Martin Kobetic, profile picture
Uploaded byMartin Kobetic
PPT, PDF777 views

Cryptography for Smalltalkers - ESUG 2004

The document discusses various cryptographic techniques including encryption, message authentication codes, and digital signatures. It describes symmetric key ciphers like stream ciphers (RC4) and block ciphers (DES, AES) as well as asymmetric key ciphers. Specific block cipher modes like CBC, CFB, OFB, and CTR are also summarized. Popular algorithms like DES, AES, Blowfish, and RC4 are briefly explained.

Embed presentation

Downloaded 11 times
Cryptography for Smalltalkers Martin Kobetic Cincom Smalltalk Development ESUG 2004
Cryptographic Objectives confidentiality encryption integrity message authentication codes (MAC) authentication signatures
Encryption E(P) = C & D(C) = P symmetric (secret) key ciphers E K (P) = C & D K (C) = P asymmetric (public) key ciphers E K1 (P) = C & D K2 (C) = P one-time pad
Secret Key Ciphers bulk data encryption built from simple, fast operations (xor, shift, x + y mod n, ...) two fundamental classes stream ciphers (RC4) block ciphers (DES/AES)
Secret Key Ciphers key := ‘secret key’ asByteArray. alice := ARC4 key: key. msg := ‘Hello’ asByteArrayEncoding: #utf_8. msg := alice encrypt: ‘Hello’ msg asString. bob := ARC4 key: key. bob decryptInPlace: msg from: 1 to: 4. msg asStringEncoding: #utf_8.
Stream Ciphers time-varying transformation on individual plain-text digits key-stream generator: k 1 , k 2 , k 3 , .... State S, NextState(S), Output(S) E: c i = p i xor k i D: p i = c i xor k i Pike, A5, RC4, SEAL key reuse is catastrophic! (a xor k) xor (b xor k) = a xor b
leaked trade secret of RSA Security (1994) 256 byte S-Box; 2 counters i=j=0 RC4 (1992) next key-stream byte: i = (i + 1) mod 256 j = (j+S i ) mod 256 swap S i and S j t = (S i + S j ) mod 256 K = S t S-Box initialization: S = 0, ..., 255 K = 256B of replicated key for i=0 to 255: j = (j + S i + K i ) mod 256 swap S i and S j
RC4 alice := ARC4 key: key. msg := alice encrypt: 'Hello' asByteArray. msg asHexString. bob := ARC4 key: key. (bob decrypt: msg) asString
Block Ciphers fixed transformation on blocks of plaintext (e.g 64, 128 bits) basic transformation applied in rounds DES, IDEA, CAST, Blowfish, RC2, RC5
DES (1977) csrc.nist.gov: FIPS PUB 46 (1977) FIPS PUB 46-3 (1999) triple DES still approved single DES legacy systems only 64 bit block size 56 bit key (64 bits with parity) 16 rounds using 48 bit subkeys
Block Ciphers - Padding key := ‘secret8B’ asByteArray. alice := DES key: key. alice encrypt: ‘Hello World!’ asByteArray. alice := BlockPadding on: DES new. alice setKey: key. (alice encrypt: ‘Hello World!’ asByteArray) asString.
Block Ciphers - Padding must be reversible pad with bits “100…0” pad with padding size (1-8) aka PKCS#5 padding ciphertext stealing different for different modes (ECB, CBC) some modes don’t need padding
Block Ciphers - ECB electronic codebook mode C i = E k (P i ) P i = D k (C i ) don’t use !
Block Ciphers - CBC cipher block chaining mode C i = E k (P i xor C i-1 ) P i = C i-1 xor D k (C i ) initialization vector (IV) isn’t secret but unique, random timestamp, nonce, random nr
Block Ciphers - CBC alice := CipherBlockChaining on: DES new iv: ‘nonce 8B’ asByteArray. alice setKey: ‘secret8B’ asByteArray. msg := ‘a block a block ’ asByteArray. msg := alice encrypt: msg. msg asString
Block Ciphers - CBC alice := DES newBP_CBC. alice setKey: 'secret8B' asByteArray. alice setIV: 'nonce 8B' asByteArray. msg := 'Hello World!' asByteArray. msg := alice encrypt: msg. msg asString.
Block Ciphers - OFB output feedback mode S i = E k (S i-1 ) C i = P i xor S i P i = C i xor S i like synchronous stream cipher (OutputFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
Block Ciphers - CTR counter mode S i := E k (Nonce || i) C i = P i xor S i P i = C i xor S i OFB variant
Block Ciphers - CFB cipher feedback mode C i = P i xor E k (C i-1 ) P i = C i xor E k (C i-1 ) like self-synchronizing stream cipher (CipherFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
Block Ciphers - Mixing interleaving parallelizing “chained” modes multiple encryption with single cipher double encryption – no good 3EDE (inner/outer CBC) cascading different ciphers
Block Ciphers - Mixing des3 := TrippleEDEOuterCBC first: DES new second: DES new third: DES new. des3 := DES new3EDE_CBC. des3 setKey: ’24bytes for 3 keys’ asByteArray. des3 setIV: ‘nonce 8B’ asByteArray.
AES (2001) NIST FIPS PUB 197 (2001) - Rijndael 15 submissions (1998) 5 finalists: MARS, Serpent, Twofish, RC6 modes: ECB, CBC, CFB, OFB, CTR block size 128 bits key sizes 128, 192, 256 bits 10, 12, 14 rounds
Blowfish (1993) http://www.counterpane.com/blowfish.html block size 64-bits variable key size 32-448 bits not patented, royalty-free 2 parts: key expansion & data encryption 16 rounds, key dependent S-Boxes
Books Anderson: Security Engineering Ferguson, Schneier: Practical Cryptography Kahn: The Codebreakers, … Menezes, van Oorschot, Vanstone: Handbook of Applied Cryptography Schneier, B: Applied Cryptography

