SlideShare a Scribd company logo

Cryptography and Encryptions,Network Security,Caesar Cipher

Download as PPTX, PDF
Gopal Sakarkar, profile picture
Gopal Sakarkar

The document discusses network security concepts including: 1. Four principles of security are defined: confidentiality, authentication, integrity, and non-repudiation. 2. Security attacks are classified into two categories: passive attacks and active attacks. Common examples like traffic analysis and message modification are described. 3. Network security is important to prevent billions of dollars in losses each year from security breaches and theft of sensitive data.

Engineering
1 of 120
Downloaded 630 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
Security Concept Mr.Gopal Sakarkar Mr. Gopal Sakarkar
Today’s Agenda • Introduction of Security Concept. • Principal of Security. • Classification of Security Attacks Mr. Gopal Sakarkar
Digital Security Computer Security Network Security Mr. Gopal Sakarkar
Need of Network Security • According to FBI statistics result (2007) , up to five billion dollars is lost each year due to black holes . • Loss of important data. e.g. Credit Card, ATM Card • Confidential information of business have been stolen by competitors. e.g. ICICI vs HDFC • Last but not least : Important data stolen from military . Mr. Gopal Sakarkar
So, what do you mean by NS? • It is vital component in information security for securing all information passed through computers network. • It provide management policy for access controls protection for H/W, S/W & information in networking. Mr. Gopal Sakarkar
Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
Confidentiality • It specifies that only sender and intended recipient(s) should be able to access the contents of message. e.g.: e-mail send by person A to person B. Mr. Gopal Sakarkar
Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
Authentication • It help to establish proof of identities. e.g. : Login using Userid and Password. Mr. Gopal Sakarkar
Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
Integrity • Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. e.g. Updating bank account information Mr. Gopal Sakarkar
Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
Non-repudiation • Non- repudiation does not allow the sender or receiver of a message to refuse the claim of not sending or receiving that message. Mr. Gopal Sakarkar
Classification of Security Attacks Mr. Gopal Sakarkar
Passive Attack • A passive attack make use of information from the system but does not affect system resource. Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
Release of Message Contents Mr. Gopal Sakarkar Hi, I am Bob Hi, I am Bob Hi, I am Bob
Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
Traffic Analysis Mr. Gopal Sakarkar Meet me at Cinemax Phhw ph dw flqhpda Meet me at Cinemax
Active Attack • It involve some modification of data stream or creation of a Mr. Gopal Sakarkar false stream. Active Attack Replay Modification Denial of Service Masquerade
Replay It involves passive capture of data unit and its subsequent retransmission to produce an unauthorized effect. Mr. Gopal Sakarkar Transfer Rs.1000 to Alice. Transfer Rs.1000 to Darth.
Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
Modification In which some portion of message is altered or that message are delayed or reordered to produce an unauthorized affect. Mr. Gopal Sakarkar Transfer Rs.1,000 to Darth. Transfer Rs.10,000 to Darth. Transfer Rs.10,000 to Darth
Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
Denial of service It have a specific target (Server), in which prevents or inhabits the normal use or management of communication facilities. Mr. Gopal Sakarkar
Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
Masquerade A masquerade is a type of attack where the attacker act as an authorized user system in order to gain access to it or to gain greater privileges than they are authorized for. Mr. Gopal Sakarkar
Summary • Four goals have been defined for security i.e. Confidentiality , Authentication, Integrity, Non-repudiation. • Security Attacks are classified in two parts Active and Passive. Mr. Gopal Sakarkar
For Further Reading • http://www.smartchip.com/flash/presentationV2.swf • http://buchananweb.co.uk/asmn/unit03.swf • http://www.computing.co.uk/computing/video/2246841/network-security • http://en.kioskea.net/contents/courrier-electronique/fonctionnement-mta-mua.php3 • http://www.thepcmanwebsite.com/cgi-bin/web_tools/ascii.pl (converter) • http://bytes.com/topic/c/answers/769137-how-convert-alphabet-numbers • http://www.kerryr.net/pioneers/binary.htm • http://services.exeter.ac.uk/cmit/modules/the_internet/slides/ch01s01s04.html (packet working) Mr. Gopal Sakarkar
31 Conventional Encryption
32 Caesar Cipher It is a substitution cipher invented by Julius Caesar. It replace each letter of the alphabet with the letter standing thired Place further down the alphabet. Let numerical equivalency of letter A B C D E F G H …… z 0 1 2 3 4 5 6 7 25
33 Caesar Cipher Let , for each plaintext letter p, substitute the cipher letter : C=E(3,p)=(p+3) mod 26 For generalize equation for encryption : C=E(k,p)= (p+k) mod 26 For generalize equation for decryption : P=D(k,C)=(C-K)mod 26
34 Caesar Cipher plain: abcdefghijklmnopqrstuvwxyz key: defghijklmnopqrstuvwxyzabc cipher: PHHW PH DIWHU WKH WRJD SDUWB plain: MEET ME AFTER THE toga PARTY Video
35 “Rail-Fence” Cipher It is use substitution method , in which plaintext is written down As a sequence of diagonals and then read off as a sequence of row.
36 “Rail-Fence” Cipher DISGRUNTLED EMPLOYEE D R L E O I G U T E M L Y E S N D P E DRLEOIGUTE MLYESNDPE
Steganography
What is Steganography? Stegosaurus: a covered lizard (but not a type of cryptography) Greek Words: STEGANOS – “Covered” GRAPHIE – “Writing” • Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. • This can be achieve by concealing the existence of information within seemingly harmless carriers or cover • Carrier: text, image, video, audio, etc.
Modern Steganography Techniques Masking and Filtering: Is where information is hidden inside of a image using digital watermarks that include information such as copyright, ownership, or licenses. The purpose is different from traditional steganography since it is adding an attribute to the cover image thus extending the amount of information presented. Algorithms and Transformations: This technique hides data in mathematical functions that are often used in compression algorithms. The idea of this method is to hide the secret message in the data bits in the least significant coefficients. Least Significant Bit Insertion: The most common and popular method of modern day steganography is to make use of the LSB of a picture’s pixel information. Thus the overall image distortion is kept to a minimum while the message is spaced out over the pixels in the images. This technique works best when the image file is larger then the message file and if the image is grayscale.
Basics of Modern Steganography fE: steganographic function "embedding" fE-1: steganographic function "extracting" cover: cover data in which emb will be hidden emb: message to be hidden key: parameter of fE stego: cover data with the hidden message
Important Requirement for Steganographic System • Security of the hidden communication • size of the payload • Robustness against malicious and unintentional attacks
Steganography Tools
45 Basic Types of Ciphers • Transposition ciphers – rearrange bits or characters in the data • Substitution ciphers – replace bits, characters, or blocks of characters with substitutes
46 Encryption Methods • The essential technology underlying virtually all automated network and computer security applications is cryptography • Two fundamental approaches are in use: – Conventional Encryption, also known as symmetric encryption – Public-key Encryption, also known as asymmetric encryption
47 Conventional Encryption Model
48 Conventional Encryption Five components to the algorithm – Plaintext: The original message or data – Encryption algorithm: Performs various substitutions and transformations on the plaintext – Secret key: Input to the encryption algorithm. Substitutions and transformations performed depend on this key – Ciphertext: Scrambled message produced as output. depends on the plaintext and the secret key – Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext and the secret key to produce the original plaintext
