Mr. Gopal Sakarkar
- 90. Divide plain text into two block i.e. A ,B Add A & S[0] to produce C Add B & S[1] to produce D Start with i=1 Check: Is i>r ? Mr. Gopal Sakarkar 1. XOR C & D to produce E 4.XOR D & F to produce G 2. Circular left shift E by D bits 3. Add E & S[2] to produce F 5. Circular left shift G by F bits 6. Add G & S[2i+1] to produce H Increment i by 1 Call F as C (i.e. C=F) Call H as D (i.e. D=H) Stop Yes No
- 91. Lecture 3 Today’s Agenda Mr. Gopal Sakarkar • IDEA Algorithm. • Cipher Block Chaining. • Location of encryption devices. • Key Distribution
- 92. International Data Encryption Algorithm • It is one of the strongest cryptographic algorithm Mr. Gopal Sakarkar invented in 1992. • It is Block Cipher Symmetric cryptographic alog. with 64 bits plain text and 128 bits length key. • It is used both substitution and transposition techniques for encryption
- 93. Working of IDEA 1.It take a 64 bits plaintext block as input and then partition it into four part, say P1 to P4. 2. P1 to P4 are the inputs to the first round of the Mr. Gopal Sakarkar algorithm. 3. It has eight round of encryption processing. 4. Each round use six-sub keys generated from original key having 16 bits length. 5. Final step consist of an Output Transformation Which use just four sub-keys , K49 to K52.
- 94. Working Plain Text (64bits) Round 1 Mr. Gopal Sakarkar K 1 K 2 K 6 Round 2 …. K 7 K 12 ………………. Round 6 K 43 K 48 Output Transformation K 49 K 52 P1(16 bits) P2(16 bits) P3(16 bits) P4(16 bits) …. …. …. …. C1(16 bits) C2(16 bits) C3(16 bits) C4(16 bits) Cipher Text (64bits)
- 95. Working of Rounds • Each round has a series of operation on the data block Mr. Gopal Sakarkar using six keys. • Each round perform a lot of mathematical action such as Multiplication, Addition and X-OR. • Each round is divided into 14 steps.
- 96. Sub-key Generation Round Unused (97-128 bits) … Mr. Gopal Sakarkar • First round Original Key (128 bits) K1(1-16 bits) K2(17-32 bits) K6(81-96 bits)
- 97. Mr. Gopal Sakarkar • Second round Unused Key (97-128 bits) K7 (97-112 bits) K8(113-128 bits) What about key k9, k10…k12 for second round ? Conti….
- 98. • The original key is exhausted . It is circular-left shifted by 25 Position 1 Position … (65-128 bits) Mr. Gopal Sakarkar bits. Original Key(128 bits) 128 circular-left shifted by 25 bits Now start allocating fresh sub-key from K7 to K12 New Key(128 bits) K9(1-16 bits) K10(17-32 bits) K12(49-64 bits) Unused
- 99. Exercise - IV • Explain in detail all eight round of sub key generation process. • Find out the strength of IDEA algorithm. Mr. Gopal Sakarkar
- 100. • Note: • A permutation is "a re-arrangement of elements of a set". Exp. We do 4 x 3 x 2 x 1 = 24. • There are 24 different ways that the letters can be arranged. • We can write 4!, which is read as "four factorial." Mr. Gopal Sakarkar
- 101. • Taking the 4 letters, ABCD, write down all the permutations of 3 of these letters: ABC BAC CAB DAB ACB BCA CBA DBA ABD BAD CAD DAC ADB BDA CDA DCA ACD BCD CBD DBC ADC BDC CDB DCB Mr. Gopal Sakarkar
- 102. Working of Substitution method • S-Box= Substitution Box • Example #1: Solve the following system using the substitution method x + y = 20 x − y = 10 Step 1 You have two equations. Pick either the first or the second equation and solve for either x or y. Since I am the one solving it, I have decided to choose the equation at the bottom (x − y = 10) and I will solve for x x − y = 10 Add y to both sides x − y + y = 10 + y x = 10 + y Mr. Gopal Sakarkar
- 103. • Step 2 Using x + y = 20, erase x and write 10 + y since x = 10 + y We get 10 + y + y = 20 10 + 2y = 20 Minus 10 from both sides 10 − 10 + 2y = 20 − 10 2y = 10 Divide both sides by 2 y = 5 Mr. Gopal Sakarkar
