Why Computer Security The past decade has seen an explosion in the concern for the security of...
-
date post
19-Dec-2015 -
Category
Documents
-
view
220 -
download
1
Transcript of Why Computer Security The past decade has seen an explosion in the concern for the security of...
![Page 1: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/1.jpg)
Why Computer Security• The past decade has seen an explosion in the
concern for the security of information
– Malicious codes (viruses, worms, etc.) caused over $28 billion in economic losses in 2003, and will grow to over $75 billion by 2007
• Security specialists markets are expanding !
– “ Full-time information security professionals will rise almost 14% per year around the world, going past 2.1 million in 2008” (IDC report)
![Page 2: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/2.jpg)
Why Computer Security (cont’d)
• Internet attacks are increasing in frequency, severity and sophistication
• Denial of service (DoS) attacks
– Cost $1.2 billion in 2000
– 1999 CSI/FBI survey 32% of respondents detected DoS attacks directed to their systems
– Thousands of attacks per week in 2001
– Yahoo, Amazon, eBay, Microsoft, White House, etc., attacked
![Page 3: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/3.jpg)
Why Computer Security (cont’d)• Virus and worms faster and powerful
– Melissa, Nimda, Code Red, Code Red II, Slammer …
– Cause over $28 billion in economic losses in 2003, growing to over $75 billion in economic losses by 2007.
– Code Red (2001): 13 hours infected >360K machines - $2.4 billion loss
– Slammer (2003): 15 minutes infected > 75K machines - $1 billion loss
• Spams, phishing …
• New Internet security landscape emerging: BOTNETS !
![Page 4: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/4.jpg)
Outline
• History of Security and Definitions
• Overview of Cryptography
• Symmetric Cipher
– Classical Symmetric Cipher
– Modern Symmetric Ciphers (DES and AES)
• Asymmetric Cipher
• One-way Hash Functions and Message Digest
![Page 5: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/5.jpg)
The History of Computing• For a long time, security was largely ignored in
the community
– The computer industry was in “survival mode”, struggling to overcome technological and economic hurdles
– As a result, a lot of comers were cut and many compromises made
– There was lots of theory, and even examples of systems built with very good security, but were largely ignored or unsuccessful
• E.g., ADA language vs. C (powerful and easy to use)
![Page 6: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/6.jpg)
Computing Today is Very Different
• Computers today are far from “survival mode”
– Performance is abundant and the cost is very cheap
– As a result, computers now ubiquitous at every facet of society
• Internet
– Computers are all connected and interdependent
– This codependency magnifies the effects of any failures
![Page 7: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/7.jpg)
Biological Analogy
• Computing today is very homogeneous.
– A single architecture and a handful of OS dominates
• In biology, homogeneous populations are in danger
– A single disease or virus can wipe them out overnight because they all share the same weakness
– The disease only needs a vector to travel among hosts
• Computers are like the animals, the Internet provides the vector.
– It is like having only one kind of cow in the world, and having them drink from one single pool of water!
![Page 8: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/8.jpg)
The Spread of Sapphire/Slammer Worms
![Page 9: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/9.jpg)
The Flash Worm• Slammer worm infected 75,000 machines in
<15 minutes
• A properly designed worm, flash worm, can take less than 1 second to compromise 1 million vulnerable machines in the Internet
– The Top Speed of Flash Worms. S. Staniford, D. Moore, V. Paxson and N. Weaver, ACM WORM Workshop 2004.
– Exploit many vectors such as P2P file sharing, intelligent scanning, hitlists, etc.
![Page 10: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/10.jpg)
The Definition of Computer Security
• Security is a state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable
• Security rests on confidentiality, authenticity, integrity, and availability
![Page 11: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/11.jpg)
The Basic Components• Confidentiality is the concealment of information or
resources.
– E.g., only sender, intended receiver should “understand” message contents
• Authenticity is the identification and assurance of the origin of information.
• Integrity refers to the trustworthiness of data or resources in terms of preventing improper and unauthorized changes.
