eec-484/584 computer networks lecture 15 wenbing zhao [email protected]
Post on 19-Dec-2015
217 views
TRANSCRIPT
![Page 1: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/1.jpg)
EEC-484/584EEC-484/584Computer NetworksComputer Networks
Lecture 15Lecture 15
Wenbing ZhaoWenbing Zhao
![Page 2: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/2.jpg)
22
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
OutlineOutline
• Reminder:– Wiki page peer review due tonight (12/1)
• Introduction to cryptography
![Page 3: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/3.jpg)
33
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cryptography TerminologyCryptography Terminology
• Encryption is the process of encoding a message so that its meaning is not obvious– Equivalent terms: encode, encipher
• Encryption addresses the need for confidentiality of data• Encryption can also be used to ensure integrity (i.e.,
unauthorized change can be detected)• Encryption is the basis of protocols that enable us to
provide security while accomplishing system or network tasks
![Page 4: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/4.jpg)
44
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cryptography TerminologyCryptography Terminology
• Decryption is the reverse process, transforming an encrypted message back into its normal, original form – Equivalent terms: decode, decipher
• A system for encryption and decryption is called a cryptosystem
![Page 5: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/5.jpg)
55
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cryptography TerminologyCryptography Terminology
• The encryption and decryption rules are called encryption and decryption algorithms
• Encryption/decryption algorithms often use a device called a key, denoted by K, so that the resulting ciphertext depends on the original plaintext message, the algorithm, and the key value
• An encryption scheme that does not require the use of a key is called a keyless cipher
![Page 6: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/6.jpg)
66
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cryptography TerminologyCryptography Terminology• Plaintext: message to be encrypted• Ciphertext: encrypted message• DK(EK(P)) = P
![Page 7: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/7.jpg)
77
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Symmetric EncryptionSymmetric Encryption• The encryption and decryption keys are the
same, so P = D(K, E(K,P))• D and E are closely related. They are mirror-
image processes• The symmetric systems provide a two-way
channel to their users• The symmetry of this situation is a major
advantage of this type of encryption, but it also leads to a problem: key distribution
![Page 8: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/8.jpg)
88
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Asymmetric EncryptionAsymmetric Encryption
• Encryption and decryption keys come in pairs. The decryption key, KD, inverts the encryption of key KE, so that P = D(KD, E(KE,P))
• Asymmetric encryption systems excel at key management
![Page 9: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/9.jpg)
99
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
CryptologyCryptology
• Cryptology is the research into and study of encryption and decryption; it includes both cryptography and cryptanalysis
• Cryptography – art of devising ciphers – Comes from Greek words for “secret writing”. It refers
to the practice of using encryption to conceal text
• Cryptanalysis – art of breaking ciphers – Study of encryption and encrypted messages, hoping to
find the hidden meanings
![Page 10: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/10.jpg)
1010
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Basic Encryption MethodsBasic Encryption Methods
• Substitution ciphers: one letter is exchanged for another
• Transposition ciphers: order of letters is rearranged
![Page 11: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/11.jpg)
1111
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Substitution CiphersSubstitution Ciphers
• Idea: each letter or group of letters is replaced by another letter or group of letters
• Caesar cipher – circularly shift by 3 letters– a -> D, b -> E, … z -> C– More generally, shift by k letters, k is the key
• Monoalphabetic cipher – map each letter to some other letter– A b c d e f … w x y z– Q W E R T Y … V B N M <= the key
![Page 12: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/12.jpg)
1212
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Substitution CiphersSubstitution Ciphers
• Not difficult to determine the key using frequencies of letters, pairs of letter etc., or by guessing a probable word or phrase
• Most frequently occurred– Letters: e, t, o, a, n, …– Digrams: th, in, er, re, an, …– Trigrams: the, ing, and, ion, ent– Words: the, of, and, to, a, in, that, …
![Page 13: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/13.jpg)
1313
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Transposition CiphersTransposition Ciphers
• Transposition cipher – reorders (rearrange) symbols but does not disguise them. It is also called permutation
• Transpositions try to break established patterns• Both substitution and transport ciphers can be
broken using language statistical information
![Page 14: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/14.jpg)
1414
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Columnar TranspositionColumnar Transposition
• Plaintext written in rows, number of columns = key length
• Key is used to number the columns
• Ciphertext read out by columns, starting with column whose key letter is lowest
![Page 15: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/15.jpg)
1515
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Columnar TranspositionColumnar Transposition
• A transposition cipher example
![Page 16: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/16.jpg)
1616
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
One-Time PadsOne-Time Pads• One-time pad: construct an unbreakable cipher
– Choose a random bit string as the key– Convert the plaintext into a bit string– Compute the XOR of these two strings, bit by bit– The resulting ciphertext cannot be broken, because in
a sufficiently large sample of ciphertext, each letter will occur equally often
=> there is simply no information in the message because all possible plaintexts of the given length are equally likely
![Page 17: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/17.jpg)
1717
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
One-Time PadsOne-Time Pads
I L O V E Y O U .
