Symmetric Encryption Principles Data Encryption Standard Advanced Encryption Standard Stream Ciphers and RC4 Cipher Block Modes of Operation Key Distribution

1. 1
Symmetric Encryption and message
confidentiality
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality
Mr. RAJASEKAR RAMALINGAM
Department of IT, College of Applied
Sciences, Sur.
Sultanate of Oman.
http://vrrsekar.wixsite.com/raja
Based on
William Stallings, Lawrie Brown, Computer Security:
Principles and Practice, Third Edition

2. CONTENT
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality
2
3.1 Symmetric Encryption Principles
3.2 Data Encryption Standard
3.3 Advanced Encryption Standard
3.4 Stream Ciphers and RC4
3.5 Cipher Block Modes of Operation
3.6 Key Distribution

3. 3.1 Symmetric Encryption Principles
Symmetric Encryption and Message Confidentiality
• also known as: conventional encryption, secret-key, or
single-key encryption
– only alternative before public-key crypto in 70’s
• still most widely used alternative
• has ingredients:
– plaintext,
– encryption algorithm,
– secret key,
– ciphertext, and
– decryption algorithm
3ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality
3.1.1 Symmetric Encryption and Message Confidentiality

4. 3.1.2 Cryptography
Classified along three independent
dimensions:
The type of operations
used for transforming
plaintext to ciphertext
• substitution – each element
in the plaintext is mapped
into another element
• transposition – elements in
plaintext are rearranged
The number of keys
used
• sender and receiver use
same key – symmetric
• sender and receiver each
use a different key -
asymmetric
The way in which the
plaintext is processed
• block cipher – processes
input one block of elements
at a time
• stream cipher – processes
the input elements
continuously
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 4

5. 3.1.3 Cryptanalysis
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 5

6. 3.1.4 Computationally Secure Algs.
• only weak algs fail a ciphertext-only attack
• usually design algs to withstand a known-plaintext attack
• encryption is computationally secure if:
– cost of breaking cipher exceeds info value
– time required to break cipher exceeds the useful lifetime of the
info
• usually very difficult to estimate the amount of effort
required to break
• can estimate time/cost of a brute-force attack
6ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

7. 3.1.5 Block Cipher Structure
• Symmetric block cipher consists of:
– A sequence of rounds
– With substitutions and permutations controlled by key
• Parameters and design features:
Block size Key size
Number of
rounds
Subkey
generation
algorithm
Round
function
Fast
software
encryption/d
ecryption
Ease of
analysis
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 7

8. 3.2 Data Encryption Standard (DES)
 Most widely used
encryption scheme
 Adopted in 1977 by
National Bureau of
Standards (now NIST)
 Algorithm is referred to
as the Data Encryption
Algorithm (DEA)
 Minor variation of the
Feistel network
8ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

9. 3.2.1 Triple DES (3DES)
• standardized in 1999
• uses two or three keys
– C = E(K3, D(K2, E(K1, P)))
• decryption same
– with keys reversed
• use of decryption in second stage gives
compatibility with original DES users
• effective 168-bit key length, slow, secure
9ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

10. 10
3.3
Advanced
Encryption
Standard
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

11. AES Round Structure
11ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

12. Substitute Bytes
• a simple table lookup in S-box
– a 1616 matrix of byte values
– mapping old byte to a new value
• e.g. {95} maps to {2A}
– a permutation of all possible 256 8-bit values
• constructed using finite field properties
– designed to be resistant to known cryptanalytic attacks
• decrypt uses inverse of S-box
12ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

13. S-box
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 13

14. Inverse S-box
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 14

15. On encryption left
rotate each row of
State by 0,1,2,3
bytes respectively
Decryption
does
reverse
To move
individual
bytes from one
column to
another and
spread bytes
over columns
Shift
Rows
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 15

16. Mix Columns & Add Key
• Mix Columns
– operates on each column individually
– mapping each byte to a new value that is a function of all
four bytes in the column
– use of equations over finite fields
– to provide good mixing of bytes in column
• Add Round Key
– simply XOR State with bits of expanded key
– security from complexity of round key expansion and other
stages of AES
16ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

17. 3.4 Stream Ciphers
• processes input elements continuously
• key input to a pseudorandom bit generator
– produces stream of random like numbers
– unpredictable without knowing input key
– XOR keystream output with plaintext bytes
• are faster and use far less code
• design considerations:
– encryption sequence should have a large period
– keystream approximates random number properties
– uses a sufficiently long key
17ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

18. Speed Comparisons of Symmetric Ciphers
• on a Pentium 4
Source: http://www.cryptopp.com/benchmarks.html
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 18

19. RC4
https://www.youtube.com/watch?v=KM-xZYZXElkITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

20. 3.5 Modes of Operation
• block ciphers process data in blocks
– e.g. 64-bits (DES, 3DES) or 128-bits (AES)
• for longer messages must break up
– and possibly pad end to block size multiple
• have 5 five modes of operation for this
– defined in NIST SP 800-38A
– modes are: ECB, CBC, CFB, OFB, CTR
20ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

21. 3.5.1 Block Cipher Modes of Operation
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality 21

22. 3.5.2 Electronic Codebook (ECB)
• simplest mode
• split plaintext into blocks
• encrypt each block using the same key
• “codebook” because have unique ciphertext value
for each plaintext block
– not secure for long messages since repeated plaintext is
seen in repeated ciphertext
– to overcome security deficiencies you need a technique
where the same plaintext block, if repeated, produces
different ciphertext blocks
22ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

23. 3.5.3 Cipher Block Chaining (CBC)
23
Cj = E(K, [Cj–1  Pj])
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

24. 3.5.4 Cipher Feedback (CFB)
24
C1 = P1  Ss[E(K, IV)]
ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

25. 3.5.5 Counter (CTR)
25ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

26. 3.6 Key Distribution
• symmetric crypto needs a shared key:
• two parties A & B can achieve this by:
– A selects key, physically delivers to B
– 3rd party select keys, physically delivers to A, B
• reasonable for link crypto, bad for large no’s users
– A selects new key, sends encrypted using previous old key to B
• good for either, but security fails if any key discovered
– 3rd party C selects key, sends encrypted to each of A & B using
existing key with each
• best for end-to-end encryption
26ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality

27. Key Distribution…
27ITSY3104 COMPUTER SECURITY - A - LECTURE 3 Symmetric Encryption and Message Confidentiality