1 / 44

IS 302: Information Security and Trust Week 3: From DES to AES

IS 302: Information Security and Trust Week 3: From DES to AES. 2012. Review. Kerckhoff principle Attacks to cryptosystem Caesar, Vigenere, Zimmerman, Vernam cipher Confusion and diffusion. Modern Symmetric Ciphers. DES AES. Block Ciphers vs Stream Ciphers. Block ciphers DES and AES…

tab
Download Presentation

IS 302: Information Security and Trust Week 3: From DES to AES

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IS 302: Information Security and TrustWeek 3: From DES to AES 2012

  2. Review • Kerckhoff principle • Attacks to cryptosystem • Caesar, Vigenere, Zimmerman, Vernam cipher • Confusion and diffusion

  3. Modern Symmetric Ciphers • DES • AES

  4. Block Ciphers vs Stream Ciphers • Block ciphers • DES and AES… • For each block, perform multiple rounds of confusion and diffusion operations • Stream ciphers • Vernam,… • Bit by bit operations

  5. DES • 1972-1974 NBS call for proposal • IBM’s DES  Horst Feistel’s Lucifer cipher • 1976 US Federal standard • 1990  DES design is optimal • Almost any change to DES weakens it • May 26, 2002, DES was superseded by AES • brute force attack can easily break 56-bit DES key • 1998 3DES  valid till 2030 • extensively used in banking industry

  6. Jeff Moser: http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html

  7. One Round in Encoding • 56-bits key  16 48-bits sub-key • 64-bits blocks • Right half  left half • Left half mixed with encrypted right half  right half A round of encoding a block in DES (repeat 16 times) Left half block Right half block substitution Sub key f permutation New right half block New left half block

  8. Overall Diagram http://en.wikipedia.org/wiki/Data_Encryption_Standard f function

  9. DES procedure visualization • Cryptool: • Indiv. procedures  visualization of algorithms  DES • You need Java runtime environment at least version 1.6 http://java.sun.com • You also need to download and install the current version of ANIMAL animation software http://www.algoanim.info/Animal2/

  10. Multiple DESes • Two-Key DES • Total key size is 56x2=112 bits; but the effective key size is only 57 bits only! • Triple DES (3DES) • This is a secure solution with effective key size of 112 bits Data E E C K1 K2 Data C E D E K1 K2 K1

  11. DES encryption demo • Cryptoolencrypt/decryptsymmetric (modern) • DES (CBC) • 3-DES (CBC)

  12. Security Concerns 56 bit key is too short • Can be broken on average in 2^55 ≈3.6*10^16 trials • Moore’s law: speed of processor doubles per 1.5 yr • 1997: 3500 machines broke DES in about 4 months • 1998: 1M dollar machine broke DES in about 4 days

  13. AES • 1997 NIST call • Final five • Rijndael(Joan Daemen and Vincent Rijmen), • Serpent(Ross Anderson), • Twofish(Bruce Schneier), • RC6(Don Rivest, Lisa Yin), • MARS (Don Coppersmith, IBM) • 2000 Rijndael won • 2002 Rijndael became AES

  14. AES vs DES

  15. High-Level Cipher Algorithm • KeyExpansion (one 128/192/256-biy key to 10/12/14 128-bit subkeys) • Initial Round • AddRoundKey (cipher key) • Steps in each of 9/11/13 rounds (state: 4*4=16-array of bytes = 128 bit-block) • SubBytes — a non-linear substitution step where each byte is replaced with another according to a lookup table. • ShiftRows — a transposition step where each row of the state is shifted cyclically a certain number of steps. • MixColumns — a mixing operation which operates on the columns of the state, combining the four bytes in each column • AddRoundKey — each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule. • Final Round (no MixColumns) • SubBytes • ShiftRows • AddRoundKey • How many rounds in total? How many round keys? http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

  16. Follow Me • Cryptool: AES procedures • Invid. Procedures  visualization of algorithms  AES • Web version: http://www.ccna-security.net/wp-content/uploads/2008/10/rijndael_ingles2004.swf • AES-128-CBC encryption • Encrypt/decrypt  symmetric (modern)  AES

  17. Four Modes of Block Ciphers • How are multiple blocks processed? • ECB: Electronic Code Book • CBC: Cipher Block Chaining • CFB: Cipher Feedback • OFB: Output Feedback

