0 оценок0% нашли этот документ полезным (0 голосов)
29 просмотров4 страницы
This document is a presentation transcript about encryption basics that discusses symmetric and asymmetric encryption techniques. It covers terminology for cryptology, conventional encryption using secret keys like DES, and public key encryption algorithms like RSA. It also discusses cryptanalysis techniques, key distribution methods, and provides examples of symmetric block ciphers like AES and public key cryptographic algorithms like Diffie-Hellman key exchange.
This document is a presentation transcript about encryption basics that discusses symmetric and asymmetric encryption techniques. It covers terminology for cryptology, conventional encryption using secret keys like DES, and public key encryption algorithms like RSA. It also discusses cryptanalysis techniques, key distribution methods, and provides examples of symmetric block ciphers like AES and public key cryptographic algorithms like Diffie-Hellman key exchange.
Авторское право:
Attribution Non-Commercial (BY-NC)
Доступные форматы
Скачайте в формате DOCX, PDF, TXT или читайте онлайн в Scribd
This document is a presentation transcript about encryption basics that discusses symmetric and asymmetric encryption techniques. It covers terminology for cryptology, conventional encryption using secret keys like DES, and public key encryption algorithms like RSA. It also discusses cryptanalysis techniques, key distribution methods, and provides examples of symmetric block ciphers like AES and public key cryptographic algorithms like Diffie-Hellman key exchange.
Авторское право:
Attribution Non-Commercial (BY-NC)
Доступные форматы
Скачайте в формате DOCX, PDF, TXT или читайте онлайн в Scribd
2. Reading Assignment o Why crypto is hard http://www.counterpane.com/whycrypto.html 3. Topics o What is Cryptology? o Conventional Encryption (secret key) Terminology and Properties o Public Key Encryption Terminology Usage Properties o Cryptanalysis 4. Cryptology Definition o Cryptography is the making of ciphers and codes. o Cryptanalysis is the analysis and breaking of those ciphers. o Cryptology is the study of both. 5. Cryptography o Classified along three independent dimensions: The type of operations used for transforming plaintext to ciphertext The number of keys used symmetric (single key) asymmetric (two-keys, or public-key encryption) The way in which the plaintext is processed 6. Secret Key Cryptography o An encryption scheme has five ingredients: Plaintext Encryption algorithm Secret Key Ciphertext Decryption algorithm o Security depends on the secrecy of the key, not the secrecy of the algorithm 7. Use of Conventional Encryption 8. Average time required for exhaustive key search 2.15 milliseconds 2 32 = 4.3 x 10 9 32 5.9 x 10 30 years 2 168 = 3.7 x 10 50 168 5.4 x 10 18 years 2 128 = 3.4 x 10 38 128 10 hours 2 56 = 7.2 x 10 16 56 Time required at 10 6 Decryption/ µs Number of Alternative Keys Key Size (bits) 9. Feistel Cipher Structure o Many conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973 o The realization of a Fesitel Network depends on the choice of the following parameters and design features (see next slide) : 10. Feistel Cipher Structure o Block size: larger block sizes mean greater security o Key Size: larger key size means greater security o Number of rounds: multiple rounds offer increasing security o Subkey generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis. o Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern 11. 12. Conventional Encryption Algorithms o Data Encryption Standard (DES) The most widely used encryption scheme The algorithm is referred to as the Data Encryption Algorithm (DEA) DES is a block cipher The plaintext is processed in 64-bit blocks The key is 56-bits in length 13. 14. 15. Time to break a code (10 6 decryptions/µs) 16. Triple DEA o Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt) C = ciphertext P = Plaintext EK[X] = encryption of X using key K DK[Y] = decryption of Y using key K o Effective key length of 168 bits
C = E K3 [D K2 [E K1 [P]]]
17. Other Symmetric Block Ciphers
o International Data Encryption Algorithm (IDEA) 128-bit key Used in PGP o Blowfish Easy to implement High execution speed Run in less than 5K of memory 18. Other Symmetric Block Ciphers o RC5 Suitable for hardware and software Fast, simple Adaptable to processors of different word lengths Variable number of rounds Variable-length key Low memory requirement High security Data-dependent rotations o Cast-128 Key size from 40 to 128 bits The round function differs from round to round 19. Analysis of DES o Advantages Attacks well known 3DES has effective key length of 168 o Disadvantages No efficient software implementation Must use 64 bit block 20. AES o AES (Advanced Encryption Standard) was adopted by NIST in November 2001. Also called the Rijndael algorithm. o Supports key size of 128, 192, and 256 bits. o Symmetric block cipher with block length of 128 bits. o Efficient hardware and software implementations. o Not a Feistal block cipher. 21. Location of Encryption Device o Link encryption: A lot of encryption devices High level of security Decrypt each packet at every switch o End-to-end encryption The source encrypt and the receiver decrypts Payload encrypted Header in the clear o High Security: Both link and end-to-end encryption are needed 22. 23. Key Distribution o A key could be selected by A and physically delivered to B. o A third party could select the key and physically deliver it to A and B. o If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. o If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. 24. Key Distribution o Session key: Data encrypted with a one-time session key. At the conclusion of the session the key is destroyed o Permanent key: Used between entities for the purpose of distributing session keys 25. 26. Public-Key Cryptography Principles o The use of t wo keys has consequences in: k ey distribution, confidentiality and authentication . o The scheme has six ingredients Plaintext Encryption algorithm Public and private key Ciphertext Decryption algorithm 27. Encryption using Public-Key system 28. Authentication using Public-Key System 29. Applications for Public-Key Cryptosystems o Three categories: Encryption/decryption: The sender encrypts a message with the recipient’s public key. Digital signature: The sender ”signs” a message with its private key. Key exchange: Two sides cooperate two exhange a session key. 30. Requirements for Public-Key Cryptography o Computationally easy for a party B to generate a pair (public key K U b , private key KR b ) o Easy for sender to generate ciphertext: o Easy for the receiver to decrypt ciphertext using private key: 31. Requirements for Public-Key Cryptography o Computationally infeasible to determine private key (KR b ) knowing public key (KU b ) o Computationally infeasible to recover message M, knowing KU b and ciphertext C o Either of the two keys can be used for encryption, with the other used for decryption: 32. Public-Key Cryptographic Algorithms o RSA and Diffie-Hellman o RSA - Ron Rives, Adi Shamir and Len Adleman at MIT, in 1977. RSA is a block cipher The most widely implemented o Diffie-Hellman Exchange a secret key securely Compute discrete logarithms 33. Diffie-Hellman Key Exchange 34. Other Public-Key Cryptographic Algorithms o Digital Signature Standard (DSS) Makes use of the SHA-1 Not for encryption or key exchange o Elliptic-Curve Cryptography (ECC) Good for smaller bit size Low confidence level, compared with RSA Very complex 35. Cryptographic Hash Functions o Example: http:// nsfsecurity .pr. erau . edu / crypto / generichash .html 36. Cryptanalysis o If only the ciphertext is available Pattern and frequency analysis for simple ciphers Brute force – try all possible keys o If <plaintext, ciphertext> is available Previously classified info is unclassified Encrypted info includes known patterns (packet headers) 37. For Further Reading o “Cryptography and Network Security, Principles and Practice” third edition, William Stallings, Prentice Hall o For more detailed coverage, take the Applied Math course: AMTH 387