Cryptography is the study of techniques for securing communication and information. The document provides an introduction to cryptography, including definitions of encryption, decryption, plaintext and ciphertext. It discusses classical ciphers like the Caesar cipher, monoalphabetic and polyalphabetic ciphers, the Playfair cipher, Vigenère cipher and the one-time pad cipher. It also covers cryptanalysis techniques and introduces concepts in modern cryptography like symmetric and asymmetric key cryptography.
An introductory presentation on cryptography. From ancient ciphers to modern public key encryption, it follows the evolution of a science and how it affects society.
Information and network security 12 classical substitution ciphersVaibhav Khanna
There are two basic building blocks of all encryption techniques: substitution and transposition. A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
An introductory presentation on cryptography. From ancient ciphers to modern public key encryption, it follows the evolution of a science and how it affects society.
Information and network security 12 classical substitution ciphersVaibhav Khanna
There are two basic building blocks of all encryption techniques: substitution and transposition. A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. Introduction
What is cryptography ?
Cryptography is the study of
Encryption
◦ Greek kryptos means “hidden” and
graphia means “writtings”
Encryption is an ancient form of
information protection. … dates back
4,000 years.
◦ process by which plaintext is converted into
ciphertext.
Decryption is the inverse of
Encryption. 2
3. Introduction …
A sender S wanting to transmit message
M to a receiver R
To protect the message M, the sender first
encrypts it into meaningless message M’
After receipt of M’, R decrypts the
message to obtain M
M is called the plaintext
◦ What we want to encrypt
M’ is called the ciphertext
◦ The encrypted output
3
5. Terminologies
Cryptography: Schemes for encryption and
decryption
Encryption algorithm: technique or rules
selected for encryption.
Key: is secret value used to encrypt and/or
decrypt the text.
Cryptanalysis: The study of “breaking the
code”.
Cryptology: Cryptography and
cryptanalysis together constitute the area of
cryptology. 5
6. Encryption vs. C-I-A
Encryption provides :
◦ Confidentiality/Secrecy
keeps our data secret.
◦ Integrity
protect against forgery or tampering
6
7. Cryptographic systems
are characterized along three dimensions
operations used for transforming
◦ Substitution: Replace (bit, letter, group of bits
letters
◦ Transposition: Rearrange the order
◦ Product :use multiple stages of both
number of keys used
◦ Symmetric: same key , secret-key, private-key
◦ Asymmetric: different key , public-key
way in which the plaintext is processed
◦ block cipher 7
8. . For any encryption approach, there
are two major challenges:
Key distribution: how do we convey
keys to those who need them to
establish secure communication.
Key management: given a large
number of keys, how do we preserve
their safety and make them available
as needed.
8
10. Classical Substitution
Caesar Cipher: used by Julius
Caesar's military
◦ substitutes each letter of the alphabet
with the letter standing three places
further down the alphabet
10
12. Activity
Convert it ....to Caesar Ciphertext?
Plaintext: are you ready
Ciphertext: duh brx uhdgb
12
a b c d e f g h i j k l m n o p q r s t u v w x y
D E F G H I J K L M N O P Q R S T U V W X Y Z A B
z
C
Plaintext
Ciphertext
13. Caesar Cipher
the algorithm can be expressed as, for
each plaintext letter P, substitute
ciphertext letter C.
◦ C = E(3, p) = (p + 3) mod 26
mathematically give each letter a
number
a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
General Caesar algorithm as:
c = E(k, p) = (p + k) mod (26)
p = D(k, c) = (c – k) mod (26) 13
14. Classical Transposition
Spartans cipher , fifth century B.C.
