BIT 21403

FUNDAMENTALS OF
INFORMATION SECURITY

Chapter 4
Cryptographic Tools

BIT 21403 1
 Symmetric Encryption
• The universal technique for providing confidentiality for
transmitted or stored data
• Also referred to as conventional encryption or single-key
encryption

• Two requirements for secure use:

• Need a strong encryption algorithm
• Sender and receiver must have obtained copies
of the secret key in a secure fashion and must
keep the key secure

BIT 21403 2
BIT 21403 3
 Attacking Symmetric
Encryption
Cryptanalytic Attacks Brute-Force Attacks
 Rely on:  Try all possible keys on some
 Nature of the algorithm ciphertext until an intelligible
 Some knowledge of the general translation into plaintext is obtained
characteristics of the plaintext  On average half of all possible keys
must be tried to achieve success
 Some sample plaintext-ciphertext
pairs
 Exploits the characteristics of the
algorithm to attempt to deduce a
specific plaintext or the key being
used
 If successful all future and past
messages encrypted with that key are
compromised
BIT 21403 4
 Table 2.1

Comparison of Three Popular Symmetric

Encryption Algorithms
BIT 21403 5
 Data Encryption Standard
(DES)
• Until recently was the most widely used
encryption scheme
• FIPS PUB 46
• Referred to as the Data Encryption Algorithm
(DEA)
• Uses 64 bit plaintext block and 56 bit key to produce
a 64 bit ciphertext block

Strength concerns:
• Concerns about the algorithm itself
• DES is the most studied encryption algorithm
in existence
• Concerns about the use of a 56-bit key
• The speed of commercial off-the-shelf processors makes
this key length woefully inadequate
BIT 21403 6
 Table 2.2

Average Time Required for Exhaustive Key Search

BIT 21403 7
 Triple DES (3DES)
 Repeats basic DES algorithm three times using either two or
three unique keys
 First standardized for use in financial applications in ANSI
standard X9.17 in 1985
 Attractions:
 168-bit key length overcomes the vulnerability to brute-force attack of
DES
 Underlying encryption algorithm is the same as in DES
 Drawbacks:
 Algorithm is sluggish in software
 Uses a 64-bit block size

BIT 21403 8
 Advanced Encryption
Standard (AES)
NIST called for
Needed a Selected
proposals for a
replacement for Rijndael in
new AES in
3DES November 2001
1997
Should have a security
strength equal to or better
than 3DES

Significantly improved
3DES was not efficiency
Published as
reasonable for
long term use FIPS 197
Symmetric block cipher

128 bit data and

128/192/256 bit keys

BIT 21403 9
Practical Security Issues
 Typically symmetric encryption is applied to a unit of data
larger than a single 64-bit or 128-bit block
 Electronic codebook (ECB) mode is the simplest approach to
multiple-block encryption
 Each block of plaintext is encrypted using the same key
 Cryptanalysts may be able to exploit regularities in the plaintext

 Modes of operation
 Alternative techniques developed to increase the security of symmetric
block encryption for large sequences
 Overcomes the weaknesses of ECB

BIT 21403 10
BIT 21403 11
 Block & Stream Ciphers
Block Cipher

• Processes the input one block of elements at a time

• Produces an output block for each input block
• Can reuse keys
• More common

Stream Cipher
• Processes the input elements continuously
• Produces output one element at a time
• Primary advantage is that they are almost always faster and use far less
code
• Encrypts plaintext one byte at a time
• Pseudorandom stream is one that is unpredictable without knowledge of
the input key

BIT 21403 12
 Message Authentication

Protects against
active attacks

Verifies received • Contents have not been altered

• From authentic source
message is authentic • Timely and in correct sequence

Can use
• Only sender and receiver share a
conventional key
encryption

BIT 21403 13
 Message Authentication
Without Confidentiality
• Message encryption by itself does not provide a secure form of
authentication
• It is possible to combine authentication and confidentiality in a single
algorithm by encrypting a message plus its authentication tag
• Typically message authentication is provided as a separate function from
message encryption
• Situations in which message authentication without confidentiality may
be preferable include:
• There are a number of applications in which the same message is broadcast to a number of
destinations
• An exchange in which one side has a heavy load and cannot afford the time to decrypt all incoming
messages
• Authentication of a computer program in plaintext is an attractive service

• Thus, there is a place for both authentication and encryption in meeting

security
BIT 21403 requirements 14
BIT 21403 15
An alternative to the message authentication code is the
one-way hash function. As with the message authentication code, a hash function
accepts a variable-size message M as input and produces a fixed-size message digest
H(M) as output (Figure 2.4). Typically, the message is padded out to an integer multiple
of some fixed length (e.g., 1024 bits) and the padding includes the value of the length
of the original message in bits. The length field is a security measure to increase the
difficulty for an attacker to produce an alternative message with the same hash value.
BIT 21403 16
BIT 21403 17
 To be useful for message
authentication, a hash function H must have the
following properties:

Can be applied to a block of data of any size

Produces a fixed-length output

H(x) is relatively easy to compute for any given x

One-way or pre-image resistant

• Computationally infeasible to find x such that H(x) = h

Computationally infeasible to find y ≠ x such that H(y) = H(x)

Collision resistant or strong collision resistance

• Computationally infeasible to find any pair (x,y) such that H(x) = H(y)

