Scribd
Upload
59 views

03-CH20-CompSec2e-ver02 Symmetric Encryption PDF

This document discusses symmetric encryption techniques including the Data Encryption Standard (DES), Advanced Encryption Standard (AES), stream ciphers like RC4, cipher block modes of operation like electronic codebook and cipher block chaining, and methods for distributing encryption keys. It provides an overview of the basic principles of symmetric encryption and highlights important algorithms and standards like DES, AES, and RC4 as well as how they operate and are structured.

Uploaded by

Nikunj Patel
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
59 views

03-CH20-CompSec2e-ver02 Symmetric Encryption PDF

This document discusses symmetric encryption techniques including the Data Encryption Standard (DES), Advanced Encryption Standard (AES), stream ciphers like RC4, cipher block modes of operation like electronic codebook and cipher block chaining, and methods for distributing encryption keys. It provides an overview of the basic principles of symmetric encryption and highlights important algorithms and standards like DES, AES, and RC4 as well as how they operate and are structured.

Uploaded by

Nikunj Patel
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 31

Information Protection, Reliability

and Cryptography
Basics of Information Security
Professor dr.sc.ing. Viktor Gopejenko
Department of Computer Technologies and Natural Sciences
ISMA University of Applied Science, Riga, Latvia
Lecture 3
Symmetric Encryption and
Message Confidentiality
Learning Objectives
 The basic principles of symmetric encryption

 The significance of the Feistel cipher structure

 The structure and function of DES

 The differences between two-key and three-key triple DES

 The structure and function of AES

 The compare and contrast stream encryption and block cipher


encryption
 The differences among the major block cipher modes of operation

 The issues involved in key distribution


Detailed Content:
 Symmetric Encryption Principles

 Data Encryption Standard

 Advanced Encryption Standard

 Stream Ciphers and RC4

 Cipher Block Modes of Operation

 Location of Symmetric Encryption Devices

 Key Distribution
Symmetric Encryption
 also referred to as:
 conventional encryption
 secret-key or single-key encryption
 only alternative before public-key encryption in 1970’s
 still most widely used alternative
 has five ingredients:
 plaintext
 encryption algorithm
 secret key
 ciphertext
 decryption algorithm
Cryptography

classified along three independent


dimensions:
the type of operations the number of keys the way in which the
used for transforming used plaintext is processed
plaintext to • sender and receiver use • block cipher – processes
ciphertext same key – symmetric input one block of
• sender and receiver each elements at a time
• substitution – each
use a different key - • stream cipher – processes
element in the plaintext is
asymmetric the input elements
mapped into another
continuously
element
• transposition – elements in
plaintext are rearranged
type of attack known to cryptanalyst

C a
r l
y
y
p
s
t
a i
n s
Computationally Secure Encryption
Schemes

 encryption is computationally secure if:


 cost of breaking cipher exceeds value of information
 time required to break cipher exceeds the useful lifetime of
the information

 usually very difficult to estimate the amount of effort


required to break

 can estimate time/cost of a brute-force attack


Feistel
Cipher
Structure
(Classical Feistel Network)
Block Cipher Structure

 symmetric block cipher consists of:


 a sequence of rounds
 with substitutions and permutations controlled by key

 parameters and design features:

subkey generation fast software


block size key size number of rounds round function encryption/decryption ease of analysis
algorithm
 most widely used encryption
scheme
 adopted in 1977 by National
Bureau of Standards
 now NIST

 FIPS PUB 46

 algorithm is referred to as the


Data Encryption Algorithm
(DEA)
 minor variation of the Feistel
network
 first used in financial
applications
 in DES FIPS PUB 46-3
Triple DES (3DES) standard of 1999
 uses three keys and three
DES executions:
C = E(K3, D(K2, E(K1, P)))
 decryption same with keys
reversed
 use of decryption in second
stage gives compatibility
with original DES users
 effective 168-bit key
length, slow, secure
 AES will eventually replace
3DES
Advanced
Encryption
Standard
(AES)

AES Encryption and Decryption


AES
Round
Structure
(a) S-box
(b) Inverse S-box
to move
Shift
individual bytes
from one column
to another and
spread bytes
Rows
over columns

decryption
does reverse

on encryption left rotate


each row of State by
0,1,2,3 bytes respectively
Mix Columns and Add Key

 mix columns
 operates on each column individually
 mapping each byte to a new value that is a function of all
four bytes in the column
 use of equations over finite fields
 to provide good mixing of bytes in column

 add round key


 simply XOR State with bits of expanded key
 security from complexity of round key expansion and other
stages of AES
Stream Ciphers
 processes input elements continuously

 key input to a pseudorandom bit generator


 produces stream of random like numbers
 unpredictable without knowing input key
 XOR keystream output with plaintext bytes

 are faster and use far less code

 design considerations:
 encryption sequence should have a large period
 keystream approximates random number properties
 uses a sufficiently long key
Speed Comparisons of Symmetric Ciphers on a Pentium 4

Source: http://www.cryptopp.com/benchmarks.html
The RC4 Algorithm
Modes of Operation
Block cipher mode of operation

Original image Encrypted using ECB mode Modes other than ECB
result in pseudo-randomness
The image on the right is how the image might appear encrypted with CBC, CTR or any of the
other more secure modes - indistinguishable from random noise. Note that the random
appearance of the image on the right does not ensure that the image has been securely
encrypted; many kinds of insecure encryption have been developed which would produce
output just as "random-looking".
(https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation)
Electronic Codebook (ECB)

 simplest mode

 plaintext is handled b bits at a time and each block is


encrypted using the same key
 “codebook” because have unique ciphertext value for each
plaintext block
 not secure for long messages since repeated plaintext is seen
in repeated ciphertext

 to overcome security deficiencies you need a technique


where the same plaintext block, if repeated, produces
different ciphertext blocks
Cipher Block Chaining (CBC)
s-bit Cipher Feedback (CFB) Mode
Counter (CTR) Mode
Location of Encryption

Encryption Across a Frame Ready Network


Key Distribution

 the means of delivering a key to two parties that wish to


exchange data without allowing others to see the key
 two parties (A and B) can achieve this by:

• a key could be selected by A and physically delivered to B


1

• a third party could select the key and physically deliver it to A and B
2

• if A and B have previously and recently used a key, one party could
3 transmit the new key to the other, encrypted using the old key

• if A and B each have an encrypted connection to a third party C,


4 C could deliver a key on the encrypted links to A and B
Key Distribution

Automatic Key Distribution for Connection-Oriented Protocol


Summary
 symmetric encryption  stream ciphers and RC4
principles  stream cipher structure
 cryptography
 RC4 algorithm
 cryptanalysis
 cipher block modes of
 Feistel cipher structure operation
 data encryption standard  electronic codebook mode
 cipher block chaining mode
 triple DES
 cipher feedback mode
 advanced encryption
standard  counter mode

 algorithm details  location of symmetric


encryption devices
 key distribution

You might also like