Transcript
Cryptography
4
The term Cryptography is originally derived from the two
greek words “kryptos" and “graph", meaning hidden and
writing, 20th.
Cryptography is the science and study of methods of
protecting data in computer and communication systems
from unauthorized disclosure and modification.
Classified into two cryptosystems, private-key
cryptosystem and public-key cryptosystem. Both are
based on complex mathematical algorithms and are
controlled by keys.
Branches of cryptography
Cryptographic engineering
Visual cryptography
Steganography
Quantum cryptography
Multivariate cryptography
6
Uses of cryp.. techniques
Commitment
schemes
Secure multiparty
Computation
Electronic voting
Authentication
Digital signature
Protocol
Banking
Digital currency
Secret sharing
Anonymous remailer
Onion routing
Cryptosystems
Security Goals
7
1.Confidentiality or Privacy : Service is used to save the information content of all persons except that told them to get acquainted with them.
2.Data Integrity: This service is used to save the information of the change (delete or add or modify) by persons unauthorized to do so.
3.Proof of identity (Authentication): This service is used to prove the identity of the data handling (authorized).
Cont.
8
4. (Non-repudiation): This service is used to prevent a
person from denial to do something, Digital Signature.
Note :-
If the primary purpose of encryption is to provide these services to the people is to maintain the security of their information .
9
Ciphers
ClassicalRotor
Machines
Private KeySubstitution
Modern
Public Key
Stream Block
Transposition
Fig 3:- Types of Ciphers
Fig 3:- Types of Modern cipher.
Symmetric Asymmetric
• Ke=Kd=K• P=D(E(P,Ke),K)
• Ke ≠ Kd• P=D(E(P,Ke),Kd)
•DES•Tripl DES• AES• BLOWFISH• CASTS• IDEA• Serpent• Twofish
•DES•Tripl DES• AES• BLOWFISH• CASTS• IDEA• Serpent• Twofish
• RSA• ElGamal• Diffie-Hellman• Rabin• ECDSA• XTR
• RSA• ElGamal• Diffie-Hellman• Rabin• ECDSA• XTR
Modern
• RC4• BMGL•SEAL •SNOW •SOBER
• RC4• BMGL•SEAL •SNOW •SOBER
Block Stream
Symmetric Encryptionprivate-key / single-keysender and recipient share a common keyall classical encryption algorithms are
private-key
7.13
Main topics
To review a short history of AES
To define the basic structure and trans.. of AES
To define the key expansion process
To define ANALYSIS and Uses of AES
Comparison
Reference
7.14
Clear a replacement for DES was neededo have theoretical attacks that can break ito have demonstrated exhaustive key search
attacks, ” deep crack (88b) in 3 days” Can use (3-DES) – but slow, has small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were shortlisted in Aug-99
o (Rijndael, SERPENT, TWOFISH, RC6, MARS).
History
Introduction
The Advanced Encryption Standard (AES).
Is a symmetric-key block cipher .
Rijndael was selected as the AES in Oct-2000
Published by the (NIST) in December 2001.
The criteria defined by NIST for selecting AES fall
into three areas: 1. Security 2. Cost3. Implementation.
7.16
designed by Rijmen-Daemen in Belgium has 128/192/256 bit keys, 128 bit data an iterative rather than Feistel cipher
processes data as block of 4 columns of 4 bytes operates on entire data block in every round
designed to have: resistance against known attacks speed and code compactness on many CPUs design simplicity
The AES Cipher - Rijndael
AES Structure
data block of 4 columns of 4 bytes is state key is expanded to array of words has 10/12/14 rounds in which state undergoes:
byte substitution (1 S-box used on every byte) shift rows (permute bytes between groups/columns) mix columns (subs using matrix multiply of groups) add round key (XOR state with key material) view as alternating XOR key & scramble data bytes
initial XOR key material & incomplete last round with fast XOR & table lookup implementation
Some Comments on AES
key expanded into array of 32-bit words four words form round key in each round
4 different stages are used as shown has a simple structure only AddRoundKey uses key AddRoundKey a form of Vernam cipher each stage is easily reversible decryption uses keys in reverse order decryption does recover plaintext final round has only 3 stages
7.25
EA 04 65 85
83 01 5D 96
5C 33 98 B0
F1 2D AD C5
Initial XOR key
24 34 31 13
75 75 e2 Aa
A2 56 12 5
B3 88 00 87
00 12 0c 08
04 04 00 23
12 12 13 19
14 00 11 19
Input state Output stateKey Round
Plain text key Cipher text
+ =
7.26
TRANSFORMATIONS
To provide security, AES uses four types of transformations: substitution, permutation, mixing, and key-adding.