E L V I S L I V E S
Original one-time pad used
If someone tries to decrypt using another one-time pad
![Page 18: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/18.jpg)
1818
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
One-Time PadsOne-Time Pads
• Disadvantages– The key cannot be memorized, both sender
and receiver must carry a written copy with them
– Total amount of data can be transmitted is limited by the amount of key available
– Sensitive to lost or inserted characters
![Page 19: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/19.jpg)
1919
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Stream Ciphers Stream Ciphers • Stream ciphers: convert one symbol of plaintext
immediately into a symbol of ciphertext– The transformation depends only on the symbol, the
key, and the control information of the encryption algorithm
![Page 20: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/20.jpg)
2020
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Block CiphersBlock Ciphers• Block cipher: encrypts a group of plaintext symbols as one
block• Block ciphers work on blocks of plaintext and produce
blocks of ciphertext – The columnar transposition is an example of block ciphers
![Page 21: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/21.jpg)
2121
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cryptanalysis Cryptanalysis –– Breaking Encryption Schemes Breaking Encryption Schemes
• Ciphertext-only: cryptanalyst has a quantity of ciphertext and no plaintext
• Known plaintext: cryptanalyst has some matched ciphertext and plaintext
• Chosen plaintext: cryptanalyst has the ability to encrypt pieces of plaintext of his own choosing
![Page 22: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/22.jpg)
2222
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Symmetric-Key AlgorithmsSymmetric-Key Algorithms
• DES – The Data Encryption Standard
• AES – The Advanced Encryption Standard
• Cipher Modes
![Page 23: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/23.jpg)
2323
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Data Encryption StandardData Encryption Standard• Developed by IBM. US standard for unclassified info (1977)
• Same key for encryption as for decryption• Encrypts in 64-bit blocks• Uses 56-bit key• Has 19 stages,
16 parameterized by different functions of the key
![Page 24: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/24.jpg)
2424
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Triple DESTriple DES
• Triple DES – effectively increases the key length. It uses two keys and three stages– In first stage, the plaintext is encrypted using DES in
the usual way with K1
– In second stage, DES is run in decryption mode, using K2 as the key
– In third stage, another DES encryption is done with K1
Triple DES encryption Triple DES decryption
![Page 25: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/25.jpg)
2525
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
AES – The Advanced Encryption StandardAES – The Advanced Encryption Standard
• AES is a result of a cryptographic contest– Organized by NIST in 1997
• Rules for AES proposals1. The algorithm must be a symmetric block cipher
2. The full design must be public
3. Key lengths of 128, 192, and 256 bits supported
4. Both software and hardware implementations required
5. The algorithm must be public or licensed on nondiscriminatory terms
• Winner: Rijndael (from two Belgian cryptographers: Joan Daemen and Vincent Rijmen)
![Page 26: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/26.jpg)
2626
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
AESAES
• Creating of the state and rk arrays
![Page 27: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/27.jpg)
2727
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cipher ModesCipher Modes
• Despite all the complexity, AES and DES (or any block cipher) is basically a monoalphabetic substitution cipher using big characters– Whenever the same plaintext block goes in the front
end, the same ciphertext block comes out the back end
– If you encrypt the plaintext abcdefgh 100 times with same DES key, you get the same ciphertext 100 times
– An intruder can exploit this property to help subvert the cipher
![Page 28: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/28.jpg)
2828
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Electronic Code Book ModeElectronic Code Book Mode• In ECB mode, each plaintext block is encrypted
independently with the block cipher• ECB allows easy parallelization to yield higher
performance. However, no processing is possible before a block is seen
![Page 29: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/29.jpg)
2929
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Electronic Code Book Mode - ProblemsElectronic Code Book Mode - Problems
• In ECB, plaintext patterns are not concealed– Each identical block of plaintext gives an identical block
of ciphertext. The plaintext can be easily manipulated by removing, repeating, or interchanging blocks
• Example
![Page 30: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/30.jpg)
3030
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cipher Block Chaining ModeCipher Block Chaining Mode
• To avoid the ECB mode problem: replacing a block will cause the plaintext decrypted starting at the replaced to become garbage
• Exclusive OR the encrypted text with the next block of plaintext before encryption: C0 = E(P0 XOR IV), C1 = E(P1 XOR C0), etc.
• Drawback: must wait until full 64-bit (128-bit) block to arrive to decrypt
![Page 31: EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao wenbing@ieee.org](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d3e5503460f94a16f15/html5/thumbnails/31.jpg)
3131
Fall Semester 2008Fall Semester 2008 EEC-484/584: Computer NetworksEEC-484/584: Computer Networks Wenbing ZhaoWenbing Zhao
Cipher Block Chaining ModeCipher Block Chaining Mode
• Exclusive OR the encrypted text with the next block of plaintext before encryption: C0 = E(P0 XOR IV), C1 = E(P1 XOR C0), etc.
InitializationVector
Encryption Decryption