  18. Electronic codebook (ECB) mode K Enc P3 P1 P2 C3 C1 C2 K Dec C3 C1 C2 P3 P1 P2

  19. Cipher-block Chaining (CBC) Mode K Enc P3 C2 P1 IV P2 C1 C3 C1 C2 K Dec C3 C1 C2 P3 C2 P1 IV P2 C1 IV C1 C2 P3 P1 P2

  20. ECB vs CBC • Which mode would you choose? • Which one is semantically secure? Original image Encrypted with ECB Encrypted with CBC

  21. Hands-On Exercise • AES Encryption and Decryption • OpenSSL • JCE • Download Lab.doc and follow instructions

  22. Introduction:Javax.crypto.Cipher • This class provides the functionality of a cryptographic cipher for encryption and decryption • Methods: • getInstance(String algorithm ) • Generates a Cipher object that implements the specified algorithm. • init(int opmode, Key key ) • The cipher is initialized with a key for either encryption or decryption. • doFinal(byte[] input ) • Encrypts or decrypts data depending on how this cipher was initialized. Further details: http://java.sun.com/j2se/1.4.2/docs/api/javax/crypto/Cipher.htmlhttp://java.sun.com/j2se/1.5.0/docs/api/javax/crypto/Cipher.html

  23. Example: AES Encryption • The following sample encrypts a file “clear.txt”and save the output as a file named “encryptedfile”. // Create a cipher object with algorithm “AES”. Cipher cipher = Cipher.getInstance("AES"); //Set the Cipher object to ENCRYPT MODE //Initialise it with the encryption key “mykey”. //Previous example demostrated how to retrieve this key from a keystore. cipher.init(Cipher.ENCRYPT_MODE, mykey); //Create an input stream to read the file. File clr=new File(“clear.txt”); FileInputStream fi = new FileInputStream(clr); //Get the size of the file. long length = clr.length(); …..cont’d

  24. Example: AES Encryption cont’d //Create a byte array with the size of the file. byte[] plaintext = new byte[(int) length]; //Read data into the byte array fi.read(plaintext); //Close file fi.close(); // Now encrypt the text and store it in the byte array ciphertext byte[] ciphertext = cipher.doFinal(plaintext); //Write encrypted text into the output file File enc=new File(“encryptedfile”) FileOutputStream fo = new FileOutputStream(enc); fo.write(ciphertext); fo.close();

  25. Example: AES Decryption • The following sample decrypts a file “encryptedfile”and save the output as a file named “decryptedfile”. // Create a cipher object with algorithm “AES” Cipher cipher = Cipher.getInstance("AES"); //Set the Cipher object to DECRYPT MODE //Initialise it with the decryption key “mykey”. //Previous example demostrated how to retrieve this key from a keystore. cipher.init(Cipher.DECRYPT_MODE, mykey); //Create an input stream to read the file. File enc=new File(“encryptedfile”); FileInputStream fi = new FileInputStream(enc); //Get the size of the file. long length = enc.length(); …..cont’d

  26. Example: AES Decryption cont’d //Create a byte array with the size of the file. byte[] ciphertext = new byte[(int) length]; //Read data into the byte array fi.read(ciphertext); //Close file fi.close(); // Now decrypt the text and store it in the byte array ciphertext byte[] plaintext = cipher.doFinal(ciphertext); //Write encrypted text into the output file File dec=new File(“decryptedfile”) FileOutputStream fo = new FileOutputStream(dec); fo.write(plaintexttext); fo.close();

  27. Review Questions • Which of the following is stream cipher • DES 2) AES 3) Vernam • What is effective key size for 4-DES • 112 bits 2) 113 bits 3) 168 bits • Increasing key size from 56 bits to 128 bits, how many times more effort an attacker needs to spend in brute force attack? • 72 2) 2^72 3) 2^184

  28. Individual Assignment 1 (5%) • Due in week 4 (please submit hardcopy during week 4 class) • Textbook 1.11 Exercises 3, 12, 15 (pages 32-33 in 3rd edition, pages 34-36 in 4th edition) • Textbook 2.13 Exercises 1, 13, 17, 19 (pages 91-93 in 3rd edition, pages 94-97 in 4th edition)

More Related