1 / 17

Previous lecture

Previous lecture. Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric cryptography. RSA — keys, encryption, decryption. (Proof of correctness not part of course.). This lecture. Block ciphers Modes of operations First assignment

laszlo
Download Presentation

Previous lecture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Previous lecture • Practical things about the course. • Example of cryptosystem — substitution cipher. • Symmetric vs. asymmetric cryptography. • RSA — keys, encryption, decryption. (Proof of correctness not part of course.) Mårten Trolin

  2. This lecture • Block ciphers • Modes of operations • First assignment • Hash functions • Digital signatures Mårten Trolin

  3. Block ciphers • A block cipher B is an encryption function Ekey:{0,1}k {0,1}l and a decryption function Dkey:{0,1}l {0,1}k such thatDkey(Ekey(m)) = m. • The value k is called block length. Usually k = l. • Commonly used block ciphers include DES, 3DES and IDEA. Clear (plain) text Cipher text Key Mårten Trolin

  4. Chaining ciphers • What happens when the clear text is longer than the block length k? • Most simple solution — encrypt each block separately. • This mode is called ECB, Electronic Code Book Clear text Key Enc Enc Enc Enc Cipher text Mårten Trolin

  5. Problems with ECB • The main problem with ECB is that an adversary can change order or remove blocks without detection. • The solution — link the encrypted blocks to each other. • Most common option — Cipher Block Chaining, CBC Mårten Trolin

  6. Cipher Block Chaining • A feedback is introduced to link the blocks together Clear text IV Key Enc Enc Enc Enc Cipher text Mårten Trolin

  7. Cipher Block Chaining, cont. • Let Ekey be the encryption function, Dkey be the decryption function, Pi block i of the clear text and Ci block i of the cipher text, i = 1, 2, 3... • Encryption of block i: Ci = Ekey(Pi  Ci-1) where C0 = IV (initialization vector) • Decryption of block i: Pi =Ci-1  Dkey(Ci) • The Initialization Vector, IV = C0, must be known to both parties and can be sent in clear. Mårten Trolin

  8. First assignment • Implement encryption and decryption using your favourite block cipher (DES, 3DES, IDEA etc) for two modes (e.g., ECB and CBC) with a usable (not necessarily user-friendly!) command-line interface. • Use an existing crypto library for the block cipher, but implement the chaining yourself! • Examples of possible crypto libraries to use: openssl (for C) or JSSE (for Java). • You can get a maximum of four points for the exam from this assignment. Mårten Trolin

  9. Rules for the assignment • Choose your favourite language! • If you pick another language than C, C++, Pascal or Java, or another platform than UNIX/Linux or Windows/DOS, please contact me first! • Solve the assignment either individually or in pairs. • Hand in the solution no later than March 5th. You lose one point per day if you hand in late. You can hand in your solution • By email to marten@nada.kth.se. • On a diskette at the lecture • As a link to a site that I can reach Mårten Trolin

  10. Rules for the assignment, cont. • Please include • source code • executable • a brief description of the interface (just enough so that I can run it) • contact information • the amount of time you spent on the assignment (not used for grading, just to tune the difficulty of the assignments) Mårten Trolin

  11. Rules for the assignment, cont. • Co-operation between groups is allowed only on a conceptual level • Example of things you may discuss: Is it easier to solve the assignment in Java than C? What is a good format to provide the key? Is this input format reasonable? • Example of things you may not discuss: Please show me your code so I can copy part of it! • Please state the persons you have discussed the solution with. • You may be asked to explain your solution orally. Mårten Trolin

  12. Hash functions • A hash function computes a fixed length value from a variable length source • Example: Check sums in communication protocols • Indices in databases • More convenient to handle a hash of a document instead of the document itself • We will consider cryptographically secure hash functions. Mårten Trolin

  13. Hash functions, definition • A hash function is a function f:{0,1}*  {0,1}n. • The size of the output, n, is a property of the function. Common values are 128, 160 and 256. • Commonly used hash functions are MD5, SHA and SHA-1 Mårten Trolin

  14. Hash function — examples • f(m) = first 40 bits of m • f(m) = last 40 bits of m • f(m) = XOR of the bytes of m Mårten Trolin

  15. Properties of good hash functions • Let H be a hash function • One-way • Given v, unfeasible to compute an x such that H(v) = x • Collision-free • Unfeasible to find x1 and x2 such that H(x1) = H(x2) Mårten Trolin

  16. Digital signatures • Used to ensure authenticity. • A digital signatures binds a document to a person. • In a public key infrastructure (PKI), a person produces a digital signature using his private key • The signature can be verified using the public key. Mårten Trolin

  17. How to sign a document d • Compute the hash of d, v = H(d). • Perform a private key operation on v. • The result is a digital signature. • What happens if the hash function is not one-way? Not collision free? Mårten Trolin

More Related