Encryption

What is Encryption / Decryption
 Encryption –
 The process of converting plain text into an unintelligible format (cipher text) is called
Encryption.
 Decryption –
 The process of converting cipher text into a plain text is called Decryption.
Plaintext: Data that can be read and understood without any special measures.
Cipher text: Encrypting plaintext results in unreadable gibberish called cipher text.
Key: some secret piece of information that customizes how the cipher text is produced.

Overview
 Basic Definitions
 Types of Encryption
 Symetric Algorithms
 Asymetric Algorithms

 In cryptography, encryption is the process of encoding
messages or information in such a way that only authorized
parties can read it. Encryption does not of itself prevent
interception, but denies the message content to the interceptor. In
an encryption scheme, the intended communication information or
message, referred to as plaintext, is encrypted using an
encryption algorithm, generating ciphertext that can only be read
if decrypted. For technical reasons, an encryption scheme usually
uses a pseudo-random encryption key generated by an algorithm. It
is in principle possible to decrypt the message without possessing
the key, but, for a well-designed encryption scheme, large
computational resources and skill are required. An authorized
recipient can easily decrypt the message with the key provided
by the originator to recipients, but not to unauthorized
interceptors.

CONFIDENTIALITY INTEGRITY
SECURE
NON-REPUDIATION
SECURITY GOALS

Cryptography
Symmetric key Asymmetric key
cryptography cryptography
(Public key cryptography)
Classical Modern
cryptography cryptography
Transposition Substitution Stream Block
cipher cipher cipher cipher
6

Public Key Cryptosystem
 Public key cryptography is a scheme that uses a Pair of keys for
encryption: a Public key, which encrypts data, and a corresponding Private
key (secret key) for decryption.

CRYPTOGRAPHY METHODS
 Symmetric
 Same key for encryption and decryption
 Key distribution problem
 Asymmetric
 Key pairs for encryption and decryption
 Public and private keys

SYMMETRIC KEY CRYPTOGRAPHY
ENCRYPTION DECRYPTION
CIPHERTEXT
SENDER RECEIVER
SECRET KEY

Symmetric Algorithm
 It is also called as Secret Key Cryptography
 Single key used for both encrypt & decrypt
 Key must be known to both the parties
Encryption Decryption
Key
Plaintext Ciphertext
Original
Plaintext
Symmetric Cryptosystem

Symmetric Algorithm
 Data Encryption Standard (DES):
56 bits key
 Advance Encryption Standard (AES):
128, 192 or 256 bits key
 International Data Encryption Algorithm(IDEA):
128 bits key

ASYMMETRIC KEY CRYPTOGRAPHY
ENCRYPTION DECRYPTION
CIPHERTEXT
SENDER RECEIVER
PUBLIC KEY PRIVATE KEY

Asymmetric Algorithm
 Private keys are used for decrypting.
 Public keys are used for encrypting
encryption
plaintext ciphertext
public key
decryption
ciphertext plaintext
private key

Stream cipher
 A Stream Cipher is a secret-key encryption algorithm that encrypts a single bit
at a time. With a Stream Cipher, the same plaintext bit or byte will encrypt to a
different bit or byte every time it is encrypted.
 e.g. :
Plain text: Pay 100
Binary of plain text: 010111101 (hypothetical)
Key: 100101011 ----- Perform XOR
____________________
Cipher text 110010110 ----- ZTU9^%D
 To decrypt make the XOR operation of the cipher text with the key .

Stream ciphers
 while block ciphers simultaneously encrypt groups of characters, stream ciphers encrypt
individual characters
 may be better suited for real time applications
 stream ciphers are usually faster than block ciphers in hardware (but not necessarily in
software)
 limited or no error propagation
 may be advantageous when transmission errors are probable
 note: the distinction between stream ciphers and block ciphers is not definitive
 stream ciphers can be built out of block ciphers using CFB, OFB, or CTR modes
 a block cipher in ECB or CBC mode can be viewed as a stream cipher that operates on large
characters
A.2 Encryption
Stream ciphers

Synchronous stream ciphers
 the key stream is generated independently of the plaintext and of the ciphertext
 needs synchronization between the sender and the receiver
 if a character is inserted into or deleted from the ciphertext stream then synchronization is lost and the
plaintext cannot be recovered
 additional techniques must be used to recover from loss of synch.
 no error propagation
 a ciphertext character that is modified during transmission affects only the decryption of that character
 an attacker can make changes to selected ciphertext characters and know exactly what effect these
changes have on the plaintext (if h = XOR)
si
gk h
fk
si+1
zi
pi
ci

