Digital Security · Symmetric Encryption Methods CSE 4295: Multimedia Communication prepared by M. Adnan Quaium 3 With symmetric encryption methods both the sender and the receiver

Digital Security

Lecture 20

prepared by M. Adnan QuaiumCSE 4295 : Multimedia Communication

M. Adnan Quaium

Assistant ProfessorDepartment of Electrical and Electronic Engineering

Ahsanullah University of Science and TechnologyRoom – 4A07

Email – [email protected] URL- http://adnan.quaium.com/aust/cse4295

1

mailto:[email protected]

http://adnan.quaium.com/aust/cse4295

Confidentiality and Encryption

prepared by M. Adnan QuaiumCSE 4295 : Multimedia Communication 2

Cryptography is a branch of computer science concerned with the development of encryption methods to protect confidential

information from being accessed or from attacks by unauthorized third parties.

● Already in ancient times encryption methods were implemented to protect diplomatic or military information from potential enemies.

● Even if the enemy succeeded in intercepting this kind of message it still couldn’t be read.

● And even if they were successful in breaking the code and recovering the original text so much time would be lost in this process that the other party could be assured of an advantage.

● In the Middle Ages a large variety of secret codes existed in Europe for the protection of diplomatic correspondence.

Symmetric Encryption Methods


With symmetric encryption methods both the sender and the receiver use the same key, which has been exchanged or agreed

on previously.



The transformation function for most symmetric encryption procedures is based on a combination of simple operations:

● Transposition: The position of the individual message characters are exchanged with each other based on a given cipher.

● Substitution: The individual characters of a message are replaced with other characters according to a predetermined cipher.

















A distinction is made between two types of ciphers:

● Block encryption method (block cipher) : In this method the plaintext is divided into individual blocks of a fixed length.

● The individual blocks are encrypted independently with the same key and together form the ciphertext.

● Stream encryption method (stream cipher) : This procedure treats the entire plaintext as a text stream, i.e. an arbitrarily long sequence of plaintext characters.

● An equally long stream of key characters is also generated. ● Decryption is carried out character by character based on this

stream.



The most important representatives of symmetric block encryption are DES (Data Encryption Standard), IDEA (International Data Encryption Algorithm), the different variations of the so-called Rivest Cipher (RC2 to RC6) and the Advanced Encryption Standard (AES).

As seen in Table 5.1, the various procedures differ in complexity and safety.



Data Encryption Standard (DES)





Advanced Encryption Standard (AES)

As weaknesses became known in DES encryption, a contest for the development of new, secure “Advanced Encryption Standard“ (AES) was announced in 1997.

The call for proposals stipulated the following criteria:● Block cipher● Minimum block length: 128 bits● Key lengths: 128, 192, 256 bits● Efficient implementation in terms of hardware as well as software● Resistance to known methods of cryptanalysis● Low resource consumption for use on e.g., smart cards● Free use with no patent law restrictions

Of the 15 algorithms proposed in the competition, five (MARS, RC6, Rijndael, Serpent and Twofish) fulfilled all of the criteria and were subsequently shortlisted. After additional theoretical weaknesses had been examined as well as resource consumption in respect to the algorithm performance analyzed, a winner was announced at the end of 2002. This was the Rijndael encryption algorithm, which received the name AES.



Asymmetric Encryption Methods


In symmetric encryption procedures a secret key that cannot be compromised is exchanged between each pair of communication partners for encryption and decryption (k = K).

In contrast, asymmetric encryption procedures (public key encryption) always use two different keys (k ≠ K): a public key and a secret key.

Asymmetric Encryption Methods


The following attacks dominate asymmetric encryption:

● Public-key-only attacks: Attacker Trudy only has access to Alice’s public key. Trudy can encrypt any plaintext with this key and generate text pairs from plaintext and the accompanying ciphertext, which can then be used for determining the private key.

● Chosen-cyphertext attacks: In this variation Trudy can choose a ciphertext freely and then Alice can decrypt it. In contrast to public-key-only attacks, in which Alice’s known public key is the basis, the chosen-cyphertext attack can only be carried out in certain situations. For example, when Trudy has direct access to a RSA hardware module.

Authentication


Authentication


Authentication


In this case, just as in other asymmetrical applications, there is however the problem of secure access to the public key.

What will happen if Trudy succeeds in carrying out a man-in-the-middle attack, successfully authenticating herself to Bob as

Alice?

Authentication


Authentication


Documents

Digital Security · Symmetric Encryption Methods CSE 4295: Multimedia Communication prepared by M. Adnan Quaium 3 With symmetric encryption methods both the sender and the receiver