Block ciphers encrypt data in fixed-size blocks and can be categorized as stream or block ciphers. The document describes block cipher principles including the Feistel cipher structure, ideal block ciphers, and the practical block cipher Data Encryption Standard (DES). It provides details on the DES algorithm, key schedule, substitution boxes, diffusion and confusion properties, and modern cryptanalysis techniques such as differential and linear cryptanalysis. The DES standard utilizes a 56-bit key and has been superseded by algorithms with stronger 128-bit keys due to advances in computing power allowing brute force attacks on its 56-bit key.
This document discusses the design and implementation of the Blowfish encryption algorithm using Verilog HDL. Blowfish is a symmetric block cipher that uses a variable-length key from 32 to 448 bits, making it suitable for securing data. The algorithm consists of two parts - key expansion and a round structure involving 16 rounds of operations. The authors implemented Blowfish using Verilog HDL on a Xilinx FPGA for applications requiring encryption like IoT devices. Their design achieved high-speed encryption of up to 4 bits per clock cycle and operated at a maximum frequency of 50MHz.
The document summarizes the Advanced Encryption Standard (AES). It describes how AES was selected by NIST as a replacement for DES. AES (Rijndael cipher) uses a block size of 128 bits, with key sizes of 128, 192, or 256 bits. It operates on data in rounds that include byte substitution, shifting rows, mixing columns, and adding the round key. The key is expanded into an array of words used for each round.
DES was developed as a standard for communications and data protection by an IBM research team in response to a request from the National Bureau of Standards (now called NIST). DES uses the techniques of confusion and diffusion achieved through numerous permutations and the XOR operation. The basic DES process encrypts a 64-bit block using a 56-bit key over 16 complex rounds consisting of permutations and key-dependent calculations. Triple DES was developed as a more secure version of DES.
This document provides an overview of cryptography concepts including symmetric and asymmetric key algorithms, cryptographic hashes, and tools for cryptanalysis. It defines common terminology like plaintext, ciphertext, encryption, and decryption. Symmetric algorithms discussed include the Vernam cipher, A5/1, DES, AES, and RC4. Asymmetric algorithms covered are RSA and Diffie-Hellman key exchange. Cryptographic hashes like MD5 and SHA-1 are also summarized along with resources for cryptanalysis.
A very clear presentation on Crytographic Alogotithms DES and RSA with basic concepts of cryptography. This presented by students of Techno India, Salt Lake.
The document contains information about several individuals and an outline for a presentation on H.323. The outline discusses what H.323 is, its scope and importance, its historical development stages, the elements that make up an H.323 system, the core protocols that define H.323 communication, how H.323 calls are signaled, and the future prospects of H.323.
The document provides an overview of the responsibilities and functions of the Genie-PCIe data link layer. The data link layer is responsible for reliable transmission of transaction layer packets (TLPs) between the physical and transaction layers. It handles flow control initialization, sequencing, buffering, error detection and recovery for transmitted TLPs using ACK/NAK protocols and data link layer packets (DLLPs). The data link control state machine manages the link status and ensures proper initialization and maintenance of the link.
This document discusses data encryption methods. It defines encryption as hiding information so it can only be accessed by those with the key. There are two main types: symmetric encryption uses one key, while asymmetric encryption uses two different but related keys. Encryption works by scrambling data using techniques like transposition, which rearranges the order, and substitution, which replaces parts with other values. The document specifically describes the Data Encryption Standard (DES) algorithm and the public key cryptosystem, which introduced the innovative approach of using different keys for encryption and decryption.
This document discusses the design and implementation of the Blowfish encryption algorithm using Verilog HDL. Blowfish is a symmetric block cipher that uses a variable-length key from 32 to 448 bits, making it suitable for securing data. The algorithm consists of two parts - key expansion and a round structure involving 16 rounds of operations. The authors implemented Blowfish using Verilog HDL on a Xilinx FPGA for applications requiring encryption like IoT devices. Their design achieved high-speed encryption of up to 4 bits per clock cycle and operated at a maximum frequency of 50MHz.
The document summarizes the Advanced Encryption Standard (AES). It describes how AES was selected by NIST as a replacement for DES. AES (Rijndael cipher) uses a block size of 128 bits, with key sizes of 128, 192, or 256 bits. It operates on data in rounds that include byte substitution, shifting rows, mixing columns, and adding the round key. The key is expanded into an array of words used for each round.
DES was developed as a standard for communications and data protection by an IBM research team in response to a request from the National Bureau of Standards (now called NIST). DES uses the techniques of confusion and diffusion achieved through numerous permutations and the XOR operation. The basic DES process encrypts a 64-bit block using a 56-bit key over 16 complex rounds consisting of permutations and key-dependent calculations. Triple DES was developed as a more secure version of DES.
This document provides an overview of cryptography concepts including symmetric and asymmetric key algorithms, cryptographic hashes, and tools for cryptanalysis. It defines common terminology like plaintext, ciphertext, encryption, and decryption. Symmetric algorithms discussed include the Vernam cipher, A5/1, DES, AES, and RC4. Asymmetric algorithms covered are RSA and Diffie-Hellman key exchange. Cryptographic hashes like MD5 and SHA-1 are also summarized along with resources for cryptanalysis.
A very clear presentation on Crytographic Alogotithms DES and RSA with basic concepts of cryptography. This presented by students of Techno India, Salt Lake.
The document contains information about several individuals and an outline for a presentation on H.323. The outline discusses what H.323 is, its scope and importance, its historical development stages, the elements that make up an H.323 system, the core protocols that define H.323 communication, how H.323 calls are signaled, and the future prospects of H.323.
The document provides an overview of the responsibilities and functions of the Genie-PCIe data link layer. The data link layer is responsible for reliable transmission of transaction layer packets (TLPs) between the physical and transaction layers. It handles flow control initialization, sequencing, buffering, error detection and recovery for transmitted TLPs using ACK/NAK protocols and data link layer packets (DLLPs). The data link control state machine manages the link status and ensures proper initialization and maintenance of the link.
This document discusses data encryption methods. It defines encryption as hiding information so it can only be accessed by those with the key. There are two main types: symmetric encryption uses one key, while asymmetric encryption uses two different but related keys. Encryption works by scrambling data using techniques like transposition, which rearranges the order, and substitution, which replaces parts with other values. The document specifically describes the Data Encryption Standard (DES) algorithm and the public key cryptosystem, which introduced the innovative approach of using different keys for encryption and decryption.
The Advanced Encryption Standard, also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S.
Block ciphers & public key cryptographyRAMPRAKASHT1
This document provides an overview of block ciphers and public key cryptography. It discusses the principles of block ciphers, including block cipher modes of operation. Popular block ciphers like DES, AES, Triple DES and Blowfish are described. The document also covers public key cryptography principles and algorithms like RSA and Diffie-Hellman key exchange. It provides details on elliptic curve cryptography and the arithmetic behind it.
In cryptography, a one-time pad (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random ...