Self-synchronizing stream ciphers
 the key stream is generated as a function of a fixed number of previous ciphertext characters
 self-synchronizing
 since the size t of the register is fixed, a lost ciphertext character affects only the decryption of the next t
ciphertext characters
 limited error propagation
 if a ciphertext character is modified, then decryption of the next t ciphertext characters may be incorrect
 ciphertext characters depend on all previous plaintext characters
 better diffusion of plaintext statistics
gk h
zi
pi
ci
…
register
A.2 Encryption
Stream ciphers

Asymmetric-key encryption
 asymmetric-key encryption
 it is hard (computationally infeasible) to compute K’ from K
 K can be made public (public-key cryptography)
 no need for key setup before communication
 public-keys are not confidential but they must be authentic !
 the security of asymmetric-key encryption schemes is usually based on some well-known or widely
believed hard problems
E Dm
plaintext
K
(public) encryption key
K’
(private) decryption key
EK(m)
ciphertext
DK’ (EK(m)) = m
attacker

Block cipher
 Block cipher technique involves encryption of one block of text at a time
.Decryption also takes one block of encrypted text at a time. Length of the
block is usually 64 or 128 bits.
e.g. :
Plain text: four and five
Four and five
Key Key Key
wvfa ast wvfa --- cipher text

Block cipher modes of operation
 ECB – Electronic Codebook
 used to encipher a single plaintext block (e.g., a DES key)
 CBC – Cipher Block Chaining
 repeated use of the encryption algorithm to encipher a message consisting of many
blocks
 CFB – Cipher Feedback
 used to encipher a stream of characters, dealing with each character as it comes
 OFB – Output Feedback
 another method of stream encryption, used on noisy channels
 CTR – Counter
 simplified OFB with certain advantages
20/
80

ECB mode
 encrypt
 decrypt
E
P1
C1
E
P2
C2
K E
PN
CN
K
…
D
C1
P1
K D
C2
P2
K D
CN
PN
K…

Properties of the ECB mode
 identical plaintext blocks result in identical ciphertext blocks (under the same key, of
course)
 messages to be encrypted often have very regular formats
 repeating fragments, special headers, string of 0s, etc. are quite common
 blocks are encrypted independently of other blocks
 reordering ciphertext blocks result in correspondingly reordered plaintext blocks
 ciphertext blocks can be cut from one message and pasted in another, possibly without
detection
 error propagation: one bit error in a ciphertext block affects only the corresponding
plaintext block (results in garbage)
 overall: not recommended for messages longer than one block, or if keys are reused for
more than one block

CBC mode
 encrypt
 decrypt
E
P1
C1
K
+
E
P2
C2
K
+
E
P3
C3
K
+
E
PN
CN
K
+IV CN-1
…
D
C1
P1
K
+IV
D
C2
P2
K
+
D
C3
P3
K
+
D
CN
PN
K
+CN-1
A.2 Encryption

Properties of the CBC mode
 encrypting the same plaintexts under the same key, but different IVs result in different
ciphertexts
 ciphertext block Cj depends on Pj and all preceding plaintext blocks
 rearranging ciphertext blocks affects decryption
 however, dependency on the preceding plaintext blocks is only via the previous ciphertext block Cj-1
 proper decryption of a correct ciphertext block needs a correct preceding ciphertext block only
 error propagation:
 one bit error in a ciphertext block Cj has an effect on the j-th and (j+1)-st plaintext block
 Pj’ is complete garbage and Pj+1’ has bit errors where Cj had
 an attacker may cause predictable bit changes in the (j+1)-st plaintext block
 error recovery:
 recovers from bit errors (self-synchronizing)
 cannot, however, recover from frame errors (“lost” bits)
A.2 Encryption

CFB mode encrypt  decrypt
E
Pi Ci
K
+
shift register (n)
(n)
select s bits
(n)
(s)
(s) (s)
(s)
initialized with IV
E
Ci Pi
K
+
shift register (n)
(n)
select s bits
(n)
(s)
(s) (s)
(s)
initialized with IV
A.2 Encryption

