SlideShare a Scribd company logo

Lecture3a symmetric encryption

R
rajakhurram
TechnologyEducation
1 of 22
Symmetric Encryption and Message Confidentiality RAJA M KHURRAM SHAHZAD
Cryptography • Why do we need cryptography? – Requirements - must be sure that: – Be sure our confidential information can’t be understood by anyone than the intended – Protect against interception 2 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Cryptography • Classified along three independent dimensions: 1. The type of operations used for transforming plain-text to cipher text  Substitution: each element is mapped to another element  Transposition: elements are rearranged 2. The number of keys used  symmetric (single key)  asymmetric (two-keys, or public-key encryption) 3. The way in which the plain-text is processed  block cipher  stream cipher 3 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Big picture 4 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Conventional Encryption Principles • An encryption scheme has five ingredients: 1. Plain-text 2. Encryption algorithm (Strong) 3. Secret Keys (Shared and kept secretly) 4. Cipher text 5. Decryption algorithm (Cipher Text: result of encryption performed on plaintext using an algorithm, called a cipher) • Security depends on the secrecy of the key, not the secrecy of the algorithm • Most important algorithm: Data Encryption Algorithm (DEA) 1. Data Encryption Standard – DES 2. Triple DEA – TDEA 3. International Data Encryption Algorithm - IDEA 5 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Example 6 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Average Time for Exhaustive Key Search Key Size (bits) Number of Alternative Keys Time required at 106 Decryption/µs 32 232 = 4.3 x 109 2.15 milliseconds 56 256 = 7.2 x 1016 10 hours 128 2128 = 3.4 x 1038 5.4 x 1018 years 168 2168 = 3.7 x 1050 5.9 x 1030 years 7 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Fun Work : Zodiac’s “My Name is” cipher http://www.opordanalyt ical.com/articles/Zodia c3.htm 8 ET2437 - Network Security
Cryptanalysis Type of attack Known to cryptanalyst Ciphertext only Encryption algorithm Ciphertext to be decoded Known plaintext Encryption algorithm Ciphertext to be decoded One or more plaintext-ciphertext pair Chosen plaintext Encryption algorithm Ciphertext to be decoded Plaintext chosen by cryptanalyst with ciphertext pair Chosen ciphertext Encryption algorithm Ciphertext to be decoded Ciphertext chosen by cryptanalyst with plaintext Chosen text Encryption algorithm Ciphertext to be decoded Plaintext chosen by cryptanalyst with ciphertext pair Ciphertext chosen by cryptanalyst with plaintext 9
Substitution-Permutation Networks • In 1949 Claude Shannon introduced idea of Substitution- Permutation (SP) networks  SP Networks is a series of linked mathematical operations used in block cipher algorithms  Modern Substitution-Transposition product cipher • These form the basis of modern block ciphers • SP networks are based on the two primitive cryptographic operations:  Substitution (S-box)  Permutation (P-box)  Provide confusion and diffusion of message 10 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Substitution-Permutation Networks • Takes a block of the plaintext and the key as inputs • Applies several alternating "rounds" or "layers" of substitution boxes (S-boxes) and permutation boxes (P-boxes) to produce the ciphertext block. • S-box substitutes a small block of bits (the input of the S-box) by another block of bits (the output of the S-box). • A P-box is a permutation of all the bits: it takes the outputs of all the S-boxes of one round, permutes the bits, and feeds them into the S-boxes of the next round. 11
Confusion and Dif fusion • Cipher needs to completely obscure statistical properties of original message  A one-time pad does this • More practically Shannon suggested combining elements to obtain:  Diffusion – dissipates statistical structure of plain-text over bulk of cipher-text – output bits should depend on the input bits in a very complex way  Confusion – makes relationship between cipher-text and key as complex as possible – make it very hard to find the key even if one has a large number of plaintext-ciphertext pairs produced with the same key. Therefore, each bit of the ciphertext should depend on the entire key, and in different ways on different bits of the key. 12 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Feistel Cipher Structure • Virtually all conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973 • The realization of a Fesitel Network depends on the choice of the following parameters and design features:  Block size: larger block sizes mean greater security  Key Size: larger key size means greater security  Number of rounds: multiple rounds offer increasing security  Sub-key generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis.  Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern • implements Shannon’s substitution-permutation network concept 13 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Classical Feistel Network 14 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
DES • Data Encryption Standard (DES)  The most widely used encryption scheme  The algorithm is referred to the Data Encryption Algorithm (DEA)  DES is a block cipher  The plain-text is processed in 64-bit blocks  The key is 56-bits in length • The overall processing at each iteration:  Li = Ri-1  Ri = Li-1 F(Ri-1, Ki) • Concerns about:  The algorithm and the key length (56-bits) 15 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt)  C = Cipher-text C = EK3[DK2[EK1[P]]]  P = Plain-text  EK[X] = encryption of X using key K  DK[Y] = decryption of Y using key K • Effective key length of 168 bits 16 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA)  128-bit key  Used in PGP • Blowfish  Easy to implement  High execution speed  Run in less than 5K of memory • RC5  Suitable for hardware and software, Low memory requirement  Fast, simple  Adaptable to processors of different word lengths  Variable number of rounds  Variable-length key  High security  Data-dependent rotations 17 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Cipher Block Modes of Operation • Procedure of enabling the repeated and secure use of a block cipher under a single key • Primarily been defined for encryption and authentication • Cipher Block Chaining Mode (CBC)  The input to the encryption algorithm is the XOR of the current plain- text block and the preceding cipher text block.  Repeating pattern of 64-bits are not exposed 18 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Cipher Block Modes of Operation 19
Location of Encryption Device • Link encryption  A lot of encryption devices  High level of security  Decrypt each packet at every switch • End-to-end encryption  The source encrypt and the receiver decrypts  Payload encrypted  Header in the clear • For High Security both link and end-to-end encryption are needed 20 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
Key Distribution 1. A key could be selected by A and physically delivered to B. 2. A third party could select the key and physically deliver it to A and B. 3. If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. 4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. • Session key  Data encrypted with a one-time session key. At the conclusion of the session the key is destroyed • Permanent key  Used between entities for the purpose of distributing session keys 21 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
The End 22 ET2437 - Network Security RAJA M KHURRAM SHAHZAD

