28
Muhammad Rizwan Asghar July 30, 2019 SYMMETRIC KEY CRYPTOGRAPHY Lecture 4b COMPSCI 316 Cyber Security Source of most slides: University of Twente
Slide title
In CAPITALS
50 pt
Slide subtitle
32 pt
Muhammad Rizwan Asghar
July 30, 2019
SYMMETRIC KEY CRYPTOGRAPHY
Lecture 4b
COMPSCI 316
Cyber Security
Source of most slides: University of Twente
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
2
FOCUS OF THIS LECTURE
Understand key principles underlying
symmetric encryption
Learn how to encrypt large messages
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
3
SYMMETRIC ENCRYPTION
Assumes parties already share a secret key (k)
Encryption (E) and Decryption (D) algorithms are
publicly known
m is a private message and c is ciphertext
Alice
Em E(k,m)=c
Bob
DD(k,c)=m
k k
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
4
HISTORY
Monoalphabetic substitution
– Caesar
Polyalphabetic substitution
– Vigenere
Transposition cipher
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
5
CESAR CIPHER
Replace plaintext letter by letter 3 places further down
the alphabet
Plaintext
Letter
A B C D E F G H …
Ciphertext
Letter
D E F G H I J K …
A=1, B=2, C=3, …
Encrypt: c = m+3
Decrypt: m = c-3
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
6
CESAR: EXAMPLE
Problem:
– Letter frequency undisturbed
High frequency ciphertext letters map to
high frequency plaintext letters
Solution
– Increase the blocksize
To at least 4-5 letters
“attackatdawn” “dwwdfndwgdzq”
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
7
VIGNERE CIPHER
Code letters as numbers (A=0, B=1, etc.)
Key is basically a keyword
Encrypt
– Add keyword to plaintext (letter by letter)
Decrypt
– Subtract keyword from ciphertext
Example
WEAREDISCOVEREDSAVEYOURSELF
DECEPTIVEDECEPTIVEDECEPTIVE
ZICVTWQNGRZGVTWAVZHCQYGLMGJ+
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
8
ISSUES WITH VIGNERE CIPHER
Distribution of characters known
Distribution of bigrams also known
E: 12%
T: 9 %
A,I,N,O,R: 8%
TH: 3.2%
HE: 3.1 %
ER: 2.1%
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
9
TRANSPOSITION CIPHER
Change order of letters in the message
M e m a t r h t g p r y
e t e f e t e o a a t
“mematrhtgpryetefeteoaat”
“meet me after the toga party”
Easy to detect: frequency distribution unchanged
…
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
10
MODERN CIPHERS: PRINCIPLES
Confusion
– Substitution
Diffusion
– Transposition
Commonly used symmetric key algorithms
– DES (Data Encryption Standard)
– AES (Advanced Encryption Standard)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
11
ENCRYPTING LARGE MESSAGES
Mode of operation
– Electronic Codebook (ECB)
– Cipher Block Chaining (CBC)
– Cipher Feedback (CFB)
– Output Feedback (OFB)
– Counter (CTR)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
12
ECB MODE
Same plaintext block (b1 or b2) maps to same
ciphertext block (c1 or c2)
– Reordering is possible
No error propagation
– Bit changes only; bit deletions/omissions are a problem
encrypt
b1
c1
encrypt
b2
c2
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
13
EXAMPLE: MICKEY MOUSE
Original picture
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
14
EXAMPLE: MICKEY MOUSE
Encrypted in ECB mode
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
15
CBC MODE
Same plaintext block (b1 or b2) maps to
different ciphertext block (c1 or c2)
– Reordering is not possible
– Depends on previous block
encrypt
b1
c1
IV
encrypt
b2
c2
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
16
CBC MODE: ERROR PROPAGATION
Limited error propagation in case if ciphertext is
modified or corrupted
– Affects only current and next blocks
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
17
EXAMPLE: MICKEY MOUSE
Encrypted in CBC mode
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
18
SAMPLE QUESTION
Which one of the following statements is false
about the CBC mode:
a) Encryption can be parallelised
b) Decryption can be parallelised
c) Random access is possible
d) All of the above
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
19
SAMPLE QUESTION: ANSWER
Which one of the following statements is false
about the CBC mode:
a) Encryption can be parallelised
b) Decryption can be parallelised
c) Random access is possible
d) All of the above
Answer: a
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
20
ECB VS. CBC
Both encryption and
decryption can be
parallelised
Random access is
possible
Less secure as same
plaintext bocks map to
same ciphertext block
No error propagation
Only decryption can be
parallelised as encryption
is sequential
Random access is
possible
More secure as same
plaintext blocks map to
different ciphertext blocks
Error affects next block
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
21
CAN WE DO BETTER?
Can we take advantages of both ECB and CBC
modes?
Answer is yes
– Use the Counter (CTR) mode
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
22
CTR MODE
It is simple
Preprocessing can be done
encrypt
CTR 1
encrypt
CTR 2
c1
b1
c2
b2
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
23
SAMPLE QUESTION
Which one of the following statements is true
about the Counter (CTR) mode:
a) CTR offers random access
b) CTR is secure
c) Preprocessing can be done in CTR
d) All of the above
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
24
SAMPLE QUESTION: ANSWER
Which one of the following statements is true
about the Counter (CTR) mode:
a) CTR offers random access
b) CTR is secure
c) Preprocessing can be done in CTR
d) All of the above
Answer: d
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
25
ISSUE: MANY SYMMETRIC KEYS
Alice
Bob Carol David
To send a message to Alice, everyone needs a different key
To receive the message, Alice needs all these keys
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
26
SUMMARY
Modern ciphers are based on confusion and
diffusion
There are different modes of operation for
encrypting large messages
Scalability is the main issue in case of a large
number of users
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
27
RESOURCES
Read Chapter 20 of
Computer Security: Principles and Practice
Fourth Edition
William Stallings and Lawrie Brown
Pearson Higher Ed USA
ISBN 1292220635
Read Chapter 2 of
Network Security Essentials – Applications and
Standards
Fourth Edition
William Stallings
Prentice Hall
ISBN 0-13-706792-5
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
28
Questions?
Thanks for your attention!