• Availability refers to the ability to use the information or resource desired.
![Page 12: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/12.jpg)
Security Threats and Attacks
• A threat/vulnerability is a potential violation of security.
– Flaws in design, implementation, and operation.
• An attack is any action that violates security.
– Active adversary
• An attack has an implicit concept of “intent”
– Router mis-configuration or server crash can also cause loss of availability, but they are not attacks
![Page 13: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/13.jpg)
Friends and enemies: Alice, Bob, Trudy• well-known in network security world
• Bob, Alice (lovers!) want to communicate “securely”
• Trudy (intruder) may intercept, delete, add messages
securesender
securereceiver
channel data, control messages
data data
Alice Bob
Trudy
![Page 14: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/14.jpg)
Eavesdropping - Message Interception (Attack on
Confidentiality)• Unauthorized access to information
• Packet sniffers and wiretappers
• Illicit copying of files and programs
A B
Eavesdropper
![Page 15: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/15.jpg)
Integrity Attack - Tampering With Messages
• Stop the flow of the message
• Delay and optionally modify the message
• Release the message again
A B
Perpetrator
![Page 16: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/16.jpg)
Authenticity Attack - Fabrication
• Unauthorized assumption of other’s identity
• Generate and distribute objects under this identity
A B
Masquerader: from A
![Page 17: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/17.jpg)
Attack on Availability• Destroy hardware (cutting fiber) or software
• Modify software in a subtle way (alias commands)
• Corrupt packets in transit
• Blatant denial of service (DoS):
– Crashing the server
– Overwhelm the server (use up its resource)
A B
![Page 18: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/18.jpg)
Classify Security Attacks as• Passive attacks - eavesdropping on, or
monitoring of, transmissions to:
– obtain message contents, or
– monitor traffic flows
• Active attacks – modification of data stream to:
– masquerade of one entity as some other
– replay previous messages
– modify messages in transit
– denial of service
![Page 19: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/19.jpg)
Outline
• Overview of Cryptography
• Symmetric Cipher
– Classical Symmetric Cipher
– Modern Symmetric Ciphers (DES and AES)
• Asymmetric Cipher
• One-way Hash Functions and Message Digest
![Page 20: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/20.jpg)
Basic Terminology• plaintext - the original message
• ciphertext - the coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key
• cryptology - the field of both cryptography and cryptanalysis
![Page 21: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/21.jpg)
Classification of Cryptography• Number of keys used
– Hash functions: no key
– Secret key cryptography: one key
– Public key cryptography: two keys - public, private
• Type of encryption operations used
– substitution / transposition / product
• Way in which plaintext is processed
– block / stream
![Page 22: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/22.jpg)
Secret Key vs. Secret Algorithm
• Secret algorithm: additional hurdle
• Hard to keep secret if used widely:
– Reverse engineering, social engineering
• Commercial: published
– Wide review, trust
• Military: avoid giving enemy good ideas
![Page 23: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/23.jpg)
Unconditional vs. Computational Security
• Unconditional security
– No matter how much computer power is available, the cipher cannot be broken
– The ciphertext provides insufficient information to uniquely determine the corresponding plaintext
– Only one-time pad scheme qualifies
• Computational security
– The cost of breaking the cipher exceeds the value of the encrypted info
– The time required to break the cipher exceeds the useful lifetime of the info
![Page 24: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/24.jpg)
Brute Force Search
Key Size (bits) Number of Alternative Keys
Time required at 1 decryption/µs
Time required at 106 decryptions/µs
32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 1016 255 µs = 1142 years 10.01 hours
