UD ELEG 867 - Conventional Encryption Message Confidentiality

Unformatted text preview:

Chapter 2OutlineConventional Encryption PrinciplesSlide 4CryptographyAverage time required for exhaustive key searchFeistel Cipher StructureSlide 8Slide 9Conventional Encryption AlgorithmsSlide 11Slide 12DESTime to break a code (106 decryptions/µs)Triple DEASlide 16Other Symmetric Block CiphersSlide 18Cipher Block Modes of OperationSlide 20Location of Encryption DeviceSlide 22Key DistributionKey Distribution (See Figure 2.10)Slide 25Recommended ReadingHenric Johnson 1Chapter 2Chapter 2Conventional Conventional Encryption Encryption Message Message ConfidentialityConfidentialityHenric JohnsonBlekinge Institute of Technology, Swedenhttp://www.its.bth.se/staff/hjo/[email protected] Johnson 2OutlineOutline•Conventional Encryption Principles•Conventional Encryption Algorithms•Cipher Block Modes of Operation•Location of Encryption Devices•Key DistributionHenric Johnson 3Conventional Conventional Encryption Encryption PrinciplesPrinciples•An encryption scheme has five ingredients:–Plaintext–Encryption algorithm–Secret Key–Ciphertext–Decryption algorithm•Security depends on the secrecy of the key, not the secrecy of the algorithmHenric Johnson 4Conventional Conventional Encryption Encryption PrinciplesPrinciplesHenric Johnson 5CryptographyCryptography•Classified along three independent dimensions:–The type of operations used for transforming plaintext to ciphertext–The number of keys used•symmetric (single key)•asymmetric (two-keys, or public-key encryption)–The way in which the plaintext is processedHenric Johnson 6Average time required Average time required for exhaustivefor exhaustive key key search search Key Size (bits)Number of Alternative KeysTime required at 106 Decryption/µs32 232 = 4.3 x 1092.15 milliseconds56 256 = 7.2 x 101610 hours128 2128 = 3.4 x 10385.4 x 1018 years168 2168 = 3.7 x 10505.9 x 1030 yearsHenric Johnson 7Feistel Cipher StructureFeistel Cipher Structure•Virtually all conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973•The realization of a Fesitel Network depends on the choice of the following parameters and design features (see next slide):Henric Johnson 8Feistel Cipher StructureFeistel Cipher Structure•Block size: larger block sizes mean greater security•Key Size: larger key size means greater security•Number of rounds: multiple rounds offer increasing security•Subkey generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis.•Fast software encryption/decryption: the speed of execution of the algorithm becomes a concernHenric Johnson 9Henric Johnson 10Conventional Conventional Encryption AlgorithmsEncryption Algorithms•Data Encryption Standard (DES)–The most widely used encryption scheme–The algorithm is reffered to the Data Encryption Algorithm (DEA)–DES is a block cipher–The plaintext is processed in 64-bit blocks–The key is 56-bits in lengthHenric Johnson 11Henric Johnson 12Henric Johnson 13DESDES•The overall processing at each iteration:–Li = Ri-1–Ri = Li-1 F(Ri-1, Ki)•Concerns about:–The algorithm and the key length (56-bits)Henric Johnson 14Time to break a code Time to break a code (10(1066 decryptions/µs) decryptions/µs)Henric Johnson 15Triple DEATriple DEA•Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt) •C = ciphertext•P = Plaintext•EK[X] = encryption of X using key K•DK[Y] = decryption of Y using key K•Effective key length of 168 bitsC = EK3[DK2[EK1[P]]]Henric Johnson 16Triple DEATriple DEAHenric Johnson 17Other Symmetric Block Other Symmetric Block CiphersCiphers•International Data Encryption Algorithm (IDEA)–128-bit key–Used in PGP•Blowfish–Easy to implement–High execution speed –Run in less than 5K of memoryHenric Johnson 18Other Symmetric Block Other Symmetric Block CiphersCiphers•RC5–Suitable for hardware and software–Fast, simple–Adaptable to processors of different word lengths–Variable number of rounds–Variable-length key–Low memory requirement–High security–Data-dependent rotations•Cast-128–Key size from 40 to 128 bits–The round function differs from round to roundHenric Johnson 19Cipher Block Modes of Cipher Block Modes of OperationOperation•Cipher Block Chaining Mode (CBC)–The input to the encryption algorithm is the XOR of the current plaintext block and the preceding ciphertext block.–Repeating pattern of 64-bits are not exposedii1i1iiK1ii1iiKi1iKKiKi1ikiPPCC][CDC)P(C][CD)]P(C[ED][CD]P[CECHenric Johnson 20Henric Johnson 21Location of Encryption Location of Encryption DeviceDevice•Link encryption:–A lot of encryption devices–High level of security–Decrypt each packet at every switch •End-to-end encryption–The source encrypt and the receiver decrypts–Payload encrypted–Header in the clear•High Security: Both link and end-to-end encryption are needed (see Figure 2.9)Henric Johnson 22Henric Johnson 23Key DistributionKey Distribution1. A key could be selected by A and physically delivered to B.2. A third party could select the key and physically deliver it to A and B.3. If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key.4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.Henric Johnson 24Key Distribution (See Key Distribution (See Figure 2.10)Figure 2.10)•Session key:–Data encrypted with a one-time session key.At the conclusion of the session the key is destroyed•Permanent key:–Used between entities for the purpose of distributing session keysHenric Johnson 25Henric Johnson 26Recommended ReadingRecommended Reading•Stallings, W. Cryptography and Network Security: Principles and Practice, 2nd edition. Prentice Hall, 1999•Scneier, B. Applied Cryptography, New York: Wiley, 1996•Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley,


View Full Document

UD ELEG 867 - Conventional Encryption Message Confidentiality

Documents in this Course
Firewalls

Firewalls

53 pages

Load more
Download Conventional Encryption Message Confidentiality
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Conventional Encryption Message Confidentiality and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Conventional Encryption Message Confidentiality 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?