Spring 2015. Evolving Lists & Lights On! Caesar Cipher Looks Good!
Cryptography and Encryptions,Network Security,Caesar Cipher
-
Upload
gopal-sakarkar -
Category
Engineering
-
view
482 -
download
8
description
Transcript of Cryptography and Encryptions,Network Security,Caesar Cipher
Mr. Gopal Sakarkar
Security Concept
Mr.Gopal Sakarkar
Mr. Gopal Sakarkar
Today’s Agenda
• Introduction of Security Concept.
• Principal of Security.
• Classification of Security Attacks
Mr. Gopal Sakarkar
Digital Security
Computer Security Network Security
Mr. Gopal Sakarkar
Need of Network Security
• According to FBI statistics result (2007) , up to five billion dollars is lost each year due to black holes .
• Loss of important data. e.g. Credit Card, ATM Card
• Confidential information of business have been stolen by competitors. e.g. ICICI vs HDFC
• Last but not least : Important data stolen from military .
Mr. Gopal Sakarkar
So, what do you mean by NS?• It is vital component in information security
for securing all information passed through computers network.
• It provide management policy for access controls protection for H/W, S/W & information in networking.
Mr. Gopal Sakarkar
Principal of Security
• Confidentiality
• Authentication
• Integrity
• Non-repudiation
Mr. Gopal Sakarkar
Confidentiality
• It specifies that only sender and intended recipient(s) should be able to access the contents of message.
e.g.: e-mail send by person A to person B.
Mr. Gopal Sakarkar
Principal of Security
• Confidentiality
• Authentication
• Integrity
• Non-repudiation
Mr. Gopal Sakarkar
Authentication
• It help to establish proof of identities.
e.g. : Login using Userid and Password.
Mr. Gopal Sakarkar
Principal of Security
• Confidentiality
• Authentication
• Integrity
• Non-repudiation
Mr. Gopal Sakarkar
Integrity
• Integrity means that changes need to be done only by authorized entities and through authorized mechanisms.
e.g. Updating bank account information
Mr. Gopal Sakarkar
Principal of Security
• Confidentiality
• Authentication
• Integrity
• Non-repudiation
Mr. Gopal Sakarkar
Non-repudiation
• Non- repudiation does not allow the sender or receiver of a message to refuse the claim of not sending or receiving that message.
Mr. Gopal Sakarkar
Classification of Security Attacks
Mr. Gopal Sakarkar
• A passive attack make use of information from the system but does not affect system resource.
Passive Attack
Mr. Gopal Sakarkar
Release of Message Contents
Hi, I am Bob
Hi, I am Bob
Hi, I am Bob
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Traffic Analysis
Meet me at Cinemax
Phhw ph dw flqhpda
Meet me at
Cinemax
Mr. Gopal Sakarkar
Active Attack• It involve some modification of data stream or creation of a
false stream.
Mr. Gopal Sakarkar
ReplayIt involves passive capture of data unit and its subsequent retransmission to produce an unauthorized effect.
Transfer Rs.1000 to Alice.
Transfer Rs.1000 to
Darth.
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
ModificationIn which some portion of message is altered or that message are delayed or reordered to produce an unauthorized affect.
Transfer Rs.1,000 to Darth.
Transfer Rs.10,000 to Darth.
Transfer Rs.10,000 to Darth
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Denial of service
It have a specific target (Server), in which prevents or inhabits the normal use or management of communication facilities.
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
MasqueradeA masquerade is a type of attack where the attacker act as an authorized user of a system in order to gain access to it or to gain greater privileges than they are authorized for.
Mr. Gopal Sakarkar
Summary
• Four goals have been defined for security
i.e. Confidentiality , Authentication, Integrity, Non-repudiation.
• Security Attacks are classified in two parts Active and Passive.
