Information Systems Security

Symmetric Cryptography
(Lecture 2)
 Outline

1. Cryptography
2. Symmetric Cipher systems
3. Stream Cipher
3.1 Vernam Cipher
3.2 One-time pad
3.3 Properties of stream ciphers
4. Block cipher
4.1 DES
4.2 Triple DES
4.3 AES
4.4 other Block ciphers
5. Modes of operation
2
 1. Cryptography (1/4)

 Cryptography is a means of providing security

services.
 Cryptography is the study of mathematical
techniques related to aspects of security services
such as:
– confidentiality,
– integrity,
– authentication, and
– non-repudiation

– Which form the main objectives of ISS 3

 Cryptography (2/4)

 Cryptanalysis: the study of mathematical

techniques for attempting to defeat cryptographic
techniques.
 Cryptanalyst: the one who engages in
cryptanalysis.
 Cryptology: the study of cryptanalysis and
cryptography.
 Cryptosystem (Cryptographic system): is a
general term referring to a set of cryptographic
primitives used to provide security services.
– Also called a cipher.
4
 Cryptography (3/4)

Receiver
Sender secret key Snooper secret key

Encryption
Decryption
Algorithm
plaintext ciphertext algorithm plaintext
(eg, AES)

5
 Cryptography (4/4)

 Cryptographic techniques are divided into 3 types:

– Symmetric-key Cryptography
 Symmetric-key ciphers
Lecture 2
– Block ciphers
– Stream ciphers
 Message Authentication Codes (MACs) Lecture 4
– Public-key Cryptography
 Asymmetric-key ciphers

– Integer Factorization Lecture 3

– Discrete logarithm
 Signatures

– Keyless Cryptography
Lecture 4
 Hash (message digest) functions

6
 2. Symmetric-key systems (1/2)

Encryption key = Decryption key

Encryption Decryption
Algorithm algorithm
plaintext ciphertext plaintext

 Referred to as symmetric cryptography.

– Also referred to as conventional
cryptography, single-key cryptography, or
secret-key cryptography. 7
 Symmetric ciphers (2/2)
 Two classes:
– Block ciphers
– Stream ciphers
Stream cipher Block cipher
100110110100010111010010 100110110100010111010010
1 …… 1 …… 0 ……0 ……0 100110 110100 010111 010010

E … E … E … E … E E E E E

1……...1……..1…….0…….1 110010 011101 010010 001001

110010011101010010001001 110010011101010010001001 8
 3. Stream Ciphers

 A stream cipher is an encryption scheme which treats

the plaintext symbol-by-symbol (e.g., bit or character)
– A keystream is a sequence of symbols e1e2e3….  K (the
key space for a set of encryption transformations)
– A an alphabet of definition of q symbols
– Encryption: Ee is a simple substitution cipher with block
length of 1, where e  K, Ee = Ee1 (m1) Ee2 (m2) …= c1c2…
 Plaintext m= m1 m2... (mi  A)
 Ciphertext c = c1c2…
– Decryption: Dd = Dd1 (c1) Dd2 (c2) …= m1m2… , di=ei-1 9
 Stream Ciphers

The security of stream ciphers depends

on the changing keysteam rather than
the encryption function (may be simple,
e.g., XOR).

10
 3.1 Vernam Cipher
 Vernam Cipher A stream cipher defined on the
alphabet A={0,1}
 The keystream is a binary string (k=k1…kt) of the
same length as the plaintext m (=m1 … mt)
 Encryption ci=mi  ki , Decryption mi=ci  ki
random key bits k1, k2,…, kn

p1  k1 p2  k2…pn  Kn
+
ciphertext bits

plaintext bits p1, p2,…, pn 11

 3.2 One-time pad

 If the key string is randomly chosen and never

used again then Vernam cipher is called a one-
time pad
One-time pad’s drawback: The keystream must
be as long as the plaintext.
– This increases the difficulty of key distribution
and key management

12
 One-time pad

 Solution: generate the keystream pseudorandomly

– i.e., keystream generated from a smaller secret key

key Keystream random key bits

generator k1 k2… kn p1  k1,…, pn  kn Model of
+ a stream
plaintext bits ciphertext bits cipher
p1 p2… pn

13
 3.3 Properties of stream ciphers
 Advantages:
 No error propagation: a ciphertext digit is modified during
transmission doesn’t affect the decryption of other ciphertext
digits
 Easy for implementation and Fast
 Drawbacks:
Requirement for synchronization: sender and receiver must
be synchronized
 ie, they must use the same key and operate on the same
position (digit),
 if synchronization is lost due to digit insertion or deletion
then re-synchronization is required.

