data & computer security (csnb414) module 3 modern symmetric encryption

DATA & COMPUTER SECURITY (CSNB414)

MODULE 3MODERN SYMMETRIC ENCRYPTION

Overview

In this Module, we shall learn about the basis of two commonly used encryption standards:-- DES (Data Encryption Standard)- AES (Advanced Encryption Standard)

Both are based on symmetric block encryption

What is block encryption?

Stream Cipher Vs. Block Cipher

Stream CipherOne symbol of plaintext is immediately convert into its symbol in cipher text

E.g. Caesar cipher, Vernam cipher.

Block CipherA group of plaintext symbols is converted into its equivalent group of cipher text symbols

E.g. Columnar transposition cipher.

Stream Cipher Vs. Block Cipher (cont.)

Encryption Stream Cipher Block Cipher

Advantages High speedLow error propagation

High diffusionImmunity towards insertion of symbols

Disadvantages

Low diffusionSusceptible towards insertion of symbols

Slow speedHigh error propagation

** Read page 60-61

Overview of DES

Use a combination of substitution and transposition approaches.

Consists of 16 cycles of the above said combination.

Use block encryption where 1 block is a fixed size of 64 bits.

Use symmetric encryption where the size of a key 64 bits – in actual only 56 bits of key is used (i.e. 8 bits are not used, instead are replaced by a 8 bits of parity code)

The key in DES is also shifted and permutated.

DES can be implemented via software or hardware.

Overview of DES (cont.)

Prior to the 16 cycles of substitution and transposition approaches, the 64 bits of a block plaintext goes through Initial Permutation.

Following the 16 cycles of substitution and transposition approaches, the 64 bits of a block cipher text goes through Inverse Initial Permutation.

Overview of DES (cont.)

A cycle in DES

Left Half Data

Right Half Data

Substitution

Permutation

Right Half Data

Left Half Data

Key Shifted

Key Permuted

** Read page 644 – 649

It resembles the Feistel-function which substitutes and scrambles half a block together with the key. The output is then combined with the other half of the block by using the XOR function, and finally the halves are swapped.

Note: the key is also shifted and permuted

Left Half Data

Right Half Data

f

Right Half Data

Left Half Data

Key Shifted

Key Permuted

k1

K

Input

Initial permutation

Overview of DES (cont.)

DES is vulnerable to an attack called “Differential Cryptanalysis.”

The number of actual bits required for the key is known, which is fixed at 56 bits.

So, for brute force attack, we need to try 256 different keys to break the system.

Though 256 is a large number of attempts, with today’s super computer capability this can be done within a day’s limit (and it has been proven so!!).

Thus, the vulnerability of DES leads to the introduction of Triple DES (written as 3DES) and AES.

Triple DES

Triple DES uses longer bits of key compared to DES (i.e. 112 bits or 168bits depending whether the key is broken down into 2 or 3 sub-keys), thus providing for better security.

Since it is based on the DES algorithm, it is very easy to modify existing software to use Triple DES.

The procedure for encryption is exactly the same as regular DES, but it is repeated three times, hence the name Triple DES.

The data is encrypted with the first key, decrypted with the second key, and finally encrypted again with the third key.

Triple DES runs three times slower than standard DES.

Triple DES (cont.)

There are three keying options defined in ANSI X9.52 for 3DES:(1) the three keys k1, k2 and k3 are independent

(2) k1 and k2 are independent, but k1 = k3

(3) k1 = k2 = k3

Note: The third option makes triple-DES backward compatible with DES.

C=E(k3, D(k2, E(k1,P)))

Overview of AES

It is based on Rijndale algorithm. Use a combination of substitution and a

couple of transpositions approaches together with a keying function.

Consists of n rounds of the above said combination, where n depends on the key length (i.e. unlike DES, the length of AES key varies amongst 3 types).

Use block encryption where 1 block is a fixed size of 128 bits.

Use symmetric encryption where the size of a key can either be 128 bits (still double the size of DES 64 bits of key!!), 192 bits, or 256 bits, where the number of n rounds are 9, 11 and 13 respectively.

Overview of AES (cont.)

In AES, the block of 128 bits are treated as individual 4*4 matrix of bytes (i.e. a total of 16 matrices)

Each round in AES consists of 4 steps:-(1) Byte Substitution

by substituting each byte in a block based on a substitution table.

Byte1 Byte5 Byte9 Byte13

Byte2 Byte6 Byte10

Byte14

Byte3 Byte7 Byte11

Byte15

Byte4 Byte8 Byte12

Byte16

Overview of AES (cont.)

(2) Shift roweach row n is left shifted (n-1) byte as follows:

Byte1 Byte5 Byte9 Byte13

Byte2 Byte6 Byte10 Byte14

Byte3 Byte7 Byte11 Byte15

Byte4 Byte8 Byte12 Byte16

Byte1 Byte5 Byte9 Byte13

Byte6 Byte10 Byte14 Byte2

Byte11 Byte15 Byte3 Byte7

Byte16 Byte4 Byte8 Byte12

Before After

Overview of AES (cont.)

(3) Mix columnEach column is multiplied by a defined

matrix

resulting the bits to be shifted left n places, where n is an element in the matrix of the multiplier (e.g. if *2 = binary 10, then bits

are shifted left 2 places) followed by Exclusive OR (XOR) operation with

themselves

2 3 1 1

1 2 3 1

1 1 2 3

3 1 1 2

Overview of AES (cont.)

(4) Adding subkeyA portion of the key, which is unique to this

round is added with the previous result using Exclusive OR (XOR) function.

The key of AES will go through a combination of transformation and substitution on every

round. AES is more difficult to be cracked compared to DES since

its key is longer and of variable length, as well as the number of rounds is also not fixed to one.

AES is faster than 3DES too!! You may go here

http://www.cs.bc.edu/~straubin/cs381-05/blockciphers/rijndael_ingles2004.swf to experience the simulation of AES…

Problem with Symmetric Cryptography Key Distribution Key Management

secret key 1

secret key 3

secret key 5

secret key 4secret key 2

Symmetric Vs. Asymmetric Cryptography The encryption key

is the same as the decryption keyKe=Kd

ORKd can be easily derived from Ke

This system provides security as long as the key remains secret.

It requires a pair of keys, where it allow one key to be publicized for encryption, whereas only proper recipient who knows the decryption key can decrypt the message.

The encryption key is called public key and the decryption key is called secret / private key.

Private Key Protection

It should provide the necessary level of protection

Its lifetime should correspond with how often it is used & the sensitivity of the data it is protecting

It should be changed frequently and not used past its allowed lifetime

It should be properly destroyed at the end of its lifetime

It should never be exposed in clear text No copies of the key should be made if it is used

for digital signatures It should not be shared It should be stored securely It should be transported to securely

DATA & COMPUTER SECURITY (CSNB414)

--END--