1 / 40

Stream Ciphers A5/1 LFSR

Stream Ciphers A5/1 LFSR. SECURITY. Cryptology. We are here. cryptanalysis. cryptography s ymmetric a symmetric p rotocols. s tream block c iphers ciphers. LFSR. DES, 3DES, AES.

amosr
Télécharger la présentation

Stream Ciphers A5/1 LFSR

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Stream Ciphers A5/1 LFSR

  2. SECURITY Cryptology We are here cryptanalysis cryptography symmetric asymmetric protocols stream block ciphers ciphers LFSR DES, 3DES, AES

  3. Addition and subtraction are the same operation K = a,b K = a,b LCG LCG Ꚛ Ꚛ …x4, x3, x2, x1, x0  …x4, x3, x2, x1, x0   … y4, y3, y2, y1, y0  What’s in here?

  4. LFSR – a series of flip-flops with feedback loops (not clocked) Output: Si 1 0 1 0 S0 = 0 Flip-flop holds: 1 0 0 0 clk 0 1 0 0 ?

  5. Flip-Flops (i.e memory)‏ also called a latch S Q Q' R A flip-flop stores a bit by virtue of the feedback loop

  6. 1 1 0 We string them together to make a shift register, each holds one bit each has an ‘in’ and an ‘out’ Whatever is stored is available on the output right now Whatever in on the input now will become the stored value on the next clock tick

  7. Mathematically speaking: (not clocked) Output: Si 0 1 0 0 S0 = 0 S3 S1 S0 = ( ) S4 S2 S1 = ( ) S5 S4 S3 = ( )

  8. Si+3 Si+1 Si = ( ) mod 2 period == 7, but we’d like >>7 General LFSR f1 f0 ffm-1 p1 Pm-1 p0 Sm-1 s1 s0 Arbitrary number of flip-flops, arbitrary choice for feedback

  9. f1 f0 ffm-1 p1 Pm-1 p0 Sm-1 s1 s0 si Starting values for flip-flops pi Vector of choices for open/closed (feedback, or not?) Set by the standard

  10. f1 f0 ffm-1 p1 Pm-1 p0 s1 s0 Sm-1 ) mod2 P0 P1 S0 (Sm-1 Pm-2 S1 Sm-2 Pm-1 + Sm + … + + ΞΞ ) mod2 P0 P1 S1 Pm-2 S2 Sm-1 Pm-1 + (Sm + … + + ΞΞ Sm+1 i+jPj Sm+i ΞΞ

  11. SECURITY Cryptology We are here cryptanalysis cryptography symmetric asymmetric protocols stream block ciphers ciphers LFSR DES, 3DES, AES

  12. Block Ciphers Deterministic algorithms which act on fixed size chunks of bits call blocks Transform specified by a symmetric key

  13. Claude Shannon Claude Shannon, a researcher at AT&T Bell Laboratories, is the father of Computer Science. He completed his masters thesis "A Symbolic Analysis of Relay and Switching Circuits," at age 22, which was called "possibly the most important, and also the most famous, master's thesis of the century.“ - Harvard University Professor Howard Gardner.

  14. Claude Shannon Information Theory and A Mathematical Theory of Communication and Communication Theory of Secrecy Systems

  15. cryptographic algorithm(cipher) a mathematical function plus a key to en/decrypt The same plaintext encrypts to different ciphertext with different keys.

  16. Secrecy of the key and strength of the cipher determine the security Cryptosystem - cryptographic algorithm, plus all possible keys and all the protocols that make it work comprise a cryptosystem (PGP)

  17. Conventional cryptography uses a symmetric key

  18. Symmetric-key is very fast useful for encrypting data that is not to be transmitted But, secure key distribution is the gotcha We still need a secure channel to tell the other party the key

  19. Hybrid: Symmetric, block cipher key

  20. Back to block ciphers…

  21. Block Cipher Key K bits long | v  Chunk of n encrypted bits Chunk of n cleartext bits  Most are iterated meaning we do it over and over in a round with different keys, each derived from the original

  22. Combine substitutions and transpositions (permutations) crypto-quote and jumble puzzles Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original Rounds alternate Horst Feistel, hence “Feistel network”

  23. Combine substitutions and transpositions crypto-quote and jumble puzzles  transposition

  24. Combine substitutions and transpositions crypto-quote and jumble puzzles  substitution

  25. Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original

  26. Horst Feistel, hence “Feistel network”

  27. Substitution-permutation block cipher several alternating rounds of substitution and permutation Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original --wikipedia

  28. A substitution box substitutes a small block of input bits with another block of output bits. 1-1 so it can be decrypted A permutation box takes the outputs of all the S-boxes of one round, permutes the bits, and feeds them into the S-boxes of the next round. Iterated cipher, carried out in rounds each round uses a different sub-key derived from the original

  29. Confusion refers to making the relationship between the key and the ciphertext as complex and as involved as possible Diffusion refers to the property that redundancy in the statistics of the plaintext is "dissipated" in the statistics of the ciphertext.

  30. Confusion – a primary mechanism is substitution (cryptoquote) Diffusion - primary mechanism is transposition (jumble) A required property is that a small change in cleartext, yields a large change in encrypted text Ideally, if you flip an input bit, we would like a 50-50 chance that each output bit flips …an avalanche of changes

  31. Bad: cleartext0x23 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0x99 0x26 0x11 0xcd 0x00 0x67 0x8e 0xee 0x30 0x02 0x44 0xc4 cleartext 0xa3 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0x99 0x26 0x11 0xcd 0x00 0x67 0x8e 0xef 0x30 0x02 0x44 0xc4 Causes a single bit to change in the ciphertext 1110 becomes 1111 A single bit changed: 0010 becomes 1010

  32. Good: cleartext0x23 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0x99 0x26 0x11 0xcd 0x00 0x67 0x8e 0xee 0x30 0x02 0x44 0xc4 cleartext 0xa3 0x71 0xa0 0x00 0x31 0xfa 0x29 0x44 0x51 0x10 0x00 0xab ciphertext0xc0 0x56 0xe2 0x80 0xdd 0xdd 0x19 0xb1 0x30 0x82 0x4c 0x25 Causes many changes A single bit changed: 0010 becomes 1010

  33. Confusion – a primary mechanism is substitution (cryptoquote) Diffusion - primary mechanism is transposition (jumble) Substitution and diffusion are most common, but AES uses linear transformations

  34. Data Encryption Standard - DES First cryptography in the public space proposed by IBM/NSA in 1974 U.S. government standard in 1977 ANSI standard in 1981 Gov’t standard until around 2000 Very widely distributed, implemented, studied

  35. Data Encryption Standard - DES • block cipher using a 56-bit key • strong algorithm, but limited by key length • Unsecure today, hardware to defeat it • emerged in 1988 • 3DES – triple DES, still secure • most widely used https://www.youtube.com/watch?v=Sy0sXa73PZA&t=1s

  36. 56 bit key | v DES  64 encrypted bits 64 bits clear Symmetric keys 16 rounds, all of which are the same Different subkey in each round

  37. openssl(1) libcrypt.a(3) e.g. encrypt & decrypt with DES openssl des -e -a -in index.html -out index.html.enc openssl des –d –a –in index.html.enc –out /dev/pts/1

More Related