50 Conventional Encryption M EK C DK M EK defined by an encrypting algorithm E DK defined by an decrypting algorithm D For given K, DK is the inverse of EK, i.e., DK(EK(M))=M for every plain text message M
Today’s Agenda • Cryptography and Encryption • Encryption Principles • Feistel Cipher Structure • Data Encryption Standard (DES) Mr. Gopal Sakarkar
Cryptography • It is a Greek word , means that “Secret Writing”. • Cryptography is an art and science for achieving security by encoding the readable format data in to a non-readable form. Mr. Gopal Sakarkar
Encryption Encryption is a process of converting the plain text data in to ciphertext data. Mr. Gopal Sakarkar
Encryption Principles • An encryption scheme has five ingredients: – Plaintext – Encryption algorithm – Secret Key – Ciphertext – Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm. Mr. Gopal Sakarkar
Average time required for exhaustive key search Mr. Gopal Sakarkar Key Size (bits) Number of Alternative Keys Time required at 106 Decryption/μs 32 232 = 4.3 x 109 2.15 milliseconds 56 256 = 7.2 x 1016 10 hours 128 2128 = 3.4 x 1038 5.4 x 1018 years 168 2168 = 3.7 x 1050 5.9 x 1030 years
Conventional Encryption Model Mr. Gopal Sakarkar
Cryptography Process Depend on…. 1. The type of operations used for transforming plaintext to Mr. Gopal Sakarkar ciphertext. 1.1 Substitution 1.2 Transpose 2. The number of keys used 2.1 Symmetric (single key) 2.2Asymmetric(two-keys,orpublic-key encryption) 3. The way in which the plaintext is processed Block Cipher Stream Cipher
Substitution Process Mr. Gopal Sakarkar
Transposition Techniques • Consider plain text message as a number A=0 , B=1, C=2……..Z=25. • Take plain text CAT = 2 0 19 Take N x N matrix of randomly chosen keys. Mr. Gopal Sakarkar
Mr. Gopal Sakarkar 6 24 1 13 16 10 20 17 15 = Multiply two matrix 6 24 1 13 16 10 20 17 15 2 0 X 19 = 31 216 325
• Now compute a mod 26 value of the above matrix. Mr. Gopal Sakarkar 31 216 325 mod 26 5 8 = 13 Now translate number to alphabet 5=F, 8=I and 13= N i.e. cipher text is FIN
Exercise - II • Define a symmetric-key cryptography. • Distinguish between a block cipher and a stream cipher with an example. • Decrypt a above example by taking a inverse of 8 5 10 21 8 21 21 12 8 Mr. Gopal Sakarkar original matrix i.e. • Draw an algorithm , flowchart and write a C++ program for implementing Transposition Techniques.
Summary • Definition of Cryptography . • Working of encryption principal. • Substitution and transportation techniques . Mr. Gopal Sakarkar
For Further Reading • http://buchananweb.co.uk/asmn/unit04.swf • http://www.youtube.com/watch?v=IzVCrSrZIX8 • http://www.youtube.com/watch?v=ZdC7cnpYOwI&feature=related Mr. Gopal Sakarkar
Confusion and Diffusion • Introduced by Claude Shannon to capture the two basic building blocks for any Mr. Gopal Sakarkar cryptographic system. • Confusion - Confusion seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible, again to stop attempts to discover the key. • Diffusion - The mechanism of diffusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to prevent attempts to assume the key.
Approximate Alphabet Frequency Mr. Gopal Sakarkar
Feistel Cipher Structure • It is block cipher symmetric encryption algorithms, first described by Horst Feistel of IBM in 1973. • It is depends on the choice of the following parameters • Block size: larger block sizes mean greater security • Key Size: larger key size means greater security • Number of rounds: multiple rounds offer increasing security • Subkey generation algorithm: greater complexcity will lead to greater Mr. Gopal Sakarkar difficulty of cryptanalysis. • Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern.
Steps: 1. Input of plaintext with length 2w bits and key K. 2. Plaintext is divided into two halves L0 and R0. 3. These two halves pass through N round of processing to produce CipherText block. 4. The key K is derived from subkey generation algo. 5. These two halves combine by applying a round function ‘F’ on right half of data and then taking X-OR operation of the output of F with left half of data. Mr. Gopal Sakarkar
Mr. Gopal Sakarkar
Exercise • List out the various Feistel ciphers Algorithm and explain each Mr. Gopal Sakarkar in brief.
For Further Reading • http://www.quadibloc.com/crypto/co040906.htm • http://www.encryptionanddecryption.com/encrypt_decrypt_encyclopedia.ht Mr. Gopal Sakarkar ml
Data Encryption Standard (DES) I. It is a Block Cipher Symmetric algorithm. II. It takes 64 bits plaintext and 56 (64) bits as a key. III. It produce a 64 bits cipher text. IV. It consist of 16 steps , called round. Steps: 1. It take 64 bit plain text as given i/p to Initial Permutation Function (IPF). 2. IPF produce two halves, i.e. Left Plain Text (LPT) and Right Plain Text Mr. Gopal Sakarkar (RPT) 3.Now, each LPT and RPT goes through 16 rounds of encryption process with key K(56 bits). 4.At the end , LPT and RPT are rejoined and a final permutation (FP) is performed which is being the inverse of IP on the combined block. 5. Finally the result produced 64 bits cipher text.
Plain Text (64 bits) Initial Permutation LPT RPT Key ( K) 16 Rounds 16 Rounds 56 bits Final Permutation Cipher Text(64 bits) DES Algorithm Mr. Gopal Sakarkar
DES Encryption Overview Mr. Gopal Sakarkar
An Example • Let M be the plain text message M = 0123456789ABCDEF, where M is in hexadecimal (base 16) format. Rewriting M in binary format, we get the 64-bit block of text: • M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 Mr. Gopal Sakarkar 1110 1111 • L = 0000 0001 0010 0011 0100 0101 0110 0111 • R= 1000 1001 1010 1011 1100 1101 1110 1111 The first bit of M is "0". The last bit is "1". We read from left to right. Let K be the hexadecimal key K = 133457799BBCDFF1 K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001 Cipher Text: 85E813540F0AB405. Online Example
The EFF's US $ 250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips. Mr. Gopal Sakarkar
Triple-DES with Two-Keys • hence must use 3 encryptions – would seem to need 3 distinct keys • but can use 2 keys with E-D-E sequence – C = EK1[DK2[EK1[P]]] – no encrypt & decrypt equivalent in security – if K1=K2 then can work with single DES • standardized in ANSI X9.17 & ISO8732 • no current known practical attacks
Triple DES
Summary • Security of data is depend on secrecy of key not on the Mr. Gopal Sakarkar encryption algorithm. • Feistel Cipher Structure is basic structure for any symmentric encryption algo. • DES algorithm also called as DEA has been a cryptographic alog. used from over four decades. • It was adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46 (FIPS PUB 46).
For Further Reading • http://www.buchananweb.co.uk/asmn/unit03.swf • http://williamstallings.com/Crypt-Tut/Crypto%20Tutorial%20- Mr. Gopal Sakarkar %20JERIC.swf • http://orlingrabbe.com/des.htm (IMP) • http://www.tero.co.uk/des/explain.php
Exercise - III • Explain a triple DES in detail. • Find out the various application in which DES is implemented. Mr. Gopal Sakarkar
Blowfish Algorithm
The Blowfish Encryption Algorithm • Developed by Bruce Schneier • Keyed, symmetric block cipher • Designed in 1993 . • Can be used as a drop-in replacement for DES.
The Blowfish Encryption Algorithm (cont.) • As a fast, free alternative to existing encryption algorithms. • Variable-length key. • From 32 bits to 448 bits.
The Blowfish Encryption Algorithm (cont.) • Fast: It used 32 bit microprocessors for 26 clock cycles per byte. • Compact : It need less than 5 kb memory for execution. • Simple : It used primitive operations ,such as addition , XOR ,etc. • Secure : It has variable length key upto 448 bits long. • Freely available source code Mr. Gopal Sakarkar
The Blowfish Encryption Algorithm (cont.) • Gained acceptance as a strong encryption algorithm. • Blowfish is unpatented and license-free, and is available free for all uses. • No effective cryptanalysis has been found to date. • More attention is now given to block ciphers with a larger block size, such as AES or Twofish.
7.07. Blowfish Key Schedule • uses a 32 to 448 bit key • used to generate – 18 32-bit subkeys stored in K-array Kj – four 8x32 S-boxes stored in Si,j • key schedule consists of: – initialize P-array and then 4 S-boxes using pi – XOR P-array with key bits (reuse as needed) – loop repeatedly encrypting data using current P & S and replace successive pairs of P then S values – requires 521 encryptions, hence slow in re-keying