Recommended

Symmetric key encryption
Symmetric key encryptionSymmetric key encryption
Symmetric key encryptionmdhar123
 
Asymmetric key
Asymmetric key Asymmetric key
Asymmetric key khushbu chauhan
 
Encryption
EncryptionEncryption
EncryptionJernej Virag
 
Cryptography - Simplified - Key Generation - Asymmetric Keys
Cryptography - Simplified - Key Generation - Asymmetric KeysCryptography - Simplified - Key Generation - Asymmetric Keys
Cryptography - Simplified - Key Generation - Asymmetric KeysAbdul Manaf Vellakodath
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric keyTriad Square InfoSec
 
Cryptography
CryptographyCryptography
Cryptographyamiable_indian
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionRapidSSLOnline.com
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 

Recommended

Symmetric key encryption
Symmetric key encryptionSymmetric key encryption
Symmetric key encryptionmdhar123
 
Asymmetric key
Asymmetric key Asymmetric key
Asymmetric key khushbu chauhan
 
Encryption
EncryptionEncryption
EncryptionJernej Virag
 
Cryptography - Simplified - Key Generation - Asymmetric Keys
Cryptography - Simplified - Key Generation - Asymmetric KeysCryptography - Simplified - Key Generation - Asymmetric Keys
Cryptography - Simplified - Key Generation - Asymmetric KeysAbdul Manaf Vellakodath
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric keyTriad Square InfoSec
 
Cryptography
CryptographyCryptography
Cryptographyamiable_indian
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionRapidSSLOnline.com
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Cryptography
CryptographyCryptography
CryptographyShivanand Arur
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSAAmit Debnath
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardPrasad Prabhu
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSSURBHI SAROHA
 
What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesCheapSSLsecurity
 
Cryptography - Simplified - Asymmetric Encryption
Cryptography - Simplified - Asymmetric EncryptionCryptography - Simplified - Asymmetric Encryption
Cryptography - Simplified - Asymmetric EncryptionAbdul Manaf Vellakodath
 
Cryptography
CryptographyCryptography
CryptographyRutuja Solkar
 
Cryptography
CryptographyCryptography
CryptographyAnandKaGe
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Cryptography
CryptographyCryptography
CryptographyPPT4U
 