128 2128 = 3.4 1038 2127 µs = 5.4 1024 years
5.4 1018 years
168 2168 = 3.7 1050 2167 µs = 5.9 1036 years
5.9 1030 years
26 characters (permutation)
26! = 4 1026 2 1026 µs = 6.4 1012 years
6.4 106 years
• Always possible to simply try every key
• Most basic attack, proportional to key size
• Assume either know / recognise plaintext
![Page 25: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/25.jpg)
Outline
• Overview of Cryptography
• Classical Symmetric Cipher
– Substitution Cipher
– Transposition Cipher
• Modern Symmetric Ciphers (DES and AES)
• Asymmetric Cipher
• One-way Hash Functions and Message Digest
![Page 26: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/26.jpg)
Symmetric Cipher Model
![Page 27: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/27.jpg)
Requirements• Two requirements for secure use of
symmetric encryption:
– a strong encryption algorithm
– a secret key known only to sender / receiver
Y = EK(X)
X = DK(Y)
• Assume encryption algorithm is known
• Implies a secure channel to distribute key
![Page 28: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/28.jpg)
Classical Substitution Ciphers
• Letters of plaintext are replaced by other letters or by numbers or symbols
• Plaintext is viewed as a sequence of bits, then substitution replaces plaintext bit patterns with ciphertext bit patterns
![Page 29: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/29.jpg)
Caesar Cipher
• Earliest known substitution cipher
• Replaces each letter by 3rd letter on
• Example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
![Page 30: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/30.jpg)
Caesar Cipher• Define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
• Mathematically give each letter a numbera b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
• Then have Caesar cipher as:
C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)
![Page 31: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/31.jpg)
Cryptanalysis of Caesar Cipher
• Only have 25 possible ciphers
– A maps to B,..Z
• Given ciphertext, just try all shifts of letters
• Do need to recognize when have plaintext
• E.g., break ciphertext "GCUA VQ DTGCM“
• How to make it harder?
![Page 32: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/32.jpg)
Monoalphabetic Cipher• Rather than just shifting the alphabet
• Could shuffle (jumble) the letters arbitrarily
• Each plaintext letter maps to a different random ciphertext letter
• Key is 26 letters long
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
![Page 33: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/33.jpg)
Monoalphabetic Cipher Security
• Now have a total of 26! = 4 x 1026 keys
• Is that secure?
• Problem is language characteristics
– Human languages are redundant
– Letters are not equally commonly used
![Page 34: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/34.jpg)
English Letter Frequencies
Note that all human languages have varying letter frequencies, though the number of letters and their frequencies varies.
![Page 35: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/35.jpg)
Example Cryptanalysis• Given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• Count relative letter frequencies (see text)
• Guess P & Z are e and t
• Guess ZW is th and hence ZWP is the
• Proceeding with trial and error finally get:it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
![Page 36: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/36.jpg)
Transposition Ciphers
• Now consider classical transposition or permutation ciphers
• These hide the message by rearranging the letter order, without altering the actual letters used
• Any shortcut for breaking it?
• Can recognise these since have the same frequency distribution as the original text
![Page 37: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/37.jpg)
Rail Fence Cipher
• Write message letters out diagonally over a number of rows
• Then read off cipher row by row
• E.g., write message out as:m e m a t r h t g p r y
e t e f e t e o a a t
• Giving ciphertextMEMATRHTGPRYETEFETEOAAT
![Page 38: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/38.jpg)
Product Ciphers• Ciphers using substitutions or transpositions
are not secure because of language characteristics