More Related Content

PDF
Cryptography for Smalltalkers
byESUG
 
PPT
Cryptography and SSL in Smalltalk - StS 2003
byMartin Kobetic
 
PDF
C coroutine
byChien-Wei Huang
 
PDF
LLVM Workshop Osaka Umeda, Japan
byujihisa
 
PDF
GoでKVSを書けるのか
byMoriyoshi Koizumi
 
PDF
All I know about rsc.io/c2go
byMoriyoshi Koizumi
 
PDF
Timur Shemsedinov "Пишу на колбеках, а что... (Асинхронное программирование)"
byOdessaJS Conf
 
PPTX
SdE 2: Le langage Python, Allocation de memoire
byAlexandru Radovici
 
Cryptography for Smalltalkers
byESUG
 
Cryptography and SSL in Smalltalk - StS 2003
byMartin Kobetic
 
C coroutine
byChien-Wei Huang
 
LLVM Workshop Osaka Umeda, Japan
byujihisa
 
GoでKVSを書けるのか
byMoriyoshi Koizumi
 
All I know about rsc.io/c2go
byMoriyoshi Koizumi
 
Timur Shemsedinov "Пишу на колбеках, а что... (Асинхронное программирование)"
byOdessaJS Conf
 
SdE 2: Le langage Python, Allocation de memoire
byAlexandru Radovici
 

What's hot

PDF
Hash functions MD5 and RIPEMD 160
bychutinhha
 
PDF
Unmanaged Parallelization via P/Invoke
byDmitri Nesteruk
 
PPTX
C++ via C#
byEgor Bogatov
 
PDF
Go a crash course
byEleanor McHugh
 
PPTX
Oop
byshiam ahmed
 
PPTX
C++ idioms.pptx
byJanani Anbarasan
 
PPTX
Cryptography
bypuja singh
 
PDF
Clojure+ClojureScript Webapps
byFalko Riemenschneider
 
PDF
Rcpp11 useR2014
byRomain Francois
 
PDF
Text Rendering Tech
byDavid Ding
 
PDF
GLX, DRI, and i965
byChia-I Wu
 
PPT
Raspberry Pi for IPRUG
byFrank Carver
 
ODP
To Infinity & Beyond: Protocols & sequences in Node - Part 2
byBahul Neel Upadhyaya
 
KEY
GoLightly: A Go Library For Building Virtual Machines
byEleanor McHugh
 
PDF
Dev day linux redu
byTarcisio Coutinho
 
PDF
Rcpp11 genentech
byRomain Francois
 
PDF
Implementing Software Machines in Go and C
byEleanor McHugh
 
PDF
Abusing text/template for data transformation
byArnaud Porterie
 
PDF
Why my Go program is slow?
byInada Naoki
 
PDF
.NET 2015: Будущее рядом
byAndrey Akinshin
 
Hash functions MD5 and RIPEMD 160
bychutinhha
 
Unmanaged Parallelization via P/Invoke
byDmitri Nesteruk
 
C++ via C#
byEgor Bogatov
 
Go a crash course
byEleanor McHugh
 
Oop
byshiam ahmed
 
C++ idioms.pptx
byJanani Anbarasan
 
Cryptography
bypuja singh
 
Clojure+ClojureScript Webapps
byFalko Riemenschneider
 
Rcpp11 useR2014
byRomain Francois
 
Text Rendering Tech
byDavid Ding
 
GLX, DRI, and i965
byChia-I Wu
 
Raspberry Pi for IPRUG
byFrank Carver
 
To Infinity & Beyond: Protocols & sequences in Node - Part 2
byBahul Neel Upadhyaya
 