Blowfish Encryption • uses two primitives: addition & XOR • data is divided into two 32-bit halves L0 & R0 for i = 1 to 16 do Ri = Li-1 XOR Pi; Li = F[Ri] XOR Ri-1; L17 = R16 XOR P18; R17 = L16 XOR i17; • where F[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) + S4,a
The Blowfish Algorithm
The Blowfish Algorithm: Encryption (cont) Diagram of Blowfish's F function
The Blowfish Algorithm: Encryption (cont) • Blowfish's F-function. • Splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. • Outputs are added modulo 232 and XORed to produce the final 32-bit output. • Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.
The Function F
RC5 • It is symmetric key block encryption algorithm developed by Ron Rivest. • It is quite fast as it use only the primitive computer operation i.e. XOR , addition, shift etc. • It used variable number of round and variable bit-size key. • It required less memory for execution so that it not only used for desktop computer but also for smart card and other devices. » 125 Mr. Gopal Sakarkar
RC5 Working • It used the plain text block size of 32,64, or 128 bits. • The key length can be 0 to 2040 bits. • Number of rounds can be from 0 to 255. Mr. Gopal Sakarkar
Divide plain text into two block i.e. A ,B Add A & S[0] to produce C Add B & S[1] to produce D Start with i=1 Check: Is i>r ? Mr. Gopal Sakarkar 1. XOR C & D to produce E 4.XOR D & F to produce G 2. Circular left shift E by D bits 3. Add E & S[2] to produce F 5. Circular left shift G by F bits 6. Add G & S[2i+1] to produce H Increment i by 1 Call F as C (i.e. C=F) Call H as D (i.e. D=H) Stop Yes No
Lecture 3 Today’s Agenda Mr. Gopal Sakarkar • IDEA Algorithm. • Cipher Block Chaining. • Location of encryption devices. • Key Distribution
International Data Encryption Algorithm • It is one of the strongest cryptographic algorithm Mr. Gopal Sakarkar invented in 1992. • It is Block Cipher Symmetric cryptographic alog. with 64 bits plain text and 128 bits length key. • It is used both substitution and transposition techniques for encryption
Working of IDEA 1.It take a 64 bits plaintext block as input and then partition it into four part, say P1 to P4. 2. P1 to P4 are the inputs to the first round of the Mr. Gopal Sakarkar algorithm. 3. It has eight round of encryption processing. 4. Each round use six-sub keys generated from original key having 16 bits length. 5. Final step consist of an Output Transformation Which use just four sub-keys , K49 to K52.
Working Plain Text (64bits) Round 1 Mr. Gopal Sakarkar K 1 K 2 K 6 Round 2 …. K 7 K 12 ………………. Round 6 K 43 K 48 Output Transformation K 49 K 52 P1(16 bits) P2(16 bits) P3(16 bits) P4(16 bits) …. …. …. …. C1(16 bits) C2(16 bits) C3(16 bits) C4(16 bits) Cipher Text (64bits)
Working of Rounds • Each round has a series of operation on the data block Mr. Gopal Sakarkar using six keys. • Each round perform a lot of mathematical action such as Multiplication, Addition and X-OR. • Each round is divided into 14 steps.
Sub-key Generation Round Unused (97-128 bits) … Mr. Gopal Sakarkar • First round Original Key (128 bits) K1(1-16 bits) K2(17-32 bits) K6(81-96 bits)
Mr. Gopal Sakarkar • Second round Unused Key (97-128 bits) K7 (97-112 bits) K8(113-128 bits) What about key k9, k10…k12 for second round ? Conti….
• The original key is exhausted . It is circular-left shifted by 25 Position 1 Position … (65-128 bits) Mr. Gopal Sakarkar bits. Original Key(128 bits) 128 circular-left shifted by 25 bits Now start allocating fresh sub-key from K7 to K12 New Key(128 bits) K9(1-16 bits) K10(17-32 bits) K12(49-64 bits) Unused
Exercise - IV • Explain in detail all eight round of sub key generation process. • Find out the strength of IDEA algorithm. Mr. Gopal Sakarkar
• Note: • A permutation is "a re-arrangement of elements of a set". Exp. We do 4 x 3 x 2 x 1 = 24. • There are 24 different ways that the letters can be arranged. • We can write 4!, which is read as "four factorial." Mr. Gopal Sakarkar
• Taking the 4 letters, ABCD, write down all the permutations of 3 of these letters: ABC BAC CAB DAB ACB BCA CBA DBA ABD BAD CAD DAC ADB BDA CDA DCA ACD BCD CBD DBC ADC BDC CDB DCB Mr. Gopal Sakarkar
Working of Substitution method • S-Box= Substitution Box • Example #1: Solve the following system using the substitution method x + y = 20 x − y = 10 Step 1 You have two equations. Pick either the first or the second equation and solve for either x or y. Since I am the one solving it, I have decided to choose the equation at the bottom (x − y = 10) and I will solve for x x − y = 10 Add y to both sides x − y + y = 10 + y x = 10 + y Mr. Gopal Sakarkar
• Step 2 Using x + y = 20, erase x and write 10 + y since x = 10 + y We get 10 + y + y = 20 10 + 2y = 20 Minus 10 from both sides 10 − 10 + 2y = 20 − 10 2y = 10 Divide both sides by 2 y = 5 Mr. Gopal Sakarkar
• Step 2 • Now you have y, you can replace its value into either equation to get x. Replacing y into x + y = 20 gives x + 5 = 20 Minus 5 from both sides x + 5 − 5 = 20 − 5 x = 15 The solution to the system is x = 15 and y = 5 Indeed 15 + 5 = 20 and 15 − 5 = 10 • H/W: Solve the following system using the substitution method 3x + y = 10 -4x − 2y = 2 Mr. Gopal Sakarkar
Algorithm Modes Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB) Work on block cipher Work on stream cipher
Electronic Code Book (ECB) Mr. Gopal Sakarkar
Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
Cipher Block Chaining (CBC) • Message is broken into blocks • Linked together in encryption operation • Each previous cipher blocks is chained with current plaintext Mr. Gopal Sakarkar block, hence name • Use Initial Vector (IV) to start process -IV has no special meaning , used to make each message unique only. • Uses: bulk data encryption, authentication
Cipher Block Chaining (CBC) Mr. Gopal Sakarkar
Advantages and Limitations of CBC • A ciphertext block depends on all blocks before it. • Any change to a block affects all following ciphertext blocks • Need Initialization Vector (IV) – which must be known to sender & receiver – if sent in clear, attacker can change bits of first block, and change IV to compensate – hence IV must either be a fixed value – or must be sent encrypted in ECB mode before rest of Mr. Gopal Sakarkar message
Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
Cipher FeedBack (CFB) • Message is treated as a stream of bits • Added to the output of the block cipher • Result is feed back for next stage (hence name) • Standard allows any number of bit (1,8, 64 or 128 etc) to be feed back – denoted CFB-1, CFB-8, CFB-64, CFB-128 etc Uses: stream data encryption, authentication Mr. Gopal Sakarkar
Cipher FeedBack (CFB) Mr. Gopal Sakarkar
Advantages and Limitations of CFB • Appropriate when data arrives in bits/bytes • Most common stream mode • limitation is need to install while do block encryption after Mr. Gopal Sakarkar every n-bits • Note that the block cipher is used in encryption mode at both ends • Errors propagate for several blocks after the error.
Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
Output FeedBack (OFB) • Message is treated as a stream of bits • In CFB, the cipher text is fed into the next stage of Mr. Gopal Sakarkar encryption process. • But in the OFB, the output of the IV encryption process is fed into the next stage of encryption process • Output of cipher is added to message • Output is then feed back (hence name) • Feedback is independent of message • uses: stream encryption on noisy channels.
OutpuMrt. GFoepael SdaBkarakacrk (OFB)
Key Distribution Symmetric schemes require both parties to share a Mr. Gopal Sakarkar common secret key Issue is how to securely distribute this key Often secure system failure due to a break in the key distribution scheme.
Key Distribution • Given parties A and B have various key distribution alternatives: 1. A can select key and physically deliver to B 2. third party can select & deliver key to A & B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B Mr. Gopal Sakarkar
Summary • IDEA is a strongest encryption algorithm only because of its Mr. Gopal Sakarkar key length. • Algorithm Modes of Operation – ECB, CBC, CFB, OFB Key distribution is centralize storage of keys .

