140 likes | 196 Views
COMP 1631 Fall 2006. Block Ciphers: Workhorses of Cryptography. insecure channel. Alice. Bob. Attacker. Basic Scenario. Two communicating parties:. Information Security Services. Communicating parties may require:.
E N D
COMP 1631Fall 2006 Block Ciphers:Workhorses of Cryptography
insecure channel Alice Bob Attacker Basic Scenario Two communicating parties:
Information Security Services Communicating parties may require: • secrecy - attacker listening cannot gain any useful information from the communication • authentication - communicating parties are ensured to be who/what they claim to be • integrity - data cannot be modified by attacker without detection • non-repudiation - Alice and Bob cannot deny transmission/receipt of certain data
Terminology Cryptography is the study of mathematical techniques used to provide information security Cryptanalysis is the study of techniques used to thwart (break) cryptographic techniques Cryptology is the field which encompasses both cryptography and cryptanalysis
EXAMPLES: • symmetric-key ciphers (block ciphers) • public-key ciphers • digital signatures • cryptographic hash functions Cryptographic Primitives The basic cryptographic “building blocks” used to provide these information security services are called primitives
ke kd plaintext (p) plaintext (p) ciphertext (c) encryption algorithm decryption algorithm Attacker Using Ciphers for Secrecy A cipher is an encryption/decryption algorithm, parameterized by keys
Categories of Ciphers • Symmetric-key Ciphers • ke= kd (or they are easily derived from each other) • the key is known only to Alice and Bob • Public-key (Asymmetric) Ciphers • the recipient (Bob) has a key pair (ke, kd) • ke (the public key) is widely distributed - on Bob’s Web page, in a directory, etc • kd (the private key) is known only to Bob
Advantages/Disadvantages • Symmetric-key ciphers • Alice and Bob must establish a shared key (key distribution problem) • very fast (used for bulk encryption) • Public-key ciphers • solves key distribution problem • slow (approximately 1/1000 speed of symmetric-key ciphers)
Hybrid Approach Suppose Alice has a large file she wants to encrypt and send to Bob 1. Alice randomly generates a key (k) to be used in a symmetric-key cipher 2. Alice encrypts k with Bob’s public key and sends it to Bob 3. Bob decrypts k using his private key 4. Alice and Bob communicate using k and an agreed-upon symmetric-key cipher
Block Ciphers • Block ciphers are an important class of symmetric-key ciphers • A block cipher maps N bits to N bits (plaintext to ciphertext) and is parameterized by a key • N is called the block size • typical block sizes: 64 bits, 128 bits • name comes from fixed-length nature of input (as compared to stream ciphers, which encrypt their input as a continuous stream)
Block Cipher Architectures Two fundamental block cipher architectures: • Substitution-Permutation Networks (SPNs) • Feistel Networks • Both encrypt a plaintext through a series of weaker steps called rounds • Feistel networks modify only half the input to each round (simplifies decryption process), whereas SPNs modify the entire input
S-Boxes and Subkeys • An nns-box is a mapping from n bits to n bits that can be inverted (so two different inputs must map to two different outputs) • The subkeys (round keys) are typically derived from k via a key-scheduling algorithm • k is sometimes called the master key
The Linear Transformation • In its simplest form, a linear transformation is simply a permutation (shuffling) of bits (hence the name substitution-permutation network) • In general, a applying a linear transformation means multiplying the input (an N-bit vector) by a binary N N matrix