GoLightly: A Go Library For Building Virtual Machines
byEleanor McHugh
 
Dev day linux redu
byTarcisio Coutinho
 
Rcpp11 genentech
byRomain Francois
 
Implementing Software Machines in Go and C
byEleanor McHugh
 
Abusing text/template for data transformation
byArnaud Porterie
 
Why my Go program is slow?
byInada Naoki
 
.NET 2015: Будущее рядом
byAndrey Akinshin
 

Viewers also liked

PDF
Offline bruteforce attack on WiFi Protected Setup
by0xcite
 
PPTX
Quantam cryptogrphy ppt (1)
bydeepu427
 
PPTX
Reliance jio
bySean Rodrigues
 
PPT
3d password ppt
byGowsalyasri
 
PPTX
Նուկլեինաթթուներ
byLiana V
 
PPTX
Getting Things Done With Mindjet
byMichael Deutch
 
PPT
18 Interesting Facts About Google That You Probably Never Knew
byPawan Kumar
 
Offline bruteforce attack on WiFi Protected Setup
by0xcite
 
Quantam cryptogrphy ppt (1)
bydeepu427
 
Reliance jio
bySean Rodrigues
 
3d password ppt
byGowsalyasri
 
Նուկլեինաթթուներ
byLiana V
 
Getting Things Done With Mindjet
byMichael Deutch
 
18 Interesting Facts About Google That You Probably Never Knew
byPawan Kumar
 

Similar to Cryptography for Smalltalkers - ESUG 2004

PPT
12 symmetric key cryptography
bydrewz lin
 
PPTX
Overview on Cryptography and Network Security
byDr. Rupa Ch
 
PDF
4. Block Ciphers
bySam Bowne
 
PPT
13528 l8
byridhika_gulati
 
PPT
Ch06
byJoe Christensen
 
PDF
Computer security module 2
byDeepak John
 
PDF
4-DES.pdf
byShimoFcis
 
PPT
Cryptography Symmetric Key Algorithm (CSE)
bySoumyaBhattacharyya14
 
PDF
CNIT 141: 4. Block Ciphers
bySam Bowne
 
PPT
DES-lecture (1).ppt
byMrsPrabhaBV
 
PPT
DES.pptThe Data Encryption Standard (DES) is a symmetric block cipher develop...
byRohiniRajaramPandian
 
PPT
Encryption
byIGZ Software house
 
PPT
Jaimin chp-8 - network security-new -use this - 2011 batch
byJaimin Jani
 
PDF
CNIT 141: 4. Block Ciphers
bySam Bowne
 
PPT
ch06.ppt
byAbhishekVishwakarma964719
 
PDF
Symmetric
byAlessandro José Segura de Oliveira
 
PDF
CNIT 141: 4. Block Ciphers
bySam Bowne
 
PPT
Network Security Lec4
byFederal Urdu University
 
PDF
CNIT 141: 4. Block Ciphers
bySam Bowne
 
DOCX
Des1
bysvsugan
 
12 symmetric key cryptography
bydrewz lin
 
Overview on Cryptography and Network Security
byDr. Rupa Ch
 
4. Block Ciphers
bySam Bowne
 
13528 l8
byridhika_gulati
 
Ch06
byJoe Christensen
 
Computer security module 2
byDeepak John
 
4-DES.pdf
byShimoFcis
 
Cryptography Symmetric Key Algorithm (CSE)
bySoumyaBhattacharyya14
 
CNIT 141: 4. Block Ciphers
bySam Bowne
 
DES-lecture (1).ppt
byMrsPrabhaBV
 
DES.pptThe Data Encryption Standard (DES) is a symmetric block cipher develop...
byRohiniRajaramPandian
 