The document discusses several topics related to computer network models and protocols. It describes the OSI model which consists of seven layers and was developed by ISO to ensure worldwide data communication. It also discusses the TCP/IP model. The network layer is described in detail, covering functions like routing packets between networks and logical to physical address translation. Store-and-forward packet switching is explained. The transport layer provides services like port addressing, segmentation and reassembly, and connection-oriented and connectionless transmission. IP addressing schemes like classful and classless are summarized. Network protocols such as ARP, DHCP, ICMP, and RIP are also mentioned briefly.
1. The document discusses network security and provides details about stream ciphers and block ciphers. It explains how each type of cipher works and provides examples of each.
2. Details are given about the Feistel cipher structure and how it provides diffusion and confusion through repeated rounds. The Data Encryption Standard (DES) algorithm is described as a prominent example of a Feistel cipher.
3. Principles of block cipher design are outlined, emphasizing the importance of number of rounds, design of the round function F, and the key schedule algorithm in providing security.
This document provides an overview of the RSA algorithm for public-key cryptography. It explains that RSA uses a public key and private key pair, with the public key used for encryption and the private key used for decryption. The security of RSA relies on the difficulty of factoring large prime numbers. It then provides details on how the RSA algorithm works, including choosing two large prime numbers to generate keys, encrypting and decrypting messages, and an example calculation. Potential attacks on RSA like brute force key searching and timing analysis are also summarized.
This document discusses asymmetric key cryptography and the RSA cryptosystem. It begins by distinguishing between symmetric and asymmetric key cryptography, noting they serve complementary roles. It then covers the basics of public key cryptography using two keys: a private key and public key. The RSA cryptosystem is described as the most common public key algorithm, involving key generation, encryption with the public key, and decryption with the private key. Examples are provided to illustrate the RSA process. Potential attacks on RSA like factorization are also summarized along with recommendations to strengthen security.
This document summarizes a chapter about the Data Encryption Standard (DES). It provides an overview of DES, describing it as a symmetric-key block cipher developed by IBM and adopted by the National Institute of Standards and Technology. The chapter then goes into details about the structure and design of DES, including its use of an initial and final permutation, 16 rounds of encryption using subkey values, and weaknesses like its short key length. It also discusses analyses of DES security, noting brute force, differential cryptanalysis, and linear cryptanalysis as potential attack methods.
HASH FUNCTIONS AND DIGITAL SIGNATURES
Authentication requirement – Authentication function – MAC – Hash function – Security of hash function and MAC –MD5 – SHA – HMAC – CMAC – Digital signature and authentication protocols – DSS – EI Gamal – Schnorr.
Block ciphers like DES encrypt data in blocks and are based on the Feistel cipher structure. DES encrypts 64-bit blocks using a 56-bit key and 16 rounds of encryption. Modern cryptanalysis techniques like differential and linear cryptanalysis use statistical analysis to reveal weaknesses in block ciphers, though DES remains relatively secure against these attacks. Careful design of block ciphers, including aspects like non-linear substitution boxes and complex key scheduling, aims to provide security against cryptanalysis.
This document provides an overview of cryptography including:
1. Cryptography is the process of encoding messages to protect information and ensure confidentiality, integrity, authentication and other security goals.
2. There are symmetric and asymmetric encryption algorithms that use the same or different keys for encryption and decryption. Examples include AES, RSA, and DES.
3. Other techniques discussed include digital signatures, visual cryptography, and ways to implement cryptography like error diffusion and halftone visual cryptography.
This document summarizes simplified DES (SDES), a simplified version of the Data Encryption Standard (DES) designed for educational purposes. SDES uses an 8-bit plaintext, 10-bit key, and 8-bit ciphertext. It has two rounds that each apply an initial permutation, complex 2-input function fk using a key, bit-switching, and inverse permutation. The function fk applies expansion/permutation, XOR with a key to generate left and right halves, S-box lookups, permutation, XOR, and switching input bits for the next round. Key generation applies permutations and shifts to the input key to derive two 8-bit subkeys for each round.
Fpga implementation of (15,7) bch encoder and decoder for text messageeSAT Journals
Abstract In a communication channel, noise and interferences are the two main sources of errors occur during the transmission of the message. Thus, to get the error free communication error control codes are used. This paper discusses, FPGA implementation of (15, 7) BCH Encoder and Decoder for text message using Verilog Hardware Description Language. Initially each character in a text message is converted into binary data of 7 bits. These 7 bits are encoded into 15 bit codeword using (15, 7) BCH encoder. If any 2 bit error in any position of 15 bit codeword, is detected and corrected. This corrected data is converted back into an ASCII character. The decoder is implemented using the Peterson algorithm and Chine’s search algorithm. Simulation was carried out by using Xilinx 12.1 ISE simulator, and verified results for an arbitrarily chosen message data. Synthesis was successfully done by using the RTL compiler, power and area is estimated for 180nm Technology. Finally both encoder and decoder design is implemented on Spartan 3E FPGA. Index Terms: BCH Encoder, BCH Decoder, FPGA, Verilog, Cadence RTL compiler
This document provides an overview of classical encryption techniques. It begins with definitions of key terms like plaintext, ciphertext, encryption, and decryption. It then describes the symmetric cipher model and simplifies it. The document outlines areas of cryptography and cryptanalysis. It explains techniques like substitution ciphers, the Caesar cipher, monoalphabetic ciphers, the Playfair cipher, the Hill cipher, polyalphabetic ciphers, and the one-time pad cipher. For each technique, it provides a brief description and encryption algorithm.
This presentation introduces Feistel encryption and decryption. It discusses the Feistel cipher structure which partitions the input block into two halves and processes them through multiple rounds of substitution and permutation. It shows diagrams of the Feistel encryption and decryption processes. It also covers the design features of Feistel networks such as block size, key size, number of rounds, and sub-key generation. Finally, it provides an example of the round function that performs a bitwise XOR of the left half and output of a function applied to the right half and sub-key.
This document discusses various techniques for error detection and correction in digital communications. It describes common types of errors like single-bit and burst errors. It then explains different coding schemes for error detection and correction including block coding, linear block codes like parity codes and Hamming codes, and cyclic redundancy checks (CRCs). Key concepts covered are redundancy, minimum Hamming distance requirements for detection and correction capabilities, and encoders and decoders for different coding schemes.
SSL uses TCP to provide a secure end-to-end service. It consists of two layers - the SSL record protocol and the SSL handshake protocol. The record protocol provides data encryption and integrity checking, while the handshake protocol allows the server and client to authenticate each other and negotiate encryption parameters for the secure connection.
The document discusses the simulation of a Triple Data Encryption Standard (Triple DES) circuit using VHDL. It provides background on Triple DES, describes the design and structure of the Triple DES circuit in VHDL, and presents the results of testing the encryption and decryption functions of the circuit through simulation. Testing showed the circuit correctly performed encryption and decryption on input data using the Triple DES algorithm. The design utilized some FPGA resources but would require a clock generator and RAM for implementation on an actual FPGA board.
The document discusses content distribution networks (CDNs) like Akamai that improve performance and reliability over a single server approach. CDNs replicate content on many distributed servers and use techniques like DNS redirection to route clients to nearby replicas for faster delivery. Akamai in particular has over 100,000 servers distributed globally and handles hundreds of billions of requests per day. It uses a mapping system and DNS to route clients to optimal servers based on factors like performance and availability.
