![Block Ciphers Multiple Encryption e.g., c = E k’ (E k (m)) Suppose the length of k and k’ are both n. [Merkle/Hellman, 1981] The effective strenghth of the above encryption is 2 n+1 , not 2 2n . EDE Triple encryption mode](https://image.slidesharecdn.com/ciphers-091104060253-phpapp02/85/Ciphers-11-320.jpg)
Ciphers
- 1. Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)
- 2. Topics Problems with Design of Ciphers Stream and Block Ciphers A Brief Overview of Network Security more in Chapter 26 Privacy-enhanced E-Mails (PEM) Advanced Topics: SSL, IPsec next course ( Web Security )
- 3. Context-related Vulnerability Key point: How a crypto system is used will affect its strength. Sample Problems Pre-computing the possible messages Assumption: The plaintext corresponding to intercepted ciphertext is drawn from a relatively small set of possible plaintexts. The cryptanalyst can encipher the set of possible plaintexts and simply search that set for the intercepted ciphertext.
- 4. Context-related Vulnerability Sample Problems (cont.) Polluted Blocks Parts of a ciphertext message may be deleted, replayed, or reordered. Unless different parts are bound together, their order may be changed by the attacker, without being detected by the receiver. Example: Reordered RSA data blocks ‘LIVE’ can be reordered to ‘EVIL’. Source of problem: Each block is independently enciphered, so integrity of each part does not guarantee the integrity of the whole. Solution? ‘binding’ of blocks + digital signature
- 5. Context-related Vulnerability Sample Problems (cont.) Statistical Regularities Such regularities may exist when each part of the ciphertext was generated from independent part of the plaintext. Example: DES in ECB mode Solution?
- 6. Stream vs Block Ciphers Block ciphers : Plaintexts are encoded into ciphertexts block-by-block . Each block is encrypted by the same key. See definition 11-1. Example: DES Stream ciphers : The plaintext characters are encoded by the sender unit-by-unit , usually with different key for each unit. Each letter may be encrypted by different key. (See definition 11-2) Example: one-time pad, where a random, infinitely long key is used. If the key stream repeats itself periodic cipher Questions: Is Vigen è re cipher a block or stream cipher? How about RSA ?
- 7. Stream Ciphers Approaches in simulating a random, infinitely long key Synchronous Stream Ciphers Generates bits (of the key) from a source other than the message itself. See definition 11-3: LFSR ( n-stage linear feedback shift register ) Example on p.278 Definition 11-4: NLFSR ( n-stage nonlinear feedback shift register ) Example on p.279 Purpose? To eliminate lineality c.f., LFSR vs NLFSR: How the new bit is inserted into the register r.
- 8. Stream Ciphers Alternative approaches in eliminating linearity : Output Feedback Mode (OFM) The register, r, is never shifted. It is repeatedly enciphered. Counter Method: a variant of OFM
- 9. Stream Ciphers Self-Synchronous Stream Ciphers The key is obtained from the message itself. Example: autokey cipher (p.280) Problems? The selection of the key. Statistical regularities in the plaintext show up in the key. An alternative: Use the ciphertext as the key stream Problems? Weak cipher, because plaintext can be deducted from the ciphertext Another alternative: CFM (cipher feedback mode) See Fig. 11-1, p.281
- 10. Block Ciphers A block of multiple bits are enciphered each time. Faster than stream cipher (?). Problem? Encipherment of the same plaintexts result in the same ciphertexts (because the same key is used for each block). Solution: Cipher block chaining (CBC) IV is needed for the first block encipherment
- 11. Block Ciphers Multiple Encryption e.g., c = E k’ (E k (m)) Suppose the length of k and k’ are both n. [Merkle/Hellman, 1981] The effective strenghth of the above encryption is 2 n+1 , not 2 2n . EDE Triple encryption mode
- 12. Next A Brief Overview of Network Security Privacy-enhanced E-Mails (PEM)