1 / 17

Fundamentals of Computer Security

Fundamentals of Computer Security. Modern Cryptography: The Data Encryption Standard. Feistel Ciphers ( Harst Feistel, 1950s-1960s). The symbol means bitwise XOR. input. Functions f 1 , f 2 , …, f i are called round functions . Notation for Feistel ciphers:. Left half. Right half.

tiana
Télécharger la présentation

Fundamentals of Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fundamentals of Computer Security Modern Cryptography: The Data Encryption Standard CSCI 379 Fundamentals of Computer Security

  2. Feistel Ciphers(Harst Feistel, 1950s-1960s) The symbol means bitwise XOR. input Functions f1, f2, …, fi are called round functions. Notation for Feistel ciphers: Left half Right half f1 example on the left f2 successive round functions Decryption of Feistel ciphers: f3 The round functions do not have to be invertible: fewer constraints on how to achieve good diffusion and confusion, leads to smaller code size, faster implementation in software, fewer gates in hardware, etc. CSCI 379 Fundamentals of Computer Security

  3. The DES Algorithm 64-bit block plaintext 56-bit key Each 64-bit block of plaintext goes through: • An initial permutation. • 16 roundsof substitution and transposition operations influenced by a 48-bit subkeyfor each round, which is derived from the 56-bit DES key. • Afinal permutation. IP round 1 round 2 round subkey generation round 3 round 4 round 5 … round 16 FP 64-bit block ciphertext CSCI 379 Fundamentals of Computer Security

  4. DES is a Feistel Cipher Encryption: Take each block and divide into two halves, L and R. Each round consists of computing the XOR of L with F(Ki,R) for some functionF, and round keyKi, and then swapping L and R. Decryption: Swap L and R, then XOR L with F(Ki,R). Single DES Round: Ki L R F Bit shuffle S Expand CSCI 379 Fundamentals of Computer Security

  5. A DES Round 64-bit input Consider a C++ implementation: Question: How do you perform bitwise operations? Question: How do you split a 64-bit value into two 32-bit values? Question: How do you permute the bits in a variable? L1 (32-bit) R1 (32-bit) EP Subkeyi XOR S-Box “mangler function” P-Box XOR L2 (32-bit) R2 (32-bit) 64-bit output CSCI 379 Fundamentals of Computer Security

  6. Framework for a DES Implementation http://www.eg.bucknell.edu/~cs379/CompSec/F04/code/hw2/html/ CSCI 379 Fundamentals of Computer Security

  7. DES S-boxes • S-boxes perform substitution operations. • There are 8 different S-boxes. • Each S-box takes 6 input bits and produces 4 output bits: • Bits 1-6 are the input to S-box 1. • Bits 7-12 are the input to S-box 2, etc. CSCI 379 Fundamentals of Computer Security

  8. DES S-box Operation • The entry found at the intersection of the specified row and column is the four-digit binary output for the S-box. • Examples using S-box 1: • 011010 (input) = row 0, column 13 = 9 = 1001 (output). • 110010 (input) = row 2, column 9 = 12 = 1100 (output). • 000011 (input) = row 1, column 1 = 15 = 1111 (output). CSCI 379 Fundamentals of Computer Security

  9. DES S-box Operation • Each S-box contains 4 rows and 16 columns of entries • Example - S-box 1: • The first and last of the 6 input bits to an S-box form a two-digit binary number that specifies one of the 4 rows: • 00 for the zeroth row, 01 for the first row, 10 for the second row, and 11 for the third row. • The middle four input bits form a four-digit binary number that specifies one of the 16 columns: • 0000 for the zeroth column, 0001 for the first column, . . ., and 1111 for the 15th column. CSCI 379 Fundamentals of Computer Security

  10. DES – The S-boxes CSCI 379 Fundamentals of Computer Security

  11. DES – S-box Operation Example • The 48-bit result of the XOR operation: • 110011111011001001001011100101110100010001001001 • The 32-bit result of the S-box substitutions: • 10110101001111111100010011101010 CSCI 379 Fundamentals of Computer Security

  12. DES P-box • The 32-bit output of the S-boxes is passed through a P-box. • The P-box permutes the bits into a new order: • The first output bit from the S-boxes is moved into position 16. • The second bit is moved into position 7. • The third bit is moved into position 20. … • The thirty-second bit is moved into position 25. CSCI 379 Fundamentals of Computer Security

  13. DES – Second XOR Operation • The 32-bit output of the P-box is XORed with the left half of the original 64-bit input block • Output from P-box (32 bits) • 10001101110101100101011001011111 • Left half of input block (32 bits) • 11100010101110100011100011001101 • The 32-bit output of the XOR operation: • 01101111011011000110111010010010 CSCI 379 Fundamentals of Computer Security

  14. DES - Decryption • The same algorithm and key is used for decryption. • The subkeys are applied in the opposite order: • Subkey 16 is used during the first round of decryption, • Subkey 15 is used during the second round of decryption, … • Subkey 1 is used during the 16th round of decryption. CSCI 379 Fundamentals of Computer Security

  15. Multiple Encryption with DES 3DES: - Define two key values K1 and K2. - Each block is encrypted as: (the second pass encrypts with decryption) - Decryption does the reverse: K1 K2 K1 m c D E E See [Kaufman 2002] if you want to understand why the 3rd time is the charm. K1 K2 K1 c m E D D Note that encrypting twice with the same key is not much more than a single encryption (exhaustive search requires the same number of keys to be tested; it is true that each key has to be tested twice, but that isn’t a big deal). Also, encrypting twice with two keys is not as strong as encrypting once with a key twice as long. There exists a possible attack that breaks double-encryption DES in roughly twice the time for a brute-force attack on single-encryption DES. CSCI 379 Fundamentals of Computer Security

  16. DES - Summary • DES is still a widely used cryptosystem. • Increased computing power has weakened the protection offered by DES considerably: • 1998: the Electronic Frontier Foundationbuilds a $220,000, special-purpose machine that could recover the key for a message encrypted with DES in about four days. • DES helped to focus and unify the public cryptographic research community. • NIST’s 1998 call for an Advanced Encryption Standard to replace DES produced 15 promising candidate algorithms from researchers all over the world. CSCI 379 Fundamentals of Computer Security

  17. References In print: • Fundamentals of Secure Computer Systems, Brett Tjaden. Franklin, Beedle & Associates, 2003. • Security Engineering, Ross Anderson. Wiley, 2001. • Applied Cryptography, Bruce Schneier. Wiley, 1996. • Practical Cryptography, Bruce Schneier and Neils Ferguson. Wiley, 2002. • The Code Book, Simon Singh. Online: • http://www.wiretapp.net CSCI 379 Fundamentals of Computer Security

More Related