Mr. Gopal Sakarkar
For Further Reading • http://www.smartchip.com/flash/presentationV2.swf
• http://buchananweb.co.uk/asmn/unit03.swf
• http://www.computing.co.uk/computing/video/2246841/network-security
• http://en.kioskea.net/contents/courrier-electronique/fonctionnement-mta-mua.php3• http://www.thepcmanwebsite.com/cgi-bin/web_tools/ascii.pl (converter)
• http://bytes.com/topic/c/answers/769137-how-convert-alphabet-numbers
• http://www.kerryr.net/pioneers/binary.htm
• http://services.exeter.ac.uk/cmit/modules/the_internet/slides/ch01s01s04.html (packet working)
31
Conventional Encryption
32
Caesar Cipher
It is a substitution cipher invented by Julius Caesar.It replace each letter of the alphabet with the letter standing thired Place further down the alphabet.Let numerical equivalency of letter
A B C D E F G H …… z
0 1 2 3 4 5 6 7 25
33
Caesar Cipher
Let , for each plaintext letter p, substitute the cipher letter :
C=E(3,p)=(p+3) mod 26For generalize equation for encryption :C=E(k,p)= (p+k) mod 26For generalize equation for decryption :P=D(k,C)=(C-K)mod 26
34
Caesar Cipher
cipher: PHHW PH DIWHU WKH WRJD SDUWBplain: MEET ME AFTER THE toga PARTY
plain: abcdefghijklmnopqrstuvwxyz
key: defghijklmnopqrstuvwxyzabc
Video
35
“Rail-Fence” Cipher
It is use substitution method , in which plaintext is written down As a sequence of diagonals and then read off as a sequence of row.
36
“Rail-Fence” CipherDISGRUNTLED EMPLOYEE
D R L E O
I G U T E M L Y E
S N D P E
DRLEOIGUTE MLYESNDPE
Steganography
What is Steganography?
Stegosaurus: a covered lizard(but not a type of cryptography)
Greek Words:
STEGANOS – “Covered”
GRAPHIE – “Writing”
• Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message.
• This can be achieve by concealing the existence of information within seemingly harmless carriers or cover
• Carrier: text, image, video, audio, etc.
Modern Steganography Techniques
Masking and Filtering: Is where information is hidden inside of a image using digital watermarks that include information such as copyright, ownership, or licenses. The purpose is different from traditional steganography since it is adding an attribute to the cover image thus extending the amount of information presented.
Algorithms and Transformations: This technique hides data in mathematical functions that are often used in compression algorithms. The idea of this method is to hide the secret message in the data bits in the least significant coefficients.
Least Significant Bit Insertion: The most common and popular method of modern day steganography is to make use of the LSB of a picture’s pixel information. Thus the overall image distortion is kept to a minimum while the message is spaced out over the pixels in the images. This technique works best when the image file is larger then the message file and if the image is grayscale.
Basics of Modern Steganography
fE: steganographic function "embedding"fE-1: steganographic function "extracting"cover: cover data in which emb will be hiddenemb: message to be hiddenkey: parameter of fEstego: cover data with the hidden message
Important Requirement for Steganographic System
• Security of the hidden communication
• size of the payload
• Robustness against malicious and unintentional attacks
Steganography Tools
45
Basic Types of Ciphers
• Transposition ciphers – rearrange bits or characters in the data
• Substitution ciphers – replace bits, characters, or blocks of characters with substitutes
46
Encryption Methods
• The essential technology underlying virtually all automated network and computer security applications is cryptography
• Two fundamental approaches are in use:– Conventional Encryption, also known as
symmetric encryption– Public-key Encryption, also known as
asymmetric encryption
47
Conventional Encryption Model
48
Conventional Encryption
Five components to the algorithm– Plaintext: The original message or data– Encryption algorithm: Performs various substitutions
and transformations on the plaintext– Secret key: Input to the encryption algorithm.
Substitutions and transformations performed depend on this key
– Ciphertext: Scrambled message produced as output. depends on the plaintext and the secret key
– Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext and the secret key to produce the original plaintext
50
Conventional Encryption
M EK DK MC
EK defined by an encrypting algorithm EDK defined by an decrypting algorithm D
For given K, DK is the inverse of EK, i.e., DK(EK(M))=M
for every plain text message M
Mr. Gopal Sakarkar
Today’s Agenda• Cryptography and Encryption
• Encryption Principles
• Feistel Cipher Structure
• Data Encryption Standard (DES)
Mr. Gopal Sakarkar
Cryptography • It is a Greek word , means that “Secret
Writing”.
• Cryptography is an art and science for achieving security by encoding the readable format data in to a non-readable form.
Mr. Gopal Sakarkar
Encryption Encryption is a process of converting the plain text data in to ciphertext data.
