CS 682 - Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of

CS 682 - Network Security

Lecture 2

Prof. Katz

9/7/2000 Lecture 2 - Data Encryption 2

DES – Data Encryption Standard

Private key. Encrypts by series of substitution and transpositions.

Worldwide standard for more than 20 years. Has a history of controversy. Designed by IBM (Lucipher) with later help

(interference?) from NSA. No longer considered secure for highly

sensitive applications. Replacement standard (AES) currently in

process of development.


DES - Overview


DES – Each iteration.


DES – Computation of F(Ri-1,Ki)


Computation of F:

Expansion function E: maps bit string of length 32 to bit string of length 48. Permutes bits in a fixed way and duplicates certain

bits Key schedule: each round uses a 48 bit key

obtained by performing permutations, shifts, and discarding bits from the original 56 bit key. Fixed algorithm for each round

resulting 48 bit string broken into 8 6-bit strings


S-boxes: S1

14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 70 15 7 4 14 2 13 1 10 6 12 11 9 5 3 84 1 14 8 13 6 2 11 15 12 9 7 3 10 5 015 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

Sj

)( 654321 bbbbbbS

6543

21

:

:

bbbbcolumn

bbrowIs the table entry from

01106]9,1[)011001( dtableS

x Plain text

0R0LInitial permutation (IP)

0R ),( 100 KRFL Round-1 (key K1)

),( 161515 KRFL 15R

Round-16 (key K16)

),( 161515 KRFL 15R

swap

yIP inverse

Cipher text

15R15L

Rounds 2-15

),( 161515 KRFL 15R

yIP inverse

Cipher text

IP),( 161515 KRFL 15R

Round-1 (K16)

),(),( 1615161515 KRFKRFL 15R

15L15R

=

Since 0bbbb 0

en

cry

pt

decry

pt


DES – Electronic Code Book Mode


DES – Cipher block chaining mode


DES Security

S-Box design not well understood (secret). Has survived some recent sophisticated

attacks (differential cryptanalysis). Key is too short (thanks to NSA!). Hence is

vulnerable to brute force attack. 1998 distributed attack took 3 months. $1,000,000 machine will crack DES in 35

minutes – 1997 estimate. 10,000 – 2.5 days. In 1999 EFF achieved 245 billion keys per

second rate to crack in 22 hours.


Double DES

Double DES is almost as easy to break as single DES!


Triple DES

Triple DES (2 keys) requires 2112 search. Is reasonably secure. 3 keys requires 2168 .


Other Private Key Cryptosystems

IDEA Twofish Blowfish RC4, RC5, RC6 Rijndael Serpent MARS Feal

Message Authentication


Message Authentication

We must be able to certify that a message is from a particular person

We must be sure that the message has not been tampered with


Methods

Conventional Encryption Message Authentication Code One-way Hash

Using Conventional Encryption Using Public-Key Encryption Using Secret Value


Conventional Encryption

Modification of the cyphertext should produce unintelligible results in the plaintext.


One-Way Hash (using encryption)

1. The message is sent through a hashing function H(M)

2. The result is encrypted: C = E(K, H(M)3. C is appended to the message: N = M||C4. N is sent to the recipient5. C is extracted from N: N -> M & C6. C is decoded: H(M1) = D(K, C)

7. The recipient puts the message through the hashing function: H(M2)

8. If H(M1) = H(M2) the message is authentic


One-Way hash (Public Key)

Same as encryption but encryption Key is private key and decryption key is public key


One-Way Hash (secret value)

Secret Value (S) is concatenated onto M: N=S||M

N is put through the hash function: H(N) The result is append to M: C = M||H(N) C is sent to the recipient H(N1) is extracted from C Secret Value (S) is concatenated onto M: N=S||

M N is put through the hash function: H(N2) If H(N1) = H(N2), the message is authentic.

Documents

CS 682 - Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of