• Hence consider using several ciphers in succession to make harder, but:
– Two substitutions make another substitution
– Two transpositions make a more complex transposition
– But a substitution followed by a transposition makes a new much harder cipher
• This is bridge from classical to modern ciphers
![Page 39: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/39.jpg)
Rotor Machines• Before modern ciphers,
rotor machines were most common complex ciphers in use
• Widely used in WW2
– German Enigma, Allied Hagelin, Japanese Purple
• Implemented a very complex, varying substitution cipher
![Page 40: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/40.jpg)
Outline
• Overview of Cryptography
• Classical Symmetric Cipher
• Modern Symmetric Ciphers (DES/AES)
• Asymmetric Cipher
• One-way Hash Functions and Message Digest
![Page 41: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/41.jpg)
Block vs Stream Ciphers
• Block ciphers process messages in into blocks, each of which is then en/decrypted
• Like a substitution on very big characters
– 64-bits or more
• Stream ciphers process messages a bit or byte at a time when en/decrypting
• Many current ciphers are block ciphers, one of the most widely used types of cryptographic algorithms
![Page 42: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/42.jpg)
Block Cipher Principles• Most symmetric block ciphers are based on a
Feistel Cipher Structure
• Block ciphers look like an extremely large substitution
• Would need table of 264 entries for a 64-bit block
• Instead create from smaller building blocks
• Using idea of a product cipher
![Page 43: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/43.jpg)
Ideal Block Cipher
![Page 44: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/44.jpg)
Substitution-Permutation Ciphers
• Substitution-permutation (S-P) networks [Shannon, 1949]
– modern substitution-transposition product cipher
• These form the basis of modern block ciphers
• S-P networks are based on the two primitive cryptographic operations
– substitution (S-box)
– permutation (P-box)
• provide confusion and diffusion of message
![Page 45: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/45.jpg)
Feistel Cipher Structure
• Feistel cipher implements Shannon’s S-P network concept
– based on invertible product cipher
• Process through multiple rounds which
– partitions input block into two halves
– perform a substitution on left data half
– based on round function of right half & subkey
– then have permutation swapping halves
![Page 46: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/46.jpg)
Feistel Cipher
Structure
![Page 47: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/47.jpg)
Feistel Cipher
Decryption
![Page 48: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/48.jpg)
DES (Data Encryption Standard)
• Published in 1977, standardized in 1979.
• Key: 64 bit quantity=8-bit parity+56-bit key
– Every 8th bit is a parity bit.
• 64 bit input, 64 bit output.
DESEncryption
64 bit M 64 bit C
56 bits
![Page 49: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/49.jpg)
DES Top View
Permutation
Permutation
Swap
Round 1
Round 2
Round 16
Generate keysInitial Permutation
48-bit K1
48-bit K2
48-bit K16
Swap 32-bit halves
Final Permutation
64-bit Output
48-bit K164-bit Input56-bit Key
…...
![Page 50: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/50.jpg)
DES Summary
• Simple, easy to implement:
– Hardware/gigabits/second, software/megabits/second
• 56-bit key DES may be acceptable for non-critical applications but triple DES (DES3) should be secure for most applications today
• Supports several operation modes (ECB CBC, OFB, CFB) for different applications
![Page 51: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/51.jpg)
Avalanche Effect
• Key desirable property of encryption alg
• Where a change of one input or key bit results in changing more than half output bits
• DES exhibits strong avalanche
![Page 52: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/52.jpg)
Strength of DES – Key Size• 56-bit keys have 256 = 7.2 x 1016 values
• Brute force search looks hard
• Recent advances have shown is possible
– in 1997 on a huge cluster of computers over the Internet in a few months
– in 1998 on dedicated hardware called “DES cracker” by EFF in a few days ($220,000)
– in 1999 above combined in 22hrs!