The document discusses the findings of a survey of 144 CFOs and CIOs about their companies' use of data and analytics (D&A). It finds that while most companies recognize D&A's importance, many are still struggling to realize its full potential benefits. Specifically, the majority have difficulty integrating data technology, analyzing data accurately, and identifying the right data to collect for their D&A strategies. The document maintains that fully leveraging D&A can provide significant competitive advantages but many companies have yet to develop the right environment and understanding to do so.
The Advanced Encryption Standard, also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S.
Block ciphers & public key cryptographyRAMPRAKASHT1
This document provides an overview of block ciphers and public key cryptography. It discusses the principles of block ciphers, including block cipher modes of operation. Popular block ciphers like DES, AES, Triple DES and Blowfish are described. The document also covers public key cryptography principles and algorithms like RSA and Diffie-Hellman key exchange. It provides details on elliptic curve cryptography and the arithmetic behind it.
In cryptography, a one-time pad (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random ...
The document discusses several topics related to computer network models and protocols. It describes the OSI model which consists of seven layers and was developed by ISO to ensure worldwide data communication. It also discusses the TCP/IP model. The network layer is described in detail, covering functions like routing packets between networks and logical to physical address translation. Store-and-forward packet switching is explained. The transport layer provides services like port addressing, segmentation and reassembly, and connection-oriented and connectionless transmission. IP addressing schemes like classful and classless are summarized. Network protocols such as ARP, DHCP, ICMP, and RIP are also mentioned briefly.
1. The document discusses network security and provides details about stream ciphers and block ciphers. It explains how each type of cipher works and provides examples of each.
2. Details are given about the Feistel cipher structure and how it provides diffusion and confusion through repeated rounds. The Data Encryption Standard (DES) algorithm is described as a prominent example of a Feistel cipher.
3. Principles of block cipher design are outlined, emphasizing the importance of number of rounds, design of the round function F, and the key schedule algorithm in providing security.
This document provides an overview of the RSA algorithm for public-key cryptography. It explains that RSA uses a public key and private key pair, with the public key used for encryption and the private key used for decryption. The security of RSA relies on the difficulty of factoring large prime numbers. It then provides details on how the RSA algorithm works, including choosing two large prime numbers to generate keys, encrypting and decrypting messages, and an example calculation. Potential attacks on RSA like brute force key searching and timing analysis are also summarized.
This document discusses asymmetric key cryptography and the RSA cryptosystem. It begins by distinguishing between symmetric and asymmetric key cryptography, noting they serve complementary roles. It then covers the basics of public key cryptography using two keys: a private key and public key. The RSA cryptosystem is described as the most common public key algorithm, involving key generation, encryption with the public key, and decryption with the private key. Examples are provided to illustrate the RSA process. Potential attacks on RSA like factorization are also summarized along with recommendations to strengthen security.
This document summarizes a chapter about the Data Encryption Standard (DES). It provides an overview of DES, describing it as a symmetric-key block cipher developed by IBM and adopted by the National Institute of Standards and Technology. The chapter then goes into details about the structure and design of DES, including its use of an initial and final permutation, 16 rounds of encryption using subkey values, and weaknesses like its short key length. It also discusses analyses of DES security, noting brute force, differential cryptanalysis, and linear cryptanalysis as potential attack methods.
HASH FUNCTIONS AND DIGITAL SIGNATURES
Authentication requirement – Authentication function – MAC – Hash function – Security of hash function and MAC –MD5 – SHA – HMAC – CMAC – Digital signature and authentication protocols – DSS – EI Gamal – Schnorr.
Block ciphers like DES encrypt data in blocks and are based on the Feistel cipher structure. DES encrypts 64-bit blocks using a 56-bit key and 16 rounds of encryption. Modern cryptanalysis techniques like differential and linear cryptanalysis use statistical analysis to reveal weaknesses in block ciphers, though DES remains relatively secure against these attacks. Careful design of block ciphers, including aspects like non-linear substitution boxes and complex key scheduling, aims to provide security against cryptanalysis.
This document provides an overview of cryptography including:
1. Cryptography is the process of encoding messages to protect information and ensure confidentiality, integrity, authentication and other security goals.
2. There are symmetric and asymmetric encryption algorithms that use the same or different keys for encryption and decryption. Examples include AES, RSA, and DES.
3. Other techniques discussed include digital signatures, visual cryptography, and ways to implement cryptography like error diffusion and halftone visual cryptography.
This document summarizes simplified DES (SDES), a simplified version of the Data Encryption Standard (DES) designed for educational purposes. SDES uses an 8-bit plaintext, 10-bit key, and 8-bit ciphertext. It has two rounds that each apply an initial permutation, complex 2-input function fk using a key, bit-switching, and inverse permutation. The function fk applies expansion/permutation, XOR with a key to generate left and right halves, S-box lookups, permutation, XOR, and switching input bits for the next round. Key generation applies permutations and shifts to the input key to derive two 8-bit subkeys for each round.
Fpga implementation of (15,7) bch encoder and decoder for text messageeSAT Journals
Abstract In a communication channel, noise and interferences are the two main sources of errors occur during the transmission of the message. Thus, to get the error free communication error control codes are used. This paper discusses, FPGA implementation of (15, 7) BCH Encoder and Decoder for text message using Verilog Hardware Description Language. Initially each character in a text message is converted into binary data of 7 bits. These 7 bits are encoded into 15 bit codeword using (15, 7) BCH encoder. If any 2 bit error in any position of 15 bit codeword, is detected and corrected. This corrected data is converted back into an ASCII character. The decoder is implemented using the Peterson algorithm and Chine’s search algorithm. Simulation was carried out by using Xilinx 12.1 ISE simulator, and verified results for an arbitrarily chosen message data. Synthesis was successfully done by using the RTL compiler, power and area is estimated for 180nm Technology. Finally both encoder and decoder design is implemented on Spartan 3E FPGA. Index Terms: BCH Encoder, BCH Decoder, FPGA, Verilog, Cadence RTL compiler
This document provides an overview of classical encryption techniques. It begins with definitions of key terms like plaintext, ciphertext, encryption, and decryption. It then describes the symmetric cipher model and simplifies it. The document outlines areas of cryptography and cryptanalysis. It explains techniques like substitution ciphers, the Caesar cipher, monoalphabetic ciphers, the Playfair cipher, the Hill cipher, polyalphabetic ciphers, and the one-time pad cipher. For each technique, it provides a brief description and encryption algorithm.
This presentation introduces Feistel encryption and decryption. It discusses the Feistel cipher structure which partitions the input block into two halves and processes them through multiple rounds of substitution and permutation. It shows diagrams of the Feistel encryption and decryption processes. It also covers the design features of Feistel networks such as block size, key size, number of rounds, and sub-key generation. Finally, it provides an example of the round function that performs a bitwise XOR of the left half and output of a function applied to the right half and sub-key.