- 104. • Step 2 • Now you have y, you can replace its value into either equation to get x. Replacing y into x + y = 20 gives x + 5 = 20 Minus 5 from both sides x + 5 − 5 = 20 − 5 x = 15 The solution to the system is x = 15 and y = 5 Indeed 15 + 5 = 20 and 15 − 5 = 10 • H/W: Solve the following system using the substitution method 3x + y = 10 -4x − 2y = 2 Mr. Gopal Sakarkar
- 105. Algorithm Modes Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB) Work on block cipher Work on stream cipher
- 106. Electronic Code Book (ECB) Mr. Gopal Sakarkar
- 107. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
- 108. Cipher Block Chaining (CBC) • Message is broken into blocks • Linked together in encryption operation • Each previous cipher blocks is chained with current plaintext Mr. Gopal Sakarkar block, hence name • Use Initial Vector (IV) to start process -IV has no special meaning , used to make each message unique only. • Uses: bulk data encryption, authentication
- 109. Cipher Block Chaining (CBC) Mr. Gopal Sakarkar
- 110. Advantages and Limitations of CBC • A ciphertext block depends on all blocks before it. • Any change to a block affects all following ciphertext blocks • Need Initialization Vector (IV) – which must be known to sender & receiver – if sent in clear, attacker can change bits of first block, and change IV to compensate – hence IV must either be a fixed value – or must be sent encrypted in ECB mode before rest of Mr. Gopal Sakarkar message
- 111. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
- 112. Cipher FeedBack (CFB) • Message is treated as a stream of bits • Added to the output of the block cipher • Result is feed back for next stage (hence name) • Standard allows any number of bit (1,8, 64 or 128 etc) to be feed back – denoted CFB-1, CFB-8, CFB-64, CFB-128 etc Uses: stream data encryption, authentication Mr. Gopal Sakarkar
- 113. Cipher FeedBack (CFB) Mr. Gopal Sakarkar
- 114. Advantages and Limitations of CFB • Appropriate when data arrives in bits/bytes • Most common stream mode • limitation is need to install while do block encryption after Mr. Gopal Sakarkar every n-bits • Note that the block cipher is used in encryption mode at both ends • Errors propagate for several blocks after the error.
- 115. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
- 116. Output FeedBack (OFB) • Message is treated as a stream of bits • In CFB, the cipher text is fed into the next stage of Mr. Gopal Sakarkar encryption process. • But in the OFB, the output of the IV encryption process is fed into the next stage of encryption process • Output of cipher is added to message • Output is then feed back (hence name) • Feedback is independent of message • uses: stream encryption on noisy channels.
- 117. OutpuMrt. GFoepael SdaBkarakacrk (OFB)
- 118. Key Distribution Symmetric schemes require both parties to share a Mr. Gopal Sakarkar common secret key Issue is how to securely distribute this key Often secure system failure due to a break in the key distribution scheme.
- 119. Key Distribution • Given parties A and B have various key distribution alternatives: 1. A can select key and physically deliver to B 2. third party can select & deliver key to A & B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B Mr. Gopal Sakarkar
- 120. Summary • IDEA is a strongest encryption algorithm only because of its Mr. Gopal Sakarkar key length. • Algorithm Modes of Operation – ECB, CBC, CFB, OFB Key distribution is centralize storage of keys .

No public clipboards found for this slide

Be the first to comment