• Still must be able to recognize plaintext
• No big flaw for DES algorithms
![Page 53: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/53.jpg)
DES Replacement• Triple-DES (3DES)
– 168-bit key, no brute force attacks
– Underlying encryption algorithm the same, no effective analytic attacks
– Drawbacks
• Performance: no efficient software codes for DES/3DES
• Efficiency/security: bigger block size desirable
• Advanced Encryption Standards (AES)
– US NIST issued call for ciphers in 1997
– Rijndael was selected as the AES in Oct-2000
![Page 54: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/54.jpg)
AES• Private key symmetric block cipher
• 128-bit data, 128/192/256-bit keys
• Stronger & faster than Triple-DES
• Provide full specification & design details
• Evaluation criteria
– Security: effort to practically cryptanalysis
– Cost: computational efficiency and memory requirement
– Algorithm & implementation characteristics: flexibility to apps, hardware/software suitability, simplicity
![Page 55: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/55.jpg)
AES Shortlist• After testing and evaluation, shortlist in Aug-
99:
– MARS (IBM) - complex, fast, high security margin
– RC6 (USA) - v. simple, v. fast, low security margin
– Rijndael (Belgium) - clean, fast, good security margin
– Serpent (Euro) - slow, clean, v. high security margin
– Twofish (USA) - complex, v. fast, high security margin
• Then subject to further analysis & comment
![Page 56: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/56.jpg)
Outlines
• Symmetric Cipher
– Classical Symmetric Cipher
– Modern Symmetric Ciphers (DES and AES)
• Asymmetric Cipher
• One-way Hash Functions and Message Digest
![Page 57: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/57.jpg)
Private-Key Cryptography
• Private/secret/single key cryptography uses one key
• Shared by both sender and receiver
• If this key is disclosed communications are compromised
• Also is symmetric, parties are equal
• Hence does not protect sender from receiver forging a message & claiming is sent by sender
![Page 58: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/58.jpg)
Public-Key Cryptography
• Probably most significant advance in the 3000 year history of cryptography
• Uses two keys – a public & a private key
• Asymmetric since parties are not equal
• Uses clever application of number theoretic concepts to function
• Complements rather than replaces private key crypto
![Page 59: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/59.jpg)
Public-Key Cryptography
• Public-key/two-key/asymmetric cryptography involves the use of two keys:
– a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures
– a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures
• Asymmetric because
– those who encrypt messages or verify signatures cannot decrypt messages or create signatures
![Page 60: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/60.jpg)
Public-Key Cryptography
![Page 61: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/61.jpg)
Public-Key Characteristics
• Public-Key algorithms rely on two keys with the characteristics that it is:
– computationally infeasible to find decryption key knowing only algorithm & encryption key
– computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known
– either of the two related keys can be used for encryption, with the other used for decryption (in some schemes)
• Analogy to delivery w/ a padlocked box
![Page 62: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/62.jpg)
Public-Key Cryptosystems
• Two major applications:
– encryption/decryption (provide secrecy)
– digital signatures (provide authentication)
![Page 63: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/63.jpg)
RSA (Rivest, Shamir, Adleman)
• The most popular one.
• Support both public key encryption and digital signature.
• Assumption/theoretical basis:
– Factoring a big number is hard.
• Variable key length (usually 512 bits).
• Variable plaintext block size.
– Plaintext must be “smaller” than the key.
– Ciphertext block size is the same as the key length.
![Page 64: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/64.jpg)
What Is RSA?• To generate key pair:
– Pick large primes (>= 256 bits each) p and q
– Let n = p*q, keep your p and q to yourself!
– For public key, choose e that is relatively prime to ø(n) =(p-1)(q-1), let pub = <e,n>
– For private key, find d that is the multiplicative inverse of e mod ø(n), i.e., e*d = 1 mod ø(n), let priv = <d,n>
![Page 65: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/65.jpg)
RSA Example
1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e : gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 10×160+1
6. Publish public key KU={7,187}
7. Keep secret private key KR={23,17,11}
![Page 66: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/66.jpg)
How Does RSA Work?
• Given pub = <e, n> and priv = <d, n>
– encryption: c = me mod n, m < n
– decryption: m = cd mod n
– signature: s = md mod n, m < n
– verification: m = se mod n
• given message M = 88 (nb. 88<187)
• encryption:
C = 887 mod 187 = 11
• decryption:
M = 1123 mod 187 = 88
![Page 67: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/67.jpg)
Is RSA Secure?• Factoring 512-bit number is very hard!
• But if you can factor big number n then given public key <e,n>, you can find d, hence the private key by:
– Knowing factors p, q, such that, n = p*q
– Then ø(n) =(p-1)(q-1)
– Then d such that e*d = 1 mod ø(n)
• Threat
– Moore’s law
– Refinement of factorizing algorithms
• For the near future, a key of 1024 or 2048 bits needed
![Page 68: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/68.jpg)
Symmetric (DES) vs. Public Key (RSA)
• Exponentiation of RSA is expensive !
