MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 =...
-
Upload
ellen-dolley -
Category
Documents
-
view
218 -
download
2
Transcript of MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 =...
DES simple fiestel network
3 1PlainTextBlocks
2*4=8bits
3 1
f
=0011 xor 0011=0000 = 0
f(r,k)=(2*r+k^2)%8
f(1,5)=(2*1+5^2)%8=3xor3
3 xor 3
k1=5
01
fxor1
k2=7
00
=0001 xor 0001=0000 = 0
f(r,k)=(2*r+k^2)%8
f(0,7)=(2*0+7^2)%8=1
1 xor 1
CipherText
2 Round simple fiestel network
0 0
ECB
p1 p2 p3p4
p1 p2 p3 p4
PlainTextBlocks
4*4=16bits2*4=8bits
c1 c2 c3c4CipherText
Block Cipher
Encryption e.g. DES, AES
Block Cipher
Encryption e.g.
DES, AES
Disadvantage: ciphertext
repeats for same plaintext
KK
ECB: example
3 1 31
3 1 3 1
PlainTextBlocks
4*4=16bits2*4=8bits
3 1
f
=0011 xor 0011=0000 = 0
f(r,k)=(2*r+k^2)%8
f(1,5)=(2*1+5^2)%8=3xor3
3 xor 3
k1=5
01
fxor1
k2=7
00
=0001 xor 0001=0000 = 0
f(r,k)=(2*r+k^2)%8
f(0,7)=(2*0+7^2)%8=1
1 xor 1
3 1
fxor3
k1=5
01
fxor1
k2=7
00
0 0 00CipherText
2 Round simple fiestel network
CBC : Code Block Chainingp1 p2 p3
p4p1 p2 p3 p4
PlainTextBlocks
c1 c2CipherText
Block cipher Encryption Algorithm (e.g. DES, AES etc.)
Block cipher Encryption Algorithm (e.g. DES, AES etc.)
xorInitial Vector xor
c3 c4
to avoid repeating cipher
text for same plaintext
Code Block Chaining: example3 1 3
13 1 3 1
PlainTextBlocks
7 6
CipherText
xor
Initial Vector=
27 xor
0 3
0011000100100101—————00010100—————
16
1 6
fxor
5k1=
5
46
fxor
1k2=
7
67
=0001 xor 0101=0100 = 4
f(r,k)=(2*r+k^2)%8
f(1,5)=(2*6+5^2)%8=5
1 xor 5
=0110 xor 0001=0111 = 7
f(r,k)=(2*r+k^2)%8
f(4,7)=(2*4+7^2)%8=1
6 xor 1
760011000101110110—————01000111—————
47
4 7
fxor
7k1=
5
37
fxor
7k2=
7
30
f(r,k)=(2*r+k^2)%8
=0100 xor 0111=0011 = 3
f(7,5)=(2*7+5^2)%8=7
4 xor 7
=0111 xor 0111=0000 = 0
f(r,k)=(2*r+k^2)%8
f(3,7)=(2*3+7^2)%8=7
7 xor 7
7 6 03
Why Integrity Check
So far we have encrypted message which gives confidentiality. But, how can we ensure that Bob is receiving correct
message from Alice? that is message is not modified by Eve.
This is known as Integrity Check.One way is “Message Authentication Code”
MAC• In cryptography, a message authentication
code (often MAC) is a short piece of information used to authentication a message and to provide integrity and authenticity assurances on the message.
• Integrity assurances detect accidental and intentional message changes, while authenticity assurances affirm the message's origin.
MAC• MACs differ from digital signatures as MAC values are
both generated and verified using the same secret key.
• For the same reason, MACs do not provide the property of non-repudiation offered by signatures: any user who can verify a MAC is also capable of generating MACs for other messages.
• In contrast, a digital signature is generated using the private key of a key pair. Since this private key is only accessible to its holder, a digital signature proves that a document was signed by none other than that holder. Thus, digital signatures do offer non-repudiation.
MAC
• MAC algorithms can be constructed from other cryptographic primitives, such as cryptographic hash functions (as in the case of HMAC) or from block cipher algorithms ( OMAC, CBC, PMAC).
• However many of the fastest MAC algorithms such as UMAC, VMAC are constructed based on universal hashing
Message Integrity
Alice
Bob
Alice sends message m_a.
Bob receives message m_b.Bob wants to verify that m_b=m_a.
EveEve might alter message m_a to
m_e
Message Authentication Code (MAC)
• MAC uses two algorithms:
• MAC Signing Algorithm (Alice signs m_a)
• MAC Verification Algorithm (Bob verifies if m_b=m_a)
MAC
Alice Bob
Alice sends message m_a
and a tag using MAC signing
algo
[m_a, tag]
Bob uses MAC verification
Algo to check if m_b=m_a
MAC signing Algo
m_aK
tagMAC
verifying Algo,
m_b=m_a?
m_bK
tagyes/no
k Alice & Bob shares a key
MAC
• Notice: we are sending message (plaintext or encrypted) and sending a tag
• message can be gigabits, but tag is small 90/100bits.
• How to generate tag? By using MAC signing Algo.
• One example is CBC-MAC.
MAC signing Algo: example CBC-MAC
p1 p2 p3p4
p1 p2 p3 p4
PlainTextBlocks
c1 c2
Block cipher Encryption Algorithm (e.g. DES, AES etc.)
Block cipher Encryption Algorithm (e.g. DES, AES etc.)
xorInitial
Vector=0 xor
c3 c4
tag
Here, message = p1p2p3p4
tag=c3c4
Note: CBC-MAC uses IV=0
CBC-MAC: example3 1 3
13 1 3 1
PlainTextBlocks
0 0
xor
Initial Vector=
0 xor
0 0
0011000100000000—————00110001—————
31
3 1
fxor
3k1=
5
01
fxor
1k2=
7
00
=0011 xor 0011=0000 = 0
f(r,k)=(2*r+k^2)%8
f(1,5)=(2*1+5^2)%8=3
3 xor 3
=0001 xor 0001=0000 = 0
f(r,k)=(2*r+k^2)%8
f(0,7)=(2*0+7^2)%8=1
1 xor 1
00 0011000100000000—————00110001—————
31
3 1
fxor
3k1=
5
01
fxor
1k2=
7
00
Now, Alice sendsmessage = 3131
andtag=00
MAC verifying Algo: example CBC-MAC
Now, Bob receives
message = 3131 and
tag=00
Bob uses CBC-MAC and generates the tag_bob.Then checks, if tag_bob=tag.
If yes, then the message is authentic otherwise tampered.