140 likes | 379 Views
Chapter 4-1 Cipher Operating Modes. Block ciphers, like DES, encrypt plaintext in fixed size, n-bit blocks. (n is typically 64) For messages longer than 64 bits, the easiest method is to divide the message in n-bit blocks and encrypt each block separately. This is
E N D
Chapter 4-1 Cipher Operating Modes Block ciphers, like DES, encrypt plaintext in fixed size, n-bit blocks. (n is typically 64) For messages longer than 64 bits, the easiest method is to divide the message in n-bit blocks and encrypt each block separately. This is called Electronic CodeBook (ECB) mode. There are many possible modes of operation. Important ones are: Electronic CodeBook (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB), and Output Feedback (OFB) Counter Mode (CM) Different methods have strengths and weakness. Secret Key Cryptography
Characteristics of Importance Security – Ability to re-use keys Plaintext patterns are concealed (no statistics) Efficiency – Speed Ability to preprocess Parallel/Serial processing Implement on simple processors (bit or Byte) Fault-Tolerance – Plaintext errors Ciphertext errors Synchronization errors Secret Key Cryptography
Electronic CodeBook (ECB) Mode Key Key E E-1 Plaintext p Plaintext p Ciphertext c Characteristics: 1. Identical plaintext blocks and same key produce identical cipher blocks (may reveal structure). Thus, long messages may contain repeats and are to be avoided. Typically used only for one block messages, like a key exchange. 2. Easiest mode to implement. 3. Blocks can be encrypted in any order (e.g., last first, etc.) Secret Key Cryptography
Electronic CodeBook (ECB) Mode Can be broken by compiling a codebook. Create a plaintext/ciphertext pair for each block (2block length pairs). Create 1 codebook for each key (2key length pairs). For DES = (2 pairs x 8 B/block) x 264 blocks/pair = 268 Bytes for 1 Codebook. There are about 230 Bytes in a GB, or 237 B in a 128 GB drive, so We need 231 128 GB drives for 1 codebook. We need 2112 codebooks – not a very tractable solution. Secret Key Cryptography
Cipher Block Chaining (CBC) Mode IV0 Cj-1 Cj-1 Plaintextpj E E-1 Key Plaintextpj Ciphertextcj Key Secret Key Cryptography
Cipher Block Chaining (CBC) Mode The encryption is initialized by Initializing Vector IV0 The first block of plaintext pj is encrypted as a function of the key and the Exclusive OR of pj and IV0. The first output block is fed back to the input as cj-1 and EXORed with the next plaintext block pj. Characteristics: • Identical plaintext blocks produce identical ciphertext (for same • key & IV0). Changing IV0 produces different ciphertext. • 2. Chaining causes ciphertext to depend on plaintext and previous • plaintext blocks (because of cj-1 feedback) -- = text doesn’t repeat! • 3. Errors propagate because of the feedback. • 4. IV does not have to be secret, but should be protected (integrity). Secret Key Cryptography
Cipher FeedBack (CFB) Mode r-bit shift r-bit shift Ij Cj-1 Ij IV E E-1 Key Key Leftmost r bits Leftmost r bits Oj Oj Plaintextpj Ciphertext cj Plaintextpj Secret Key Cryptography
Cipher FeedBack (CFB) Mode The same as CBC in principle, but operates like a streaming cipher. While CBC mode processes an n-bit block, streaming ciphers operate on smaller units, say r bits, r < n (r is often 1 bit, or 8 bits = 1 character). Characteristics: 1. Like CBC, changing IV, changes the ciphertext. 2. Chaining makes output depend on plaintext, key, and previous ciphertext. 3. Errors propagate, but stop after n bits shift out of cj. 4. If r < n, throughput is decreased by a factor of n/r (compared to CBC). Secret Key Cryptography
Output FeedBack (OFB) Mode Oj-1 Ij Oj-1 Ij IV E E-1 Key Key Leftmost r bits Leftmost r bits Oj Oj Plaintext pj Plaintextpj Ciphertextcj Secret Key Cryptography
Output FeedBack (OFB) Mode Still similar to CFB (typically used for stream encryption), except encryption function output is fed back instead of ciphertext. This limits error propagation, but at the cost of being somewhat less secure. Characteristics: 1. Like CBC, changing IV, changes the ciphertext. 2. Chaining makes output depend on plaintext, key, and previous encryption block. 3. Errors in transmission do not propagate - a key difference! Secret Key Cryptography
Other Algorithms Many - many have been developed, many have fallen, but many have survived. Good ones include: IDEA - 128 bit key, strong algorithm, never been broken (Swiss) RC2, 4, 5 - Variable key length from Ron Rivest (MIT) Blowfish - Variable key length - to 448 bits, from Bruce Schneier of Counterpane CAST-128, FEAL, LOKI, etc., etc. Secret Key Cryptography
Symmetric Encryption - Block Size Small blocks help statistical analysis. All things being equal, small blocks are more likely to repeat. So, long blocks are more secure, since they are less likely to repeat, but, Long blocks increase the complexity of implementation exponentially. Long blocks reduce encryption speed. 64/128 bits are common block sizes and using cipher feedback mode further strengthens. Secret Key Cryptography
Summary - Symmetric Encryption Key Size - Longer is more secure, but slower. Ket requirement is to defeat brute force (exhaustive search) methods. Remember this is a changing target (about 90 bits today). 128 bits are now common key sizes. # of rounds -Each round increases security, but slows the algorithm. 16 rounds is typical. Sub-key generation - greater complexity increases security. Speed - Always important, critical in smart cards. Ease of analysis - Algorithms should be concise and clearly explained to be easily analyzed for vulnerabilities. Secret Key Cryptography