logging in or signing up L06b Gallard Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 134 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 04, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Symmetric EncryptionFunctions: Lucifer DES 3DES RC2 RC4 Blowfish AES ... Symmetric EncryptionFunctionsSlide2: "It is a riddle wrapped inside a mystery inside an enigma” said Winston Churchil "I cannot forecast to you the action of Russia,"Symmetric Functions: The Big Idea: M’ = f(M,key) M = f’(M’,key) Note: Same key encrypts and decrypts f=f’ or f≠f’ (some algorithms have a decrypt mode, some don’t need it). Symmetric Functions: The Big IdeaSymmetric Algorithms: History: Pencil-and-paper Ciphers, Codebooks, and encryption machines were all symmetric. Clearly, if you knew how to encrypt a message, you knew how to decrypt it, right? Symmetric Algorithms: HistoryGerman Enigma Machine: Set “code of the day” on dials. Later models: Set additional code with plugs and wires. Press a button with the letter to encrypt; the encrypted letter lights up. Each key press advances the dials German Enigma MachineInside the Enigma: http://www.math.miami.edu/~harald/enigma/enigma.gif Inside the EnigmaCryptography after WW2: Academia largely disinterested NSA Largest Employer of mathematicians in the world. Cryptography after WW2Cryptography and IBM: IBM hired by Lloyds of London to arrange security for a cash dispensing network (early ATM machines.) IBM develops “Lucifer” cipher Symmetric Algorithm explicit encrypt/decrypt 112 bit key Substitution and transposition within 8-character blocks Cryptography and IBMCryptography and NBS: National Bureau of Standards request proposals for a “Data Encryption Standard.” IBM submits Lucifer to NBS NBS submits Lucifer to NSA NSA returns Lucifer with “tweaks” to substitution boxes and 56-bit key Cryptography and NBSCan you trust DES?: NSA said they made it “better.” “Better” for who? 56 bit key (was 112) new sboxes (what was wrong with old ones?) Can you trust DES?You could trust DES.: Lucifer was susceptible to differential cryptanalysis. NSA couldn’t tell anybody! Technique was secret until independently discovered by Adi Shamir sbox changes differential cryptanalysis useless against DES IBM published a paper on this in the 90s. You could trust DES.DES: A Fiestel Cipher: DES: A Fiestel Cipher H. Feistel, "Cryptography and Computer Privacy," Scientific American, v. 228, n. 5, May 73, pp. 15-23.DES cracking: In the 1980s, it was hypothesized that someone could build a DES-cracking machine for $1M In the 1990s, John Gilmore and & EFF built one for $250K. “Deep Crack.” Time to crack a key: 4-7 days. http://www.eff.org/descracker Nevertheless, DES is still widely used. DES cracking Why?Is weak crypto better than no crypto?: Is weak crypto better than no crypto?Strengthening DES: Strengthening DES Triple DES (3DES) Encrypt, Decrypt, Encrypt M’ = f(f’(f(M,K1),K2),K3) Set Key1=Key2 for DES compatibility 3 keys = 168 bitsRC2, RC4: “Ron’s Code” #2 & #4 Secret, proprietary algorithms from RSA Security RC2, RC4RC2: Block cipher. Keysize 40-2048 bites Revealed in 1996 in anonymous Usenet posting Probably leaked by reverse engineering Lotus Notes Widely used because of “40-bit compromise” between Software Publisher’s Association and Commerce Department. RC2RC4: Very fast stream cipher - generates a pseudorandom stream used for XORing. Keysize 40-2048 bites Revealed in 1994 in anonymous Usenet posting Probably leaked by an engineer at Apple Also part of the “40-bit” compromise. RC4RC5: Invented by ... Ron Rivest Variable Key Size; Variable # of rounds Largely academic curiosity RC5RC2 & RC4: RC2 & RC4AES: AES Advanced Encryption Standard Multi-year open competition Requirements: Block cipher. Variable-length keys and blocks (128, 192, 256, etc.) Good in hardware or software.AES Finalists: AES Finalists Twofish - Bruce Schneier RC5 - Ron Rivest MARS Rijndael - Vincent Rijmen and Joan DaemenInteresting things to note about AES: Interesting things to note about AES US picked a foreign-designed cipher as its standard. Not a Fiestel cipher. “New Math” AES is faster than DES, even with longer keys!Other Block Ciphers: Other Block Ciphers CAST-128 (RFC-2144), 64-bit block, 16-round, 128-bit key Blowfish (Schneider, 64-bit block, 40-448 bit key)Openness in Design: Openness in Design “Finally, I should note that publishing the design of a cipher inherently weakens it by providing an attacker with details of its operation. The most secure approach would be to design a cipher from scratch and keep both the algorithm and the keys secret. While designing a cryptosystem is fairly easy, evaluating it for loopholes is not. Governments and other very large institutions may have the resources to design and evaluate their own cryptosystem, but the rest of us are probably well advised to use published ciphers that have been publicly evaluated for weaknesses.” http://www.freesoft.org/CIE/Topics/135.htmModes of Operation: Modes of Operation