ITS335 Cryptography Encrypt for Confidentiality Symmetric Key Cryptography Authentication Public Key Key Management ITS335: IT Security Signatures Random Numbers Sirindhorn International Institute of Technology Summary Thammasat University Prepared by Steven Gordon on 2 January 2015 its335y14s2l02, Steve/Courses/2014/s2/its335/lectures/crypto.tex, r3504 1/86
ITS335 Contents Cryptography Encryption for Confidentiality Encrypt for Confidentiality Symmetric Key Symmetric Key Encryption Authentication Public Key Authentication and Hash Functions Key Management Signatures Public Key Encryption Random Numbers Summary Key Management Digital Signatures Random Numbers Summary 2/86
ITS335 Encryption for Confidentiality Cryptography ◮ Aim: assure confidential information not made available Encrypt for to unauthorised individuals (data confidentiality) Confidentiality Symmetric Key ◮ How: encrypt the original data; anyone can see the Authentication encrypted data, but only authorised individuals can Public Key decrypt to see the original data Key Management ◮ Used for both sending data across network and storing Signatures data on a computer system Random Numbers Summary 3/86
ITS335 Model of Encryption for Confidentiality Cryptography Encrypt for Confidentiality Symmetric Key Authentication Public Key Key Management Signatures Random Numbers Summary 4/86
ITS335 Model of Encryption for Confidentiality Cryptography Encrypt for Confidentiality Symmetric Key Authentication Public Key Key Management Signatures Random Numbers Summary 5/86
ITS335 Model of Encryption for Confidentiality Cryptography Encrypt for Confidentiality Symmetric Key Authentication Public Key Key Management Signatures Random Numbers Summary 6/86
ITS335 Model of Encryption for Confidentiality Cryptography Encrypt for Confidentiality Symmetric Key Authentication Public Key Key Management Signatures Random Numbers Summary 7/86
ITS335 Terminology Cryptography Plaintext original message Encrypt for Confidentiality Ciphertext encrypted or coded message Symmetric Key Encryption convert from plaintext to ciphertext Authentication (enciphering) Public Key Decryption restore the plaintext from ciphertext Key Management (deciphering) Signatures Random Numbers Key information used in cipher known only to Summary sender/receiver Cipher a particular algorithm (cryptographic system) Cryptography study of algorithms used for encryption Cryptanalysis study of techniques for decryption without knowledge of plaintext Cryptology areas of cryptography and cryptanalysis 8/86
ITS335 Requirements and Assumptions Cryptography Requirements for secure use of symmetric encryption: Encrypt for Confidentiality 1. Strong encryption algorithm: Given the algorithm and Symmetric Key ciphertext, an attacker cannot obtain key or plaintext Authentication 2. Sender/receiver know secret key (and keep it secret) Public Key Assumptions: Key Management Signatures ◮ Cipher is known Random Numbers ◮ Secure channel to distribute keys Summary 9/86
ITS335 Characterising Cryptographic Systems Cryptography Operations used for encryption: Encrypt for Confidentiality Substitution replace one element in plaintext with another Symmetric Key Authentication Transposition re-arrange elements Public Key Product systems multiple stages of substitutions and Key Management transpositions Signatures Random Numbers Number of keys used: Summary Symmetric sender/receiver use same key (single-key, secret-key, shared-key, conventional) Public-key sender/receiver use different keys (asymmetric) Processing of plaintext: Block cipher process one block of elements at a time Stream cipher process input elements continuously 10/86
ITS335 Example Substitution Cipher: Caesar Cipher Cryptography Encrypt Shift plaintext letters K positions to right Encrypt for (wrapping where necessary) Confidentiality Symmetric Key Authentication Public Key Key Management Signatures Random Numbers Summary 11/86
ITS335 Example Transposition Cipher: Rail-Fence Cryptography Encrypt Plaintext letters written in diagonals over K Encrypt for rows; ciphertext obtained by reading Confidentiality row-by-row Symmetric Key Authentication Public Key Key Management Signatures Random Numbers Summary 12/86
ITS335 Example Product System Cryptography Encrypt Repeat following steps n times: Encrypt for Confidentiality 1. Apply Vigenere cipher with K n , 1 Symmetric Key 2. Apply Rail-fence cipher with K n , 2 Authentication Public Key Key Management Signatures Random Numbers Summary 13/86