This document discusses various techniques for error detection and correction in digital communications. It describes common types of errors like single-bit and burst errors. It then explains different coding schemes for error detection and correction including block coding, linear block codes like parity codes and Hamming codes, and cyclic redundancy checks (CRCs). Key concepts covered are redundancy, minimum Hamming distance requirements for detection and correction capabilities, and encoders and decoders for different coding schemes.
SSL uses TCP to provide a secure end-to-end service. It consists of two layers - the SSL record protocol and the SSL handshake protocol. The record protocol provides data encryption and integrity checking, while the handshake protocol allows the server and client to authenticate each other and negotiate encryption parameters for the secure connection.
The document discusses the simulation of a Triple Data Encryption Standard (Triple DES) circuit using VHDL. It provides background on Triple DES, describes the design and structure of the Triple DES circuit in VHDL, and presents the results of testing the encryption and decryption functions of the circuit through simulation. Testing showed the circuit correctly performed encryption and decryption on input data using the Triple DES algorithm. The design utilized some FPGA resources but would require a clock generator and RAM for implementation on an actual FPGA board.
The document discusses content distribution networks (CDNs) like Akamai that improve performance and reliability over a single server approach. CDNs replicate content on many distributed servers and use techniques like DNS redirection to route clients to nearby replicas for faster delivery. Akamai in particular has over 100,000 servers distributed globally and handles hundreds of billions of requests per day. It uses a mapping system and DNS to route clients to optimal servers based on factors like performance and availability.
The document discusses the findings of a survey of 144 CFOs and CIOs about their companies' use of data and analytics (D&A). It finds that while most companies recognize D&A's importance, many are still struggling to realize its full potential benefits. Specifically, the majority have difficulty integrating data technology, analyzing data accurately, and identifying the right data to collect for their D&A strategies. The document maintains that fully leveraging D&A can provide significant competitive advantages but many companies have yet to develop the right environment and understanding to do so.
This document contains code for an ASP.NET web form that displays department data from a database in a GridView. It allows searching departments by name and editing department records, including assigning an administrator from a dropdown populated from the database. Related course data for each department is also displayed.
This document provides an overview and guide for using IntelliJ IDEA, an integrated development environment (IDE) for programming languages like Java. It covers the basics of IntelliJ IDEA, including that it is cross-platform, supports multiple languages and technologies, and is extensible via plugins. It also discusses project types and formats, creating and configuring projects, building and running applications, debugging, testing, and other features of IntelliJ IDEA. The guide is intended for new IntelliJ IDEA users to help them get started quickly.
This document discusses parallel and distributed database systems. It begins by describing centralized and client-server database architectures. It then covers parallel databases, including types of parallelism like I/O, inter-query, and intra-query parallelism. Distributed databases are also introduced, focusing on distributed data storage, transactions, concurrency control, and query processing. Specific architectures like client-server, shared-nothing, and shared disk are explained. Common techniques for data partitioning and parallel query execution are outlined.
This chapter discusses different database system architectures including centralized, client-server, server, parallel, and distributed systems. Centralized systems run on a single computer while client-server systems separate the front-end and back-end functionality. Server systems can be transaction servers which process requests from clients or data servers which ship data to clients. Parallel systems use multiple processors and disks to improve performance. Distributed systems spread data across multiple interconnected machines.
Breadth-first search (BFS) is an algorithm for traversing or searching trees or graphs. It begins at a root node and explores all neighboring nodes at the present depth prior to moving on to the nodes at the next depth level. The key properties of BFS are that it visits all vertices and edges, computes connected components, and finds the shortest path between any two vertices in terms of the number of edges. BFS runs in O(n+m) time on a graph with n vertices and m edges.
This document discusses non-blocking synchronization as an alternative to lock-based synchronization for parallel applications. It begins by asking whether non-blocking synchronization can provide performance benefits over lock-based approaches for scientific applications. It then describes NOBLE, a non-blocking synchronization interface designed to make non-blocking techniques more accessible to parallel programmers. The document concludes by discussing evaluations of applications modified to use non-blocking synchronization and the performance improvements observed.
This document provides an introduction to threading concepts in .NET. It discusses how threads operate within processes and how the CLR implements threading. Key points include that every process has at least one primary thread, additional threads can be spawned, and threading provides concurrency but also overhead from context switching. The document also covers asynchronous operations using thread pools for efficiency, potential issues like deadlocks, and techniques for thread synchronization.
Collaborative filtering is a technique used by recommender systems to predict items a user may like based on their preferences and the preferences of similar users. It involves identifying correlations between people with similar tastes or opinions. Traditional collaborative filtering uses nearest neighbor algorithms and cosine distance to find similar users and make recommendations, but this has scaling issues. Item-based collaborative filtering improves scaling by identifying similar items and making predictions based on a user's ratings of similar items.
This document summarizes a study on the use and performance of content distribution networks (CDNs). The study found that CDNs were being widely used by popular websites, with some CDNs serving content for over 30% of popular sites. Images made up the majority of CDN-served content. The study developed a methodology to measure CDN performance by downloading canonical pages from CDN and origin servers. The results showed that CDNs generally provided much shorter download times than origin servers, though caching and HTTP/1.1 reduced this difference. Having more CDN servers did not necessarily correlate with better performance. Small DNS time-to-live values also did not consistently improve download times.
This document provides information about setting up a development environment for IBM Worklight V6.1.0, including installing Eclipse, installing the Worklight Studio plug-in, and an overview of key Eclipse concepts. It describes downloading Eclipse from the website, supported Eclipse versions, adding the Worklight Studio update site, and an overview of perspectives, views and editors in Eclipse. The document also provides notices, support information, and a request for comments.
This document provides instructions for connecting an SQLite database to an Android application using Android Studio. It describes creating a database using SQLite Manager and placing it in the Android project's assets folder. It then explains creating a Connection class with paths to the database folder and file. The document outlines creating a DataDB class to connect to the Connection class and calling getNameDB in the MainActivity to retrieve the database name. It provides code snippets for the Connection and DataDB classes.
This document discusses data-level parallelism in vector, SIMD, and GPU architectures. It covers Flynn's taxonomy of parallel computers, including single instruction stream, single data stream (SISD); single instruction stream, multiple data streams (SIMD); multiple instruction streams, single data stream (MISD); and multiple instruction streams, multiple data streams (MIMD). It also discusses vector architectures, SIMD extensions, and graphics processor units (GPUs) that can exploit data-level parallelism. Key optimizations for vector architectures include multiple lanes, vector length registers, vector mask registers, memory banks, stride, scatter-gather, and programming techniques.
The document discusses trends in big data and analytics. It notes that continuous transformation is the new normal due to converging technology disruptors that create opportunities but also threaten business models. IBM's response is focused on its four key plays of cloud, big data, social and mobile. Harnessing all data requires shifting thinking and evolving approaches to leverage all information from all perspectives for all decisions across all departments. Initial big data efforts often focus on gaining insights from existing internal data sources. The document outlines five patterns resulting from high value big data initiatives such as exploring all big data to improve business knowledge or achieving a complete unified view of the customers.
