Administration Computer Security CS477 Final project Homework 1 is out Lecture 4 Ching Hua Chuan September 8th 2008 News of the Day Google s Chrome http www pcworld com businesscenter articl e 150776 critical vulnerability patched in go ogles chrome html Choose your topic http euclid barry edu chchuan cs477 Due Sep 17th Test 1 is coming Date Sep 17th Last Class Symmetric Encryption Algorithms DES 3DES AES block ciphers Today s Outline Block Ciphers V S Stream Ciphers Stream Ciphers and RC4 Chap 2 3 Stream Cipher Structure The RC4 Algorithm Block ciphers ciphertext 11001100 ciphertext block cipher stream cipher ciphertext key stream plaintext should have a large period pseudorandom number generator Keystream 10100000 process the input continuously and produce output one element at a time Encryption sequence 10100000 XOR 01101100 ciphertext process the input one block at a time and produce output block for each input Design Considerations of Stream Ciphers Stream Cipher Structure plaintext key stream plaintext Stream ciphers 11001100 XOR 01101100 plaintext should approximate the properties of a true random number stream as close as possible Key needs to be sufficiently long at least 128 bits with current technology The Strength of Stream Cipher Advantages The RC4 Algorithm Faster than block ciphers Suitable for applications that require encryption decryption of a stream of data such as a browser Web link Disadvantages Key cannot be reused ciphertext A ciphertext B A variable key size stream cipher with byteoriented operations It is based on random permutation The period of the cipher is likely to be greater than 10100 It runs very quickly in software The algorithm is used in several standards key K plaintext A ciphertext A plaintext B ciphertext B Initial State of S and T SSL TSL communications between Web browsers and servers WEP Wired Equivalent Privacy WAP WiFi Protocol Access Initial Permutation of S State vector S 256 bytes S 0 S 1 S 255 Key K 1 to 256 bytes Temporary vector T 256 bytes 253 254 j 0 for i 0 255 Swap S i and S j j j S i T i mod 256 Stream Generation i j 0 while true Swap S i and S j j j S i t S i S j mod 256 k S t Today s Summary Stream Ciphers and RC4 Chap 2 3 Stream Cipher Structure Structure design considerations strength The RC4 Algorithm Characteristics algorithm To encrypt XOR the value k with the next byte of plaintext To decrypt XOR the value k with the next byte of chipertext Pop up Quiz No 1