Encryption
EncryptionEncryption
Encryptionkeith dias
 
Cryptography
CryptographyCryptography
Cryptographyjayashri kolekar
 
Cryptography Intro
Cryptography IntroCryptography Intro
Cryptography IntroChristopher Martin
 
Encryption Techniques
Encryption TechniquesEncryption Techniques
Encryption TechniquesDel Elson
 
Cryptography
CryptographyCryptography
CryptographySandip kumar
 
Network security and cryptography
Network security and cryptographyNetwork security and cryptography
Network security and cryptographyPavithra renu
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptographyPerfect Training Center
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin Jani
 
Quan nguyen symmetric versus asymmetric cryptography
Quan nguyen symmetric versus asymmetric cryptographyQuan nguyen symmetric versus asymmetric cryptography
Quan nguyen symmetric versus asymmetric cryptographyInformation Security Awareness Group
 

More Related Content

What's hot

Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSAAmit Debnath
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardPrasad Prabhu
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSSURBHI SAROHA
 
What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesCheapSSLsecurity
 
Cryptography - Simplified - Asymmetric Encryption
Cryptography - Simplified - Asymmetric EncryptionCryptography - Simplified - Asymmetric Encryption
Cryptography - Simplified - Asymmetric EncryptionAbdul Manaf Vellakodath
 
Cryptography
CryptographyCryptography
CryptographyAnandKaGe
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Cryptography
CryptographyCryptography
CryptographyPPT4U
 
Encryption Techniques
Encryption TechniquesEncryption Techniques
Encryption TechniquesDel Elson
 
Network security and cryptography
Network security and cryptographyNetwork security and cryptography
Network security and cryptographyPavithra renu
 

What's hot (20)

Cryptography
CryptographyCryptography
Cryptography
 
Public key Cryptography & RSA
Public key Cryptography & RSAPublic key Cryptography & RSA
Public key Cryptography & RSA
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standard
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSS
 
What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple Examples
 
Cryptography - Simplified - Asymmetric Encryption
Cryptography - Simplified - Asymmetric EncryptionCryptography - Simplified - Asymmetric Encryption
Cryptography - Simplified - Asymmetric Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography Intro
Cryptography IntroCryptography Intro
Cryptography Intro
 
Encryption Techniques
Encryption TechniquesEncryption Techniques
Encryption Techniques
 
Cryptography
CryptographyCryptography
Cryptography
 
Network security and cryptography
Network security and cryptographyNetwork security and cryptography
Network security and cryptography
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptography
 

Viewers also liked

Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin Jani
 
Επιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτητας
Επιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτηταςΕπιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτητας
Επιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτηταςIosif Alvertis
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptographyPriyamvada Singh
 
Matemáticas II - ecuaciones lineales 3 incognitas
Matemáticas II - ecuaciones lineales 3 incognitasMatemáticas II - ecuaciones lineales 3 incognitas
Matemáticas II - ecuaciones lineales 3 incognitasanalaura_fdz
 
Matemáticas II - ecuaciones cuadráticas
Matemáticas II - ecuaciones cuadráticasMatemáticas II - ecuaciones cuadráticas
Matemáticas II - ecuaciones cuadráticasanalaura_fdz
 
Matemáticas II - bloque 3
Matemáticas II - bloque 3Matemáticas II - bloque 3
Matemáticas II - bloque 3analaura_fdz
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Networkamiable_indian
 
Effect of substituents and functions on drug structure activity relationships
Effect of substituents and functions on drug structure activity relationshipsEffect of substituents and functions on drug structure activity relationships
Effect of substituents and functions on drug structure activity relationshipsOmar Sokkar
 
Rotary Newsletter - 30 January 2017
Rotary Newsletter - 30 January 2017Rotary Newsletter - 30 January 2017
Rotary Newsletter - 30 January 2017rotaryeclubsa9400
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardShafaan Khaliq Bhatti
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 

Viewers also liked (20)

Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
 
Quan nguyen symmetric versus asymmetric cryptography
Quan nguyen symmetric versus asymmetric cryptographyQuan nguyen symmetric versus asymmetric cryptography
Quan nguyen symmetric versus asymmetric cryptography
 
vicrael pineda
vicrael pinedavicrael pineda
vicrael pineda
 
днз №31
днз №31днз №31
днз №31
 
832-7678-2-PB
832-7678-2-PB832-7678-2-PB
832-7678-2-PB
 
Επιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτητας
Επιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτηταςΕπιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτητας
Επιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτητας
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptography
 
