Symmetric - Key Cryptography
Symmetric - Key Cryptography
Semester
7th
Cryptography
(18CS744)
By
Manjula H S
Assistant professor
Department of Computer Science and Engineering
Introduction
14.03.22 09:56 2
14.03.22 09:56 3
14.03.22 09:56 4
14.03.22 09:56 5
Symmetric - Key Cryptography
Symmetric key encryption :
also referred to as conventional / secret -
key / single - key encryption
most widely used of the two types of
encryption
3
5
2
14.03.22 09:56 7
Symmetric - Key Cryptography
Symmetric key encryption components :
(a) plaintext : original message or data fed
into algorithm as input
(b) encryption algorithm: performs
various substitutions and transformations
on the plaintext
(c) secret key : is also input to the algorithm,
the substitutions and transformations…..
performed by the algorithm….
depends on the key
14.03.22 09:56 8
Symmetric - Key Cryptography
Symmetric key encryption components :
(d) cipher text : scrambled message
produced as output ; depends on the
plaintext and secret key
(e) decryption algorithm takes ciphertext
and the same secret key as the input and
produces the original plaintext
two requirements for secure use of
symmetric encryption :
• strong encryption algorithm
• sender and receiver having copies of
secret key in a secured fashion
14.03.22 09:56 9
Symmetric - Key Cryptography
Symmetric key encryption components :
the algorithm should be strong to prevent
an opponent to decrypt ciphertext or
discover the key
even if he / she is in possession of a
number of ciphertexts together with the
plaintext that produced the ciphertext
secrecy of the key is extremely important
- not of the algorithm
low-cost chip implementations of data encryption
algorithms have been developed by manufacturers
14.03.22 09:56 10
Model of Symmetric Cryptosystem
14.03.22 09:56 11
Symmetric - Key Cryptography
Generic classification of cryptographic
systems :
plaintext to ciphertext
14.03.22 09:56 13
Symmetric - Key Cryptography
Substitution :
Transposition :
14.03.22 09:56 14
Symmetric - Key Cryptography
Generic classification of cryptographic
systems :
(b) the number of keys used :
14.03.22 09:56 15
Symmetric - Key Cryptography
Generic classification of cryptographic
systems :
(c) the way in which the plaintext is processed :
• Block Cipher : processes the input block
14.03.22 09:56 16
Symmetric - Key Cryptography
Cryptanalysis:
14.03.22 09:56 17
Symmetric - Key Cryptography
Cryptanalysis
an encryption scheme is computationally
secure if the ciphertext generated meets
one or both of the following criteria :
• the cost of breaking the cipher exceeds
the value of encrypted information
• the time required to break the cipher
(difficult to estimate) exceeds the useful
lifetime of the information
assuming that the algorithm is flawless, a
brute-force method can be used to break
14.03.22 09:56 18
Symmetric - Key Cryptography
Cryptanalysis
brute-force method involves trying every
possible key until an intelligible translation
of ciphertext to plaintext is obtained
14.03.22 09:56 22
14.03.22 09:56 23
14.03.22 09:56 24
14.03.22 09:56 25
Alphabets
14.03.22 09:56 26
14.03.22 09:56 27
14.03.22 09:56 28
14.03.22 09:56 29
Playfair Cipher
14.03.22 09:56 30
14.03.22 09:56 31
14.03.22 09:56 32
14.03.22 09:56 33
14.03.22 09:56 34
14.03.22 09:56 35
Symmetric - Key Cryptography
Symmetric block encryption algorithms
14.03.22 09:56 36
Symmetric - Key Cryptography
Symmetric block encryption algorithms
Feistel Cipher structure
+ • input : 2w bits plaintext
• key K
+ • round function F
• sequence of rounds
+
• each round performs
substitutions and
permutations conditioned
14.03.22 09:56
by a secret key value 37
Symmetric - Key Cryptography
Symmetric block encryption algorithms
Feistel Cipher structure : features
(a) inputs to encryption algorithm are a
plaintext block of length 2w bits and a key K
(b) plaintext block is divided into two halves
L0 and R0
(c) the two halves pass through n rounds of
processing and then combine to produce the
ciphertext block
(d) each round i has the following inputs :
• Li-1 and Ri-1 derived from the previous round
• subkey Ki derived from the overall key K
14.03.22 09:56 38
Symmetric - Key Cryptography
Symmetric block encryption algorithms
Feistel Cipher structure : features
(e) subkeys Ki are different from K and
from each other and are generated from
the key by a subkey generation algorithm
(f) processing in each round :
• a round function F (parameterised by the
14.03.22 09:56 40
Symmetric - Key Cryptography
Symmetric block encryption algorithms
Feistel Cipher structure : features
parameters and features (contd.) :
• subkey generation algorithm : more
complex means more difficult for
cryptanalysis
• round function : more complexity is better
• fast software encryption / decryption
• ease of analysis
14.03.22 09:56 41
Symmetric - Key Cryptography
Symmetric block encryption algorithms
Feistel Cipher structure : features
Decryption :
• use ciphertext as input to the algorithm
• use subkeys in the reverse order : Kn in
the first round, Kn-1 in the second and K1
in the last round →
17
Li-1 F(Ri-1,Ki)
18
19
14.03.22 09:56 16 sub-keys are generated, one for iteration (stages 2 - 17) 43
Symmetric - Key Cryptography
Symmetric block encryption algorithms
DES
concerns about DES key length (56-bits) :
56 bits → 256 or 7.2 x 1016 keys
Electronic Frontier Foundation (EFF)
broke a DES encryption in 1998 using a
special-purpose “ DES cracker ” machine
in less than 3 days
if the only form of attack that could be made on
encryption algorithms is only brute-force with
faster machines …..use longer keys
14.03.22 09:56 44
Symmetric - Key Cryptography
Symmetric block encryption algorithms
DES
14.03.22 09:56 46
Symmetric - Key Cryptography
Symmetric block encryption algorithms
Triple DES (3DES) - ANSI standard X9.17
FIPS PUB 46-3
3DES uses :
• three keys and
• three executions of DES algorithm
C = E(K3, D(K2, E(K1, P)))
P = plaintext
C = ciphertext
E [ K, X ] = encryption of X using key K
D [ K, Y ] = decryption of Y using key K
14.03.22 09:56 47
Symmetric - Key Cryptography
Symmetric block encryption algorithms
3DES
issues :
what to encrypt ?
where to locate the encryption devices ?
• link encryption
• end-to-end encryption
14.03.22 09:56 50
Symmetric - Key Cryptography
Location of Encryption Devices
14.03.22 09:56 53
Symmetric - Key Cryptography
Location of Encryption Devices
bytes
/ TOS of datagram
4
(#)
4
4
TTL = 64
unchanged during travel
of datagram from S to D 4
unchanged during travel
of datagram from S to D 4
40
14.03.22 09:56 62
Symmetric - Key Cryptography
Key Distribution
automated approach
provides flexibility and
dynamic method to …
SSM
allow number of hosts
SSM ey C
to exchange data
k D
s ing& K
d u M
e S
r ypt y S
c b
connection
request packet enared session key
sh delivered
connection setup
data exchange encrypted
SSM by SSMs using their SSM
session keys
14.03.22 09:56
Automated Key distribution for connection-oriented protocol63