1Types of CryptosystemsECE 646 - Lecture 3Implementation of Security ServicesBlock vs. stream ciphersTypes of Cryptosystems (1)Cryptosystem (Cipher)messageciphertextcryptographickeyn bitsm bitsk bits2Block vs. stream ciphersStream ciphermemoryBlock cipherKKM1, M2, …, Mnm1, m2, …, mnC1, C2, …, Cnc1, c2, …, cnCi=fK(Mi) Ci= fK(mi, mi-1, …, m2, m1)Every block of ciphertextis a function of only onecorresponding block of plaintextEvery block of ciphertextis a function of the current and all proceeding blocks of plaintextTypical stream cipherSender ReceiverPseudorandomKeyGeneratormiplaintextciciphertextkikeystreamkeyinitialization vector (seed)PseudorandomKeyGeneratormiplaintextciciphertextkikeystreamkeyinitializationvector (seed)Secret-key vs. public-key ciphersTypes of Cryptosystems (2)3Secret-key (Symmetric) Cryptosystemskey of Alice and Bob - KABkey of Alice and Bob - KABAliceBobNetworkEncryptionDecryptionKey Distribution ProblemN - UsersN · (N-1)2KeysUsersKeys1005,0001000500,000Digital Signature ProblemBoth corresponding sides have the same informationand are able to generate a signatureThere is a possibility of the • receiver falsifying the message• sender denying that he/she sent the message4Public Key (Asymmetric) CryptosystemsPublic key of Bob - KBPrivate key of Bob - kBAliceBobNetworkEncryptionDecryptionClassification of cryptosystemsTerminologysecret-keysymmetricsymmetric-keyclassicalconventionalpublic keyasymmetricOne-way functionXf(X) Yf-1(Y)EXAMPLE:f: Y=f(X) = AXmod Pwhere P and A are constants, P is a large prime, A is an integer smaller than PNumber of bits of P Average number of multiplicationsnecessary to computef f -11000150010305Trap-door one-way functionXf(X) Yf-1(Y)Whitfield Diffie and Martin Hellman“New directions in cryptography,” 1976PUBLIC KEYPRIVATE KEYKey DistributionAliceBobmessageciphertextmessageciphertextBob’s public keyBob’s private keyBob’s public keymessageciphertextBob’s public keyIntruderDigital SignatureAliceBobsignaturemessagesignaturemessageAlice’s public keyAlice’s private keyAlice’s public keysignaturemessageAlice’s public keyIntrudersignaturemessageAlice’s public keyJudge6Implementation of Security ServicesMessageHash functionPublic keycipherAliceSignatureAlice’s private keyBobHash functionAlice’s public keyNon-repudiationHash value 1Hash value 2Hash valuePublic key cipheryesnoMessageSignatureHash functionarbitrary lengthmessagehashfunctionhash valueh(m)hmfixed length7Hash functionsBasic requirements1. Public description, NO key2. Compressionarbitrary length input → fixed length output3. Ease of computationHash functionsSecurity requirementsIt is computationally infeasibleGiven To Findh(m) mm and h(m)m’ ≠ m, such thath(m’) = h(m)m’ ≠ m, such thath(m’) = h(m)MessageHash functionPublic keycipherAliceSignatureAlice’s private keyBobHash functionAlice’s public keyNon-repudiationHash value 1Hash value 2Hash valuePublic key cipheryes/noMessageSignature8MessageHash functionPublic keycipherAliceSignatureAlice’s private keyBobHash functionAlice’s public keyNon-repudiationHash value 1Hash value 2Hash valuePublic key cipheryes/noMessageSignatureSignaturegenerationfunctionSignatureverificationfunctionMessageSecret keyalgorithmAliceMACSecret key of Alice and BobBobSecret keyalgorithmAuthenticationMAC’MACyesnoMessageMACSecret key of Alice and BobKABKABMAC - Message Autentication Codes (keyed hash functions)arbitrary lengthmessageMACfunctionMACmfixed lengthsecret keyK9MAC functionsBasic requirements1. Public description, SECRET key parameter2. Compressionarbitrary length input → fixed length output3. Ease of computationMAC functionsSecurity requirementsGiven zero or more pairsmi, MAC(mi)i = 1..kit is computationally impossible to find any new pairm’, MAC(m’)such thatm’ ≠ mi i = 1..kCBC-MAC (Cipher Block Chaining MAC)Secret-keycipherKABM1KABM2. . . .KABMt0 MessageMACSecret-keycipherSecret-keycipher10Relations among security servicesINTEGRITYAUTHENTICATIONNON-REPUDIATIONCONFIDENTIALITYMessageHash functionPublic keycipherAliceSignatureAlice’s private keyBobHash functionAlice’s public keyNon-repudiationHash value 1Hash value 2Hash valuePublic key cipheryesnoMessageSignatureMessageSecret keyalgorithmAliceMACSecret key of Alice and BobBobSecret keyalgorithmAuthenticationMAC’MACyesnoMessageMACSecret key of Alice and BobKABKAB11Hybrid SystemsFeatures required from today’s ciphersSTRENGTHFUNCTIONALITY• easy key distribution• digital signaturesPERFORMANCEFeatures of secret-key ciphersSTRENGTHFUNCTIONALITY• easy key distribution• digital signaturesPERFORMANCE12Features of public-key ciphersSTRENGTHFUNCTIONALITY• easy key distribution• digital signaturesPERFORMANCEAverage Decryption Speedfor implementations based on the same technologyTriple DES deciphering speedRSA-1024 deciphering speed≈ 100≈ 1000softwarehardwareBasic operations of secret key ciphers - S-boxS-box n x mROMSoftware HardwareCASMWORD S[1<<n]={ 0x23, 0x34, 0x56 . . . . . . . . . . . . . .}S DW 23H, 34H, 56H…..direct logicnm2nwordsn-bit addressm-bit output...x1x2xn...y1y2ymSSubstitution13PermutationCorder of wiresPHardwareSoftwareASMsequence ofinstructions<<, |, &sequence ofinstructionsROL, OR, ANDnnx1x2x3xnxn-1. . .y1y2y3ynyn-1. . .Basic operations of secret key ciphers - P-boxP-box n x nBasic Operations of the Public Key Cryptosystem RSAEncryptionDecryptionciphertext= modplaintextpublic key moduluspublic key exponentciphertext= modplaintextprivate key modulusprivate key exponentk-bitsk-bits k-bitsk-bitsk-bits k-bitsAliceBobsession key(random secret-key)Bob’s public keyHybrid SystemsBob’s private keyNetworkSession keyencrypted using Bob’s public keyMessage encrypted using session key14Hybrid Systems - Sender’s Side (2)Alicesession keyrandomBob’s public keymessageSecretkey cipherPublickey cipher123Session keyencrypted using Bob’s public keyMessage encrypted using session keyHybrid Systems - Receiver’s Side (2)Bobsession keyrandomBob’s private keymessageSecretkey cipherPublickey cipher21Session keyencrypted using Bob’s public keyMessage encrypted using session keyEvaluating the security of secret-key ciphers15Classification of attacks (1)Ciphertext-only attackGiven:Looked for:Example:Frequency analysis of letters in the ciphertext(effective only for most simple historical ciphers)plaintextciphertextor keyClassification of attacks (2)Known plaintext attackGiven:Looked
View Full Document
Unlocking...