Visual Studio 2012 provides tools for developing applications across many platforms. It includes support for Windows 8, web, cloud, and SharePoint development. The integrated development environment has been streamlined to improve productivity. Visual Studio works with Team Foundation Server to facilitate collaboration between developers and other stakeholders throughout the application lifecycle.
Block ciphers encrypt data in fixed-length blocks and can be used repeatedly on arbitrary-length messages by chaining the blocks. The document discusses block ciphers, stream ciphers, the ideal block cipher model, the Feistel cipher structure used in many modern block ciphers, and the Data Encryption Standard (DES) cipher. It provides details on the design of DES such as its 56-bit key, 64-bit block size, 16 rounds of processing, use of substitution boxes and key schedule to generate round keys from the main key.
This document provides an introduction to block cipher systems, including the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES). It describes the basic structure and processes of block ciphers, including the use of secret keys, encryption/decryption algorithms, and block sizes. For DES, it outlines the key size, number of rounds, and encryption flow. For AES, it compares the different key sizes and number of rounds, and provides details on the cryptographic functions used in a single round of encryption.
The document provides an overview of cyber security concepts and the Data Encryption Standard (DES) algorithm. It defines key terminology like plaintext, ciphertext, encryption, decryption, and cryptography. It explains that DES is a symmetric block cipher that encrypts data in 64-bit blocks using a 56-bit key. DES operates by performing an initial permutation on the plaintext, then uses 16 rounds of encryption involving substitution boxes and key-dependent permutation/XOR operations to generate the ciphertext.
The document discusses block ciphers and the Data Encryption Standard (DES). It provides an overview of modern block ciphers, including that they encrypt fixed-length blocks of plaintext or ciphertext using a shared key. DES is introduced as a widely used symmetric-key block cipher that operates on 64-bit blocks. Simplified DES (S-DES) is also covered, including its key generation process and encryption algorithm using initial and final permutations, subkey generation, and substitution and permutation functions.
Overview on Cryptography and Network SecurityDr. Rupa Ch
These slides give some overview on the the concepts which were in Crytography and network security. I have prepared these slides by the experiece after refer the text bbok as well as resources from the net. Added figures directly from the references. I would like to acknowledge all the authors by originally.
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
Two fish & Rijndael (AES) Encryption AlgorithmRifat Tasnim
In cryptography, the Advanced Encryption Standard (AES) is an encryption standard adopted by the
U.S. government. Back in 1997 the National Institute of Standards and Technology (NIST) made a public call for new cipher
algorithms that could replace the DES. A rough summary of
the requirements made by NIST for the new AES were the
following:
Symmetric-key cipher
Block cipher
Support for 128 bit block sizes
Support for 128, 192, and 256 bit key lengths.
A combination of factors such as security, performance,
efficiency, ease of implementation and flexibility contributed
to the selection of this algorithm as the AES.Twofish and Rijndael were designed to meet the requirements of the
Advanced Encryption Standard(AES) competition and selected among five finalists of that
competition.
Rijndael is the block cipher algorithm recently chosen by the National Institute of Science and Technology (NIST) as the Advanced Encryption Standard (AES). It supercedes the Data Encryption Standard (DES). NIST selected Rijndael as the standard symmetric key encryption algorithm to be used to encrypt sensitive (unclassified) American federal information. The choice was based on a careful and comprehensive analysis of the security and efficiency characteristics of Rijndael's algorithm.
This document discusses block ciphers and provides details about the Data Encryption Standard (DES). It explains that block ciphers like DES operate on fixed-size blocks of plaintext, while stream ciphers operate on plaintext one bit or byte at a time. DES is based on a Feistel cipher structure, which partitions the data block into halves that are swapped and transformed over multiple rounds using subkeys derived from the main key. The DES algorithm, key schedule, and encryption/decryption process are described. Cryptanalytic attacks on DES like differential and linear cryptanalysis are also summarized.
This document provides an overview of block ciphers and the Data Encryption Standard (DES) algorithm. It begins with definitions of stream ciphers and block ciphers. It then discusses the principles of confusion and diffusion in encryption algorithms. The document introduces the Feistel cipher structure and how it was developed based on Claude Shannon's work. It provides details on the DES algorithm, including its history, design, encryption process using rounds and subkeys, decryption process, and the avalanche effect property.
The document discusses the Data Encryption Standard (DES) algorithm. It was adopted in 1977 and encrypts 64-bit blocks using a 56-bit key. The algorithm uses permutations and substitutions to encrypt data in multiple rounds. Weak keys that reduce the algorithm's security are identified. Attacks like differential and linear cryptanalysis have been developed against DES. Alternatives like triple DES and extending the key length were proposed to strengthen it against attacks.
The document discusses the Data Encryption Standard (DES) cipher. It was the most widely used symmetric cipher but has been replaced by the Advanced Encryption Standard (AES). DES encrypts data in 64-bit blocks using a 56-bit key. It operates by applying an initial permutation to the plaintext block, dividing it into halves, and performing 16 rounds of substitution and permutation using 48-bit subkeys generated from the main key. Each round includes expanding, XORing with the subkey, and applying S-boxes and permutations to provide diffusion and confusion.
This document summarizes key aspects of the Data Encryption Standard (DES) block cipher. It describes how DES operates on 64-bit blocks using a 56-bit key in 16 rounds based on a Feistel network structure. Each round uses 48-bit subkeys generated from the main key. The document also discusses DES modes of operation like ECB, CBC, CFB, OFB and CTR and how they encrypt blocks of plaintext. Finally, it notes NIST's role in establishing encryption standards and the history of DES adoption as a standard in 1977.
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
Block ciphers like DES encrypt data in fixed-size blocks and use symmetric encryption keys. DES is a 64-bit block cipher that uses a 56-bit key. It employs a Feistel network structure with 16 rounds to provide diffusion and confusion of the plaintext block. Each round uses subkey-dependent substitution boxes and permutation functions. While DES was widely adopted, cryptanalysis techniques showed it could be broken with less than 256 tries, making the key size too short by modern standards.
This document provides an overview of the AES (Advanced Encryption Standard) cryptographic algorithm. It discusses the origins and development of AES, including the competition that led to Rijndael being selected. The basic structure and conceptual scheme of AES is described as involving multiple rounds of transformations including SubBytes, ShiftRows, MixColumns and AddRoundKey. Details are then provided on each of the round transformations and how they provide confusion and diffusion in the cipher. The security of AES is noted to be stronger than DES due to its larger key size and resistance to known attacks like brute force, differential and linear cryptanalysis.
The document discusses the Data Encryption Standard (DES) and its encryption process. It then summarizes the Rijndael cipher, which was selected as the Advanced Encryption Standard (AES) in 2001. The AES uses a block cipher structure of iterative rounds involving byte substitution, shifting rows of bytes, mixing columns of bytes, and adding round keys.
The document discusses block ciphers and the Data Encryption Standard (DES). It covers the basic principles of block cipher design, including Feistel networks, confusion and diffusion, key scheduling, and the substitution-permutation network. It then describes DES in detail, including its history, design, encryption process, strength and limitations. Finally, it examines various modes of operation for block ciphers like DES, including ECB, CBC, CFB, OFB and CTR.