Matemáticas II - ecuaciones lineales 3 incognitas
Matemáticas II - ecuaciones lineales 3 incognitasMatemáticas II - ecuaciones lineales 3 incognitas
Matemáticas II - ecuaciones lineales 3 incognitas
 
Matemáticas II - ecuaciones cuadráticas
Matemáticas II - ecuaciones cuadráticasMatemáticas II - ecuaciones cuadráticas
Matemáticas II - ecuaciones cuadráticas
 
Class 4A OT425 2017
Class 4A OT425 2017Class 4A OT425 2017
Class 4A OT425 2017
 
Matemáticas II - bloque 3
Matemáticas II - bloque 3Matemáticas II - bloque 3
Matemáticas II - bloque 3
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Network
 
Effect of substituents and functions on drug structure activity relationships
Effect of substituents and functions on drug structure activity relationshipsEffect of substituents and functions on drug structure activity relationships
Effect of substituents and functions on drug structure activity relationships
 
Rotary Newsletter - 30 January 2017
Rotary Newsletter - 30 January 2017Rotary Newsletter - 30 January 2017
Rotary Newsletter - 30 January 2017
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standard
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
 
block ciphers
block ciphersblock ciphers
block ciphers
 
Encryption
EncryptionEncryption
Encryption
 

Similar to Lecture3a symmetric encryption

CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2Hamed Moghaddam
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdfSetiya Nugroho
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701Amit Pathak
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxssuserd5e356
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysIJORCS
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysIJORCS
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniquesMohitManna
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...editor1knowledgecuddle
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and AuthenticityHardik Manocha
 
CNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecurityCNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecuritySam Bowne
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfKailasS9
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-finalTaymoor Nazmy
 

Similar to Lecture3a symmetric encryption (20)

CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
 
groupWork.pptx
groupWork.pptxgroupWork.pptx
groupWork.pptx
 
Network Security Topic 3 cryptography
Network Security Topic 3 cryptographyNetwork Security Topic 3 cryptography
Network Security Topic 3 cryptography
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
 
Security - ch3.pptx
Security - ch3.pptxSecurity - ch3.pptx
Security - ch3.pptx
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
 
Security - ch3.pptx
Security - ch3.pptxSecurity - ch3.pptx
Security - ch3.pptx
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and Authenticity
 
Cryptography
CryptographyCryptography
Cryptography
 
CNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecurityCNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic Security
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-final
 

More from rajakhurram

Malicious software
Malicious softwareMalicious software
Malicious softwarerajakhurram
 
Lecture malicious software
Lecture malicious softwareLecture malicious software
Lecture malicious softwarerajakhurram
 
Lecture 12 malicious software
Lecture 12 malicious software Lecture 12 malicious software
Lecture 12 malicious software rajakhurram
 
Lecture 11 wifi security
Lecture 11 wifi securityLecture 11 wifi security
Lecture 11 wifi securityrajakhurram
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intrudersrajakhurram
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication rajakhurram
 
Lecture 7 certificates
Lecture 7 certificatesLecture 7 certificates
Lecture 7 certificatesrajakhurram
 
Lecture 6 web security
Lecture 6 web securityLecture 6 web security
Lecture 6 web securityrajakhurram
 
Lecture 5 ip security
Lecture 5 ip securityLecture 5 ip security
Lecture 5 ip securityrajakhurram
 
Lecture 4 firewalls
Lecture 4 firewallsLecture 4 firewalls
Lecture 4 firewallsrajakhurram
 
Lecture 3b public key_encryption
Lecture 3b public key_encryptionLecture 3b public key_encryption
Lecture 3b public key_encryptionrajakhurram
 
Lecture2 network attack
Lecture2 network attackLecture2 network attack
Lecture2 network attackrajakhurram
 
Lecture1 Introduction
Lecture1 Introduction Lecture1 Introduction
Lecture1 Introduction rajakhurram
 
Lecture 8 mail security
Lecture 8 mail securityLecture 8 mail security
Lecture 8 mail securityrajakhurram
 

