block cipher operation
play

Block Cipher Operation CBC CFB OFB CSS441: Security and - PowerPoint PPT Presentation

Aug 24, 2023 •530 likes •871 views

CSS441 Block Cipher Operation Modes ECB Block Cipher Operation CBC CFB OFB CSS441: Security and Cryptography CTR Feedback Sirindhorn International Institute of Technology XTS-AES Thammasat University Prepared by Steven Gordon on 20

  1. CSS441 Block Cipher Operation Modes ECB Block Cipher Operation CBC CFB OFB CSS441: Security and Cryptography CTR Feedback Sirindhorn International Institute of Technology XTS-AES Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l04, Steve/Courses/2015/s2/css441/lectures/modes-of-operation.tex, r4295 1/32

  2. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 2/32

  3. CSS441 Modes of Operation Block Cipher Operation ◮ Block cipher: operates on fixed length b -bit input to produce b -bit ciphertext Modes ECB ◮ What about encrypting plaintext longer than b bits? CBC ◮ Break plaintext into b -bit blocks (padding if necessary) CFB and apply cipher on each block OFB ◮ Security issues arise: different modes of operation have CTR been developed Feedback XTS-AES 3/32

  4. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 4/32

  5. CSS441 ECB Encryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 5/32

  6. CSS441 ECB Decryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 6/32

  7. CSS441 Summary Block Cipher Operation ◮ Each block of 64 plaintext bits is encoded independently using same key Modes ECB ◮ Typical applications: secure transmission of single CBC values (e.g. encryption key) CFB ◮ Problem: with long message, repetition in plaintext may OFB cause repetition in ciphertext CTR Feedback XTS-AES 7/32

  8. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 8/32

  9. CSS441 CBC Encryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 9/32

  10. CSS441 CBC Decryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 10/32

  11. CSS441 CBC Summary Block Cipher Operation ◮ Input to encryption algorithm is XOR of next 64-bits plaintext and preceding 64-bits ciphertext Modes ECB ◮ Typical applications: General-purpose block-oriented CBC transmission; authentication CFB ◮ Initialisation Vector (IV) must be known by OFB sender/receiver, but secret from attacker CTR Feedback XTS-AES 11/32

  12. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 12/32

  13. CSS441 CFB Encryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 13/32

  14. CSS441 CFB Decryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 14/32

  15. CSS441 CFB Summary Block Cipher ◮ Converts block cipher into stream cipher Operation ◮ No need to pad message to integral number of blocks Modes ◮ Operate in real-time: each character encrypted and ECB transmitted immediately CBC ◮ Input processed s bits at a time CFB OFB ◮ Preceding ciphertext used as input to cipher to produce CTR pseudo-random output Feedback ◮ XOR output with plaintext to produce ciphertext XTS-AES ◮ Typical applications: General-purpose stream-oriented transmission; authentication 15/32

  16. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 16/32

  17. CSS441 OFB Encryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 17/32

  18. CSS441 OFB Decryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 18/32

  19. CSS441 OFB Summary Block Cipher Operation ◮ Converts block cipher into stream cipher Modes ◮ Similar to CFB, except input to encryption algorithm is ECB preceding encryption output CBC ◮ Typical applications: stream-oriented transmission over CFB noisy channels (e.g. satellite communications) OFB ◮ Advantage compared to OFB: bit errors do not CTR propagate Feedback XTS-AES ◮ Disadvantage: more vulnerable to message stream modification attack 19/32

  20. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 20/32

  21. CSS441 CTR Encryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 21/32

  22. CSS441 CTR Decryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 22/32

  23. CSS441 CTR Summary Block Cipher Operation ◮ Converts block cipher into stream cipher Modes ◮ Each block of plaintext XORed with encrypted counter ECB ◮ Typical applications: General-purpose block-oriented CBC transmission; useful for high speed requirements CFB ◮ Efficient hardware and software implementations OFB CTR ◮ Simple and secure Feedback XTS-AES 23/32

  24. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 24/32

  25. CSS441 Feedback: CBC and CFB Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 25/32

  26. CSS441 Feedback: OFB and CTR Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 26/32

  27. CSS441 Contents Block Cipher Operation Modes of Operation Modes ECB Electronic Code Book CBC CFB Cipher Block Chaining Mode OFB CTR Cipher Feedback Mode Feedback XTS-AES Output Feedback Mode Counter Mode Feedback Characteristics of Modes XTS-AES 27/32

  28. CSS441 XTS-AES Encryption of Single Block Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 28/32

  29. CSS441 XTS-AES Decryption of Single Block Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 29/32

  30. CSS441 XTS-AES Encryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 30/32

  31. CSS441 XTS-AES Decryption Block Cipher Operation Modes ECB CBC CFB OFB CTR Feedback XTS-AES 31/32

  32. CSS441 Encryption for Stored Data Block Cipher Operation ◮ XTS-AES designed for encrypting stored data (as opposed to transmitted data) Modes ECB ◮ See Chapter 6.7 for details and differences to CBC transmitted data encryption CFB OFB CTR Feedback XTS-AES 32/32