Mr. Gopal Sakarkar
Encryption Principles
• An encryption scheme has five ingredients:– Plaintext– Encryption algorithm– Secret Key– Ciphertext– Decryption algorithm
• Security depends on the secrecy of the key, not the secrecy of the algorithm.
Mr. Gopal Sakarkar
Average time required for exhaustive key search
Key Size (bits)
Number of Alternative Keys
Time required at 106 Decryption/µs
32 232 = 4.3 x 109 2.15 milliseconds
56 256 = 7.2 x 1016 10 hours
128 2128 = 3.4 x 1038 5.4 x 1018 years
168 2168 = 3.7 x 1050 5.9 x 1030 years
Mr. Gopal Sakarkar
Conventional Encryption Model
Mr. Gopal Sakarkar
Cryptography Process Depend on….
1. The type of operations used for transforming plaintext to ciphertext.
1.1 Substitution1.2 Transpose
2. The number of keys used
2.1 Symmetric (single key)
2.2Asymmetric(two-keys,orpublic-key encryption)
3. The way in which the plaintext is processed
Block Cipher Stream Cipher
Mr. Gopal Sakarkar
Substitution Process
Mr. Gopal Sakarkar
Transposition Techniques
• Consider plain text message as a number
A=0 , B=1, C=2……..Z=25.
• Take plain text CAT =
2019
Take N x N matrix of randomly chosen keys.
Mr. Gopal Sakarkar
6 24 1
13 16 10
20 17 15=
Multiply two matrix
6 24 1
13 16 10
20 17 15
2019X
=
31216325
Mr. Gopal Sakarkar
• Now compute a mod 26 value of the above matrix.
31216325
mod 26
5813=
Now translate number to alphabet 5=F, 8=I and 13= N i.e. cipher text is FIN
Mr. Gopal Sakarkar
Exercise - II• Define a symmetric-key cryptography.• Distinguish between a block cipher and a stream
cipher with an example.• Decrypt a above example by taking a inverse of
original matrix i.e.
• Draw an algorithm , flowchart and write a C++ program for implementing Transposition Techniques.
8 5 10
21 8 21
21 12 8
Mr. Gopal Sakarkar
Summary
• Definition of Cryptography .• Working of encryption principal.• Substitution and transportation techniques .
Mr. Gopal Sakarkar
For Further Reading
• http://buchananweb.co.uk/asmn/unit04.swf
• http://www.youtube.com/watch?v=IzVCrSrZIX8
• http://www.youtube.com/watch?v=ZdC7cnpYOwI&feature=related
Mr. Gopal Sakarkar
Confusion and Diffusion
• Introduced by Claude Shannon to capture the two basic building blocks for any
cryptographic system.
• Confusion - Confusion seeks to make the relationship between the statistics of the
ciphertext and the value of the encryption key as complex as possible, again to
stop attempts to discover the key.
• Diffusion - The mechanism of diffusion seeks to make the statistical relationship
between the plaintext and ciphertext as complex as possible in order to prevent
attempts to assume the key.
Mr. Gopal Sakarkar
Approximate Alphabet Frequency
Mr. Gopal Sakarkar
Feistel Cipher Structure
• It is block cipher symmetric encryption algorithms, first described by Horst Feistel of IBM in 1973.
• It is depends on the choice of the following parameters• Block size: larger block sizes mean greater security• Key Size: larger key size means greater security• Number of rounds: multiple rounds offer increasing security• Subkey generation algorithm: greater complexcity will lead to greater
difficulty of cryptanalysis.• Fast software encryption/decryption: the speed of execution of the
algorithm becomes a concern.
Mr. Gopal Sakarkar
Steps:1. Input of plaintext with length 2w bits and key K.
2. Plaintext is divided into two halves L0 and R0.
3. These two halves pass through N round of processing to produce CipherText block.
4. The key K is derived from subkey generation algo.
5. These two halves combine by applying a round function ‘F’ on right half of data and then taking
X-OR operation of the output of F with left half of data.
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Exercise
• List out the various Feistel ciphers Algorithm and explain each in brief.
Mr. Gopal Sakarkar
For Further Reading
• http://www.quadibloc.com/crypto/co040906.htm
• http://www.encryptionanddecryption.com/encrypt_decrypt_encyclopedia.html
Mr. Gopal Sakarkar
Data Encryption Standard (DES)I. It is a Block Cipher Symmetric algorithm.