Start the war today
Rewrite it by reading down
Srhaoytterdatwta
S t a
r t t
h e w
a r t
o d a
y
Encryption: rearrange the text in 3 columns
14
15. Cryptanalysis
objective to recover key not just
message
general approaches:
◦ cryptanalytic attack
exploits the characteristics of the algorithm
◦ brute-force attack
try every possible key on a piece of ciphertext
involves trying each key until you find the right
one
if either succeed all key use
15
16. More Definitions
unconditional security
◦ no matter how much computer power or time
is available, the cipher cannot be broken since
the ciphertext provides insufficient information
to uniquely determine the corresponding
plaintext
computational security
◦ given limited computing resources (eg time
needed for calculations is greater than age of
universe), the cipher cannot be broken
◦ it either takes too long, or is too expensive,
16
17. Cryptanalysis…
given a ciphertext Caesar cipher, then
a brute-force is easy performed:
◦ simply try all the 25 possible keys.
◦ Assuming language of the plaintext is
known.
Thus, Caesar cipher is far from secure.
17
18. Monoalphabetic Cipher
rather than just shifting the alphabet
could shuffle (jumble) the letters arbitrarily
each plaintext letter maps to a different
random ciphertext letter
hence key is 26 letters long
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
18
19. Brute Force Search
always possible to simply try every key
assume either know / recognise plaintext
impractical if we use an algorithm that
employs a large number of keys.
most basic attack, proportional to key size
19
20. Language Redundancy and
Cryptanalysis
human languages are redundant
letters are not equally commonly used
in English E is by far the most
common letter
◦ followed by T,R,N,I,O,A,S
other letters like Z,J,K,Q,X are fairly
rare
have tables of single, double & triple
letter frequencies for various
languages 20
22. Use in Cryptanalysis
key concept - monoalphabetic
substitution ciphers do not change relative
letter frequencies
discovered by Arabian scientists in 9th
century
calculate letter frequencies for ciphertext
compare counts/plots against known
values
22
24. 24
Playfair Cipher
A.k.a Playfair square
A manual symmetric encryption technique
It was the first literal digraph substitution
cipher.
◦ The scheme was invented in 1854 by Charles
Wheatstone, but bears the name of Lord
Playfair who promoted the use of the cipher.
25. Playfair Key Matrix
a 5X5 matrix of letters based on a
keyword
fill in letters of keyword (no duplicates, i &
j)
fill rest of matrix with other letters
eg. using the keyword (key) simple
s i/j m p l
e a b c d
f g h k n
o q r t u
v w x y z
26. 26
Playfair Cipher
Use filler letter to separate repeated letters
◦ eg. "balloon" encrypts as "ba lx lo on" Encrypt two
letters together
Same row– >followed letters
◦ ac--bd
Same column–> letters under
◦ qw--wi
Otherwise—>square’s corner at same row
◦ ar--bq
27. Activity
Q: construct the playfair matrix using the
keyword MONARCHY ?
Plaintext: Ethiopia
Ciphertext:
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
klbfhvs
b
28. Security of Playfair Cipher
security much improved over
monoalphabetic
But, still has much of plaintext structure.
it can be broken, given a few hundred
letters
◦ With ciphertext only, possible to analyse
frequency of occurrence of digrams (pairs of
letters)
◦ Obtaining the key is relatively
straightforward if both plaintext and
ciphertext are known.
30. Polyalphabetic ciphers
using multiple substitution alphabets.
make cryptanalysis harder with more
alphabets to guess and flatter
frequency distribution
use a key to select which alphabet is
used for each letter of the message
◦ use each alphabet in turn
◦ repeat from start after end of key is
reached
30
31. Vigenere Cipher
simplest polyalphabetic substitution
cipher
meaning that instead of there being a
one-to-one relationship between each
letter and its substitute, there is a one-
to-many relationship between each letter
and its substitutes.