More Related Content

PPTX
Cryptography and Network Security
Pa Van Tanku
 
PPTX
Cryptography and network security Nit701
Amit Pathak
 
PPTX
Cryptography
Jens Patel
 
PPTX
Advanced cryptography and implementation
Akash Jadhav
 
PPT
Cryptography Fundamentals
Duy Do Phan
 
PPTX
Cryptography and applications
thai
 
PPTX
Overview of cryptography
Roshan Chaudhary
 
PPTX
Diffie hellman key exchange algorithm
Sunita Kharayat
 
Cryptography and Network Security
Pa Van Tanku
 
Cryptography and network security Nit701
Amit Pathak
 
Cryptography
Jens Patel
 
Advanced cryptography and implementation
Akash Jadhav
 
Cryptography Fundamentals
Duy Do Phan
 
Cryptography and applications
thai
 
Overview of cryptography
Roshan Chaudhary
 
Diffie hellman key exchange algorithm
Sunita Kharayat
 

What's hot (20)

PPTX
Cryptography
prasham95
 
PPTX
Information hiding
TabassumSaifi2
 
PPTX
Cryptography
subodh pawar
 
PPT
Network Security & Cryptography
Dr. Himanshu Gupta
 
PPT
DES
Naga Srimanyu Timmaraju
 
PDF
Asymmetric Cryptography
UTD Computer Security Group
 
PPT
Cryptography
gueste4c97e
 
PDF
Introduction to Cryptography
Seema Goel
 
PPT
History of cryptography
Farah Shaikh
 
PPTX
cryptography
Abhijeet Singh
 
PPTX
Cryptography.ppt
Uday Meena
 
PPT
6. cryptography
7wounders
 
PPTX
Public Key Cryptography
Gopal Sakarkar
 
PPT
Cryptography its history application and beyond
kinleay
 
PPT
Cryptography Intro
Christopher Martin
 
PPTX
Cryptography and Information Security
Dr Naim R Kidwai
 
PPTX
Diffie Hellman Key Exchange
SAURABHDHAGE6
 
PDF
Caesar Cipher , Substitution Cipher, PlayFair and Vigenere Cipher
Mona Rajput
 
PPTX
Cryptography.ppt
kusum sharma
 
PPTX
Cryptanalysis 101
rahat ali
 
Cryptography
prasham95
 
Information hiding
TabassumSaifi2
 
Cryptography
subodh pawar
 
Network Security & Cryptography
Dr. Himanshu Gupta
 
DES
Naga Srimanyu Timmaraju
 
Asymmetric Cryptography
UTD Computer Security Group
 
Cryptography
gueste4c97e
 
Introduction to Cryptography
Seema Goel
 
History of cryptography
Farah Shaikh
 
cryptography
Abhijeet Singh
 
Cryptography.ppt
Uday Meena
 
6. cryptography
7wounders
 
Public Key Cryptography
Gopal Sakarkar
 
Cryptography its history application and beyond
kinleay
 
Cryptography Intro
Christopher Martin
 
Cryptography and Information Security
Dr Naim R Kidwai
 
Diffie Hellman Key Exchange
SAURABHDHAGE6
 
Caesar Cipher , Substitution Cipher, PlayFair and Vigenere Cipher
Mona Rajput
 
Cryptography.ppt
kusum sharma
 
Cryptanalysis 101
rahat ali
 
Ad

Similar to Cryptography and Encryptions,Network Security,Caesar Cipher (20)

PPTX
Chapter 1 information assurance and security
garedew32
 
PPTX
Cryptography and Network Security-ch1-4.pptx
SamiDan3
 
PPTX
cryptography introduction.pptx
BisharSuleiman
 
PPTX
CNS new ppt unit 1.pptx
RizwanBasha12
 
PDF
information technology cryptography Msc chapter 1-4.pdf
wondimagegndesta
 
PDF
chapter 1-4.pdf
zerihunnana
 
PPTX
Seminar Information Protection & Computer Security (Cryptography).pptx
umardanjumamaiwada
 
PPTX
cryptography_and_Network_Security_fuck_scribd_scribd_will_go_to_hell.pptx
darkchocolate5556
 
PPTX
chapter 7.pptx
MelkamtseganewTigabi1
 
PPTX
cns unit 1.pptx
Saranya Natarajan
 
PPT
Lecture-01,02.ppt introduction to INFORMATION SECURITY, WEEK 1 , basics
kashafzia775
 
