1 / 36

Chapter 4

Chapter 4. Encryption. Objectives. In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms Recognize popular asymmetric encryption algorithms Understand a variety of hash encryption algorithms

jenski
Download Presentation

Chapter 4

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Chapter 4 Encryption

  2. Objectives In this chapter, you will: • Learn the basics of encryption technology • Recognize popular symmetric encryption algorithms • Recognize popular asymmetric encryption algorithms • Understand a variety of hash encryption algorithms • Identify a variety of cryptanalytic attacks

  3. Encryption Basics

  4. Encryption Basics

  5. Encryption Basics • Transposition vs. substitution • With transposition ciphers, data is rearranged • With substitution ciphers, data is replaced • Block vs. stream • With block ciphers, data is broken into chunks • The encryption algorithm and key are then applied to each chunk • With stream ciphers, the encryption algorithm and key are applied to each piece of data continuously until the entire message is transformed into ciphertext

  6. Encryption Basics • General Problems • Algorithm privacy • Randomness • Performance • Processing power • Key security

  7. Symmetric Encryption • A symmetric encryption algorithm is generally defined as a system that uses the same key for both encryption and decryption

  8. Symmetric Encryption

  9. Symmetric Encryption • Digital Encryption Standard (DES) • Consists of both an algorithm and a key • 56-bit key • 16-bit blocks • 16 rounds • Four operating modes • ECB (Electronic Codebook) • CBC (Cipher Block Chaining) • CFB (Cipher Feedback) • OFB (Output Feedback)

  10. Symmetric Encryption

  11. Symmetric Encryption • DES • Electronic Codebook (ECB) • Block cipher • 64-bit blocks • 48-bit key • Each 48-bit block XORed with 48-bit key

  12. Symmetric Encryption • DES • Cipher Block Chaining (CBC) • Block cipher • 64-bit blocks • 48-bit key • First block XORed with random block of data then encrypted • Each block XORed with previous 64-bit encrypted block

  13. Symmetric Encryption • DES • Cipher Feedback (CFB) • Block cipher • 64-bit blocks • 48-bit key • Random block of 64-bit data encrypted by DES • First block of data then XORed with encrypted random data then encrypted using DES • Each block XORed with previous 64-bit encrypted block

  14. Symmetric Encryption • DES • Output Feedback (OFB) • Block cipher • 64-bit blocks • 48-bit key • Similar to CFB, but does not chain ciphertext • Previous DES output is used as input

  15. Symmetric Encryption • 3DES • 168-bit key (effective length) • 16-bit blocks • 16 rounds • Four operation modes • DES-EEE3 • DES-EDE3 • DES-EEE2 • DES-EDE2

  16. Symmetric Encryption • 3DES • DES-EEE3 • Data encrypted with 3 different keys

  17. Symmetric Encryption • 3DES • DES-EDE3 • Data encrypted with Key 1 • Data decrypted with Key 2 • Data encrypted with Key 3

  18. Symmetric Encryption • 3DES • DES-EEE2 • Data encrypted with Key 1 • Data encrypted with Key 2 • Data encrypted with Key 1

  19. Symmetric Encryption • 3DES • DES-EDE2 • Data encrypted with Key 1 • Data decrypted with Key 2 • Data encrypted with Key 1

  20. Symmetric Encryption • Advanced Encryption Standard (AES) • Rijndael algorithm • Variable length key • Variable length blocks

  21. Symmetric Encryption • Commercial algorithms • RC2 • RC4 • RC5 • RC6 • IDEA • Blowfish • Twofish

  22. Symmetric Encryption • Key Management • Password-based encryption (PBE) • Hardware-based keys • Smart cards • Biometrics

  23. Asymmetric Encryption

  24. Asymmetric Encryption

  25. Asymmetric Encryption • RSA • Computes the product of two large primary numbers of equal length: (n = p * q). The length is usually 154-bit or 512-bit. • Chooses a random public key, e, so that e < n and relatively prime to the product of (p-1)(q-1). • Chooses a random public key component, e, so that e < n and relatively prime to the product of (p-1)(q-1). • Computes the private key component, d, using the equation: d = e-1 mod [(p-1)(q-1)]. • The private key is then expressed as (d,n) and the public key is expressed as (e,n). • To encrypt a message, p, the formula is c = pe mod n where c is the final ciphertext. To decrypt a message, the formula is p = cd mod n.

  26. Asymmetric Encryption • Digital Signature Standard (DSS) • RSA • DSA • ECDSA

  27. Asymmetric Encryption • Public-key Infrastructure (PKI) • Digital certificate

  28. Asymmetric Encryption • Public-key Infrastructure (PKI) • Certificate authority (CA) • Registration authority (RA) • Certificate directory • Key backup and recovery server

  29. Hash Algorithms • Message Digest algorithms • MD • MD2 • MD3 • MD4 • MD5

  30. Hash Algorithms

  31. Hash Algorithms • Secure Hash Algorithm (SHA-1) • NIST standard • 160-bit digest

  32. Cryptanalytic Attacks • Ciphertext-only • Known-plaintext • Chosen-plaintext • Chosen-ciphertext • Brute force • Dictionary

  33. Cryptanalytic Attacks • Man-in-the-middle • Meet-in-the-middle • Recreate the key • Rubber hose

  34. Summary • Encryption algorithms produce ciphertext through transposition or substitution. • There are two major categories of encryption algorithms: block and stream. • Four major problems apply to encryption algorithms: algorithms are not tested sufficiently when kept private, computers do not adequately produce random numbers by default, encryption results in reduced performance, and increased processing power can ultimately break encryption.

  35. Summary • Symmetric encryption uses the same key for both the encryption and decryption processes. DES, 3DES, AES, RC, IDEA, Blowfish, and Twofish are popular symmetric encryption algorithms. • PBE, tokens, smart cards, and biometrics offer a number of ways to protect symmetric keys. • Asymmetric encryption uses two keys, one key to encrypt the plaintext and the other to decrypt. • The Diffie-Hellman Key Exchange, RSA algorithm, and DSS are robust foundations for public-key encryption.

  36. Summary • PKI is designed to manage the keys necessary to perform public-key encryption. • PKI consists of digital certificates, a certificate authority (CA), a registration authority (RA), certificate directory, and a key backup and recovery server. • Hash algorithms take a variable plaintext input and produce a fixed length output. • The most popular hash algorithms are the MD series and SHA-1 algorithms. • Many cryptanalytic attacks pose threats to today’s encryption systems.

More Related