Encryption
byIGZ Software house
 
Jaimin chp-8 - network security-new -use this - 2011 batch
byJaimin Jani
 
CNIT 141: 4. Block Ciphers
bySam Bowne
 
ch06.ppt
byAbhishekVishwakarma964719
 
Symmetric
byAlessandro José Segura de Oliveira
 
CNIT 141: 4. Block Ciphers
bySam Bowne
 
Network Security Lec4
byFederal Urdu University
 
CNIT 141: 4. Block Ciphers
bySam Bowne
 
Des1
bysvsugan
 

More from Martin Kobetic

PPT
Cryptography for Smalltalkers 2 - ESUG 2006
byMartin Kobetic
 
PDF
VisualWorks Security Reloaded - STIC 2012
byMartin Kobetic
 
PPT
Opentalk at Large - StS 2005
byMartin Kobetic
 
PDF
Xtreams - ESUG 2010
byMartin Kobetic
 
PDF
Secure Communications with VisualWorks - CSTUC 2006
byMartin Kobetic
 
PPT
CVST - Smalltalk Solutions 2001
byMartin Kobetic
 
Cryptography for Smalltalkers 2 - ESUG 2006
byMartin Kobetic
 
VisualWorks Security Reloaded - STIC 2012
byMartin Kobetic
 
Opentalk at Large - StS 2005
byMartin Kobetic
 
Xtreams - ESUG 2010
byMartin Kobetic
 
Secure Communications with VisualWorks - CSTUC 2006
byMartin Kobetic
 
CVST - Smalltalk Solutions 2001
byMartin Kobetic
 

Recently uploaded

PDF
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
cybercrime in Information security .pptx
byismaeelsahib032
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 

Cryptography for Smalltalkers - ESUG 2004

  • 1.
    Cryptography for SmalltalkersMartin Kobetic Cincom Smalltalk Development ESUG 2004
  • 2.
    Cryptographic Objectives confidentialityencryption integrity message authentication codes (MAC) authentication signatures
  • 3.
    Encryption E(P) =C & D(C) = P symmetric (secret) key ciphers E K (P) = C & D K (C) = P asymmetric (public) key ciphers E K1 (P) = C & D K2 (C) = P one-time pad
  • 4.
    Secret Key Ciphersbulk data encryption built from simple, fast operations (xor, shift, x + y mod n, ...) two fundamental classes stream ciphers (RC4) block ciphers (DES/AES)
  • 5.
    Secret Key Cipherskey := ‘secret key’ asByteArray. alice := ARC4 key: key. msg := ‘Hello’ asByteArrayEncoding: #utf_8. msg := alice encrypt: ‘Hello’ msg asString. bob := ARC4 key: key. bob decryptInPlace: msg from: 1 to: 4. msg asStringEncoding: #utf_8.
  • 6.
    Stream Ciphers time-varyingtransformation on individual plain-text digits key-stream generator: k 1 , k 2 , k 3 , .... State S, NextState(S), Output(S) E: c i = p i xor k i D: p i = c i xor k i Pike, A5, RC4, SEAL key reuse is catastrophic! (a xor k) xor (b xor k) = a xor b
  • 7.
    leaked trade secretof RSA Security (1994) 256 byte S-Box; 2 counters i=j=0 RC4 (1992) next key-stream byte: i = (i + 1) mod 256 j = (j+S i ) mod 256 swap S i and S j t = (S i + S j ) mod 256 K = S t S-Box initialization: S = 0, ..., 255 K = 256B of replicated key for i=0 to 255: j = (j + S i + K i ) mod 256 swap S i and S j
  • 8.
    RC4 alice :=ARC4 key: key. msg := alice encrypt: 'Hello' asByteArray. msg asHexString. bob := ARC4 key: key. (bob decrypt: msg) asString
  • 9.
    Block Ciphers fixedtransformation on blocks of plaintext (e.g 64, 128 bits) basic transformation applied in rounds DES, IDEA, CAST, Blowfish, RC2, RC5
  • 10.
    DES (1977) csrc.nist.gov:FIPS PUB 46 (1977) FIPS PUB 46-3 (1999) triple DES still approved single DES legacy systems only 64 bit block size 56 bit key (64 bits with parity) 16 rounds using 48 bit subkeys
  • 11.
    Block Ciphers -Padding key := ‘secret8B’ asByteArray. alice := DES key: key. alice encrypt: ‘Hello World!’ asByteArray. alice := BlockPadding on: DES new. alice setKey: key. (alice encrypt: ‘Hello World!’ asByteArray) asString.
  • 12.
    Block Ciphers -Padding must be reversible pad with bits “100…0” pad with padding size (1-8) aka PKCS#5 padding ciphertext stealing different for different modes (ECB, CBC) some modes don’t need padding
  • 13.
    Block Ciphers -ECB electronic codebook mode C i = E k (P i ) P i = D k (C i ) don’t use !
  • 14.
    Block Ciphers -CBC cipher block chaining mode C i = E k (P i xor C i-1 ) P i = C i-1 xor D k (C i ) initialization vector (IV) isn’t secret but unique, random timestamp, nonce, random nr
  • 15.
    Block Ciphers -CBC alice := CipherBlockChaining on: DES new iv: ‘nonce 8B’ asByteArray. alice setKey: ‘secret8B’ asByteArray. msg := ‘a block a block ’ asByteArray. msg := alice encrypt: msg. msg asString
  • 16.
    Block Ciphers -CBC alice := DES newBP_CBC. alice setKey: 'secret8B' asByteArray. alice setIV: 'nonce 8B' asByteArray. msg := 'Hello World!' asByteArray. msg := alice encrypt: msg. msg asString.
  • 17.
    Block Ciphers -OFB output feedback mode S i = E k (S i-1 ) C i = P i xor S i P i = C i xor S i like synchronous stream cipher (OutputFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
  • 18.
    Block Ciphers -CTR counter mode S i := E k (Nonce || i) C i = P i xor S i P i = C i xor S i OFB variant
  • 19.
    Block Ciphers -CFB cipher feedback mode C i = P i xor E k (C i-1 ) P i = C i xor E k (C i-1 ) like self-synchronizing stream cipher (CipherFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
  • 20.
    Block Ciphers -Mixing interleaving parallelizing “chained” modes multiple encryption with single cipher double encryption – no good 3EDE (inner/outer CBC) cascading different ciphers
  • 21.
    Block Ciphers -Mixing des3 := TrippleEDEOuterCBC first: DES new second: DES new third: DES new. des3 := DES new3EDE_CBC. des3 setKey: ’24bytes for 3 keys’ asByteArray. des3 setIV: ‘nonce 8B’ asByteArray.
  • 22.
    AES (2001) NISTFIPS PUB 197 (2001) - Rijndael 15 submissions (1998) 5 finalists: MARS, Serpent, Twofish, RC6 modes: ECB, CBC, CFB, OFB, CTR block size 128 bits key sizes 128, 192, 256 bits 10, 12, 14 rounds
  • 23.
    Blowfish (1993) http://www.counterpane.com/blowfish.htmlblock size 64-bits variable key size 32-448 bits not patented, royalty-free 2 parts: key expansion & data encryption 16 rounds, key dependent S-Boxes
  • 24.
    Books Anderson: SecurityEngineering Ferguson, Schneier: Practical Cryptography Kahn: The Codebreakers, … Menezes, van Oorschot, Vanstone: Handbook of Applied Cryptography Schneier, B: Applied Cryptography

