symmetric key aditya vaio

7/31/2019 Symmetric Key Aditya VAIO

1/19

Presented by-

Aditya Mathur A1607110024(B.Tech E & T

2010-14)


2/19

Network Security

Network security consists of the provisions andpolicies adopted by a network administrator toprevent and monitor unauthorized access,misuse, modification, or denial of a computer

network and network-accessible resources.

Network Security is needed as a network Anetwork is prone to various threats such asViruses and Worms, Trojan Horses, SPAM,Phishing, Packet Sniffers, Password attacks etc.Protecting the network from such threats is amust.


3/19

Encryption

It is the process of transforming data into an

unreadable form using an algorithm.

Encryption is used to protect data in

transit(over a network).

There are two types of encryption algorithms-

Private( Symmetric ) Key

Public Key


4/19


5/19

Symmetric-key

cryptography refers to

encryption methods in

which both the sender andreceiver share the same

key.

The same key is used forencryption and decryption.


6/19

For instance, if Bob and Alice want to use privatekey encryption to share a secret message, theywould each use a copy of the same key. Bobwrites his message to Alice and uses their shared

private key to encrypt the message. The messageis then sent to Alice. Alice uses her copy of theprivate key to decrypt the message.

Private key encryption is like making copies of akey.

Anyone with a copy can open the lock.


7/19

Symmetric Key Encryption Algorithm

There are two encryption algorithms-

Using Stream Ciphers

Using Block Ciphers

Symmetric Key Encryption uses ciphers.

Cipher- a cipher (orcypher) is an algorithm for

performing encryption or decryption- a series ofwell-defined steps that can be followed as a

procedure.


8/19

Stream Cipher

In a stream cipher each plaintext digit is encrypted one at a time with thecorresponding digit of the key-stream, to give a digit of the cyphertextstream.

The Key-stream is combined with the Plain Text using an exclusive-or(XOR) operation.

A pseudorandom key-stream is typically generated serially from a randomseed value using digital shift registers.

The seed value serves as the cryptographic key for decrypting the ciphertextstream.

Stream ciphers execute faster than block ciphers.

These are of two types

Synchronous Stream Cipher

Self-Synchronous Stream Cipher


9/19

Synchronous Stream Cipher

A stream cipher generates successive elements of the key-stream based on an internal state, if this state changesindependently of the plaintext or ciphertext messages, thecipher is classified as a synchronous stream cipher.

These pseudo-random digits are combined with the plain textusing XOR operation.

Sender and Receiver to be in step, synchronization is lost ifbits added or removed.

However, a digit is corrupted in transmission, rather thanadded or lost, only a single digit in the plaintext is affectedand the error does not propagate to other parts of themessage.


10/19

Self-Synchronizing Stream Ciphers

Self-synchronising stream ciphers update their statebased on previous ciphertext digits.

This approach uses several of the previous N

ciphertext digits to compute the key-stream.

The advantage in this is that the receiver willautomatically synchronise with the key-streamgenerator after receiving N ciphertext digits, making it

easier to recover if digits are dropped or added to themessage stream. Single-digit errors are limited in theireffect, affecting only up to N plaintext digits.


11/19

Security

Never reuse the same key.

Some applications using the stream cipher

RC4 are attackable because of weaknesses in

RC4's key setup routine; new applications

should either avoid RC4 or make sure all keys

are unique and ideally unrelated (e.g.,generated by a cryptographic hash function)

and that the first bytes of the key-stream are

discarded.


12/19

Block Cipher

A block cipher is a deterministic algorithmoperating on fixed-length groups of bits, calledblocks, with an unvarying transformation that isspecified by a symmetric key.

The modern design of block ciphers is based onthe concept of an iterated product cipher.

Iterated product ciphers carry out encryption inmultiple rounds, each which uses a differentsubkey derived from the original key.


13/19

Design of Block Ciphers

Block Ciphers are of three types

Iterated

Substitution- Permutation Networks

Fiestal Ciphers


14/19

Iterated Block Ciphers

They transform fixed-size blocks of plain-text into identicalsize blocks of ciphertext, via the repeated application of aninvertible transformation known as the round function, witheach iteration referred to as a round.

Usually, the round function Rtakes different round keysKiassecond input, which are derived from the original key: (where is the plaintext and the ciphertext, with rbeing the

round number.)

Frequently, key whitening is used in addition to this. At thebeginning and the end, the data is modified with key material(often with XOR, but simple arithmetic operations like addingand subtracting are also used):


15/19

Substitution- Permutation

Networks

A block of the plaintext and the key is takenas inputs, and applied several alternatingrounds consisting of a substitutionstage followed by a permutation stage -- toproduce each block of ciphertext output.

A substitution box (S-box) substitutes asmall block of input bits with another blockof output bits. This substitution mustbe one-to-one, to ensure invertibility.

A permutation box (P-box) isa permutation of all the bits: it takes theoutputs of all the S-boxes of one round,permutes the bits, and feeds them into theS-boxes of the next round.


16/19

Fistel Ciphers

The block of plain text to be encrypted is split into two equal-sized halves.

The round function is applied to one half, using a subkey, and then the output is XORed with theother half. The two halves are then swapped.

Let Fbe the round function and let K0, K1....... Knbe the sub-keys for the rounds 0, 1......, nrespectively.

Then the basic operation is as follows:

Split the plaintext block into two equal pieces, (L0 , R0 )

For each round i=0, 1,....ncompute

Li+1=Ri

Then the ciphertext is (Rn+1, Ln+1)

Decryption of a ciphertext (Rn+1, Ln+1) is accomplished by computing for i=n, n-1,....0

Ri= Li+1

Then (L0 , R0 ) is the plaintext again.


17/19

Mode Of Operation

For a variable-length message, the data must first be partitioned into separate cipherblocks.

In the simplest case, known as the electronic codebook (ECB) mode, a message isfirst split into separate blocks of the cipher's block size.

Then each block is encrypted and decrypted independently. However, such a naive method is generally insecure because equal plaintext blocks will

always generate equal ciphertext blocks (for the same key), so patterns in the plaintextmessage become evident in the ciphertext output.

To overcome this, the general concept is to use randomization of the plaintext databased on an additional input value, frequently called an initialization vector, to create

what is termed probabilistic encryption.

The resultant ciphertext block is then used as the new initialization vector for the nextplaintext block.


18/19

Conclusion

Here we discussed the Private Key Encryption

technique to achieve Network Security.

The private key encryption is achieved using

ciphers.

There are broadly two types of ciphers-

Stream and Block.

These are further classified and there workingwas discussed.


19/19

symmetric key aditya vaio

Documents