◦ The encipherer chooses a keyword and
repeats it until it matches the length of the
plaintext
31
32. 32
Vigenère Cipher
Basically multiple Caesar ciphers
key is multiple letters long
◦ K = k1 k2 ... kd
◦ ith letter specifies ith alphabet to use
◦ use each alphabet in turn, repeating from
start after d letters in message
Plaintext: THISPROCESSCANALSOBEEXPRESSED
Keyword: CIPHERCIPHERCIPHERCIPHERCIPHE
Ciphertext: VPXZTIQKTZWTCVPSWFDMTETIGAHLH
33. Vigenère Cipher
write the plaintext out
write the keyword repeated above it
use each key letter as a caesar cipher
key
encrypt the corresponding plaintext
letter
34. Activity
Q: encrypt the given plaintext letter
using Vigenère Cipher use keyword
deceptive
plaintext:
wearediscoveredsaveyourself
Key:
Ciphertext:
34
deceptivedeceptivedeceptive
zicvtwqngrzgvtwavzhcqyglmgj
35. Security of Vigenère Ciphers
have multiple cipher text letters for
each plaintext letter
◦ hence letter frequencies are masked
◦ but not totally lost
start with letter frequencies
◦ see if look mono alphabetic or not
if not, then need to determine number
of alphabets, since then can attach
each
36. Autokey Cipher
ideally want a key as long as the message
Vigenère proposed the autokey cipher
with keyword is prefixed to message as key
knowing keyword can recover the first few
letters
use these in turn on the rest of the message
but still have frequency characteristics to
attack
eg. given key deceptive
key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA
37. Vernam Cipher
ultimate defense is to use a key as long
as the plaintext
◦ with no statistical relationship to it
invented by AT&T engineer Gilbert
Vernam in 1918
Originally proposed using a very long
but eventually repeating key
His system works on binary data (bits
rather than letters)
38. One-Time Pad
if a truly random key as long as the
message is used, the cipher will be
secure.
is unbreakable since ciphertext bears no
statistical relationship to the plaintext
since for any plaintext & any ciphertext
there exists a key mapping one to other
can only use the key once though
problems in generation & safe distribution
of key
39. One-time Pad: Encryption
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
h e i l h i t l e r
001 000 010 100 001 010 111 100 000 101
111 101 110 101 111 100 000 101 110 000
110 101 100 001 110 110 111 001 110 101
s r l h s s t h s r
Encryption: Plaintext Key = Ciphertext
Plaintext:
Key:
Ciphertext:
40. One-time Pad: Decryption
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
s r l h s s t h s r
110 101 100 001 110 110 111 001 110 101
111 101 110 101 111 100 000 101 110 000
001 000 010 100 001 010 111 100 000 101
h e i l h i t l e r
Decryption: Ciphertext Key = Plaintext
Ciphertext:
Key:
Plaintext:
41. One-time Pad
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
s r l h s s t h s r
110 101 100 001 110 110 111 001 110 101
101 111 000 101 111 100 000 101 110 000
011 010 100 100 001 010 111 100 000 101
k i l l h i t l e r
Ciphertext:
“key”:
“Plaintext”:
Double agent claims sender used following “key”
42. One-time Pad
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
s r l h s s t h s r
110 101 100 001 110 110 111 001 110 101
111 101 000 011 101 110 001 011 101 101
001 000 100 010 011 000 110 010 011 000
h e l i k e s i k e
Ciphertext:
“Key”:
“Plaintext”:
Or sender is captured and claims the key is…
43. 43
One-time pad…
the only cryptosystem that exhibits what is
referred to as perfect secrecy
Drawbacks
◦ it requires secure exchange of the one-time pad
material, which must be as long as the message
◦ pad disposed of correctly and never reused
In practice
◦ Generate a large number of random keys,
◦ Exchange the key material securely between the
users before sending an one-time enciphered
message,
◦ Keep both copies of the key material for each
message securely until they are used, and
◦ Securely dispose of the key material after use,
thereby ensuring the key material is never
45. 45
Key Management
Using secret channel
Encrypt the key
Third trusted party
The sender and the receiver generate
key
46. More Transposition Ciphers
these hide the message by
rearranging the letter order
without altering the actual letters used
can recognise these since have the
same frequency distribution as the
original text
47. Rail Fence cipher
write message letters out diagonally
over a number of rows
then read off cipher row by row
eg. write message out as: depth 2
m e m a t r h t g p r y
e t e f e t e o a a t
giving ciphertext
MEMATRHTGPRYETEFETEOAAT
Plain msg : "meet me after the toga party"
48. Product Ciphers
ciphers using substitutions or transpositions
are not secure because of language
characteristics
hence consider using several ciphers in
succession to make harder, but:
◦ two substitutions make a more complex
substitution
◦ two transpositions make more complex
transposition
◦ but a substitution followed by a transposition
makes a new much harder cipher
this is bridge from classical to modern
ciphers
49. Taxonomy of Cryptography
Modern world….