• AES and DES are much faster
– 100 times faster in software
– 1,000 to 10,000 times faster in hardware
• RSA often used in combination in AES and DES
– Pass the session key with RSA
![Page 69: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/69.jpg)
Outline
• History of Security and Definitions
• Overview of Cryptography
• Symmetric Cipher
– Classical Symmetric Cipher
– Modern Symmetric Ciphers (DES and AES)
• Asymmetric Cipher
• One-way Hash Functions and Message Digest
![Page 70: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/70.jpg)
Confidentiality => Authenticity ?
• Symmetric cipher ?
– Shared key problem
– Plaintext has to be intelligible/understandable
• Asymmetric cipher?
– Too expensive
– Plaintext has to be intelligible/understandable
– Desirable to cipher on a much smaller size of data which uniquely represents the long message
![Page 71: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/71.jpg)
Hash Functions
• Condenses arbitrary message to fixed size
h = H(M)
• Usually assume that the hash function is public and not keyed
• Hash used to detect changes to message
• Can use in various ways with message
• Most often to create a digital signature
![Page 72: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/72.jpg)
Hash Functions & Digital Signatures
![Page 73: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/73.jpg)
Requirements for Hash Functions
1. Can be applied to any sized message M
2. Produces fixed-length output h
3. Is easy to compute h=H(M) for any message M
4. Given h is infeasible to find x s.t. H(x)=h
• One-way property
5. Given x is infeasible to find y s.t. H(y)=H(x)
• Weak collision resistance
6. Is infeasible to find any x,y s.t. H(y)=H(x)
• Strong collision resistance
![Page 74: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/74.jpg)
Birthday Problem• How many people do you need so that the probability of
having two of them share the same birthday is > 50% ?
• Random sample of n birthdays (input) taken from k (365, output)
• kn total number of possibilities
• (k)n=k(k-1)…(k-n+1) possibilities without duplicate birthday
• Probability of no repetition:
– p = (k)n/kn 1 - n(n-1)/2k• For k=366, minimum n = 23
• n(n-1)/2 pairs, each pair has a probability 1/k of having the same output
• n(n-1)/2k > 50% n>k1/2
![Page 75: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/75.jpg)
How Many Bits for Hash?
• m bits, takes 2m/2 to find two with the same hash
• 64 bits, takes 232 messages to search (doable)
• Need at least 128 bits
![Page 76: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/76.jpg)
Using Hash for Authentication
Assuming share a key KAB
• Alice to Bob: challenge rA
• Bob to Alice: MD(KAB|rA)
• Bob to Alice: rB
• Alice to Bob: MD(KAB|rB)
• Only need to compare MD results
![Page 77: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/77.jpg)
General Structure of Secure Hash Code
• Iterative compression function
– Each f is collision-resistant, so is the resulting hashing
![Page 78: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/78.jpg)
MD5: Message Digest Version 5
input Message
Output 128 bits Digest
• Until recently the most widely used hash algorithm
– in recent times have both brute-force & cryptanalytic concerns
• Specified as Internet standard RFC1321
![Page 79: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/79.jpg)
MD5 Overview
![Page 80: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/80.jpg)
MD5 Overview
1. Pad message so its length is 448 mod 512
2. Append a 64-bit original length value to message
3. Initialise 4-word (128-bit) MD buffer (A,B,C,D)
4. Process message in 16-word (512-bit) blocks:
– Using 4 rounds of 16 bit operations on message block & buffer
– Add output to buffer input to form new buffer value
5. Output hash value is the final buffer value
![Page 81: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/81.jpg)
Processing of Block mi - 4 Passes
ABCD=fF(ABCD,mi,T[1..16])
ABCD=fG(ABCD,mi,T[17..32])
ABCD=fH(ABCD,mi,T[33..48])
ABCD=fI(ABCD,mi,T[49..64])
mi
+ + + +
A B C D
MDi
MD i+1
![Page 82: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/82.jpg)
Secure Hash Algorithm