More from rajakhurram (14)

Malicious software
Malicious softwareMalicious software
Malicious software
 
Lecture malicious software
Lecture malicious softwareLecture malicious software
Lecture malicious software
 
Lecture 12 malicious software
Lecture 12 malicious software Lecture 12 malicious software
Lecture 12 malicious software
 
Lecture 11 wifi security
Lecture 11 wifi securityLecture 11 wifi security
Lecture 11 wifi security
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intruders
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication
 
Lecture 7 certificates
Lecture 7 certificatesLecture 7 certificates
Lecture 7 certificates
 
Lecture 6 web security
Lecture 6 web securityLecture 6 web security
Lecture 6 web security
 
Lecture 5 ip security
Lecture 5 ip securityLecture 5 ip security
Lecture 5 ip security
 
Lecture 4 firewalls
Lecture 4 firewallsLecture 4 firewalls
Lecture 4 firewalls
 
Lecture 3b public key_encryption
Lecture 3b public key_encryptionLecture 3b public key_encryption
Lecture 3b public key_encryption
 
Lecture2 network attack
Lecture2 network attackLecture2 network attack
Lecture2 network attack
 
Lecture1 Introduction
Lecture1 Introduction Lecture1 Introduction
Lecture1 Introduction
 
Lecture 8 mail security
Lecture 8 mail securityLecture 8 mail security
Lecture 8 mail security
 

Recently uploaded

A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 

Recently uploaded (20)