ITS335 Attacks Cryptography Goal of the Attacker Encrypt for Confidentiality ◮ Discover the plaintext (good) Symmetric Key ◮ Discover the key (better) Authentication Public Key Key Management Assumed Attacker Knowledge Signatures ◮ Ciphertext Random Numbers Summary ◮ Algorithm ◮ Other pairs of (plaintext, ciphertext) using same key Attack Methods Brute-force attack Try every possible key on ciphertext Cryptanalysis Exploit characteristics of algorithm to deduce plaintext or key Assumption: attacker can recognise correct plaintext 14/86
ITS335 Contents Cryptography Encryption for Confidentiality Encrypt for Confidentiality Symmetric Key Symmetric Key Encryption Authentication Public Key Authentication and Hash Functions Key Management Signatures Public Key Encryption Random Numbers Summary Key Management Digital Signatures Random Numbers Summary 15/86
ITS335 Symmetric Key Encryption for Confidentiality Cryptography Encrypt for Confidentiality Symmetric Key Authentication Public Key Key Management Signatures Random Numbers Summary Requirements ◮ Strong encryption algorithm: given algorithm, ciphertext and known pairs of (plaintext, ciphertext), attacker should be unable to find plaintext or key ◮ Shared secret keys: sender and receiver both have shared a secret key; no-one else knows the key 16/86
ITS335 Block vs Stream Ciphers Cryptography Block Ciphers Encrypt for Confidentiality ◮ Encrypt block of plaintext at a time, typically 64 or 128 Symmetric Key bits Authentication Public Key ◮ Slow algorithms/implementations Key Management ◮ Can re-use keys Signatures Random Numbers Stream Ciphers Summary ◮ Encrypt 1 byte of plaintext at a time ◮ Encryption performed by XOR plaintext with keystream (created by pseudo-random number generator) ◮ Fast algorithms/implementations ◮ Cannot re-use keys 17/86
ITS335 Data Encryption Standard (DES) Cryptography ◮ Designed by IBM and NSA; standardised by NIST in Encrypt for 1977 as FIPS-46 Confidentiality ◮ 1999: NIST recommended Triple-DES; DES only for Symmetric Key legacy systems Authentication ◮ 2005: FIPS-46 standard withdrawn Public Key ◮ Block size: 64 bits Key Management Signatures ◮ Key length: 56 bits (64 bits, but 8 are parity) Random Numbers ◮ Initial and final permutations, then 16 rounds, each Summary involving permutations and substitutions ◮ Feistel structure ◮ Decryption is almost identical to encryption → single implementation for both algorithms ◮ Key size is insecure; algorithm considered secure ◮ Status: not recommended 18/86
DES Encryption Operations
ITS335 Triple-DES (3DES) Cryptography ◮ Standardised by ANSI/NIST in 1998/99 Encrypt for Confidentiality ◮ Applies DES three times: Encrypt, Decrypt, Encrypt Symmetric Key ◮ Block size: 64 bits Authentication ◮ Key length: 168 bits (options for 112 and 56 bits) Public Key ◮ Three times slower than DES Key Management Signatures ◮ Status: banks still use in many applications; available as Random Numbers an option in many products Summary 20/86
ITS335 Advanced Encryption Standard (AES) Cryptography ◮ NIST held competition to select algorithm to replace Encrypt for DES/3DES in 1997 Confidentiality ◮ Won by Rijndael algorithm by Rijmen and Daemen Symmetric Key ◮ 2001: Standardised as FIPS-197 Authentication ◮ Block size: 128 Public Key Key Management ◮ Key length: 128, 192, 256 bits Signatures ◮ Substitution-permutation network Random Numbers ◮ Status: used in many products, e.g. WiFi (WPA), full Summary disk encryption (BitLocker, FileVault2, dm-crypt, LUKS), Internet security (HTTPS), . . . 21/86
ITS335 Other Symmetric Encryption Algorithms Cryptography ◮ Blowfish (Schneier, 1993): 64 bit blocks/32–448 bit Encrypt for keys; Feistel structure Confidentiality ◮ Twofish (Schneier et al, 1998): 128/128, 192, 256; Symmetric Key Authentication Feistel structure Public Key ◮ Serpent (Anderson et al, 1998): 128/128, 192, 256; Key Management Substitution-permutation network Signatures ◮ Camellia (Mitsubishi/NTT, 2000): 128/128, 192, 256; Random Numbers Feistel structure Summary ◮ IDEA (Lai and Massey, 1991): 64/128 ◮ CAST-128 (Adams and Tavares, 1996): 64/40–128; Feistel structure ◮ CAST-256 (Adams and Tavares, 1998): 128/up to 256; Feistel structure ◮ RC5 (Rivest, 1994): 32, 64 or 128/up to 2040; Feistel-like structure ◮ RC6 (Rivest et al, 1998): 128/128, 192, 256; Feistel structure 22/86
Recommend
More recommend