Symmetric key
◦ Same key for encryption and decryption
◦ Two types : Stream Cipher, Block Cipher
Public key (or asymmetric crypto)
◦ Two keys, one for encryption (public), and
one for decryption (private)
◦ Also, digital signatures…not possible
before
Hash algorithms (Crypto hash
function)
50. Symmetric Key Crypto
Stream cipher like a one-time pad
◦ Except that key is relatively short
◦ Key is stretched into a long keystream
◦ Keystream is used just like a one-time pad.
◦ Employs “substitution” only
Block cipher based on codebook
concept
◦ Block cipher key determines a codebook
◦ Each key yields a different codebook
◦ Employs both “substitution” and “transposition”
52. Summary
Stream cipher like a one-time pad
◦ Key is stretched into a long keystream then
XOR
◦ Psudorandom key stream generator
◦ Confusion only just like a one-time pad
◦ Efficient for hardware implementation (low
powered device)
Block cipher based on codebook
concept
◦ Block cipher key determines a codebook
◦ Employs both “confusion” and “diffusion”
◦ Faster, Good for Software implementation
54. Data Encryption Standard
Most widely used block cipher in world
DES developed in 1970’s
Based on IBM revised Lucifer cipher
U.S. government standard
DES development was controversial
◦ NSA secretly involved
◦ Design process was secret
◦ Key length reduced from 128 to 56 bits
◦ clever changes to Lucifer algorithm
55. DES Design Controversy
although DES standard is public
was considerable controversy over design
◦ in choice of 56-bit key (vs Lucifer 128-bit)
◦ and because design criteria were classified
subsequent events and public analysis
show in fact design was appropriate.
use of DES has flourished
◦ especially in financial applications
◦ still standardised for legacy application use
56. DES
DES is a Feistel cipher with…
◦ 64 bit block length
◦ 56 bit key length
◦ 16 rounds
◦ 48 bits of key used each round (subkey)
Each round is simple (for a block cipher)
Security depends heavily on “S-boxes”
◦ Each S-boxes maps 6 bits to 4 bits
58. Initial Permutation IP
IP: the first step of the encryption.
It reorders the input data bits.
The last step of encryption is the inverse of IP.
IP and IP-1 are specified by tables
62. DES review
The left side shows the basic process for
enciphering a 64-bit data block which consists
of:
◦ - an initial permutation (IP) which shuffles the 64-bit
input block
◦ - 16 rounds of a complex key dependent round
function involving substitutions & permutations
◦ - a final permutation, being the inverse of IP
The right side shows the handling of the 56-bit
key and consists of:
◦ - an initial permutation of the key (PC1) which
selects 56-bits out of the 64-bits input, in two 28-bit
halves
◦ - 16 stages to generate the 48-bit subkeys using a
63. Strength of DES – Key Size
56-bit keys have 256 = 7.2 x 1016
values
brute force search looks hard
recent advances have shown is
possible
◦ in 1997 on Internet in a few months
◦ in 1998 on dedicated h/w (EFF) in a few
days
◦ in 1999 above combined in 22hrs!
still must be able to recognize
64. Multiple Encryption & DES
clear a replacement for DES was
needed
◦ theoretical attacks that can break it
◦ demonstrated exhaustive key search
attacks
AES is a new cipher alternative
prior to this alternative was to use
multiple encryption with DES
implementations
Triple-DES is the chosen form
65. Triple DES
Today, 56 bit DES key is too small
◦ Exhaustive key search is feasible
But DES is everywhere, so what to do?