PPT
NETWORK SECURITY
TouseeqHaider11
 
PPTX
Information Assurance and Security all in One Handout.pptx
fernandezpineda1016
 
PPTX
Mastering Network Security: Protecting Networks from Cyber Threats with Firew...
Sisodetrupti
 
PPT
Fundamentals of cryptography
Hossain Md Shakhawat
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY
AdityaShukla141
 
PPT
CNS Unit-I_final.ppt
SwapnaPavan2
 
PPTX
Network security and cryptography
Pavithra renu
 
PDF
Cryptography networkcns subject notes
mrudulareddy226
 
PPTX
CRYPTOGRAPHY & NETWORK SECURITY [Autosaved].pptx
asjadzaki2021
 
Chapter 1 information assurance and security
garedew32
 
Cryptography and Network Security-ch1-4.pptx
SamiDan3
 
cryptography introduction.pptx
BisharSuleiman
 
CNS new ppt unit 1.pptx
RizwanBasha12
 
information technology cryptography Msc chapter 1-4.pdf
wondimagegndesta
 
chapter 1-4.pdf
zerihunnana
 
Seminar Information Protection & Computer Security (Cryptography).pptx
umardanjumamaiwada
 
cryptography_and_Network_Security_fuck_scribd_scribd_will_go_to_hell.pptx
darkchocolate5556
 
chapter 7.pptx
MelkamtseganewTigabi1
 
cns unit 1.pptx
Saranya Natarajan
 
Lecture-01,02.ppt introduction to INFORMATION SECURITY, WEEK 1 , basics
kashafzia775
 
NETWORK SECURITY
TouseeqHaider11
 
Information Assurance and Security all in One Handout.pptx
fernandezpineda1016
 
Mastering Network Security: Protecting Networks from Cyber Threats with Firew...
Sisodetrupti
 
Fundamentals of cryptography
Hossain Md Shakhawat
 
CRYPTOGRAPHY AND NETWORK SECURITY
AdityaShukla141
 
CNS Unit-I_final.ppt
SwapnaPavan2
 
Network security and cryptography
Pavithra renu
 
Cryptography networkcns subject notes
mrudulareddy226
 
CRYPTOGRAPHY & NETWORK SECURITY [Autosaved].pptx
asjadzaki2021
 
Ad

Recently uploaded (20)

DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PDF
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
PPTX
Construction Project Organization Group 2.pptx
vj5agdales
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PPTX
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 
PPTX
additive manufacturing of ss316l using mig welding
premcdr7799
 
PPTX
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
PPTX
Geodesy 1.pptx...............................................
abhi1361yadav
 
PPTX
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
PDF
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PDF
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
PPTX
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PDF
PPT on Performance Review to get promotions
prashant593122
 
PPTX
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
PDF
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
PDF
composite construction of structures.pdf
AinieButt1
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
Construction Project Organization Group 2.pptx
vj5agdales
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
Sustainable Sites - Green Building Construction
mhdumerali
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 
additive manufacturing of ss316l using mig welding
premcdr7799
 
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
Geodesy 1.pptx...............................................
abhi1361yadav
 
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PPT on Performance Review to get promotions
prashant593122
 
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
composite construction of structures.pdf
AinieButt1
 