Recommend

Block Cipher Modes of Operation Electronic Code Book Cipher Block Chaining Mode Cryptography

Block Cipher Modes of Operation Electronic Code Book Cipher Block Chaining Mode Cryptography

Cryptography Block Cipher Modes of Operation Block Ciphers with Multiple Blocks Block Cipher Modes of Operation Electronic Code Book Cipher Block Chaining Mode Cryptography Cipher Feedback Mode School of Engineering and Technology

428 views • 32 slides
Problem 1 k zero bits n bits IV Block Block Block Block Cipher Cipher Cipher Cipher

Problem 1 k zero bits n bits IV Block Block Block Block Cipher Cipher Cipher Cipher

Problem 1 k zero bits n bits IV Block Block Block Block Cipher Cipher Cipher Cipher removed January 27, 2011 Practical Aspects of Modern Cryptography 2 Problem 1 IV Inverse Inverse Inverse Inverse Cipher Cipher Cipher Cipher

464 views • 20 slides
Tweakable Block Cipher Secure Beyond the Birthday Bound in the Ideal Cipher Model Jooyoung Lee ,

Tweakable Block Cipher Secure Beyond the Birthday Bound in the Ideal Cipher Model Jooyoung Lee ,

Tweakable Block Cipher Secure Beyond the Birthday Bound in the Ideal Cipher Model Jooyoung Lee , Byeonghak Lee KAIST Tweakable Block Cipher A tweakable block cipher accepts an additional input "tweak - Tweaks are publicly used

519 views • 30 slides
Objectives Electronic Code Book Cipher Block Chaining Output Boolean functions

Objectives Electronic Code Book Cipher Block Chaining Output Boolean functions

Modes of Operation of Block Ciphers Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Electronic Code Book Cipher Block Chaining

183 views • 16 slides
Cryptography and Network Chapter 6 Block Cipher Operation Security Many savages at the present

Cryptography and Network Chapter 6 Block Cipher Operation Security Many savages at the present

4/19/2010 Cryptography and Network Chapter 6 Block Cipher Operation Security Many savages at the present day regard their Chapter 6 names as vital parts of themselves, and therefore take great pains to conceal their real f g p names, lest

336 views • 5 slides
Advanced Block Cipher Design My crazy boss asked me to design a new block cipher. Whats next?

Advanced Block Cipher Design My crazy boss asked me to design a new block cipher. Whats next?

Advanced Block Cipher Design My crazy boss asked me to design a new block cipher. Whats next? Pascal Junod University of Applied Sciences Western Switzerland Pascal Junod -- Advanced Block Cipher Design 1 ECRYPT II Summer School - May

914 views • 56 slides
Block Cipher Cryptanalysis: An Overview Subhabrata Samajder Indian Statistical Institute, Kolkata

Block Cipher Cryptanalysis: An Overview Subhabrata Samajder Indian Statistical Institute, Kolkata

Block Cipher Cryptanalysis: An Overview Subhabrata Samajder Indian Statistical Institute, Kolkata 17 th May, 2017 0/52 Iterated Block Cipher Outline Iterated Block Cipher 1 S-Boxes 2 A Basic Substitution Permutation Network 3 Linear

1.58k views • 113 slides
Block Cipher Cryptanalysis II: Block Cipher Cryptanalysis II: Linear Cryptanalysis yp y Andrey

Block Cipher Cryptanalysis II: Block Cipher Cryptanalysis II: Linear Cryptanalysis yp y Andrey

Block Cipher Cryptanalysis II: Block Cipher Cryptanalysis II: Linear Cryptanalysis yp y Andrey Bogdanov Andrey Bogdanov K.U.Leuven, ESAT/COSIC Outline Outline Distribution of Correlation Data Complexity Linear Hulls Zero

659 views • 30 slides
T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher

T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher

T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher confidentiality modes of operation Kaufman et al: Ch 4 Stallings: Ch 6, Ch 3 1 Stream ciphers Stream ciphers are generally faster than block

535 views • 12 slides
COBRA: A Parallelizable Authenticated Online Cipher without Block Cipher Inverse 1 Atul Luykx

COBRA: A Parallelizable Authenticated Online Cipher without Block Cipher Inverse 1 Atul Luykx

COBRA: A Parallelizable Authenticated Online Cipher without Block Cipher Inverse 1 Atul Luykx COSIC KU Leuven and iMinds March 3, 2014 1 Joint work with E. Andreeva, B. Mennink, and K. Yasuda. 1 / 23 Overview COBRA 1 Misuse resistance 2

711 views • 58 slides
PSEUDO-RANDOM FUNCTIONS We want to answer the question: What is a good block cipher? where

PSEUDO-RANDOM FUNCTIONS We want to answer the question: What is a good block cipher? where

Recall We studied security of function families (in particular, block ciphers) against key recovery. But we saw that security against key recovery is not su ffi cient to ensure that natural usages of a block cipher are secure. PSEUDO-RANDOM

268 views • 13 slides
Overview of the DES A block cipher: encrypts blocks of 64 bits using a 64 bit key

Overview of the DES A block cipher: encrypts blocks of 64 bits using a 64 bit key