14
 3.3 Properties of stream ciphers

 Application: cellular mobile networks, SSL, …

 Examples: RC4, A5, F8, SNOW 3G, VEST, …

15
 4. Block ciphers

 A block cipher encrypts one block at a time,

using a complex encryption function
 Examples
– DES: operates on blocks of 64 bits
– AES: operates on blocks of 128 bits
 Block ciphers can be used in various modes
(modes of operation).

16
 4.1 Data Encryption Standard
(DES)
 Adopted in 1977 by the National Bureau of
Standards (US), nowadays NIST
– FIPS 46

Encryption key
56

Block of plaintext Encryption Block of ciphertext

Algorithm
64 64
(DES)

17
Data Encryption Standard (DES)

 DES exhaustive key search became feasible

 1999: DES should only be used for legacy systems

 3DES or AES are commonly recommended

instead of DES.

 2004: Withdrawn

18
 4.2 Triple DES (3DES)
plaintext

1
Encrypt
Key K1
• Key =k1k2k3 Using DES

• Key are longer (168 bits)

• Three times slower than DES Key K2 Decrypt
2

Using DES

3
Encrypt
Key K3
Using DES

19
ciphertext
4.3 Advanced Encryption Standard
(AES)
 In November 2001 the USA NIST announced
Rijndael algorithm as the AES to replace DES as a
FIPS 197
 Became effective in May 2002

Encryption key
128, 192, or 256

Block of plaintext Block of ciphertext

AES
128 128

20
 AES
 For encryption, each round consists of four
stages:
– Substitute Bytes — a non-linear substitution step where
each byte is replaced with another according to a
lookup table, an S-block.
– ShiftRows — a transposition step where each row of the
state is shifted cyclically a certain number of steps.
– MixColumns — a mixing operation which operates on
the columns of the state, combining the four bytes in
each column using a linear transformation.
– AddRoundKey — each byte of the state is combined
with the round key; each round key is derived from the
cipher key using a key schedule.
 Except for the last round in each case, all other
rounds are identical.
21
 AES-Encryption

 The 128 bit plaintext block is depicted as a 4x4

matrix of bytes
byte0 byte4 byte8 byte12
byte1 byte5 byte9 byte13
byte2 byte6 byte10 byte14
byte3 byte7 byte11 byte15

 The block is copied into the State array, which is modified

at each stage of encryption/decryption
– After the final stage the State is copied into an output matrix
 The 128 bit key is expanded into an array of 44 words
 AES Animation 22
 4.4. Other Block ciphers

 IDEA (International Data Encryption Algorithm)

– Published in 1991
– Operates on 64-bit blocks, and 128-bit key and
produces blocks of 64 bits
Encryption key
128

Block of plaintext Block of ciphertext

IDEA
64 64

 Other ciphers: FEAL, SAFER, RC5, MARS, RC6,

Serpent, Twofish,… 23
 5. Modes of operation

 NIST specifies 6 modes of operation

– ECB -Electronic Code Book.
– CBC -Cipher Block Chaining.
– CFB -Cipher FeedBack.
– OFB -Output FeedBack.
– CTR – Counter

– XTS-AES (introduced in 2010 as a 6th one) 24

5.1 Electronic CodeBook (ECB)

xj

key key
E E-1
n
cj xj
Encryption Decryption

25
 ECB
 Identical plaintext blocks (under the same key)
result in identical ciphertext.
 Chaining dependency: blocks are enciphered
independently of other blocks.
 Error propagation: one or more bit errors in a
single ciphertext affect decipherment of that
block only.
 ECB is not recommended for messages longer
than one block, or if keys are reused for more
than one-block message.
 Security of ECB may be improved by inclusion of
random padding bits in each block. 26
 Electronic CodeBook (ECB)

Original image Encrypted using ECB mode CBC, CTR, …



27
5.2 Cipher-Block Chaining (CBC)

c0=IV

cj-1
xj n
+
key key
-1
E E
n
+ cj-1
cj
xj
Encryption decryption

Cipher-Block Chaining (CBC)

28
 CBC

 Identical plaintexts: identical ciphertext blocks

result when the same plaintext is enciphered under
the key and IV.
 Chaining dependency: a ciphertext cj depends on xj
and all preceding plaintext blocks  rearranging the
order of ciphertext blocks affects decryption.
 Error propagation: a single bit error in ciphertext
block cj affects decipherment of cj and cj+1.
 Error recovery: CBC is self-synchronizing in the
sense that if an error occurs in block cj, cj+2 is
correctly recovered.
 IV is not secret but needs integrity.
29
 5.3 Cipher FeedBack Mode (CFB)

 CFB turns block cipher into stream cipher, but not

as efficient as a dedicated stream cipher.