• Developed by NIST, specified in the Secure Hash Standard (SHS, FIPS Pub 180), 1993
• SHA is specified as the hash algorithm in the Digital Signature Standard (DSS), NIST
![Page 83: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/83.jpg)
General Logic
• Input message must be < 264 bits
– not really a problem
• Message is processed in 512-bit blocks sequentially
• Message digest is 160 bits
• SHA design is similar to MD5, a little slower, but a lot stronger
![Page 84: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/84.jpg)
SHA-1 verses MD5• Brute force attack is harder (160 vs 128 bits
for MD5)
• A little slower than MD5 (80 vs 64 steps)
– Both work well on a 32-bit architecture
• Both designed as simple and compact for implementation
• Cryptanalytic attacks
– MD4/5: vulnerability discovered since its design
– SHA-1: no until recent 2005 results raised concerns SHA-1: no until recent 2005 results raised concerns on its use in future applicationson its use in future applications
![Page 85: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/85.jpg)
Revised Secure Hash Standard• NIST have issued a revision FIPS 180-2 in
2002
• Adds 3 additional hash algorithms
• SHA-256, SHA-384, SHA-512
– Collectively called SHA-2
• Designed for compatibility with increased security provided by the AES cipher
• Structure & detail are similar to SHA-1
• Hence analysis should be similar, but security levels are rather higher
![Page 86: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/86.jpg)
Backup Slides
![Page 87: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/87.jpg)
Cryptanalysis Scheme• Ciphertext only:
– Exhaustive search until “recognizable plaintext”
– Need enough ciphertext
• Known plaintext:
– Secret may be revealed (by spy, time), thus <ciphertext, plaintext> pair is obtained
– Great for monoalphabetic ciphers
• Chosen plaintext:
– Choose text, get encrypted
– Pick patterns to reveal the structure of the key
![Page 88: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/88.jpg)
One-Time Pad• If a truly random key as long as the message
is used, the cipher will be secure - One-Time pad
• E.g., a random sequence of 0’s and 1’s XORed to plaintext, no repetition of keys
• Unbreakable since ciphertext bears no statistical relationship to the plaintext
• For any plaintext, it needs a random key of the same length
– Hard to generate large amount of keys
• Have problem of safe distribution of key
![Page 89: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/89.jpg)
Confusion and Diffusion• Cipher needs to completely obscure statistical
properties of original message
• A one-time pad does this
• More practically Shannon suggested S-P networks to obtain:
• Diffusion – dissipates statistical structure of plaintext over bulk of ciphertext
• Confusion – makes relationship between ciphertext and key as complex as possible
![Page 90: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/90.jpg)
Bit Permutation (1-to-1)
…….
……..
1 2 3 4 32
22 6 13 32 3
Input:
Output
0 0 1 0 1
1 0 1 1 1
1 bit
![Page 91: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/91.jpg)
Per-Round Key Generation
28 bits 28 bits
48 bitsKi
Oneround
Circular Left Shift Circular Left Shift
28 bits 28 bits
Permutationwith Discard
Initial Permutation of DES key
C i-1 D i-1
C i D i
Round 1,2,9,16: single shiftOthers: two bits
![Page 92: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/92.jpg)
A DES Round
48 bits
32 bits
32 bits Ln 32 bits Rn
32 bits Ln+1 32 bits Rn+1
E
S-Boxes
P
48 bitsKi
One RoundEncryption
ManglerFunction
![Page 93: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/93.jpg)
Mangler Function
4444444 4
6666666 6
+ + +++ ++ +
6666666 6
S8S1 S2 S7S3 S4 S5 S6
4444444 4
Permutation
The permutation produces “spread” among the chunks/S-boxes!
![Page 94: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/94.jpg)
Bits Expansion (1-to-m)
…….
……..
1 2 3 4 5 32Input:
Output
0 0 1 0 1 1
1 2 3 4 5 6 7 8 48
1 0 0 1 0 1 0 1 1 0
![Page 95: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/95.jpg)
S-Box (Substitute and Shrink)• 48 bits ==> 32 bits. (8*6 ==> 8*4)
• 2 bits used to select amongst 4 substitutions for the rest of the 4-bit quantity
2 bitsrow
S i
i = 1,…8.
