Computer Networks Prof.

Hema A Murthy

Network Security

Security

Crytographic algorithms Security Services

Secret key Public key Message digest privacy authenticity Message

(DES) (RSA) (MD5) integrity

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Secret Key Encryption

Plain text Plain text

Encrypt using Decrypt using

secret key secret key

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Public Key Encryption

• Each participant has a secret key (private
key)
• The key is not stored
– Publish on the web (for instance)
• To send a message
– Encrypt with public key
– To decrypt, decrypt using a private key

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Message Digest Encryption

• Map a potentially large message into a
small fixed length number
• Compute checksum for message
• Given cryptographic checksum
– Difficult to figure out the message

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

DES (secret key encryption)

• Block cipher (operates on a fixed block of
bits)
• Encrypts a 64-bit of plain text using a 64-bit
key
– Only 56 bits used
– Last bit of every byte is a parity bit
• Three phases in DES
– 64-bits in each block are permuted

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

DES (secret key encryption)

– Sixteen rounds of an identical operation are
applied to the resulting data and key
– The inverse of the original operation is applied
to the result
• During each round – split 64-bit into two
32-bit blocks
64-bit

L I ( 32-bit) R I (32-bit)

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

DES (secret key encryption)

– Choose 48-bit from 56-bit key

Li-1 Ri-1

F Ki

Li-1 = Ri-1

+
LI RI = Li-1 + F(Ri-1,Ki)

RI

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

DES (secret key encryption)

• Define F, generate Ki
• Initially the permuted 56-bit key is divided
into two blocks of 28-bit
– Ignore every 8th bit in original key
– Each half is rotated 1/2 bits depending upon the
round
– A table is used to define the rotation of the 28-
bit

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

DES (secret key encryption)

• DES compression permutation
– 48-bit key is permuted and then used in the
current round as key
• Function F combines 48-bit key (Ki) with
the right half of data after round i-1 (Ri-1)
• Expand R from 32-bit to 48-bit
– Divide R into 4-bit chunks
– Expand each chunk into 6-bit

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

DES (secret key encryption)

• 1-bit from left, 1-bit from right
• 1st and last bit –use circular shift – they get from
each other
– Divide 48-bit into 6-bit chunks
– XOR expanded R
– Finally pass 6-bit through substitution box to
get 4-bit from 6-bit

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

DES (Decryption)
• Algorithm works exactly the same as that of
encryption
• Apply keys in reverse
– K16, K15, K14, …, K1
• Encryption of large messages
– Cipher block chaining

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Cipher Block Chaining

B1 B2

Initialising
vector + +

DES DES

Cipher 1 Cipher 2

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Public Key Encryption (RSA)

• Choose two large prime numbers p and q
(typically greater than 10100
• Choose
–n=p×q
– z = (p-1) ×(q-1)
• Choose a number d relatively prime to z
– z and d are coprimes – GCD (z,d) = 1
• Find e s.t. e × d = 1 mod z

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Public Key Encryption (RSA)

– Compute these parameters in advance
• Divide plaintext into blocks s.t. each
plaintext is 0 ≤ P < n
– i.e group bits such that (if k-bits) 2k < n
• To encrypt P, compute
– c = Pe (mod n)
• To decrypt C, compute
– P = cd (mod n)

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Public Key Encryption (RSA)

• To encrypt
– e, n required (public key)
• To decrypt
– c, n required (private key)
• Analogy
– Suitcase with a press lock that is unlocked
• Anybody can put stuff inside and lock the suitcase
• But suitcase can ONLY be opened by the key

Indian Institute of Technology Madras

Computer Networks Prof. Hema A Murthy

Message Digest
Initial Digiest Message Padded
(128 bit)
512 512 512

Transform

Transform

Transform

Message Digest
Indian Institute of Technology Madras
Computer Networks Prof. Hema A Murthy

Message Digest
• Modern day: Operates on 32-bit quantities
• Current digest (d0, d1, d2, d3)
• Works on the hope that it is difficult to
create the transformations and the initial
digest.

Indian Institute of Technology Madras