Triple DES or 3DES (112 bit key)
◦ C = E(D(E(P,K1),K2),K1)
◦ P = D(E(D(C,K1),K2),K1)
Why Encrypt-Decrypt-Encrypt with 2 keys?
◦ Backward compatible: E(D(E(P,K),K),K) = E(P,K)
◦ And 112 bits is enough
68. Origins
clear a replacement for DES was needed
◦ have theoretical attacks that can break it.
◦ have demonstrated exhaustive key search
attacks.
can use Triple-DES – but slow, has small
blocks
◦ US NIST issued call for ciphers in 1997
◦ 15 candidates accepted in Jun 98
◦ 5 were shortlisted in Aug-99
Rijndael was selected as the AES in Oct-
2000
◦ designed by Rijmen-Daemen in Belgium
69. The AES Cipher - Rijndael
Iterated block cipher (like DES)
Not a Feistel cipher (unlike DES)
◦ operates on entire data block in every round.
Block size:128 bits (192 or 256)
Key length: 128, 192 or 256 bits
(independent of block size)
10 to 14 rounds (depends on key length)
Each round uses 4 functions (3 “layers”)
◦ ByteSub (nonlinear layer)
◦ ShiftRow (linear mixing layer)
◦ MixColumn (nonlinear layer)
◦ AddRoundKey (key addition layer)
71. AES Structure
data block of 4 columns of 4 bytes is state(16
byte)
key is expanded to array of words
has 9/11/13 rounds in which state undergoes:
◦ byte substitution (1 S-box used on every byte)
◦ shift rows (permute bytes between groups/columns)
◦ mix columns (subs using matrix multiply of groups)
◦ add round key (XOR state with key material)
◦ view as alternating XOR key & scramble data bytes
initial XOR key material & incomplete last round
73. Substitute Bytes
AES treat 128 bit block as 4x4 byte array
a simple byte-by-byte substitution of the
block!
uses one table of 16x16 bytes containing a
permutation of all 256 8-bit values.
each byte of state is replaced by byte
indexed by row (left 4-bits) & column (right 4-
bits)
◦ eg. byte {95} is replaced by byte in row 9 column 5
◦ which has value {2A}
77. Shift Rows
a circular byte shift in each
◦ 1st row is unchanged
◦ 2nd row does 1 byte circular shift to left
◦ 3rd row does 2 byte circular shift to left
◦ 4th row does 3 byte circular shift to left
decrypt inverts using shifts to right
since state is processed by columns, this
step permutes bytes between the columns
79. AES MixColumn
Implemented as a (big) lookup table
Nonlinear, invertible operation applied to
each column
80. Mix Columns
each column is processed separately
each byte is replaced by a value
dependent on all 4 bytes in the column
effectively a matrix multiplication in
GF(28) using prime poly m(x)
=x8+x4+x3+x+1
83. Mix Columns
can express each col as 4 equations
◦ to derive each new byte in col
decryption requires use of inverse matrix
◦ with larger coefficients, hence a little harder
have an alternate characterisation
◦ each column a 4-term polynomial
◦ with coefficients in GF(28)
◦ and polynomials multiplied modulo (x4+1)
coefficients based on linear code with
maximal distance between codewords
85. AES Decryption
To decrypt, process must be invertible
Inverse of MixAddRoundKey is easy,
◦ since “”is its own inverse
MixColumn is invertible
◦ (inverse is also implemented as a lookup table)
Inverse of ShiftRow is easy
◦ (cyclic shift the other direction)
ByteSub is invertible
◦ (inverse is also implemented as a lookup table)
87. Some Comments on AES
1. an iterative rather than feistel cipher
2. key expanded into array of 32-bit words
1. four words form round key in each round
3. 4 different stages are used as shown
4. has a simple structure
5. only AddRoundKey uses key
6. AddRoundKey a form of Vernam cipher
7. each stage is easily reversible
8. decryption uses keys in reverse order
9. decryption does recover plaintext
10. final round has only 3 stages