Defines how a block cipher is used on data longer than a block. A strong cipher can be made less secure (not secure) with a bad mode of operationMost Important Modes: Most Important Modes ECB - Electronic Code Book CBC - Cipher Block Chaining CFB - Cipher Feed Back (XOR generator) Counter ModeElectronic Code Book: Electronic Code Book http://www.freesoft.org/CIE/Topics/143.htmECB Demo: ECB Demo original ECB CBC http://en.wikipedia.org/wiki/Block_cipher_modes_of_operationOther problems with ECB: Other problems with ECB Replay attacks Mauling “1” = 0011001 “9” = 0011101Cipher Block Chaining: Cipher Block ChainingCipher Feedback Mode: Cipher Feedback Mode http://members.chello.at/s.peer/Counter Mode: Counter Mode http://en.wikipedia.org/wiki/Block_cipher_modes_of_operationModes Demonstration: Modes Demonstration http://en.wikipedia.org/wiki/Block_cipher_modes_of_operationPrivacy vs. Integrity: Privacy vs. Integrity Need for the two to be distinguished was not evident back in the 1970s. In some cases, the ability to change encrypted data may be sufficient.APIs!: APIs!RC4: Easiest there Is: RC4: Easiest there Is void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); Note: Decrypt and Encrypt are the same operation!RC4 in Perl: RC4 in Perl # Functional Style use Crypt::RC4; $encrypted = RC4( $passphrase, $plaintext ); $decrypt = RC4( $passphrase, $encrypted ); # OO Style use Crypt::RC4; $ref = Crypt::RC4->new( $passphrase ); $encrypted = $ref->RC4( $plaintext ); $ref2 = Crypt::RC4->new( $passphrase ); $decrypted = $ref2->RC4( $encrypted ); # process an entire file, $ref3 = Crypt::RC4->new( $passphrase ); while (<FILE>) { print $ref3->RC4($_); } RC2: Block Encryption is Harder!: RC2: Block Encryption is Harder! void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *key, int enc); void RC2_encrypt(unsigned long *data,RC2_KEY *key); void RC2_decrypt(unsigned long *data,RC2_KEY *key); void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int enc);EVP: OpenSSL Generic Cipher Algorithms: EVP: OpenSSL Generic Cipher Algorithms int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv); int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv); int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv, int enc); int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); Perl Modules for Symmetric Encryption: Perl Modules for Symmetric Encryption Crypt::Blowfish Crypt::CAST5 Crypt::DES Crypt::RC4 Crypt::RC5 Crypt::RC6 Crypt::TripleDES Crypt::Twofish You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
L06b Gallard Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 134 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 04, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Symmetric EncryptionFunctions: Lucifer DES 3DES RC2 RC4 Blowfish AES ... Symmetric EncryptionFunctionsSlide2: "It is a riddle wrapped inside a mystery inside an enigma” said Winston Churchil "I cannot forecast to you the action of Russia,"Symmetric Functions: The Big Idea: M’ = f(M,key) M = f’(M’,key) Note: Same key encrypts and decrypts f=f’ or f≠f’ (some algorithms have a decrypt mode, some don’t need it). Symmetric Functions: The Big IdeaSymmetric Algorithms: History: Pencil-and-paper Ciphers, Codebooks, and encryption machines were all symmetric. Clearly, if you knew how to encrypt a message, you knew how to decrypt it, right? Symmetric Algorithms: HistoryGerman Enigma Machine: Set “code of the day” on dials. Later models: Set additional code with plugs and wires. Press a button with the letter to encrypt; the encrypted letter lights up. Each key press advances the dials German Enigma MachineInside the Enigma: http://www.math.miami.edu/~harald/enigma/enigma.gif Inside the EnigmaCryptography after WW2: Academia largely disinterested NSA Largest Employer of mathematicians in the world. Cryptography after WW2Cryptography and IBM: IBM hired by Lloyds of London to arrange security for a cash dispensing network (early ATM machines.) IBM develops “Lucifer” cipher Symmetric Algorithm explicit encrypt/decrypt 112 bit key Substitution and transposition within 8-character blocks Cryptography and IBMCryptography and NBS: National Bureau of Standards request proposals for a “Data Encryption Standard.” IBM submits Lucifer to NBS NBS submits Lucifer to NSA NSA returns Lucifer with “tweaks” to substitution boxes and 56-bit key Cryptography and NBSCan you trust DES?: NSA said they made it “better.” “Better” for who? 56 bit key (was 112) new sboxes (what was wrong with old ones?) Can you trust DES?You could trust DES.: Lucifer was susceptible to differential cryptanalysis. NSA couldn’t tell anybody! Technique was secret until independently discovered by Adi Shamir sbox changes differential cryptanalysis useless against DES IBM published a paper on this in the 90s. You could trust DES.DES: A Fiestel Cipher: DES: A Fiestel Cipher H. Feistel, "Cryptography and Computer Privacy," Scientific American, v. 228, n. 5, May 73, pp. 15-23.DES cracking: In the 1980s, it was