Educational software for Cryptographic Library: Benchmarking J. Steidel, George Mason University, ECE 646 Cryptography & Network Security, Fall 2001 Why benchmark? Many applications requiring security by cryptography also require speed. The subject of this article is benchmarking the encryption and decryption of large files, but it could apply to secure file transfer, video telecommunication, or other applications involving large quantities of data. Theory: One usually wants to encrypt data in groups of bits called blocks. A block may be any number of bits, though it is often a multiple of the eight bits used to represent a text character. Block ciphers are those algorithms that are the basic algorithms used to encrypt and decrypt data in uniformly sized groups of data, and certain modifications thereof. These modifications can be built around any of the basic encryption/decryption algorithms, and each particular modification type is called a mode of operation of the basic algorithm. As a simple example, we can take an identity ‘encryption’ and perform an additional operation of XORing with 010203 on blocks of three characters in size (or 24 bits): ‘This is a sample block cipher xy’ T H I S I S A S A M P L E C I P H E R X Y 13 07 08 12 08 12 00 12 00 0C 0F 0B 04 02 08 0F 07 04 00 17 18 XOR 01 02 03 01 02 03 01 02 03 01 02 03 01 02 03 01 02 03 01 02 03 12 05 0B 13 0A 11 01 10 03 0D 0D 08 05 00 0B 0E 05 07 01 15 1B S E L T K R B Q D N N I F A L O F H B V b becomes ‘SELTKRBQDNNIFALOFHBVB’ (after trimming spaces, capitalizing and adjusting for getting results in excess of 26). This is an example of the ECB block cipher (described below). Any repetition of an entire block of three characters will be encoded the same way. This may be modified into a stream cipher by requiring that some information for the processing of each block comes from a preceding block.T H I S I S A S A M P L E C I P H E R X Y 13 07 08 12 08 12 00 12 00 0C 0F 0B 04 02 08 0F 07 04 00 17 18 XOR 01 02 03 12 05 0B 00 0D 19 ... . 12 05 0B 00 0D 19 ... S E L A N Z In this case, the output (bold type) from one block operation is fed back into the operations on the next block (see OFB mode below). The primary differences between block ciphers and stream ciphers are that block ciphers do not have memory from one block to the next and encrypts like blocks the same way, whereas a stream cipher retains information and encrypts like blocks into different ciphertext blocks—the stream cipher attempts to emulate the perfectly secure one-time pad. Modes of Operation ECB Electronic CodeBook mode: ECB mode works like a dictionary, e.g. a codebook. For each unique plaintext input block of 64 bits, there is a corresponding cipher block made with a key that is common to all blocks, so this mode could easily be implemented in parallel. Because a repeated plaintext input block produces a repeated ciphertext block, this mode is best for short messages without repeated plaintext blocks. Loss or corruption of a single cipher block results in loss or corruption of the corresponding plaintext block. CTR CounTeR mode: An initialization vector IV is added to the position of the block (0 .. N), then encrypted with a common key. The new ‘key’ for that block is XORed with the plaintext (ciphertext) block to produce the ciphertext (plaintext) block. This reduces the risk of repetition of entire blocks seen in the ECB mode because each block is encrypted differently according to its position. The same hardware is used for both encryption and decryption. (This mode is likely to become a standard, it is already used in ATM networking.) The blocks may be processed in parallel. It also allows for replacement of changed, encrypted data as for updating a database. Loss of a single cipher block results in a mismatch on the receiving end of the cipher block to the wrong ‘key’. Corruption of a single cipher block results only in the corruption of the corresponding plaintext block. CBC Cipher Block Chaining mode Each block of CBC ciphertext depends upon all previous blocks: the plaintext block input is XORed with the previous ciphertext block (or an initialization vector IV) and then encrypted. Therefore one cannot encrypt using parallel processing or preprocessing. However, since the ciphertext and IV are both known to the intended recipient, decryption may be done in parallel. Loss of a cipher block results in corruption of the subsequent plaintext block because of the mismatch in the chain. (This mode is part of the IPSEC specification.)CFB Cipher FeedBack mode CFB encryption uses feedback from the ciphertext, so each ciphertext block depends upon all previous ciphertext blocks. The contents of a shift register (initialized to some particular 64-bit initialization vector IV) are encrypted using a single key. The leftmost j bits (usually 8) of the result are XORed with the j bits of the plaintext block to produce a j-bit cipher block. This cipher block is left-shifted into the shift register and the already-used j bits are shifted out, and then the process is repeated for the next block. Thus, encryption cannot be sped up by any kind of parallel processing or preprocessing. Change to any block, such as a single field of database, will affect all subsequent blocks of the ciphertext. (Since the IV and ciphertext are known to the intended recipient, decryption of the second block may begin (the register shift portion, if a second register is used) before the completing the processing of input for the first block. So the decryption rate may be increased by doing it in parallel with that consideration. Note that the ‘processing’ here still uses the encryption algorithm.) Recovery from a lost or changed block of ciphertext is simple because each ciphertext block shifts through the register, so a lost or corrupted block affects the decryption of not more than (64/j)+1 blocks (when j divides 64). This mode is optimized when the block size matches the transmission unit size, e.g. 8 bits for transmitting 8-bit characters. OFB Output FeedBack mode The OFB mode uses a shift register like the CFB mode, but does not require
View Full Document
Unlocking...