300 likes | 407 Views
Conventional Encryption. Outline. Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Di s tribution. Symmetric Encryption. A.k.a. conventional / secret -key / single-key
E N D
Outline • Conventional Encryption Principles • Conventional Encryption Algorithms • Cipher Block Modes of Operation • Location of Encryption Devices • Key Distribution
Symmetric Encryption • A.k.a. conventional / secret-key / single-key • Sender and recipient share a common key • All classical encryption algorithms are secret-key-based • Was the only type prior to the invention of public-key in 1970’s • Why? • By far most widely used
Conventional Encryption Principles • An encryption scheme has five ingredients: • Plaintext • Encryption algorithm • Secret key • Ciphertext • Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm • Why?
Requirements • Two requirements for secure use of symmetric encryption: • A strong encryption algorithm • A secret key known only to sender and receiver • Mathematically we have: Y = EK(X) X = DK(Y) • Assume encryption algorithm is known • Implies a secure channel to distribute key
Cryptography • Characterize cryptographic systems by: • Type of encryption operations used • Substitution / Transposition / Product • Number of keys used • Single-key or secret / two-key or public • Way in which plaintext is processed • Block / stream
More Definitions • Unconditional security • No matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext • Computational security • Given limited computing resources (e.g. time needed for calculations is greater than the age of universe), the cipher cannot be broken • Security of a key/password?
Confusion and Diffusion • Cipher needs to completely obscure statistical properties of the original message • A one-time pad does this • More practically, Shannon suggested combining S & P elements to obtain: • Diffusion • Dissipates statistical structure of plaintext over bulk of ciphertext • Confusion • Makes relationship between ciphertext and key as complex as possible
Brute Force Search (Exhaustive Key Search) • Always possible to simply try every key • Most basic attack, proportional to key size • Assume either know / recognize plaintext
Conventional Encryption Algorithms • Data Encryption Standard (DES) • The most widely used encryption scheme • The algorithm is reffered to as the Data Encryption Algorithm (DEA) • DES is a block cipher • The plaintext is processed in 64-bit blocks • The key is 56-bits in length in the original version
DES • Mathematically, the overall processing at each iteration: • Li= Ri-1 • Ri = Li-1 F(Ri-1, Ki) • Concerns about: • The algorithm and the key length (56-bits)
Strength of DES – Key Size • 56-bit keys have 256 = 7.2 x 1016 values • Brute force search looks hard • Recent advances have shown possibilities • In 1997 on the Internet in a few months • In 1998 on dedicated h/w (EFF) in a few days • In 1999 above combined in 22hrs! • Still must be able to recognize plaintext
Alternatives to DES • A replacement for DES was needed • Have theoretical attacks that can break it • have demonstrated exhaustive key search attacks • A strengthened DES • Triple-DEA (Triple-DES)
Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt) • C = ciphertext • P = Plaintext • EK[X] = encryption of X using key K • DK[Y] = decryption of Y using key K • Effective key length of 168 bits (3x56) C = EK3[DK2[EK1[P]]]
Alternatives to DES • Triple-DES • Slow • Use small blocks • AES Cipher – Rijndael • Designed by Joan. Daemen and Vincent Rijmen in Belgium • Has 128/192/256-bit keys, 128-bit data • An iterative rather than feistel cipher • Processes data as block of 4 columns of 4 bytes • Operates on entire data block in every round
Block vs. Stream Ciphers • Block ciphers • Process messages in blocks, each of which is then en/decrypted • Like a substitution on very big characters • 64-bits or more • Need a table of 2^64 entries for a 64-bit block • Instead, create from smaller building blocks • Using the idea of a product cipher • Many current ciphers are block ciphers • A wide range of applications • Stream ciphers • Process messages a bit or byte at a time when en/decrypting
Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA) • 128-bit key • Used in PGP • Blowfish • Easy to implement • High execution speed • Run in less than 5K of memory
Other Symmetric Block Ciphers • RC5 • Suitable for hardware and software • Fast, simple • Adaptable to processors of different word lengths • Variable number of rounds • Variable-length key • Low memory requirement • High security • Data-dependent rotations • Cast-128 • Key size from 40 to 128 bits • The round function differs from round to round
Location of Encryption Device • Link encryption: • A lot of encryption devices • High level of security • Decrypt each packet at every switch • End-to-end encryption • The source encrypts and the receiver decrypts • Payload encrypted • Header in the clear • High Security • Both link and end-to-end encryption are needed
Key Distribution • Physical delivery • A key could be selected by A and physically delivered to B. • A third party could select the key and physically deliver it to A and B. • Network transfer • If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. • If A and B each has an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. • Diffie-Hellman key exchange
Session and Permanent Key • Session key: • Data encrypted with a one-time session key • At the conclusion of the session, the key is destroyed • Permanent key: • Used between entities for the purpose of distributing session keys
Recommended Reading • Scneier, B. Applied Cryptography, New York: Wiley, 1996 • Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001