Overview of the DES A block cipher: encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher basic unit is the bit performs both substitution and transposition (permutation) on the

512 views • 35 slides
Attacks on the KeeLoq Block Cipher and Authentication Systems Andrey Bogdanov Chair for

Attacks on the KeeLoq Block Cipher and Authentication Systems Andrey Bogdanov Chair for

Attacks on the KeeLoq Block Cipher and Authentication Systems Andrey Bogdanov Chair for Communication Security Ruhr University Bochum, Germany abogdanov@crypto.rub.de www.crypto.rub.de Abstract. KeeLoq is a block cipher used in numerous

143 views • 13 slides
Block Cipher Cryptanalysis: Basic and Advanced Techniques I

Block Cipher Cryptanalysis: Basic and Advanced Techniques I

Block Cipher Cryptanalysis: Basic and Advanced Techniques I & II Andrey Bogdanov KU Leuven, ESAT/COSIC Outline I. Block Ciphers II.

1.03k views • 79 slides
PSEUDO-RANDOM FUNCTIONS 1 / 65 Recall We studied security of a block cipher against key

PSEUDO-RANDOM FUNCTIONS 1 / 65 Recall We studied security of a block cipher against key

PSEUDO-RANDOM FUNCTIONS 1 / 65 Recall We studied security of a block cipher against key recovery. But we saw that security against key recovery is not sufficient to ensure that natural usages of a block cipher are secure. We want to answer the

920 views • 88 slides
Block Ciphers Chester Rebeiro IIT Madras CR CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR CR STINSON : chapters 3 Block Cipher K D K E untrusted communicaGon link Alice Bob E D #%AR3Xf34^$ A?ack at Dawn!! decrypGon encrypGon (ciphertext) message A?ack at Dawn!!

1.71k views • 143 slides
Deck-Based Wide Block Cipher Modes and an Exposition of the Blinded Keyed Hashing Model Aldo

Deck-Based Wide Block Cipher Modes and an Exposition of the Blinded Keyed Hashing Model Aldo

Deck-Based Wide Block Cipher Modes and an Exposition of the Blinded Keyed Hashing Model Aldo Gunsing, Joan Daemen and Bart Mennink FSE 2020 1 / 15 Block cipher K n n P B C Plaintext P encrypted to ciphertext C with secret key K

632 views • 41 slides
Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher K D K E untrusted communication link Alice Bob E D #%AR3Xf34^$ Attack at Dawn!! decryption encryption (ciphertext) message message Attack at

1.56k views • 143 slides
Symmetric-Key Encryption: One-Way Functions Lecture 6 PRG from One-Way Permutations RECALL

Symmetric-Key Encryption: One-Way Functions Lecture 6 PRG from One-Way Permutations RECALL

Symmetric-Key Encryption: One-Way Functions Lecture 6 PRG from One-Way Permutations RECALL Story So far m Enc SC PRG (i.e., a Stream Cipher) for one-time SKE K Mode of operation: msg pseudorandom pad PRF (i.e., a Block Cipher)

426 views • 13 slides
Symmetric-Key Encryption: One-Way Functions Lecture 6 PRG from One-Way Permutations RECALL

Symmetric-Key Encryption: One-Way Functions Lecture 6 PRG from One-Way Permutations RECALL

Symmetric-Key Encryption: One-Way Functions Lecture 6 PRG from One-Way Permutations RECALL Story So far m Enc SC PRG (i.e., a Stream Cipher) for one-time SKE K Mode of operation: msg pseudorandom pad PRF (i.e., a Block Cipher)

251 views • 12 slides
Block ciphers What is a block cipher? Dan Boneh Block

Block ciphers What is a block cipher? Dan Boneh Block

Online Cryptography Course

1.24k views • 65 slides
CS 4803 A block cipher E is a collection of functions from n bits to n bits. Each function is

CS 4803 A block cipher E is a collection of functions from n bits to n bits. Each function is

Block ciphers Building blocks for symmetric cryptography. M EK C Examples: DES, 3DES, AES... CS 4803 A block cipher E is a collection of functions from n bits to n bits. Each function is fully specified by a k-bit key. Computer and

317 views • 4 slides
A Methodology for Differential-Linear Cryptanalysis and Its Applications Jiqiang Lu Presenter:

A Methodology for Differential-Linear Cryptanalysis and Its Applications Jiqiang Lu Presenter:

1. Preliminaries 2. Differential-Linear Cryptanalysis: Previous and Our Methodologies 3. Application to 13 Rounds of the DES Block Cipher 4. Application to 10 Rounds of the CTC2 Block Cipher 5. Application to 12 Rounds of the Serpent Block

1.18k views • 25 slides
H were created in the late 18th and 19th 2 n 2nd preimages centuries; they federated and became

H were created in the late 18th and 19th 2 n 2nd preimages centuries; they federated and became

Introduction Iterated hash functions Block cipher constructions SHA-3 Outtro Introduction Iterated hash functions Block cipher constructions SHA-3 Outtro 1 Introduction Hash Functions and SHA-3 2 Iterated hash functions 3 Block cipher

786 views • 13 slides

More recommend