Computer Security CS477Lecture 3Ching-Hua ChuanSeptember 3th 2008Administration Final project http://euclid.barry.edu/~chchuan/cs477/cs477.htmlLast Class Symmetric Encryption Principles (Chap 2.1) Cryptography Cryptanalysis Feistel Cipher StructureIngredients, requirements, a simplified modelClassificationType of attacks, definition of secureStructure, parametersToday’s Outline Symmetric Block Encryption Algorithms (Chap 2.2) Data Encryption Standard (DES) Triple DES Advanced Encryption Standard (AES)Block Ciphers The most commonly used symmetric encryption algorithms Processes the plaintext input in fixed-sized blocks and produces a block of ciphertext of equal size Three most important symmetric block ciphers: DES, triple DES (3DES), and AESplaintextciphertextData Encryption Standard (DES) The most widely used encryption scheme is based on DES. Data Encryption Standard (DES) is adopted by National Institute of Standards and Technology (NIST) as an official Federal Information Processing Standard (FIPS) for the United States in 1977.  Designed by IBM, first published in 1975.Data Encryption Standard (DES) The plaintext is 64 bits in length; longer plaintext amounts are processed in 64-bit blocks. The key is 56 bits in length; 16 subkeys are generated from the original key for 16 rounds. Decryption: use ciphertext as input and use keys in reverse orderRecall the Feistel StructureThe Feistel (F) Functionexpansion48 bitskey mixing: XORThe figure is obtained from http://en.wikipedia.org/wiki/Data_Encryption_StandardsubstitutionS-boxesnonlinear replace using a lookup table 6 bitsfixed permutationP-boxKey ScheduleThe figure is obtained from http://en.wikipedia.org/wiki/Data_Encryption_StandardPermuted Choice-156 bits28 bitscircular shift24 bitsThe Strength of DES The algorithm: so far no fatal weaknesses are found. Key length: 56 bits, 256~= 7.2*1016keys. 10 hours can break a DES code with 56-bit key! 128-bit key is unbreakable by brute force.Time to Break a Code (106decryptions/us)Triple DES (3DES) Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt) C = ciphertext P = plaintext E[K, X] = encryption of X using key K D[K, Y] = decryption of Y using key KC = E( K3, D( K2, E(K1, P) ) )Triple DES (3DES)C = E( K3, D( K2, E(K1, P) ) )P = D( K1, E( K2, D(K3, C) ) )The Strength of 3DES The effective key length is 168 bits with 3 distinct keys. 3DES has the same resistance to cryptanalysis as DES. 168-bit key length makes brute-force attacks impossible.Advanced Encryption Standard (AES) Drawbacks with DES and 3DES Slow in software implementation 64-bit block size is too small NIST’s call for proposals for AES in 1997 Block length is 128 bits Support key lengths of 128, 192 and 256 bits. As secure as DES but more efficient. Dr. Joan Daemen and Dr. Vincent Rijmen’salgorithm was selected.Advanced Encryption Standard (AES) Overview of the algorithm: Figure 2.5Advanced Encryption Standard (AES) 128-bit key is expanded into 44 32-bit words, and 4 words (128-bits) serve as a round key. Four stages are used in a round: Substitute bytes (S boxes) Shift rows: 0100 Æshift right 0010 Mix columns: alters each byte in a column as a function of all of the bytes in the column Add round key: bitwise XOR Each stage is easily reversible.Today’s Summary Symmetric Block Encryption Algorithms (Chap 2.2) Data Encryption Standard (DES) Triple DES Advanced Encryption Standard (AES)Key length, strength, general structure, drawbacksKey length, strength, structure, drawbacksStructure, stages, advantages, key length, block