Embed Size (px)
Citation preview
04/19/23 © 2004 Dr. Khalid Kaabneh. 2
Encryption Systems Categories:
Symmetric encryption.
Asymmetric encryption.
04/19/23 © 2004 Dr. Khalid Kaabneh. 3
Symmetric Encryption:
In a symmetric encryption system, both the sender and receiver must possess the same key value. The sender encrypts the plaintext message using the key and the receiver decrypts the cipher-text message using the same secret key.
The word “symmetric" here means that the same key is used for encryption and decryption.
04/19/23 © 2004 Dr. Khalid Kaabneh. 4
Symmetric Encryption:
04/19/23 © 2004 Dr. Khalid Kaabneh. 5
Symmetric Encryption:
The weaknesses:
• How you securely distribute the key to the needed parties and the fact that the number of keys required for secure pair-wise communication is given by (n2-n)/2 where n is is the number of communication endpoints.
• Symmetric key systems can be unmanageable for more than small groups of communicants.
04/19/23 © 2004 Dr. Khalid Kaabneh. 6
Symmetric Encryption:
Block - operates on plaintext input in blocks (usually 64 bits at a time) of bits to produce the ciphertext output; uses the key value to determine how the transformation algorithm is applied.
Stream - operates on plaintext input one bit at a time, often using a keystream generator to produce a series of bits which are XOR'd with the plaintext input.
Two classes of symmetric-key encryption algorithms:
04/19/23 © 2004 Dr. Khalid Kaabneh. 7
Symmetric Encryption: Examples of Block:
– DES is a block cipher with a 64 bit block size. – AES is a block cipher with a 128 bit block size.– RSA and Diffie-Hellman are block ciphers with
variable block sizes.
Examples of Stream:– A5, the algorithm used to encrypt GSM communications,
is a stream cipher. – The RC4 cipher and the one-time pad are also stream
ciphers.
04/19/23 © 2004 Dr. Khalid Kaabneh. 8
Stream Ciphers
C = P K, where is XOR Operation.
C K = (P K) K = P ( K K) = P 0 = P
0 1
0 0 1
1 1 0
04/19/23 © 2004 Dr. Khalid Kaabneh. 9
Stream Ciphers
C = P K, where is XOR Operation.
C K = (P K) K = P ( K K) = P 0 = P
Plaintext 1 0 1 1 0 1 1 0 0
Key 1 1 0 1 0 0 0 1 1
Cipher 0 1 1 0 0 1 1 1 1
04/19/23 © 2004 Dr. Khalid Kaabneh. 10
Asymmetric Encryption:
Known as "public key" encryption, each entity participating in the communication uses mathematical algorithms implemented in a software program to generate a "public key" and a "private key" which are related via the mathematical formulae. The private key must be kept secret and is never disclosed; this is a requirement for the security system to function. The public key, however, is intended to be freely distributed.
04/19/23 © 2004 Dr. Khalid Kaabneh. 11
Asymmetric Encryption:
04/19/23 © 2004 Dr. Khalid Kaabneh. 12
Public key cryptography characteristics:
Something encrypted with the public key can only be decrypted with the private key.
Something encrypted with the private key can only be decrypted with the public key.
04/19/23 © 2004 Dr. Khalid Kaabneh. 13
Symmetric-key vs.
Public-key cryptography
04/19/23 © 2004 Dr. Khalid Kaabneh. 14
Advantages of symmetric-key
Have high rates of data throughput . Keys for symmetric-key ciphers are
relatively short. Symmetric-key ciphers can be composed to
produce stronger ciphers.
04/19/23 © 2004 Dr. Khalid Kaabneh. 15
Disadvantages of symmetric-key
In a two-party communication, the key must remain secret at both ends.
In a large network, there are many key pairs to be managed.
Digital signature mechanisms arising from symmetric-key encryption.
04/19/23 © 2004 Dr. Khalid Kaabneh. 16
Advantages of Public-key
Only the private key must be kept secret. Depending on the mode of usage, a private
key/public key pair may remain unchanged for considerable periods of time.
Many public-key schemes yield relatively efficient digital signature mechanisms.
04/19/23 © 2004 Dr. Khalid Kaabneh. 17
Disadvantages of Public-key
Slower than the best known symmetric-key schemes.
Key sizes are typically much larger. No public-key scheme has been proven to
be secure.
04/19/23 © 2004 Dr. Khalid Kaabneh. 18
Symmetric Encryption Techniques
S-DES DES
04/19/23 © 2004 Dr. Khalid Kaabneh. 19
Simplified DES
DES = Data Encryption Standard. Educational tool (not secure) 8-bit block cipher 10-bit key
04/19/23 © 2004 Dr. Khalid Kaabneh. 20
Simplified DES
Encryption involves these Steps: IP = Initial Permutations. fk1 = complex function. SW = Switch the two halves. fk2 = complex function. IP-1 = inverse Permutation.