Properties of the CFB mode
 encrypting the same plaintexts under the same key, but different IVs result in different ciphertexts
 the IV can be sent in clear
 ciphertext block Cj depends on Pj and all preceding plaintext blocks
 rearranging ciphertext blocks affects decryption
 proper decryption of a correct ciphertext block needs the preceding n/s ciphertext blocks to be correct
 one bit error in a ciphertext block Cj has an effect on the decryption of that and the next n/s ciphertext blocks
(the error remains in the shift register for n/s steps)
 Pj’ has bit errors where Cj had, all the other erroneous plaintext blocks are garbage
 an attacker may cause predictable bit changes in the j-th plaintext block
 error recovery:
 self synchronizing, but requires n/s blocks to recover
A.2 Encryption

OFB mode encrypt  decrypt
E
Pi Ci
K
+
shift register (n)
(n)
select s bits
(n)
(s)
(s) (s)
(s)
initialized with IV
E
Ci Pi
K
+
shift register (n)
(n)
select s bits
(n)
(s)
(s) (s)
(s)
initialized with IV
A.2 Encryption

Properties of the OFB mode
 a different IV should be used for every new message, otherwise messages will be encrypted with the same
key stream
 the IV can be sent in clear
 however, if the IV is modified by the attacker, then the cipher will never recover (unlike CFB)
 ciphertext block Cj depends on Pj only (does not depend on the preceding plaintext blocks)
 however, rearranging ciphertext blocks affects decryption
 one bit error in a ciphertext block Cj has an effect on the decryption of only that ciphertext block
 Pj’ has bit errors where Cj had
 an attacker may cause predictable bit changes in the j-th plaintext block
 error recovery:
 recovers from bit errors
 never recovers if bits are lost or the IV is modified
A.2 Encryption

Types of Encryption Algorithms
 Symmetric
 DES ( Digital Encryption Standard)
 AES ( Advancedl Encryption Standard)
 Asymmetric ( Public Key Cryptography)
 RSA (Rivest Shamir Adleman)

 What is DES?
 The Data Encryption Standard (DES) is a previously predominant algorithm used for
encryption/decryption of electronic data. DES was developed in the early 70’s by IBM
which was then submitted to the National Bureau of Standards (NBS).
 Like other private key cryptographic methods, both the sender and the receiver must
know and use the same private key.
 DES uses a 56 bit encryption key which can give around 2^56 (ie) 256 combinations to
encrypt the plain text. DES is restricted with a Block Size of just 64bits.
 Sometimes DES is said to use 64 bit key, but 8bits out of it is used for some other
purpose.
 The maximum amount that can be transferred with a single encryption is 32GB. DES
uses the Feistel Network which divides block into 2 halves before going through the
encryption steps.

 What is AES?
 The Advanced Encryption Standard (AES) is a specification for the Encryption of
electronic data. Originally called “Rijndael” the cipher was developed by 2 Belgian
Cryptographers “Joan Daemen” and “Vincent Rijmen” who submitted to the AES
Selection process held by the NIST (National Institute of Standards and Technology) in
the year 1997 which continued for 3 years and the end result was given on 2nd October
2002 where Rijndael was chosen as the proposed standard.
 The algorithm described by AES is a Symmetric-Key Algorithm, meaning the same key is
used for encrypting and decrypting the data. AES standard is a variant of Rijndael where
the block size is restricted to 128bits and the key size of 128, 192, 256 bits can be used.
 AES is based on a design principle known as a substitution-permutation network, and is
fast in both software and hardware.

RSA Public Key Encryption Algorithm
The best known public key cryptosystem is RSA - named after its
authors, Rivest, Shamir and Adelman
32

RSAAlogarthim
 RSA (Rivest-Shamir-Adelman) is the most commonly used public key
algorithm.
 Can be used both for encryption and for digitally signing.
 It is generally considered to be secure when sufficiently long keys are used
(512 bits is insecure, 768 bits is moderately secure, and 1024 bits is good,
for now).
 The security of RSA relies on the difficulty of factoring large integers.
Dramatic advances in factoring large integers would make RSA vulnerable.
 RSA is currently the most important public key algorithm. It is patented in
the United States (expires year 2000), and free elsewhere.
33

RSA Algorithm
 First choose two large prime numbers, p and q, and find their product, n. n
is also called modulus in RSA jargon.
 Compute z = (p-1)(q-1)
 Next choose a number e, relatively prime to z = (p-1)(q-1) - this is the
encryption key.
 Finally compute d such that the product of e and d is congruent to 1 mod
((p-1)(q-1)). This is the decryption key.
34

Encryption

More Related Content

What's hot

Viewers also liked

Similar to Encryption

Recently uploaded

Encryption