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
This document proposes an Enhanced Data Encryption Standard (EDES) algorithm for use in mobile ad hoc networks to provide encryption with lower energy consumption than existing algorithms. EDES modifies the Data Encryption Standard (DES) algorithm by reducing the number of rounds from 16 to 8 and increasing the key size from 56 bits to 112 bits using two 56-bit keys. Experimental results show that EDES requires less computation and energy than DES for encryption in mobile ad hoc networks where nodes have limited battery power.
This document provides an overview of the Data Encryption Standard (DES) algorithm. It describes how DES was adopted as a standard in 1977, uses a 64-bit block size and 56-bit key, and has been widely used for encryption. The document outlines the key components of DES, including the initial permutation, round structure using substitution boxes and key schedule, as well as the decryption process. It notes that while DES was controversial due to its 56-bit key size, it exhibits good diffusion properties. However, it has been shown to be vulnerable to brute force and timing attacks in recent years.
The document summarizes a lecture on the Advanced Encryption Standard (AES). It describes the origins and requirements for AES as the successor to the Data Encryption Standard (DES). The Rijndael cipher was selected as AES in 2000. Rijndael has four stages in each round: Substitute Bytes, Shift Rows, Mix Columns, and Add Round Key. Substitute Bytes uses a lookup table, Shift Rows shifts bytes within rows, Mix Columns mixes bytes mathematically, and Add Round Key XORs the state with the round key. The cipher has 10 rounds for 128-bit keys and security.
This document provides an overview of the Advanced Encryption Standard (AES). It discusses the origins and requirements for AES, the evaluation criteria used in selecting Rijndael as the cipher, and the structure and key components of the Rijndael cipher. The Rijndael cipher operates on data in rounds that include byte substitution, shifting rows, mixing columns, and adding a round key. The cipher text is produced after 9 to 13 rounds depending on the key size.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
Understanding User Behavior with Google Analytics.pdfSEO Article Boost
Unlocking the full potential of Google Analytics is crucial for understanding and optimizing your website’s performance. This guide dives deep into the essential aspects of Google Analytics, from analyzing traffic sources to understanding user demographics and tracking user engagement.
Traffic Sources Analysis:
Discover where your website traffic originates. By examining the Acquisition section, you can identify whether visitors come from organic search, paid campaigns, direct visits, social media, or referral links. This knowledge helps in refining marketing strategies and optimizing resource allocation.
User Demographics Insights:
Gain a comprehensive view of your audience by exploring demographic data in the Audience section. Understand age, gender, and interests to tailor your marketing strategies effectively. Leverage this information to create personalized content and improve user engagement and conversion rates.
Tracking User Engagement:
Learn how to measure user interaction with your site through key metrics like bounce rate, average session duration, and pages per session. Enhance user experience by analyzing engagement metrics and implementing strategies to keep visitors engaged.
Conversion Rate Optimization:
Understand the importance of conversion rates and how to track them using Google Analytics. Set up Goals, analyze conversion funnels, segment your audience, and employ A/B testing to optimize your website for higher conversions. Utilize ecommerce tracking and multi-channel funnels for a detailed view of your sales performance and marketing channel contributions.
Custom Reports and Dashboards:
Create custom reports and dashboards to visualize and interpret data relevant to your business goals. Use advanced filters, segments, and visualization options to gain deeper insights. Incorporate custom dimensions and metrics for tailored data analysis. Integrate external data sources to enrich your analytics and make well-informed decisions.
This guide is designed to help you harness the power of Google Analytics for making data-driven decisions that enhance website performance and achieve your digital marketing objectives. Whether you are looking to improve SEO, refine your social media strategy, or boost conversion rates, understanding and utilizing Google Analytics is essential for your success.
Ready to Unlock the Power of Blockchain!Toptal Tech
Imagine a world where data flows freely, yet remains secure. A world where trust is built into the fabric of every transaction. This is the promise of blockchain, a revolutionary technology poised to reshape our digital landscape.
Toptal Tech is at the forefront of this innovation, connecting you with the brightest minds in blockchain development. Together, we can unlock the potential of this transformative technology, building a future of transparency, security, and endless possibilities.
Instagram has become one of the most popular social media platforms, allowing people to share photos, videos, and stories with their followers. Sometimes, though, you might want to view someone's story without them knowing.
Discover the benefits of outsourcing SEO to Indiadavidjhones387
"Discover the benefits of outsourcing SEO to India! From cost-effective services and expert professionals to round-the-clock work advantages, learn how your business can achieve digital success with Indian SEO solutions.
2. IFETCE/M.E CSE/NE7202-NIS/Unit 2 2
Learning Outcomes
• Recognise the different components of the cryptographic
process
• Identify some of the factors involved in selecting a cryptographic
algorithm
• Describe the model of a stream cipher
• Appreciate the types of application where a stream cipher is
most appropriate
• Describe the model of a block cipher
• Recall the basic design features and history of DES
• Comment on the security issues surrounding modern use of
DES
3. IFETCE/M.E CSE/NE7202-NIS/Unit 2 3
Overview
• Block Cipher Principles
– Stream and Block Ciphers
– Ideal Block Cipher
– The Feistel Cipher
• The Data Encryption Standard
– DES Details
– DES Design Issues
– The Strength of DES
– Differential and Linear Cryptanalysis
4. 4
A symmetric classification
1 …… 1 …… 0 ……0 ……0
E
1……...1……..1…….0…….1
100110110100010111010010
1100100111010100100010011
E E E E
100110110100010111010010
110010011101010010001001
100110 110100 010111 010010
E E E E
110010 011101 010010 001001
… … … …
Stream cipher Block cipher
7. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Model of a block cipher
• Encrypt a block of plaintext as a whole to
produce same sized ciphertext
• Typical block sizes are 64 or 128 bits
• Modes of operation used to apply block
ciphers to larger plaintexts
7
block of ciphertext
8. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Reversible and Irreversible
Mappings
• n-bit block cipher takes n bit plaintext and produces n
bit ciphertext
• 2n
possible different plaintext blocks
• Encryption must be reversible (decryption possible)
• Each plaintext block must produce unique ciphertext
block
• Total transformations is 2n
!
8
11. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Ideal Block Cipher
• n-bit input maps to 2n
possible input states
• Substitution used to produce 2n
output states
• Output states map to n-bit output
• Ideal block cipher allows maximum number of
possible encryption mappings from plaintext
block
• Problems with ideal block cipher:
– Small block size: equivalent to classical substitution cipher;
cryptanalysis based on statistical characteristics feasible
– Large block size: key must be very large;
performance/implementation problems
11
12. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Practical Block Ciphers
• Modern block ciphers use a key of K bits to specify a
random subset of 2K
mappings.
• If K ≈ N,
– 2K
is much smaller than 2N
!
– But is still very large.
• If the selection of the 2K
mappings is random, the
resulting cipher will be a good approximation of the
ideal block cipher.
• Horst Feistel, in1970s, proposed a method to achieve
this.