II. It takes 64 bits plaintext and 56 (64) bits as a key.
III. It produce a 64 bits cipher text.
IV. It consist of 16 steps , called round.
Steps:
1. It take 64 bit plain text as given i/p to Initial Permutation Function (IPF).
2. IPF produce two halves, i.e. Left Plain Text (LPT) and Right Plain Text
(RPT)
3.Now, each LPT and RPT goes through 16 rounds of encryption process
with key K(56 bits).
4.At the end , LPT and RPT are rejoined and a final permutation (FP) is
performed which is being the inverse of IP on the combined block.
5. Finally the result produced 64 bits cipher text.
Mr. Gopal Sakarkar
Plain Text (64 bits)
Initial Permutation
LPT RPT
16 Rounds 16 RoundsKey ( K)56 bits
Final Permutation
Cipher Text(64 bits)
DES Algorithm
Mr. Gopal Sakarkar
DES Encryption Overview
Mr. Gopal Sakarkar
An Example • Let M be the plain text message M = 0123456789ABCDEF,
where M is in hexadecimal (base 16) format.
Rewriting M in binary format, we get the 64-bit block of text:
• M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111
• L = 0000 0001 0010 0011 0100 0101 0110 0111 • R= 1000 1001 1010 1011 1100 1101 1110 1111
The first bit of M is "0". The last bit is "1". We read from left to right.
Let K be the hexadecimal key K = 133457799BBCDFF1
K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001
Cipher Text: 85E813540F0AB405.
Online Example
Mr. Gopal Sakarkar
The EFF's US $ 250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips.
Triple-DES with Two-Keys
• hence must use 3 encryptions– would seem to need 3 distinct keys
• but can use 2 keys with E-D-E sequence– C = EK1[DK2[EK1[P]]]– no encrypt & decrypt equivalent in security– if K1=K2 then can work with single DES
• standardized in ANSI X9.17 & ISO8732• no current known practical attacks
Triple DES
Mr. Gopal Sakarkar
Summary
• Security of data is depend on secrecy of key not on the encryption algorithm.
• Feistel Cipher Structure is basic structure for any symmentric encryption algo.
• DES algorithm also called as DEA has been a cryptographic alog. used from over four decades.
• It was adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46 (FIPS PUB 46).
Mr. Gopal Sakarkar
For Further Reading
• http://www.buchananweb.co.uk/asmn/unit03.swf•
http://williamstallings.com/Crypt-Tut/Crypto%20Tutorial%20-%20JERIC.swf
• http://orlingrabbe.com/des.htm (IMP)• http://www.tero.co.uk/des/explain.php
Mr. Gopal Sakarkar
Exercise - III
• Explain a triple DES in detail.
• Find out the various application in which DES is implemented.
Blowfish Algorithm
The Blowfish Encryption Algorithm
• Developed by Bruce Schneier• Keyed, symmetric block cipher• Designed in 1993 .• Can be used as a drop-in replacement for DES.
The Blowfish Encryption Algorithm (cont.)
• As a fast, free alternative to existing encryption algorithms.
• Variable-length key.• From 32 bits to 448 bits.
• Fast: It used 32 bit microprocessors for 26 clock cycles per byte.
• Compact : It need less than 5 kb memory for execution.
• Simple : It used primitive operations ,such as addition , XOR ,etc.
• Secure : It has variable length key upto 448 bits long.
• Freely available source codeMr. Gopal Sakarkar
The Blowfish Encryption Algorithm (cont.)
The Blowfish Encryption Algorithm (cont.)
• Gained acceptance as a strong encryption algorithm.
• Blowfish is unpatented and license-free, and is available free for all uses.
• No effective cryptanalysis has been found to date.
• More attention is now given to block ciphers with a larger block size, such as AES or Twofish.