IV Shift register

S bits

K E K E
S-CFB

S S
P0  P1 
30
Sender C0 Sender C1
CFB Decryption

31
 Properties of block ciphers

 Block ciphers do propagate errors (to a limited

extent), but are quite flexible and can be used in
different ways in order to provide different
security properties

 The properties of cryptographic algorithms are not

only affected by algorithm design, but also by the
ways in which the algorithms are used
– Different modes of operation can significantly change
the properties of a block cipher

32
 Properties of block ciphers

 The security of block ciphers mainly depends on

the complexity of the encryption function whereas
thus of stream ciphers depend on the keystream
randomness.

 They can be used to provide confidentiality, data

integrity, or authentication, and can even be used
to provide keystream generator for stream ciphers

33
34
 References

1. L. Brown and W. Stallings, “Computer Security: Principles

and Practice,” 4th Edition, Pearson, 2017.
2. Cryptography and Network Security: Principles
and Practice, 7th Edition , By W. Stallings, Pearson,
2016.

3. Handbook of applied Cryptography by A. Menezes, P.

Van Oorschot and S. Vanstone. 5th printing, 2001
http://www.cacr.math.uwaterloo.ca/hac

4. Cryptography: A Very Short Introduction (Very

Short Introduction S.), by Fred Piper and Sean 35

Murphy, Oxford University Press, 2002.

Average Time Required for Exhaustive Key Search
36
Example1: AES Encryption (Java)
 Class:Javax.crypto.Cipher
 The following sample encrypts a file “clear.txt”and save the output as a file
named “encryptedfile”.
// Create a cipher object with algorithm “AES”.
Cipher cipher = Cipher.getInstance("AES");
//Set the Cipher object to ENCRYPT MODE
//Initialise it with the encryption key “mykey”.
cipher.init(Cipher.ENCRYPT_MODE, mykey);
//Create an input stream to read the file.
File clr=new File(“clear.txt”);
FileInputStream fi = new FileInputStream(clr);
//Get the size of the file.
long length = clr.length(); …..cont’d
Further details: http://java.sun.com/j2se/1.4.2/docs/api/javax/crypto/Cipher.html 37
http://java.sun.com/j2se/1.5.0/docs/api/javax/crypto/Cipher.html
Example1: AES Encryption cont’d
//Create a byte array with the size of the file.
byte[] plaintext = new byte[(int) length];
//Read data into the byte array
fi.read(plaintext);
//Close file
fi.close();
// Now encrypt the text and store it in the byte array ciphertext
byte[] ciphertext = cipher.doFinal(plaintext);
//Write encrypted text into the output file
File enc=new File(“encryptedfile”)
FileOutputStream fo = new FileOutputStream(enc);
fo.write(ciphertext);
fo.close();
38
Example1: AES Decryption
 The following sample decrypts a file “encryptedfile”and save the output as
a file named “decryptedfile”.

// Create a cipher object with algorithm “AES”

Cipher cipher = Cipher.getInstance("AES");
//Set the Cipher object to DECRYPT MODE
//Initialise it with the decryption key “mykey”.
//Previous example demostrated how to retrieve this key from a keystore.
cipher.init(Cipher.DECRYPT_MODE, mykey);
//Create an input stream to read the file.
File enc=new File(“encryptedfile”);
FileInputStream fi = new FileInputStream(enc);
//Get the size of the file.
long length = enc.length(); …..cont’d 39
Example1: AES Decryption cont’d
//Create a byte array with the size of the file.
byte[] ciphertext = new byte[(int) length];
//Read data into the byte array
fi.read(ciphertext);
//Close file
fi.close();
// Now decrypt the text and store it in the byte array ciphertext
byte[] plaintext = cipher.doFinal(ciphertext);
//Write encrypted text into the output file
File dec=new File(“decryptedfile”)
FileOutputStream fo = new FileOutputStream(dec);
fo.write(plaintexttext);
fo.close();
40
 Example 2: .net

 Library: System.Security.Cryptography

41