12
13. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Feistel Structure for Block
Ciphers
• Feistel proposed applying two or more simple
ciphers in sequence so final result is
cryptographically stronger than component
ciphers
• n-bit block length; k-bit key length; 2k
transformations
• Feistel cipher alternates: substitutions,
transpositions(permutations)
• Applies concepts of diffusion and confusion
• Applied in many ciphers today
13
14. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Diffusion and Confusion
• Diffusion
– Statistical nature of plaintext is reduced in ciphertext
– E.g. A plaintext letter affects the value of many ciphertext
letters
– How: repeatedly apply permutation (transposition) to data,
and then apply function
• Confusion
– Make relationship between ciphertext and key as complex as
possible
– Even if attacker can find some statistical characteristics of
ciphertext, still hard to find key
– How: apply complex (non-linear) substitution algorithm
14
15. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Feistel Structure for Block
Ciphers
• Approach:
– Plaintext split into halves
– Subkeys (or round keys) generated from
key
– Round function, F, applied to right half
– Apply substitution on left half using XOR
– Apply permutation: interchange to halves
15
18. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Using the Feistel Structure
• Exact implementation depends on various design
features
– Block size, e.g. 64, 128 bits: larger values leads to more
diffusion
– Key size, e.g. 128 bits: larger values leads to more
confusion, resistance against brute force
– Number of rounds, e.g. 16 rounds
– Subkey generation algorithm: should be complex
– Round function F: should be complex
• Other factors include fast encryption in software and
ease of analysis
• Tradeoff: security vs performance
18
19. IFETCE/M.E CSE/NE7202-NIS/Unit 2 September, 2006
Feistel decryption
• same as encryption, except
• ciphertext is input
• use keys in reverse order
• at each round the output is equal to the
corresponding value of the encryption
process with the two halves of the value
swapped
• final permutation (swap) realigns 2 halves
21. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Data Encryption Standard
• Symmetric block cipher
– 56-bit key, 64-bit input block, 64-bit output block
• One of most used encryption systems in world
– Developed in 1977 by NBS/NIST
– Designed by IBM (Lucifer) with input from NSA
– Principles used in other ciphers, e.g. 3DES, IDEA
• Simplified DES (S-DES)
– Cipher using principles of DES
– Developed for education (not real world use)
21
22. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Simplied DES
• Input (plaintext) block: 8-bits
• Output (ciphertext) block: 8-bits
• Key: 10-bits
• Rounds: 2
• Round keys generated using permutations and
left shifts
• Encryption: initial permutation, round function,
switch halves
• Decryption: Same as encryption, except round
keys used in opposite order
22
27. IFETCE/M.E CSE/NE7202-NIS/Unit 2
S-DES S-Boxes
• S-DES (and DES) perform substitutions using
S-Boxes
• S-Box considered as a matrix: input used to
select row/column; selected element is output
• 4-bit input: bit1; bit2; bit3; bit4
• bit1bit4 species row (0, 1, 2 or 3 in decimal)
• Bit2bit4 species column
• 2-bit output
27
29. IFETCE/M.E CSE/NE7202-NIS/Unit 2
S-DES Summary
• Educational encryption algorithm
• S-DES expressed as functions:
ciphertext = IP-1
(fK2 (SW (fK1 (IP (plaintext)))))
plaintext = IP-1
(fK1 (SW (fK2 (IP (ciphertext)))))
• Security of S-DES:
–10-bit key, 1024 keys: brute force easy
–If know plaintext and corresponding ciphertext, can
we determine key? Very hard
29
30. Comparing DES and S-DES
S-DES
• 8-bit blocks
• 10-bit key: 2 x 8-bit round
keys
• IP: 8-bits
• F operates on 4 bits
• 2 S-Boxes
• 2 rounds
DES
• 64-bit blocks
• 56-bit key: 16 x 48-bit
round keys
• IP: 64 bits
• F operates on 32 bits
• 8 S-Boxes
• 16 rounds
30
S-DES encryption:
ciphertext = IP-1
(fK2 (SW (fK1 (IP (plaintext)))))
DES encryption:
ciphertext = IP-1
(fK16 (SW (fK15 (SW (: : : (fK1 (IP
(plaintext))))))))
31. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Design Principles of DES
• To achieve high degree of diffusion and
confusion.
• Diffusion: making each plaintext bit
affect as many ciphertext bits as
possible.
• Confusion: making the relationship
between the encryption key and the
ciphertext as complex as possible.
1
33. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Round Keys Generation
• Main key: 64 bits.
• 56-bits are selected and permuted using Permuted
Choice One (PC1); and then divided into two 28-bit
halves.
• In each round:
– Left-rotate each half separately by either 1 or 2
bits according to a rotation schedule.
– Select 24-bits from each half, and permute the
combined 48 bits.
– This forms a round key.
38. IFETCE/M.E CSE/NE7202-NIS/Unit 2
The S-Boxes
• Eight S-boxes each map 6 to 4 bits
• Each S-box is specified as a 4 x 16
table
– each row is a permutation of 0-15
– outer bits 1 & 6 of input are used to select
one of the four rows
– inner 4 bits of input are used to select a
column
• All the eight boxes are different.
42. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Avalanche Effect
• Avalanche effect:
– A small change in the plaintext or in the key results in a
significant change in the ciphertext.
– an evidence of high degree of diffusion and confusion
– a desirable property of any encryption algorithm
• DES exhibits a strong avalanche effect
– Changing 1 bit in the plaintext affects 34 bits in the
ciphertext on average.
– 1-bit change in the key affects 35 bits in the ciphertext
on average.
43. IFETCE/M.E CSE/NE7202-NIS/Unit 2
The Avalanche Eect
• Following examples show the number of
bits that change in output when two
different inputs are used, differing by 1
bit
• Plaintext 1: 02468aceeca86420
• Plaintext 2: 12468aceeca86420
• Ciphertext difference: 32 bits
• Key 1: 0f1571c947d9e859
• Key 2: 1f1571c947d9e859
• Ciphertext difference: 30
43
46. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Key Size
• Although 64 bit initial key, only 56 bits used in
encryption (other 8 for parity check)
• 256
= 7.2 × 1016
– 1977: estimated cost $US20m to build machine to
break in 10 hours
– 1998: EFF built machine for $US250k to break in 3
days
– Today: 56 bits considered too short to withstand
brute force attack
• 3DES uses 128-bit keys
46
47. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Attacks on DES
• Timing Attacks
– Information gained about key/plaintext by observing how long
implementation takes to decrypt
– No known useful attacks on DES
• Differential Cryptanalysis
– Observe how pairs of plaintext blocks evolve
– Break DES in 247 encryptions (compared to 255); but require
247 chosen plaintexts
• Linear Cryptanalysis
– Find linear approximations of the transformations
– Break DES using 243 known plaintexts
47
48. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Multiple Encryption with DES
• DES is vulnerable to brute force attack
• Alternative block cipher that makes use of
DES software/equipment/knowledge: encrypt
multiple times with different keys
• Options:
1. Double DES: not much better than single DES
2. Triple DES (3DES) with 2 keys: brute force 2112
3. Triple DES with 3 keys: brute force 2168
48
49. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Double Encryption
• For DES, 2 × 56-bit keys, meaning 112-bit key length
• Requires 2111
operations for brute force?