7.07. Blowfish Key Schedule• uses a 32 to 448 bit key • used to generate
– 18 32-bit subkeys stored in K-array Kj – four 8x32 S-boxes stored in Si,j
• key schedule consists of:– initialize P-array and then 4 S-boxes using pi– XOR P-array with key bits (reuse as needed)– loop repeatedly encrypting data using current P & S and
replace successive pairs of P then S values– requires 521 encryptions, hence slow in re-keying
Blowfish Encryption• uses two primitives: addition & XOR• data is divided into two 32-bit halves L0 & R0
for i = 1 to 16 doRi = Li-1 XOR Pi;Li = F[Ri] XOR Ri-1;
L17 = R16 XOR P18;R17 = L16 XOR i17;
• whereF[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) + S4,a
The Blowfish Algorithm
The Blowfish Algorithm: Encryption (cont)
Diagram of Blowfish's F function
The Blowfish Algorithm: Encryption (cont)
• Blowfish's F-function.• Splits the 32-bit input into four eight-bit quarters, and
uses the quarters as input to the S-boxes. • Outputs are added modulo 232 and XORed to produce
the final 32-bit output.• Blowfish is a Feistel network, it can be inverted simply by
XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.
The Function F
RC5• It is symmetric key block encryption algorithm
developed by Ron Rivest. • It is quite fast as it use only the primitive computer
operation i.e. XOR , addition, shift etc.• It used variable number of round and variable bit-size
key.• It required less memory for execution so that it not only
used for desktop computer but also for smart card and other devices.
» 125
Mr. Gopal Sakarkar
RC5 Working
• It used the plain text block size of 32,64, or 128 bits.• The key length can be 0 to 2040 bits.• Number of rounds can be from 0 to 255.
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Divide plain text into two block i.e. A ,B
Add A & S[0] to produce CAdd B & S[1] to produce D
Start with i=1
1. XOR C & D to produce E
4.XOR D & F to produce G
2. Circular left shift E by D bits
3. Add E & S[2] to produce F
5. Circular left shift G by F bits
6. Add G & S[2i+1] to produce H
Increment i by 1
Call F as C (i.e. C=F)Call H as D (i.e. D=H)
Stop
Check:Is i>r ?
Yes
No
Mr. Gopal Sakarkar
• IDEA Algorithm.
• Cipher Block Chaining.
• Location of encryption devices.
• Key Distribution
Lecture 3 Today’s Agenda
Mr. Gopal Sakarkar
International Data Encryption Algorithm
• It is one of the strongest cryptographic algorithm invented in 1992.
• It is Block Cipher Symmetric cryptographic alog. with 64 bits plain text and 128 bits length key.
• It is used both substitution and transposition techniques for encryption
Mr. Gopal Sakarkar
Working of IDEA
1.It take a 64 bits plaintext block as input and then partition it into four part, say P1 to P4.
2. P1 to P4 are the inputs to the first round of the algorithm.
3. It has eight round of encryption processing.4. Each round use six-sub keys generated from original
key having 16 bits length.5. Final step consist of an Output Transformation Which use just four sub-keys , K49 to K52.
Mr. Gopal Sakarkar
WorkingPlain Text (64bits)
Round 1K 1K 2
K 6
Round 2 K 7
K 12….
……………….
Round 6 K 43K 48
Output TransformationK 49
K 52
P4(16 bits)P3(16 bits)P2(16 bits)P1(16 bits)
….
….
….….
C1(16 bits) C2(16 bits) C3(16 bits) C4(16 bits)
Cipher Text (64bits)
Mr. Gopal Sakarkar
Working of Rounds• Each round has a series of operation on the data block
using six keys.• Each round perform a lot of mathematical action such
as Multiplication, Addition and X-OR.• Each round is divided into 14 steps.
Mr. Gopal Sakarkar
Sub-key Generation Round
• First round
Mr. Gopal Sakarkar
• Second round
What about key k9, k10…k12 for second round ?
Conti….
Mr. Gopal Sakarkar
• The original key is exhausted . It is circular-left shifted by 25 bits.
Original Key(128 bits)
Position 1 Position 128
circular-left shifted by 25 bits
Now start allocating fresh sub-key from K7 to K12
New Key(128 bits)
K9(1-16 bits) K10(17-32 bits) K12(49-64 bits) Unused(65-128 bits)…
Mr. Gopal Sakarkar
Exercise - IV
• Explain in detail all eight round of sub key generation process.
• Find out the strength of IDEA algorithm.
• Note:• A permutation is "a re-arrangement of
elements of a set". Exp. We do 4 x 3 x 2 x 1 = 24.
• There are 24 different ways that the letters can be arranged.