04/19/23 © 2004 Dr. Khalid Kaabneh. 21
S-DES Details:
P10 = (3,5,2,7,4,10,1,9,8,6). P8 = (6,3,7,4,8,5,10,9). IP = (2,6,3,1,4,8,5,7). IP-1 =(4,1,3,5,7,2,8,6).
04/19/23 © 2004 Dr. Khalid Kaabneh. 22
S-DES Details: (S0 Box)
S0
C0 C1 C2 C3
R0 1 0 3 2
R1 3 2 1 0
R2 0 2 1 3
R3 3 1 3 2
04/19/23 © 2004 Dr. Khalid Kaabneh. 23
S-DES Details: (S1 Box)
S1
C0 C1 C2 C3
R0 0 1 2 3
R1 2 0 1 3
R2 3 0 1 0
R3 2 1 0 3
04/19/23 © 2004 Dr. Khalid Kaabneh. 24
S-box Operation
(1) First and fourth bits give row number. (2) Second and third bits give column number. (3) Look up number in specified row and column. (4) Convert to binary.
04/19/23 © 2004 Dr. Khalid Kaabneh. 25
SUBKEY GENERATION
04/19/23 © 2004 Dr. Khalid Kaabneh. 26
SUBKEY GENERATION
Apply the P10 operation on the 10 bit input. Apply LS-1 (left shift 1) to each 5-bit
group. Apply permutation P8 K1. Apply LS-2 (left shift 2) to each 5-bit
group. K2.
04/19/23 © 2004 Dr. Khalid Kaabneh. 27
S-DES
04/19/23 © 2004 Dr. Khalid Kaabneh. 28
S-DES Example:
let K = 1010000010
Step (1): 10000|01100
Step (2): 00001|11000
Step (3): Apply permutation P8then K1 = 10100100
Step (4): Apply LS-2 (left shift 2)
00001 | 11000 LS2 00100 | 00011 P8 K2 = 01000011
04/19/23 © 2004 Dr. Khalid Kaabneh. 29
S-DES Example:
let plaintext: 01101101
IP
1110 | 0110
IP = (2,6,3,1,4,8,5,7)
E/PApply expansion/permutation
E/P To right 4 bits of above result,
= 4 1 2 3 2 3 4 1
00111100
04/19/23 © 2004 Dr. Khalid Kaabneh. 30
Perform binary XOR operation withsub key K1: 10100100
XOR
1001 | 1000From above:
For the row, combine bits 1 and 4 and convert to decimal.For the column, combine bits 2 and 3 and convert to decimal.
Left Side:
bits 1 & 4 11 Row: 3bits 2 & 3 00 Col: 0
therefore, get from S0 R3 & C0 3 11Right Side:
bits 1 & 4 10 Row: 2bits 2 & 3 00 Col: 0
therefore, get from S1 R2 & C0 3 11
04/19/23 © 2004 Dr. Khalid Kaabneh. 31
S0 & S1
1111
P4 P4 = (2,4,3,1)
1111Perform binary XOR operation, combining it with the left 4-bits of our first result (application of IP to original plaintext input, blue cell above).
Result:
0001
04/19/23 © 2004 Dr. Khalid Kaabneh. 32
Rewrite that first result with its left half replaced.
0001 | 0110Swap the two 4-bit halves of the above result.
0110 | 0001To right 4 bits of above, apply E/P
10000010Upon above result, perform binary XOR operation with sub-key K2: 01000011
11000001
04/19/23 © 2004 Dr. Khalid Kaabneh. 33
From above:For the row, combine bits 1 and 4 and convert to decimal.
For the column, combine bits 2 and 3 and convert to decimal.
Left Side:
bits 1 & 4 10 Row: 2bits 2 & 3 10 Col: 2
therefore, get from S0 R2 & C2 1 01
Right Side:
bits 1 & 4 01 Row: 1bits 2 & 3 00 Col: 0
therefore, get from S1 R1 & C0 2 10
1100 | 0001
04/19/23 © 2004 Dr. Khalid Kaabneh. 34
0110
P4 P4 = (2,4,3,1)
1010Perform binary XOR operation with the left 4-bits of the earlier swap result (0110).
1100Rewrite that first result with its left half replaced.
11000001
04/19/23 © 2004 Dr. Khalid Kaabneh. 35
11000001
To above result, apply reverse of initial permutation
IP, which is IP-1 =(4,1,3,5,7,2,8,6).
Ciphertextis
01000110
04/19/23 © 2004 Dr. Khalid Kaabneh. 36
How can we decrypt a ciphertext???
