1 / 13

Data Encryption Standard (DES)

Data Encryption Standard (DES). Developed in 1970s for the U.S. Gov’t, intended for use by the public Uses combinations of substitution and transposition (16 cycles) Uses a 64 bit key (8 bits for check digits) to encrypt blocks of 64 bits

nishan
Download Presentation

Data Encryption Standard (DES)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Data Encryption Standard (DES) • Developed in 1970s for the U.S. Gov’t, intended for use by the public • Uses combinations of substitution and transposition (16 cycles) • Uses a 64 bit key (8 bits for check digits) to encrypt blocks of 64 bits • Output bits have no obvious relationship to the input bits and are spread. Substitution provides the confusion and transposition provides the diffusion

  2. Data Encryption Standard (DES) • Double DES – E(k2, E(k1,m)) no better than DES (only doubles the work) • Triple DES - E(k1, D(k2, E(k1,m)) doubles the effective key length • Any change to the algorithm weakens it • 1998 - $100,000 computer determined the DES key in 4 days

  3. Advanced Encryption Standard (AES) • Adopted in Dec. 2001 (more efficient than other candidates) • 9,11, or 13 cycles for keys of 128, 192, and 256 bits) • Each cycle consists of • Byte substitution - similar to DES • Shift - row transposition • Mix column -left shift and XOR bits • Add subkey – XOR portion of key with cycle result

  4. Comparison of DES and AES

  5. Public Key Encryption (Asymmetric Key) • Uses two keys (one private for decryption and one public for encryption) P = D(kPRIV, E(kPUB, P)) • Requires less keys and simplifies distribution of keys • P = D(kPUB, E(kPRIV, P)) can be used for authentication

  6. Comparing Secret Key and Public Key Encryption

  7. Rivst-Shamir-Adelman (RSA) Encryption • Public key; algorithm introduced in 1978 • No serious flaws found • Uses number theory and large prime numbers • P = D(kPRIV, E(kPUB, P)) = D(kPUB, E(kPRIV, P))where the two keys are interchangeable

  8. RSA Algorithm • Alice picks two large prime numbers (assume p=17, q=11) which are kept secret • Multiply N = p*q = 187 and select e such that e and (p-1)*(q-1) are relatively prime, e.g. e= 7 • Publish the public key: e and N • Bob uses the public key to encrypt message M (in numeric form) to ciphertext C • C = Me (mod N) [ex. M = X (10110002 = 8810) • C = 887 (mod 187) = 59,977,368 (mod 187) = 11 • Bob sends 11 to Alice • Since Alice knows p and q, she can calculate the private key (d) • e x d = 1 (mod (p-1)*(q-1)) • 7 * d = 1 (mod 16*10) • d = 23 • Alice decrypts the message C using M = Cd (mod 187) • M = 1123 (mod 187) = 88 (which is ASCII for X)

  9. Uses of Encryption • Cryptographic Hash Functions • Uses one-way functions to compute a value (hash, checksum, message digest) to ensure integrity of a file or message. “sender” use an algorithm to compute the value which is sent with the message. The “receiver” uses the same algorithm to compute the value and compare with the sent value. • MD4/5 (Message Digest) use 12-bit digest • SHA/SHS (Secure Hash Algorithm/Standard) uses a 160-bit digest

  10. Uses of Encryption • Key Exchange • Want to send a protected message to someone who you do not know and who does not know you (requires 4 keys) • Sender encrypts with his private key, followed by receiver’s public key • C = E(kPUB-R, E(kPRIV-S, M) • Receiver decrypts first with his private key, followed by the sender’s public key

  11. Uses of Encryption • Digital Signatures • Transfer electronically a secure document (e.g. check) • Digital signature is a protocol that produces the same effect as a real signature; it is a mark that only the sender can make, but other people can easily recognize as belonging to the sender • Must be unforgeable • Must be authentic • Should not be alterable • Should not be reusable • If S wishes to send M to R, S produces E(M, Kpriv-S) which R decodes using S’s public key.

  12. Uses of Encryption • Certificates • Trust through a common respected individual • Certificates to Authenticate an Identity • Public key and user’s identify are bound together in a certificate, which is signed by a certificate authority (similar to a notary public) • Root certification authorities: Verisign, SecureNet, Deutsche Telecom, …

  13. Key Distribution Protocols • What operational restrictions are there? • What trust requirements are there? • What is the protection against failure? • How efficient is the protocol? • How easy is the protocol to implement?

More Related