Editor's Notes

  • #3 confidentiality - prevent eavesdropping (passive attack) integrity - prevent undetected modification (active attack) authentication - proof of origin (active attack) non-repudiation - undeniable proof of origin SSL provides authentication but doesn’t provide non-repudiation SMIME does both (theoretically) point-to-point vs end-to-end
  • #5 Hardware implementations
  • #7 Key stream reuse disastrous (P1 xor K) xor (P2 xor K) = P1 xor (K xor K) xor P2 = P1 xor P2 xoring 2 ciphertexts yields 2 xored plaintexts, easy to break
  • #8 ARC4 – “Alleged” RC4
  • #11 DEA (ANSI), DEA-1 (ISO) Lucifer descendant (IBM), NSA evaluated reviewed every 5 years 1983 – recertified, 1987 – recertified “last time” after public outcry 1993 – recertified, still no alternatives 1999 – reaffirmed 3DES, AES not finished yet
  • #14 POSITIVES parallelizable NEGATIVES preserves plaintext patterns easily manipulated
  • #18 N-bit OFB: smaller than block processing No need to pad. Doesn’t need decryption operation.
  • #19 Nonce: usually message number combined with additional data to guarantee uniqueness N-bit CTR: smaller than block processing No need to pad. Doesn’t need decryption operation.
  • #20 N-bit CFB: smaller than block processing No need to pad. Doesn’t need decryption operation.
  • #21 double encryption – meet in the middle attach 2^n+1 instead of 2^2n triple encryption – 2key or 3key cascading – beware of algorithm interactions
  • #23 Finalists Rijndael – Joan Daemen, Vincent Rijmen (Netherlands) Serpent – Ross Anderson (Cambridge, UK) Twofish – Bruce Schneier (Counterpane Inc) MARS – Don Coppersmith (IBM) RC6 – Ron Rivest (RSA Labs)