BIT 21403 18
Security of Hash Functions
There are two
Additional secure
approaches to SHA most widely
hash function
attacking a secure used hash algorithm
applications:
hash function:

Cryptanalysis Passwords
• Exploit logical weaknesses in • Hash of a password is stored
the algorithm by an operating system

Brute-force attack Intrusion detection

• Strength of hash function • Store H(F) for each file on a
depends solely on the length system and secure the hash
of the hash code produced by values
the algorithm

BIT 21403 19
Public-Key Encryption Structure

Asymmetric
• Uses two
Publicly separate keys Some form of
proposed by Based on • Public key and protocol is
Diffie and mathematical private key needed for
Hellman in functions • Public key is
distribution
1976 made public for
others to use

BIT 21403 20
 Plaintext
 Readable message or data that is fed into the algorithm as input
 Encryption algorithm
 Performs transformations on the plaintext
 Public and private key
 Pair of keys, one for encryption, one for decryption
 Ciphertext
 Scrambled message produced as output
 Decryption key
BIT 21403  Produces the original plaintext 21
  User encrypts data using his or her own
private key

 Anyone who knows the corresponding

public key will be able to decrypt the
message
BIT 21403 22
 Table 2.3

Applications for Public-Key Cryptosystems

BIT 21403 23
 Requirements for Public-Key
Cryptosystems
Computationally easy to
create key pairs

Computationally easy
Useful if either key can for sender knowing
be used for each role public key to encrypt
messages

Computationally Computationally easy

infeasible for opponent for receiver knowing
to otherwise recover private key to decrypt
original message ciphertext

Computationally
infeasible for opponent to
determine private key
from public key
BIT 21403 24
 Asymmetric Encryption
Algorithms
RSA (Rivest, Most widely accepted and
Block cipher in which the
Shamir, Developed in 1977 implemented approach to
public-key encryption
plaintext and ciphertext are
integers between 0 and n-1 for

Adleman) some n.

Diffie-Hellman Enables two users to securely

reach agreement about a
key exchange shared secret that can be used
as a secret key for subsequent
Limited to the exchange of the
keys

algorithm symmetric encryption of

messages

Digital
Signature Provides only a digital
signature function with SHA-1
Cannot be used for encryption
or key exchange

Standard (DSS)

Elliptic curve
cryptography Security like RSA, but with
much smaller keys

BIT 21403(ECC) 25
 Digital Signatures
 NIST FIPS PUB 186-4 defines a digital signature as:
”The result of a cryptographic transformation of data that,
when properly implemented, provides a mechanism for
verifying origin authentication, data integrity and signatory non-
repudiation.”
 Thus, a digital signature is a data-dependent bit pattern, generated by an
agent as a function of a file, message, or other form of data block
 FIPS 186-4 specifies the use of one of three digital signature algorithms:
 Digital Signature Algorithm (DSA)
 RSA Digital Signature Algorithm
 Elliptic Curve Digital Signature Algorithm (ECDSA)
BIT 21403 26
BIT 21403 27
BIT 21403 28
BIT 21403 29
 Random  Keys for public-key
Numbers algorithms
 Stream key for symmetric
stream cipher
Uses include
generation of:  Symmetric key for use as a
temporary session key or in
creating a digital envelope
 Handshaking to prevent
replay attacks
BIT 21403 30
 Random Number
Requirements
Randomness Unpredictability
 Criteria:
 Uniform distribution  Each number is statistically
 Frequency of occurrence of each
of the numbers should be independent of other
approximately the same numbers in the sequence
 Independence
 No one value in the sequence
can be inferred from the others
 Opponent should not be
able to predict future
elements of the sequence
on the basis of earlier
elements

BIT 21403 31
 Random versus
Pseudorandom
Cryptographic applications typically make use of algorithmic techniques
for random number generation
• Algorithms are deterministic and therefore produce sequences of numbers that are not statistically
random

Pseudorandom numbers are:

• Sequences produced that satisfy statistical randomness tests
• Likely to be predictable

True random number generator (TRNG):

• Uses a nondeterministic source to produce randomness
• Most operate by measuring unpredictable natural processes
• e.g. radiation, gas discharge, leaky capacitors
• Increasingly provided on modern processors
BIT 21403 32
 Practical Application:
Encryption of Stored Data
Common to encrypt transmitted data

Much less common for stored data

There is often little protection
beyond domain authentication
and operating system access

Approaches to encrypt stored data:

controls

Data are archived for indefinite

periods

Use a commercially
Library based tape Background laptop/PC
available encryption Back-end appliance
encryption data encryption
package
Even though erased, until disk
sectors are reused data are
recoverable

BIT 21403 33
 Summary
• Confidentiality with
symmetric encryption
 Symmetric encryption
 Symmetric block encryption
algorithms
 Stream ciphers
• Message authentication and
hash functions
 Authentication using symmetric
encryption
 Message authentication without
message encryption
 Secure hash functions
 Other applications of hash functions
• Random and pseudorandom
numbers
 The use of random numbers
 21403
BIT Random versus pseudorandom
• Public-key encryption
 Structure
 Applications for public-key
cryptosystems
 Requirements for public-key
cryptography
 Asymmetric encryption algorithms
• Digital signatures and key
management
 Digital signature
 Public-key certificates
 Symmetric key exchange using public-
key encryption
 Digital envelopes
• Practical Application:
Encryption of Stored Data
34