Cryptography and Encryptions,Network Security,Caesar Cipher

  • 1. Security Concept Mr.Gopal Sakarkar Mr. Gopal Sakarkar
  • 2. Today’s Agenda • Introduction of Security Concept. • Principal of Security. • Classification of Security Attacks Mr. Gopal Sakarkar
  • 3. Digital Security Computer Security Network Security Mr. Gopal Sakarkar
  • 4. Need of Network Security • According to FBI statistics result (2007) , up to five billion dollars is lost each year due to black holes . • Loss of important data. e.g. Credit Card, ATM Card • Confidential information of business have been stolen by competitors. e.g. ICICI vs HDFC • Last but not least : Important data stolen from military . Mr. Gopal Sakarkar
  • 5. So, what do you mean by NS? • It is vital component in information security for securing all information passed through computers network. • It provide management policy for access controls protection for H/W, S/W & information in networking. Mr. Gopal Sakarkar
  • 6. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  • 7. Confidentiality • It specifies that only sender and intended recipient(s) should be able to access the contents of message. e.g.: e-mail send by person A to person B. Mr. Gopal Sakarkar
  • 8. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  • 9. Authentication • It help to establish proof of identities. e.g. : Login using Userid and Password. Mr. Gopal Sakarkar
  • 10. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  • 11. Integrity • Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. e.g. Updating bank account information Mr. Gopal Sakarkar
  • 12. Principal of Security Mr. Gopal Sakarkar • Confidentiality • Authentication • Integrity • Non-repudiation
  • 13. Non-repudiation • Non- repudiation does not allow the sender or receiver of a message to refuse the claim of not sending or receiving that message. Mr. Gopal Sakarkar
  • 14. Classification of Security Attacks Mr. Gopal Sakarkar
  • 15. Passive Attack • A passive attack make use of information from the system but does not affect system resource. Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
  • 16. Release of Message Contents Mr. Gopal Sakarkar Hi, I am Bob Hi, I am Bob Hi, I am Bob
  • 17. Passive Attack Mr. Gopal Sakarkar Release of Message Contents Traffic Analysis
  • 18. Traffic Analysis Mr. Gopal Sakarkar Meet me at Cinemax Phhw ph dw flqhpda Meet me at Cinemax
  • 19. Active Attack • It involve some modification of data stream or creation of a Mr. Gopal Sakarkar false stream. Active Attack Replay Modification Denial of Service Masquerade
  • 20. Replay It involves passive capture of data unit and its subsequent retransmission to produce an unauthorized effect. Mr. Gopal Sakarkar Transfer Rs.1000 to Alice. Transfer Rs.1000 to Darth.
  • 21. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
  • 22. Modification In which some portion of message is altered or that message are delayed or reordered to produce an unauthorized affect. Mr. Gopal Sakarkar Transfer Rs.1,000 to Darth. Transfer Rs.10,000 to Darth. Transfer Rs.10,000 to Darth
  • 23. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
  • 24. Denial of service It have a specific target (Server), in which prevents or inhabits the normal use or management of communication facilities. Mr. Gopal Sakarkar
  • 25. Active Attack Replay Modification Denial of Service Masquerade Mr. Gopal Sakarkar
  • 26. Masquerade A masquerade is a type of attack where the attacker act as an authorized user system in order to gain access to it or to gain greater privileges than they are authorized for. Mr. Gopal Sakarkar
  • 27. Summary • Four goals have been defined for security i.e. Confidentiality , Authentication, Integrity, Non-repudiation. • Security Attacks are classified in two parts Active and Passive. Mr. Gopal Sakarkar
  • 28. For Further Reading • http://www.smartchip.com/flash/presentationV2.swf • http://buchananweb.co.uk/asmn/unit03.swf • http://www.computing.co.uk/computing/video/2246841/network-security • http://en.kioskea.net/contents/courrier-electronique/fonctionnement-mta-mua.php3 • http://www.thepcmanwebsite.com/cgi-bin/web_tools/ascii.pl (converter) • http://bytes.com/topic/c/answers/769137-how-convert-alphabet-numbers • http://www.kerryr.net/pioneers/binary.htm • http://services.exeter.ac.uk/cmit/modules/the_internet/slides/ch01s01s04.html (packet working) Mr. Gopal Sakarkar
  • 30. 32 Caesar Cipher It is a substitution cipher invented by Julius Caesar. It replace each letter of the alphabet with the letter standing thired Place further down the alphabet. Let numerical equivalency of letter A B C D E F G H …… z 0 1 2 3 4 5 6 7 25
  • 31. 33 Caesar Cipher Let , for each plaintext letter p, substitute the cipher letter : C=E(3,p)=(p+3) mod 26 For generalize equation for encryption : C=E(k,p)= (p+k) mod 26 For generalize equation for decryption : P=D(k,C)=(C-K)mod 26
  • 32. 34 Caesar Cipher plain: abcdefghijklmnopqrstuvwxyz key: defghijklmnopqrstuvwxyzabc cipher: PHHW PH DIWHU WKH WRJD SDUWB plain: MEET ME AFTER THE toga PARTY Video
  • 33. 35 “Rail-Fence” Cipher It is use substitution method , in which plaintext is written down As a sequence of diagonals and then read off as a sequence of row.
  • 34. 36 “Rail-Fence” Cipher DISGRUNTLED EMPLOYEE D R L E O I G U T E M L Y E S N D P E DRLEOIGUTE MLYESNDPE
  • 36. What is Steganography? Stegosaurus: a covered lizard (but not a type of cryptography) Greek Words: STEGANOS – “Covered” GRAPHIE – “Writing” • Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. • This can be achieve by concealing the existence of information within seemingly harmless carriers or cover • Carrier: text, image, video, audio, etc.
  • 37. Modern Steganography Techniques Masking and Filtering: Is where information is hidden inside of a image using digital watermarks that include information such as copyright, ownership, or licenses. The purpose is different from traditional steganography since it is adding an attribute to the cover image thus extending the amount of information presented. Algorithms and Transformations: This technique hides data in mathematical functions that are often used in compression algorithms. The idea of this method is to hide the secret message in the data bits in the least significant coefficients. Least Significant Bit Insertion: The most common and popular method of modern day steganography is to make use of the LSB of a picture’s pixel information. Thus the overall image distortion is kept to a minimum while the message is spaced out over the pixels in the images. This technique works best when the image file is larger then the message file and if the image is grayscale.
  • 38. Basics of Modern Steganography fE: steganographic function "embedding" fE-1: steganographic function "extracting" cover: cover data in which emb will be hidden emb: message to be hidden key: parameter of fE stego: cover data with the hidden message
  • 39. Important Requirement for Steganographic System • Security of the hidden communication • size of the payload • Robustness against malicious and unintentional attacks
  • 41. 45 Basic Types of Ciphers • Transposition ciphers – rearrange bits or characters in the data • Substitution ciphers – replace bits, characters, or blocks of characters with substitutes
  • 42. 46 Encryption Methods • The essential technology underlying virtually all automated network and computer security applications is cryptography • Two fundamental approaches are in use: – Conventional Encryption, also known as symmetric encryption – Public-key Encryption, also known as asymmetric encryption
  • 44. 48 Conventional Encryption Five components to the algorithm – Plaintext: The original message or data – Encryption algorithm: Performs various substitutions and transformations on the plaintext – Secret key: Input to the encryption algorithm. Substitutions and transformations performed depend on this key – Ciphertext: Scrambled message produced as output. depends on the plaintext and the secret key – Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext and the secret key to produce the original plaintext
  • 45. 50 Conventional Encryption M EK C DK M EK defined by an encrypting algorithm E DK defined by an decrypting algorithm D For given K, DK is the inverse of EK, i.e., DK(EK(M))=M for every plain text message M
  • 46. Today’s Agenda • Cryptography and Encryption • Encryption Principles • Feistel Cipher Structure • Data Encryption Standard (DES) Mr. Gopal Sakarkar