I1I2I3I4I5I6
O1O2O3O4
4 bitscolumn
![Page 96: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/96.jpg)
S-Box Examples
0 1 2 3 4 5 6 7 8 9…. 15
0 14 4 13 1 2 15 11 8 3
1 0 15 7 4 14 2 13 1 10
2 4 1 14 8 13 6 2 11 15
3 15 12 8 2 4 9 1 7 5
Each row and column contain different numbers.
Example: input: 100110 output: ???
![Page 97: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/97.jpg)
Padding Twist
• Given original message M, add padding bits “10*” such that resulting length is 64 bits less than a multiple of 512 bits.
• Append (original length in bits mod 264), represented in 64 bits to the padded message
• Final message is chopped 512 bits a block
![Page 98: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/98.jpg)
Why Does RSA Work?
• Given pub = <e, n> and priv = <d, n>
– n =p*q, ø(n) =(p-1)(q-1)
– e*d = 1 mod ø(n)
– xed = x mod n
– encryption: c = me mod n
– decryption: m = cd mod n = med mod n = m mod n = m (since m < n)
– digital signature (similar)
![Page 99: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/99.jpg)
Using Hash to Encrypt
• One-time pad with KAB
– Compute bit streams using MD, and K
• b1=MD(KAB), bi=MD(KAB|bi-1), …
with message blocks
– Is this a real one-time pad ?
– Add a random 64 bit number (aka IV) b1=MD(KAB|IV), bi=MD(KAB|bi-1), …
![Page 100: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/100.jpg)
MD5 Process• As many stages as the number of 512-bit
blocks in the final padded message
• Digest: 4 32-bit words: MD=A|B|C|D
• Every message block contains 16 32-bit words: m0|m1|m2…|m15
– Digest MD0 initialized to: A=01234567,B=89abcdef,C=fedcba98, D=76543210
– Every stage consists of 4 passes over the message block, each modifying MD
• Each block 4 rounds, each round 16 steps
![Page 101: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/101.jpg)
Different Passes...Each step i (1 <= i <= 64):
• Input:
– mi – a 32-bit word from the message
With different shift every round
– Ti – int(232 * abs(sin(i)))
Provided a randomized set of 32-bit patterns, which eliminate any regularities in the input data
– ABCD: current MD
• Output:
– ABCD: new MD
![Page 102: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/102.jpg)
MD5 Compression Function
• Each round has 16 steps of the form:
a = b+((a+g(b,c,d)+X[k]+T[i])<<<s)
• a,b,c,d refer to the 4 words of the buffer, but used in varying permutations
– note this updates 1 word only of the buffer
– after 16 steps each word is updated 4 times
• where g(b,c,d) is a different nonlinear function in each round (F,G,H,I)
![Page 103: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/103.jpg)
MD5 Compression Function
![Page 104: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/104.jpg)
Functions and Random Numbers
• F(x,y,z) == (xy)(~x z)
– selection function
• G(x,y,z) == (x z) (y ~ z)
• H(x,y,z) == xy z
• I(x,y,z) == y(x ~z)
![Page 105: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/105.jpg)
Basic Steps for SHA-1Step1: Padding
Step2: Appending length as 64 bit unsigned
Step3: Initialize MD buffer 5 32-bit words
Store in big endian format, most significant bit in low address
A|B|C|D|E
A = 67452301
B = efcdab89
C = 98badcfe
D = 10325476
E = c3d2e1f0
![Page 106: Why Computer Security The past decade has seen an explosion in the concern for the security of information –Malicious codes (viruses, worms, etc.) caused.](https://reader035.fdocuments.us/reader035/viewer/2022062320/56649d3e5503460f94a16874/html5/thumbnails/106.jpg)
Basic Steps...
Step 4: the 80-step processing of 512-bit blocks – 4 rounds, 20 steps each.
Each step t (0 <= t <= 79):
– Input:
• Wt – a 32-bit word from the message
• Kt – a constant.
• ABCDE: current MD.
– Output:
• ABCDE: new MD.