Computer Security CS477Lecture 4Ching-Hua ChuanSeptember 8th 2008Administration Final project Choose your topic Homework # 1 is out  http://euclid.barry.edu/~chchuan/cs477/ Due: Sep 17th Test # 1 is coming Date: Sep 17thNews of the Day Google’s Chrome http://www.pcworld.com/businesscenter/article/150776/critical_vulnerability_patched_in_googles_chrome.htmlLast Class Symmetric Encryption Algorithms DES, 3DES, AES (block ciphers)Today’s Outline Stream Ciphers and RC4 (Chap 2.3) Stream Cipher Structure The RC4 AlgorithmBlock Ciphers V.S. Stream Ciphers Block ciphers:  process the input one block at a time, and produce output block for each input. Stream ciphers: process the input continuously, and produce output one element at a time.plaintextciphertextplaintextciphertextblock cipher stream cipherStream Cipher Structure110011000110110010100000XORplaintextkey streamciphertext101000000110110011001100XORciphertextkey streamplaintextDesign Considerations of Stream Ciphers Encryption sequence  should have a large period. (pseudorandom number generator) Keystream should approximate the properties of a true random number stream as close as possible. Key  needs to be sufficiently long. (at least 128 bits with current technology)The Strength of Stream Cipher Advantages: Faster than block ciphers Suitable for applications that require encryption/decryption of a stream of data, such as a browser/Web link. Disadvantages: Key cannot be reused.plaintext Aplaintext Bkey Kciphertext A’ciphertext B’ciphertext A’ ciphertext B’?The RC4 Algorithm A variable key-size stream cipher with byte-oriented operations. It is based on random permutation. The period of the cipher is likely to be greater than 10100. It runs very quickly in software. The algorithm is used in several standards: SSL/TSL (communications between Web browsers and servers) WEP (Wired Equivalent Privacy), WAP (WiFiProtocol Access)Initial State of S and T State vector S: 256 bytes, S[0], S[1], …, S[255] Key K: 1 to 256 bytes Temporary vector T: 256 bytes253 254Initial Permutation of S Swap S[i] and S[j] j = (j + S[i] + T[i]) mod 256j = 0;for i = 0 : 255…Stream Generation Swap S[i] and S[j] (j = j + S[i]) t = (S[i] + S[j]) mod 256 k = S[t]To encrypt, XOR the value k with the next byte of plaintext.To decrypt, XOR the value k with the next byte of chipertext.i, j = 0;while true…Today’s Summary Stream Ciphers and RC4 (Chap 2.3) Stream Cipher Structure The RC4 Algorithm Pop-up Quiz No.1Structure, design considerations, strengthCharacteristics,