A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 

Lecture3a symmetric encryption

  • 1. Symmetric Encryption and Message Confidentiality RAJA M KHURRAM SHAHZAD
  • 2. Cryptography • Why do we need cryptography? – Requirements - must be sure that: – Be sure our confidential information can’t be understood by anyone than the intended – Protect against interception 2 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 3. Cryptography • Classified along three independent dimensions: 1. The type of operations used for transforming plain-text to cipher text  Substitution: each element is mapped to another element  Transposition: elements are rearranged 2. The number of keys used  symmetric (single key)  asymmetric (two-keys, or public-key encryption) 3. The way in which the plain-text is processed  block cipher  stream cipher 3 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 4. Big picture 4 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 5. Conventional Encryption Principles • An encryption scheme has five ingredients: 1. Plain-text 2. Encryption algorithm (Strong) 3. Secret Keys (Shared and kept secretly) 4. Cipher text 5. Decryption algorithm (Cipher Text: result of encryption performed on plaintext using an algorithm, called a cipher) • Security depends on the secrecy of the key, not the secrecy of the algorithm • Most important algorithm: Data Encryption Algorithm (DEA) 1. Data Encryption Standard – DES 2. Triple DEA – TDEA 3. International Data Encryption Algorithm - IDEA 5 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 6. Example 6 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 7. Average Time for Exhaustive Key Search Key Size (bits) Number of Alternative Keys Time required at 106 Decryption/µs 32 232 = 4.3 x 109 2.15 milliseconds 56 256 = 7.2 x 1016 10 hours 128 2128 = 3.4 x 1038 5.4 x 1018 years 168 2168 = 3.7 x 1050 5.9 x 1030 years 7 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 8. Fun Work : Zodiac’s “My Name is” cipher http://www.opordanalyt ical.com/articles/Zodia c3.htm 8 ET2437 - Network Security
  • 9. Cryptanalysis Type of attack Known to cryptanalyst Ciphertext only Encryption algorithm Ciphertext to be decoded Known plaintext Encryption algorithm Ciphertext to be decoded One or more plaintext-ciphertext pair Chosen plaintext Encryption algorithm Ciphertext to be decoded Plaintext chosen by cryptanalyst with ciphertext pair Chosen ciphertext Encryption algorithm Ciphertext to be decoded Ciphertext chosen by cryptanalyst with plaintext Chosen text Encryption algorithm Ciphertext to be decoded Plaintext chosen by cryptanalyst with ciphertext pair Ciphertext chosen by cryptanalyst with plaintext 9
  • 10. Substitution-Permutation Networks • In 1949 Claude Shannon introduced idea of Substitution- Permutation (SP) networks  SP Networks is a series of linked mathematical operations used in block cipher algorithms  Modern Substitution-Transposition product cipher • These form the basis of modern block ciphers • SP networks are based on the two primitive cryptographic operations:  Substitution (S-box)  Permutation (P-box)  Provide confusion and diffusion of message 10 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 11. Substitution-Permutation Networks • Takes a block of the plaintext and the key as inputs • Applies several alternating "rounds" or "layers" of substitution boxes (S-boxes) and permutation boxes (P-boxes) to produce the ciphertext block. • S-box substitutes a small block of bits (the input of the S-box) by another block of bits (the output of the S-box). • A P-box is a permutation of all the bits: it takes the outputs of all the S-boxes of one round, permutes the bits, and feeds them into the S-boxes of the next round. 11
  • 12. Confusion and Dif fusion • Cipher needs to completely obscure statistical properties of original message  A one-time pad does this • More practically Shannon suggested combining elements to obtain:  Diffusion – dissipates statistical structure of plain-text over bulk of cipher-text – output bits should depend on the input bits in a very complex way  Confusion – makes relationship between cipher-text and key as complex as possible – make it very hard to find the key even if one has a large number of plaintext-ciphertext pairs produced with the same key. Therefore, each bit of the ciphertext should depend on the entire key, and in different ways on different bits of the key. 12 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 13. Feistel Cipher Structure • Virtually all conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973 • The realization of a Fesitel Network depends on the choice of the following parameters and design features:  Block size: larger block sizes mean greater security  Key Size: larger key size means greater security  Number of rounds: multiple rounds offer increasing security  Sub-key generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis.  Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern • implements Shannon’s substitution-permutation network concept 13 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 14. Classical Feistel Network 14 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 15. DES • Data Encryption Standard (DES)  The most widely used encryption scheme  The algorithm is referred to the Data Encryption Algorithm (DEA)  DES is a block cipher  The plain-text is processed in 64-bit blocks  The key is 56-bits in length • The overall processing at each iteration:  Li = Ri-1  Ri = Li-1 F(Ri-1, Ki) • Concerns about:  The algorithm and the key length (56-bits) 15 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 16. Triple DEA • Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt)  C = Cipher-text C = EK3[DK2[EK1[P]]]  P = Plain-text  EK[X] = encryption of X using key K  DK[Y] = decryption of Y using key K • Effective key length of 168 bits 16 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 17. Other Symmetric Block Ciphers • International Data Encryption Algorithm (IDEA)  128-bit key  Used in PGP • Blowfish  Easy to implement  High execution speed  Run in less than 5K of memory • RC5  Suitable for hardware and software, Low memory requirement  Fast, simple  Adaptable to processors of different word lengths  Variable number of rounds  Variable-length key  High security  Data-dependent rotations 17 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 18. Cipher Block Modes of Operation • Procedure of enabling the repeated and secure use of a block cipher under a single key • Primarily been defined for encryption and authentication • Cipher Block Chaining Mode (CBC)  The input to the encryption algorithm is the XOR of the current plain- text block and the preceding cipher text block.  Repeating pattern of 64-bits are not exposed 18 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 19. Cipher Block Modes of Operation 19
  • 20. Location of Encryption Device • Link encryption  A lot of encryption devices  High level of security  Decrypt each packet at every switch • End-to-end encryption  The source encrypt and the receiver decrypts  Payload encrypted  Header in the clear • For High Security both link and end-to-end encryption are needed 20 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 21. Key Distribution 1. A key could be selected by A and physically delivered to B. 2. A third party could select the key and physically deliver it to A and B. 3. If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. 4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. • Session key  Data encrypted with a one-time session key. At the conclusion of the session the key is destroyed • Permanent key  Used between entities for the purpose of distributing session keys 21 ET2437 - Network Security RAJA M KHURRAM SHAHZAD
  • 22. The End 22 ET2437 - Network Security RAJA M KHURRAM SHAHZAD

Editor's Notes

  1. Every block cipher involves a transformation of a block of plaintext into a block of cipher text, where the transformation depends on the key. The mechanism of diffusion seeks to make the statistical relationship between the plaintext and cipher text as complex as possible in order to thwart attempts to deduce the key. Confusion seeks to make the relationship between the statistics of the cipher text and the value of the encryption key as complex as possible, again to thwart attempts to discover the key. So successful are diffusion and confusion in capturing the essence of the desired attributes of a block cipher that they have become the cornerstone of modern block cipher design.