• Meet-in-the-middle attack makes it easier
49
50. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Meet-in-the-Middle Attack
• Double DES Encryption: C = E(K2;E(K1; P))
• Say X = E(K1; P) = D(K2; C)
• Attacker knows two plaintext, ciphertext pairs (Pa; Ca) and (Pb;
Cb)
1. Encrypt Pa using all 256
values of K1 to get multiple values of X
2. Store results in table and sort by X
3. Decrypt Ca using al 256
values of K2
4. As each decryption result produced, check against table
5. If match, check current K1;K2 on Cb. If Pb obtained, then accept the keys
• With two known plaintext, ciphertext pairs, probability of
successful attack is almost 1
• Encrypt/decrypt operations required: 256
(twice as many as single
DES)
50
51. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Triple Encryption
• 2 keys, 112 bits
• 3 keys, 168 bits
• Why E-D-E? To be compatible with single DES:
C = E(K1;D(K1;E(K1; P))) = E(K1; P)
51
52. Introduction to Cryptography and Security Mechanisms 2005 52
Triple DES
ciphertext
Encrypt
Using DES
plaintext
Key K1
Decrypt
Using DES
Encrypt
Using DES
Key K2
Key K1
1
Key K = K1 and K2
3
2
4
53. 53
DES
Parameter DES specification
Type of design Feistel Cipher
Number of rounds 16
Block size 64
Length of key 56
Public / proprietary Published as FIPS 46
54. 54
Design criticisms
Criticism Comment
Secret design criteria
Design criteria of round function / key schedules secret.
(although actual design public)
Fear of trapdoors has proved unfounded.
Weak keys
Certain DES keys are weak.
(encryption and decryption has same effect)
Few such keys and their use easily avoided.
Inadequate key
length
56 bits an inadequate key length.
Criticised even in 1975
Unsubstantiated claims that NSA insisted on the
“small” key length.
55. Introduction to Cryptography and Security Mechanisms 2005 55
Searching for a DES key
Suppose that we have a machine consisting
of one million processors, each of which can
test one million keys per second.
How long is it likely to take before we find a
DES key during an exhaustive key search?
56. 56
Searching for a DES key
Year Source Implemented? (Estimated)
Cost in US$
(Estimated)
Search time
1977 Diffie
Hellman
No 20 million 20 hours
1993 Wiener No 10.5 million
1.5 million
600 000
21 minutes
3.5 hours
35 hours
1997 Internet Yes Unknown 140 days
1998 Electronic
Frontier
Foundation
[www.eff.org]
Yes 210 000 56 hours
57. IFETCE/M.E CSE/NE7202-NIS/Unit 2 57
DES today
• Well accepted that a DES key can be found
by anyone determined enough.
• Differential and linear cryptanalysis provide
academic attacks on DES.
• DES is still in use in many applications.
• Triple DES or AES are commonly
recommended instead of DES .
58. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Advanced Encryption Standard
• NIST called for proposals for new standard in 1997
– Aims: security, efficient software/hardware implementations, low
memory requirements, parallel processing
– Candidate algorithms from around the world
– Rijndael chosen, standard called AES created in 2001
• AES:
– Block size: 128 bits (others possible)
– Key size: 128, 192, 256 bits
– Rounds: 10, 12, 14 (depending on key)
– Operations: XOR with round key, substitutions using S-Boxes,
mixing using Galois Field arithmetic
• Widely used in file encryption, network communications
• Generally considered secure
58
59. IFETCE/M.E CSE/NE7202-NIS/Unit 2 59
Design requirements of AES
• The selection would be a public process and the
chosen algorithm and design details would be made
freely available for public use.
• The block size should be 128 bits.
• The block cipher would be designed to offer variable
key lengths of 128, 192 and 256 bits, to allow for
future developments in exhaustive key search efforts.
• The block cipher had to operate at a faster speed
than Triple DES across a number of different
platforms.
In 1998 NIST issued a call for proposals for a new block
cipher standard, to be referred to as the Advanced
Encryption Standard or AES.
60. IFETCE/M.E CSE/NE7202-NIS/Unit 2 60
Development of AES
• 15 candidate proposals, quickly reduced to 11 in August
1998.
• In April 1999, after a public consultation process, this
was reduced to five candidates: MARS, RC6, Rijndael,
SERPENT and TWOFISH.
• In October 2000 the winning algorithm Rijndael was
selected.
• Federal Information Processing Standard FIPS 197, the
Advanced Encryption Standard, published early 2001.
This standard specifies AES (Rijndael) as a FIPS-
approved symmetric encryption algorithm that may be
used by U.S. Government organizations (and others) to
protect sensitive information.
• AES now widely adopted and supported.
62. IFETCE/M.E CSE/NE7202-NIS/Unit 2
Other Block Ciphers
• Blowsh (Schneier, open)
• Twosh (Schneier et al., open)
• IDEA (patented)
• Skipjack (NSA, Clipper)
• . . .
62
63. IFETCE/M.E CSE/NE7202-NIS/Unit 2 63
Summary
• Stream ciphers and block ciphers are different types of
symmetric encryption algorithm. They offer slightly
different properties and are therefore suitable for
different applications.
– Simple stream ciphers are fast and do not propagate errors,
making them suitable for poor quality channels and for
applications where errors are intolerable.
– Block ciphers do propagate errors (to a limited extent), but are
quite flexible and can be used in different ways in order to
provide different security properties (in some cases to achieve
some of the benefits of stream ciphers).
• The properties of cryptographic algorithms are not only
affected by algorithm design, but also by the ways in
which the algorithms are used. Different modes of
operation can significantly change the properties of a
block cipher.
Editor's Notes
To achieve high degree of diffusion and confusion.
Diffusion: making each plaintext bit affect as many ciphertext bits as possible.
Confusion: making the relationship between the encryption key and the ciphertext as complex as possible.
The 56 bit key size comes from security considerations as we know now. It was big enough so that an exhaustive key search was about as hard as the best direct attack (a form of differential cryptanalysis called a T-attack, known by the IBM & NSA researchers), but no bigger. The extra 8 bits were then used as parity (error detecting) bits, which makes sense given the original design use for hardware communications links. However we hit an incompatibility with simple s/w implementations since the top bit in each byte is 0 (since ASCII only uses 7 bits), but the DES key schedule throws away the bottom bit! A good implementation needs to be cleverer!
The example lists 8 6-bit values (ie 18 in hex is 011000 in binary, 09 hex is 001001 binary, 12 hex is 010010 binary, 3d hex is 111101 binary etc), each of which is replaced following the process detailed above using the appropriate S-box. ie
S1(011000) lookup row 00 col 1100 in S1 to get 5
S2(001001) lookup row 01 col 0100 in S2 to get 15 = f in hex
S3(010010) lookup row 00 col 1001 in S3 to get 13 = d in hex
S4(111101) lookup row 11 col 1110 in S4 to get 2 etc