  • 47. Cryptography • It is a Greek word , means that “Secret Writing”. • Cryptography is an art and science for achieving security by encoding the readable format data in to a non-readable form. Mr. Gopal Sakarkar
  • 48. Encryption Encryption is a process of converting the plain text data in to ciphertext data. Mr. Gopal Sakarkar
  • 49. Encryption Principles • An encryption scheme has five ingredients: – Plaintext – Encryption algorithm – Secret Key – Ciphertext – Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm. Mr. Gopal Sakarkar
  • 50. Average time required for exhaustive key search Mr. Gopal Sakarkar Key Size (bits) Number of Alternative Keys Time required at 106 Decryption/μs 32 232 = 4.3 x 109 2.15 milliseconds 56 256 = 7.2 x 1016 10 hours 128 2128 = 3.4 x 1038 5.4 x 1018 years 168 2168 = 3.7 x 1050 5.9 x 1030 years
  • 51. Conventional Encryption Model Mr. Gopal Sakarkar
  • 52. Cryptography Process Depend on…. 1. The type of operations used for transforming plaintext to Mr. Gopal Sakarkar ciphertext. 1.1 Substitution 1.2 Transpose 2. The number of keys used 2.1 Symmetric (single key) 2.2Asymmetric(two-keys,orpublic-key encryption) 3. The way in which the plaintext is processed Block Cipher Stream Cipher
  • 53. Substitution Process Mr. Gopal Sakarkar
  • 54. Transposition Techniques • Consider plain text message as a number A=0 , B=1, C=2……..Z=25. • Take plain text CAT = 2 0 19 Take N x N matrix of randomly chosen keys. Mr. Gopal Sakarkar
  • 55. Mr. Gopal Sakarkar 6 24 1 13 16 10 20 17 15 = Multiply two matrix 6 24 1 13 16 10 20 17 15 2 0 X 19 = 31 216 325
  • 56. • Now compute a mod 26 value of the above matrix. Mr. Gopal Sakarkar 31 216 325 mod 26 5 8 = 13 Now translate number to alphabet 5=F, 8=I and 13= N i.e. cipher text is FIN
  • 57. Exercise - II • Define a symmetric-key cryptography. • Distinguish between a block cipher and a stream cipher with an example. • Decrypt a above example by taking a inverse of 8 5 10 21 8 21 21 12 8 Mr. Gopal Sakarkar original matrix i.e. • Draw an algorithm , flowchart and write a C++ program for implementing Transposition Techniques.
  • 58. Summary • Definition of Cryptography . • Working of encryption principal. • Substitution and transportation techniques . Mr. Gopal Sakarkar
  • 59. For Further Reading • http://buchananweb.co.uk/asmn/unit04.swf • http://www.youtube.com/watch?v=IzVCrSrZIX8 • http://www.youtube.com/watch?v=ZdC7cnpYOwI&feature=related Mr. Gopal Sakarkar
  • 60. Confusion and Diffusion • Introduced by Claude Shannon to capture the two basic building blocks for any Mr. Gopal Sakarkar cryptographic system. • Confusion - Confusion seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible, again to stop attempts to discover the key. • Diffusion - The mechanism of diffusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to prevent attempts to assume the key.
  • 61. Approximate Alphabet Frequency Mr. Gopal Sakarkar
  • 62. Feistel Cipher Structure • It is block cipher symmetric encryption algorithms, first described by Horst Feistel of IBM in 1973. • It is depends on the choice of the following parameters • Block size: larger block sizes mean greater security • Key Size: larger key size means greater security • Number of rounds: multiple rounds offer increasing security • Subkey generation algorithm: greater complexcity will lead to greater Mr. Gopal Sakarkar difficulty of cryptanalysis. • Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern.
  • 63. Steps: 1. Input of plaintext with length 2w bits and key K. 2. Plaintext is divided into two halves L0 and R0. 3. These two halves pass through N round of processing to produce CipherText block. 4. The key K is derived from subkey generation algo. 5. These two halves combine by applying a round function ‘F’ on right half of data and then taking X-OR operation of the output of F with left half of data. Mr. Gopal Sakarkar
  • 65. Exercise • List out the various Feistel ciphers Algorithm and explain each Mr. Gopal Sakarkar in brief.
  • 66. For Further Reading • http://www.quadibloc.com/crypto/co040906.htm • http://www.encryptionanddecryption.com/encrypt_decrypt_encyclopedia.ht Mr. Gopal Sakarkar ml
  • 67. Data Encryption Standard (DES) I. It is a Block Cipher Symmetric algorithm. II. It takes 64 bits plaintext and 56 (64) bits as a key. III. It produce a 64 bits cipher text. IV. It consist of 16 steps , called round. Steps: 1. It take 64 bit plain text as given i/p to Initial Permutation Function (IPF). 2. IPF produce two halves, i.e. Left Plain Text (LPT) and Right Plain Text Mr. Gopal Sakarkar (RPT) 3.Now, each LPT and RPT goes through 16 rounds of encryption process with key K(56 bits). 4.At the end , LPT and RPT are rejoined and a final permutation (FP) is performed which is being the inverse of IP on the combined block. 5. Finally the result produced 64 bits cipher text.
  • 68. Plain Text (64 bits) Initial Permutation LPT RPT Key ( K) 16 Rounds 16 Rounds 56 bits Final Permutation Cipher Text(64 bits) DES Algorithm Mr. Gopal Sakarkar
  • 69. DES Encryption Overview Mr. Gopal Sakarkar
  • 70. An Example • Let M be the plain text message M = 0123456789ABCDEF, where M is in hexadecimal (base 16) format. Rewriting M in binary format, we get the 64-bit block of text: • M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 Mr. Gopal Sakarkar 1110 1111 • L = 0000 0001 0010 0011 0100 0101 0110 0111 • R= 1000 1001 1010 1011 1100 1101 1110 1111 The first bit of M is "0". The last bit is "1". We read from left to right. Let K be the hexadecimal key K = 133457799BBCDFF1 K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001 Cipher Text: 85E813540F0AB405. Online Example
  • 71. The EFF's US $ 250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips. Mr. Gopal Sakarkar
  • 72. Triple-DES with Two-Keys • hence must use 3 encryptions – would seem to need 3 distinct keys • but can use 2 keys with E-D-E sequence – C = EK1[DK2[EK1[P]]] – no encrypt & decrypt equivalent in security – if K1=K2 then can work with single DES • standardized in ANSI X9.17 & ISO8732 • no current known practical attacks
  • 74. Summary • Security of data is depend on secrecy of key not on the Mr. Gopal Sakarkar encryption algorithm. • Feistel Cipher Structure is basic structure for any symmentric encryption algo. • DES algorithm also called as DEA has been a cryptographic alog. used from over four decades. • It was adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46 (FIPS PUB 46).
  • 75. For Further Reading • http://www.buchananweb.co.uk/asmn/unit03.swf • http://williamstallings.com/Crypt-Tut/Crypto%20Tutorial%20- Mr. Gopal Sakarkar %20JERIC.swf • http://orlingrabbe.com/des.htm (IMP) • http://www.tero.co.uk/des/explain.php
  • 76. Exercise - III • Explain a triple DES in detail. • Find out the various application in which DES is implemented. Mr. Gopal Sakarkar
  • 78. The Blowfish Encryption Algorithm • Developed by Bruce Schneier • Keyed, symmetric block cipher • Designed in 1993 . • Can be used as a drop-in replacement for DES.
  • 79. The Blowfish Encryption Algorithm (cont.) • As a fast, free alternative to existing encryption algorithms. • Variable-length key. • From 32 bits to 448 bits.
  • 80. The Blowfish Encryption Algorithm (cont.) • Fast: It used 32 bit microprocessors for 26 clock cycles per byte. • Compact : It need less than 5 kb memory for execution. • Simple : It used primitive operations ,such as addition , XOR ,etc. • Secure : It has variable length key upto 448 bits long. • Freely available source code Mr. Gopal Sakarkar
  • 81. The Blowfish Encryption Algorithm (cont.) • Gained acceptance as a strong encryption algorithm. • Blowfish is unpatented and license-free, and is available free for all uses. • No effective cryptanalysis has been found to date. • More attention is now given to block ciphers with a larger block size, such as AES or Twofish.
  • 82. 7.07. Blowfish Key Schedule • uses a 32 to 448 bit key • used to generate – 18 32-bit subkeys stored in K-array Kj – four 8x32 S-boxes stored in Si,j • key schedule consists of: – initialize P-array and then 4 S-boxes using pi – XOR P-array with key bits (reuse as needed) – loop repeatedly encrypting data using current P & S and replace successive pairs of P then S values – requires 521 encryptions, hence slow in re-keying