hypothesized that someone could build a DES-cracking machine for $1M In the 1990s, John Gilmore and & EFF built one for $250K. “Deep Crack.” Time to crack a key: 4-7 days. http://www.eff.org/descracker Nevertheless, DES is still widely used. DES cracking Why?Is weak crypto better than no crypto?: Is weak crypto better than no crypto?Strengthening DES: Strengthening DES Triple DES (3DES) Encrypt, Decrypt, Encrypt M’ = f(f’(f(M,K1),K2),K3) Set Key1=Key2 for DES compatibility 3 keys = 168 bitsRC2, RC4: “Ron’s Code” #2 & #4 Secret, proprietary algorithms from RSA Security RC2, RC4RC2: Block cipher. Keysize 40-2048 bites Revealed in 1996 in anonymous Usenet posting Probably leaked by reverse engineering Lotus Notes Widely used because of “40-bit compromise” between Software Publisher’s Association and Commerce Department. RC2RC4: Very fast stream cipher - generates a pseudorandom stream used for XORing. Keysize 40-2048 bites Revealed in 1994 in anonymous Usenet posting Probably leaked by an engineer at Apple Also part of the “40-bit” compromise. RC4RC5: Invented by ... Ron Rivest Variable Key Size; Variable # of rounds Largely academic curiosity RC5RC2 & RC4: RC2 & RC4AES: AES Advanced Encryption Standard Multi-year open competition Requirements: Block cipher. Variable-length keys and blocks (128, 192, 256, etc.) Good in hardware or software.AES Finalists: AES Finalists Twofish - Bruce Schneier RC5 - Ron Rivest MARS Rijndael - Vincent Rijmen and Joan DaemenInteresting things to note about AES: Interesting things to note about AES US picked a foreign-designed cipher as its standard. Not a Fiestel cipher. “New Math” AES is faster than DES, even with longer keys!Other Block Ciphers: Other Block Ciphers CAST-128 (RFC-2144), 64-bit block, 16-round, 128-bit key Blowfish (Schneider, 64-bit block, 40-448 bit key)Openness in Design: Openness in Design “Finally, I should note that publishing the design of a cipher inherently weakens it by providing an attacker with details of its operation. The most secure approach would be to design a cipher from scratch and keep both the algorithm and the keys secret. While designing a cryptosystem is fairly easy, evaluating it for loopholes is not. Governments and other very large institutions may have the resources to design and evaluate their own cryptosystem, but the rest of us are probably well advised to use published ciphers that have been publicly evaluated for weaknesses.” http://www.freesoft.org/CIE/Topics/135.htmModes of Operation: Modes of Operation Defines how a block cipher is used on data longer than a block. A strong cipher can be made less secure (not secure) with a bad mode of operationMost Important Modes: Most Important Modes ECB - Electronic Code Book CBC - Cipher Block Chaining CFB - Cipher Feed Back (XOR generator) Counter ModeElectronic Code Book: Electronic Code Book http://www.freesoft.org/CIE/Topics/143.htmECB Demo: ECB Demo original ECB CBC http://en.wikipedia.org/wiki/Block_cipher_modes_of_operationOther problems with ECB: Other problems with ECB Replay attacks Mauling “1” = 0011001 “9” = 0011101Cipher Block Chaining: Cipher Block ChainingCipher Feedback Mode: Cipher Feedback Mode http://members.chello.at/s.peer/Counter Mode: Counter Mode http://en.wikipedia.org/wiki/Block_cipher_modes_of_operationModes Demonstration: Modes Demonstration http://en.wikipedia.org/wiki/Block_cipher_modes_of_operationPrivacy vs. Integrity: Privacy vs. Integrity Need for the two to be distinguished was not evident back in the 1970s. In some cases, the ability to change encrypted data may be sufficient.APIs!: APIs!RC4: Easiest there Is: RC4: Easiest there Is void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); Note: Decrypt and Encrypt are the same operation!RC4 in Perl: RC4 in Perl # Functional Style use Crypt::RC4; $encrypted = RC4( $passphrase, $plaintext ); $decrypt = RC4( $passphrase, $encrypted ); # OO Style use Crypt::RC4; $ref = Crypt::RC4->new( $passphrase ); $encrypted = $ref->RC4( $plaintext ); $ref2 = Crypt::RC4->new( $passphrase ); $decrypted = $ref2->RC4( $encrypted ); # process an entire file, $ref3 = Crypt::RC4->new( $passphrase ); while (<FILE>) { print $ref3->RC4($_); } RC2: Block Encryption is Harder!: RC2: Block Encryption is Harder! void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *key, int enc); void RC2_encrypt(unsigned long *data,RC2_KEY *key); void RC2_decrypt(unsigned long *data,RC2_KEY *key); void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int enc);EVP: OpenSSL Generic Cipher Algorithms: EVP: OpenSSL Generic Cipher Algorithms int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv); int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv); int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv, int enc); int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); Perl Modules for Symmetric Encryption: Perl Modules for Symmetric Encryption Crypt::Blowfish Crypt::CAST5 Crypt::DES Crypt::RC4 Crypt::RC5 Crypt::RC6 Crypt::TripleDES Crypt::Twofish