• We can write 4!, which is read as "four factorial."
Mr. Gopal Sakarkar
• Taking the 4 letters, ABCD, write down all the permutations of 3 of these letters:
Mr. Gopal Sakarkar
ABC BAC CAB DABACB BCA CBA DBAABD BAD CAD DACADB BDA CDA DCAACD BCD CBD DBCADC BDC CDB DCB
Working of Substitution method• S-Box= Substitution Box
• Example #1: Solve the following system using the substitution method
x + y = 20x − y = 10
Step 1You have two equations. Pick either the first or the second equation and solve for either x or y.Since I am the one solving it, I have decided to choose the equation at the bottom
(x − y = 10) and I will solve for x
x − y = 10
Add y to both sides
x − y + y = 10 + y
x = 10 + y
Mr. Gopal Sakarkar
• Step 2
Using x + y = 20, erase x and write 10 + y since x = 10 + y
We get 10 + y + y = 20
10 + 2y = 20
Minus 10 from both sides
10 − 10 + 2y = 20 − 10
2y = 10
Divide both sides by 2
y = 5
Mr. Gopal Sakarkar
• Step 2• Now you have y, you can replace its value into either equation to get
x.Replacing y into x + y = 20 givesx + 5 = 20
Minus 5 from both sidesx + 5 − 5 = 20 − 5x = 15
The solution to the system is x = 15 and y = 5Indeed 15 + 5 = 20 and 15 − 5 = 10
• H/W: Solve the following system using the substitution method
3x + y = 10-4x − 2y = 2
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Algorithm Modes
Work on block cipher
Work on stream cipher
Mr. Gopal Sakarkar
Electronic Code Book (ECB)
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Cipher Block Chaining (CBC)
• Message is broken into blocks • Linked together in encryption operation • Each previous cipher blocks is chained with current plaintext
block, hence name • Use Initial Vector (IV) to start process
-IV has no special meaning , used to make each message unique only.
• Uses: bulk data encryption, authentication
Mr. Gopal Sakarkar
Cipher Block Chaining (CBC)
Mr. Gopal Sakarkar
Advantages and Limitations of CBC
• A ciphertext block depends on all blocks before it.• Any change to a block affects all following ciphertext blocks• Need Initialization Vector (IV)
– which must be known to sender & receiver – if sent in clear, attacker can change bits of first block, and
change IV to compensate – hence IV must either be a fixed value – or must be sent encrypted in ECB mode before rest of
message
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Cipher FeedBack(CFB)
• Message is treated as a stream of bits • Added to the output of the block cipher • Result is feed back for next stage (hence name) • Standard allows any number of bit (1,8, 64 or 128 etc) to be
feed back – denoted CFB-1, CFB-8, CFB-64, CFB-128 etc
Uses: stream data encryption, authentication
Mr. Gopal SakarkarCipher FeedBack (CFB)
Mr. Gopal Sakarkar
Advantages and Limitations of CFB
• Appropriate when data arrives in bits/bytes
• Most common stream mode
• limitation is need to install while do block encryption after every n-bits
• Note that the block cipher is used in encryption mode at both ends
• Errors propagate for several blocks after the error.
Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Output FeedBack (OFB)• Message is treated as a stream of bits • In CFB, the cipher text is fed into the next stage of
encryption process.• But in the OFB, the output of the IV encryption
process is fed into the next stage of encryption process
• Output of cipher is added to message • Output is then feed back (hence name) • Feedback is independent of message • uses: stream encryption on noisy channels.
Mr. Gopal SakarkarOutput FeedBack (OFB)
Mr. Gopal Sakarkar
Key Distribution
Symmetric schemes require both parties to share a common secret key
Issue is how to securely distribute this keyOften secure system failure due to a break in the key
distribution scheme.
Mr. Gopal Sakarkar
Key Distribution
• Given parties A and B have various key distribution alternatives:
1. A can select key and physically deliver to B
2. third party can select & deliver key to A & B
3. if A & B have communicated previously can use previous key to encrypt a new key
4. if A & B have secure communications with a third party C, C can relay key between A & B
Mr. Gopal Sakarkar
Summary• IDEA is a strongest encryption algorithm only because of its
key length.• Algorithm Modes of Operation
– ECB, CBC, CFB, OFB
Key distribution is centralize storage of keys .