  • 83. Blowfish Encryption • uses two primitives: addition & XOR • data is divided into two 32-bit halves L0 & R0 for i = 1 to 16 do Ri = Li-1 XOR Pi; Li = F[Ri] XOR Ri-1; L17 = R16 XOR P18; R17 = L16 XOR i17; • where F[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) + S4,a
  • 85. The Blowfish Algorithm: Encryption (cont) Diagram of Blowfish's F function
  • 86. The Blowfish Algorithm: Encryption (cont) • Blowfish's F-function. • Splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. • Outputs are added modulo 232 and XORed to produce the final 32-bit output. • Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.
  • 88. RC5 • It is symmetric key block encryption algorithm developed by Ron Rivest. • It is quite fast as it use only the primitive computer operation i.e. XOR , addition, shift etc. • It used variable number of round and variable bit-size key. • It required less memory for execution so that it not only used for desktop computer but also for smart card and other devices. » 125 Mr. Gopal Sakarkar
  • 89. RC5 Working • It used the plain text block size of 32,64, or 128 bits. • The key length can be 0 to 2040 bits. • Number of rounds can be from 0 to 255. Mr. Gopal Sakarkar
  • 90. Divide plain text into two block i.e. A ,B Add A & S[0] to produce C Add B & S[1] to produce D Start with i=1 Check: Is i>r ? Mr. Gopal Sakarkar 1. XOR C & D to produce E 4.XOR D & F to produce G 2. Circular left shift E by D bits 3. Add E & S[2] to produce F 5. Circular left shift G by F bits 6. Add G & S[2i+1] to produce H Increment i by 1 Call F as C (i.e. C=F) Call H as D (i.e. D=H) Stop Yes No
  • 91. Lecture 3 Today’s Agenda Mr. Gopal Sakarkar • IDEA Algorithm. • Cipher Block Chaining. • Location of encryption devices. • Key Distribution
  • 92. International Data Encryption Algorithm • It is one of the strongest cryptographic algorithm Mr. Gopal Sakarkar invented in 1992. • It is Block Cipher Symmetric cryptographic alog. with 64 bits plain text and 128 bits length key. • It is used both substitution and transposition techniques for encryption
  • 93. Working of IDEA 1.It take a 64 bits plaintext block as input and then partition it into four part, say P1 to P4. 2. P1 to P4 are the inputs to the first round of the Mr. Gopal Sakarkar algorithm. 3. It has eight round of encryption processing. 4. Each round use six-sub keys generated from original key having 16 bits length. 5. Final step consist of an Output Transformation Which use just four sub-keys , K49 to K52.
  • 94. Working Plain Text (64bits) Round 1 Mr. Gopal Sakarkar K 1 K 2 K 6 Round 2 …. K 7 K 12 ………………. Round 6 K 43 K 48 Output Transformation K 49 K 52 P1(16 bits) P2(16 bits) P3(16 bits) P4(16 bits) …. …. …. …. C1(16 bits) C2(16 bits) C3(16 bits) C4(16 bits) Cipher Text (64bits)
  • 95. Working of Rounds • Each round has a series of operation on the data block Mr. Gopal Sakarkar using six keys. • Each round perform a lot of mathematical action such as Multiplication, Addition and X-OR. • Each round is divided into 14 steps.
  • 96. Sub-key Generation Round Unused (97-128 bits) … Mr. Gopal Sakarkar • First round Original Key (128 bits) K1(1-16 bits) K2(17-32 bits) K6(81-96 bits)
  • 97. Mr. Gopal Sakarkar • Second round Unused Key (97-128 bits) K7 (97-112 bits) K8(113-128 bits) What about key k9, k10…k12 for second round ? Conti….
  • 98. • The original key is exhausted . It is circular-left shifted by 25 Position 1 Position … (65-128 bits) Mr. Gopal Sakarkar bits. Original Key(128 bits) 128 circular-left shifted by 25 bits Now start allocating fresh sub-key from K7 to K12 New Key(128 bits) K9(1-16 bits) K10(17-32 bits) K12(49-64 bits) Unused
  • 99. Exercise - IV • Explain in detail all eight round of sub key generation process. • Find out the strength of IDEA algorithm. Mr. Gopal Sakarkar
  • 100. • Note: • A permutation is "a re-arrangement of elements of a set". Exp. We do 4 x 3 x 2 x 1 = 24. • There are 24 different ways that the letters can be arranged. • We can write 4!, which is read as "four factorial." Mr. Gopal Sakarkar
  • 101. • Taking the 4 letters, ABCD, write down all the permutations of 3 of these letters: ABC BAC CAB DAB ACB BCA CBA DBA ABD BAD CAD DAC ADB BDA CDA DCA ACD BCD CBD DBC ADC BDC CDB DCB Mr. Gopal Sakarkar
  • 102. Working of Substitution method • S-Box= Substitution Box • Example #1: Solve the following system using the substitution method x + y = 20 x − y = 10 Step 1 You have two equations. Pick either the first or the second equation and solve for either x or y. Since I am the one solving it, I have decided to choose the equation at the bottom (x − y = 10) and I will solve for x x − y = 10 Add y to both sides x − y + y = 10 + y x = 10 + y Mr. Gopal Sakarkar
  • 103. • Step 2 Using x + y = 20, erase x and write 10 + y since x = 10 + y We get 10 + y + y = 20 10 + 2y = 20 Minus 10 from both sides 10 − 10 + 2y = 20 − 10 2y = 10 Divide both sides by 2 y = 5 Mr. Gopal Sakarkar
  • 104. • Step 2 • Now you have y, you can replace its value into either equation to get x. Replacing y into x + y = 20 gives x + 5 = 20 Minus 5 from both sides x + 5 − 5 = 20 − 5 x = 15 The solution to the system is x = 15 and y = 5 Indeed 15 + 5 = 20 and 15 − 5 = 10 • H/W: Solve the following system using the substitution method 3x + y = 10 -4x − 2y = 2 Mr. Gopal Sakarkar
  • 105. Algorithm Modes Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB) Work on block cipher Work on stream cipher
  • 106. Electronic Code Book (ECB) Mr. Gopal Sakarkar
  • 107. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
  • 108. Cipher Block Chaining (CBC) • Message is broken into blocks • Linked together in encryption operation • Each previous cipher blocks is chained with current plaintext Mr. Gopal Sakarkar block, hence name • Use Initial Vector (IV) to start process -IV has no special meaning , used to make each message unique only. • Uses: bulk data encryption, authentication
  • 109. Cipher Block Chaining (CBC) Mr. Gopal Sakarkar
  • 110. Advantages and Limitations of CBC • A ciphertext block depends on all blocks before it. • Any change to a block affects all following ciphertext blocks • Need Initialization Vector (IV) – which must be known to sender & receiver – if sent in clear, attacker can change bits of first block, and change IV to compensate – hence IV must either be a fixed value – or must be sent encrypted in ECB mode before rest of Mr. Gopal Sakarkar message
  • 111. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
  • 112. Cipher FeedBack (CFB) • Message is treated as a stream of bits • Added to the output of the block cipher • Result is feed back for next stage (hence name) • Standard allows any number of bit (1,8, 64 or 128 etc) to be feed back – denoted CFB-1, CFB-8, CFB-64, CFB-128 etc Uses: stream data encryption, authentication Mr. Gopal Sakarkar
  • 113. Cipher FeedBack (CFB) Mr. Gopal Sakarkar
  • 114. Advantages and Limitations of CFB • Appropriate when data arrives in bits/bytes • Most common stream mode • limitation is need to install while do block encryption after Mr. Gopal Sakarkar every n-bits • Note that the block cipher is used in encryption mode at both ends • Errors propagate for several blocks after the error.
  • 115. Algorithm Modes Mr. Gopal Sakarkar Electronic Code Book (ECB) Cipher Block Chaining (CBC) Cipher FeedBack (CFB) Out FeedBack (OFB)
  • 116. Output FeedBack (OFB) • Message is treated as a stream of bits • In CFB, the cipher text is fed into the next stage of Mr. Gopal Sakarkar encryption process. • But in the OFB, the output of the IV encryption process is fed into the next stage of encryption process • Output of cipher is added to message • Output is then feed back (hence name) • Feedback is independent of message • uses: stream encryption on noisy channels.
  • 118. Key Distribution Symmetric schemes require both parties to share a Mr. Gopal Sakarkar common secret key Issue is how to securely distribute this key Often secure system failure due to a break in the key distribution scheme.
  • 119. Key Distribution • Given parties A and B have various key distribution alternatives: 1. A can select key and physically deliver to B 2. third party can select & deliver key to A & B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B Mr. Gopal Sakarkar
  • 120. Summary • IDEA is a strongest encryption algorithm only because of its Mr. Gopal Sakarkar key length. • Algorithm Modes of Operation – ECB, CBC, CFB, OFB Key distribution is centralize storage of keys .