1. Substitution
2. Permutation
3. Mixing
4. Key Adding
Substitute Bytes
A simple substitution of each byte Uses one table of 16x16 bytes . Each byte of state is replaced by byte indexed
by row (left 4-bits) & column (right 4-bits) eg. byte {95} is replaced by byte in row 9
column 5 which has value {2A}
S-box constructed using defined transformation of values in GF(28)
Designed to be resistant to all known attacks
7.28
0 1 . . . . . . F
0 7C
.
.
.
.
.
F A1EA 04 65 85
83 01 5D 96
5C 33 98 B0
F1 2D AD C5
State
87 F2 4D 97
EC 7C 4C 90
4A C3 46 E7
A1 D8 95 A6
StateAfter substitute
S-b
ox
SubBytes
Figure 6: SubBytes transformation
Shift Rows
A circular byte shift in each each 1st row is unchanged 2nd row does 1 byte circular shift to left 3rd row does 2 byte circular shift to left 4th row does 3 byte circular shift to left
Decrypt inverts using shifts to right Since state is processed by columns, this step
permutes bytes between the columns
7.32
87 F2 4D 97
EC 7C 4C 90
4A C3 46 E7
A1 D8 95 A6
87 F2 4D 97
7C 4C 90 EC
46 E7 4A C3
A6 A1 D8 95
unchanged1 byte shift to left2 byte shift to left3 byte shift to left
StateAfter shifting
State
Shift Rows
Shift row
InShift row
Figure 7: shift rows
Mix Columns
Each column is processed separately Each byte is replaced by a value
dependent on all 4 bytes in the column Effectively a matrix multiplication in GF(28)
using prime poly m(x) =x8+x4+x3+x+1
Continue
Can express each col as 4 equations to derive each new byte in col
Decryption requires use of inverse matrix with larger coefficients, hence a little harder
Have an alternate characterisation each column a 4-term polynomial with coefficients in GF(28) and polynomials multiplied modulo (x4+1)
Coefficients based on linear code with maximal distance between codewords
7.36
02 03 01 01
01 02 03 01
01 01 02 03
03 01 01 02
87 F2 4D 97
6E 4C 90 EC
46 E7 4A C3
A6 A1 D8 95
47 S0,1 S0,2 S0,3
37 S1,1 S1,2 S1,3
94 S2,1 S2,2 S2,3
ED S3,1 S3,2 S3,3
=*
Old matrix New matrixConstant matrix * eg.:- (({02}*{87})+({03}*{6E})+({01}*{46})+({01}*{A6}))= {47}
InvMixColumns:The InvMixColumns transformation is basically the same as the MixColumns transformation.
Figure 8: Mixing bytes using matrix multiplication
Add Round Key
XOR state with 128-bits of the round key Again processed by column (though
effectively a series of byte operations) Inverse for decryption identical
since XOR own inverse, with reversed keys
Designed to be as simple as possible a form of Vernam cipher on expanded key requires other stages for complexity / security
7.38
Continue
Figure 9: AddRoundKey transformation
S0,0 S0,1 S0,2 S0,3
S1,0 S1,1 S1,2 S1,3
S2,0 S2,1 S2,2 S2,3
S3,0 S3,1 S3,2 S3,3
S0,0 S0,1 S0,2 S0,3
S1,0 S1,1 S1,2 S1,3
S2,0 S2,1 S2,2 S2,3
S3,0 S3,1 S3,2 S3,3
S0,0 S0,1 S0,2 S0,3
S1,0 S1,1 S1,2 S1,3
S2,0 S2,1 S2,2 S2,3
S3,0 S3,1 S3,2 S3,3
+ =
7.40
KEY EXPANSION
To create round keys for each round, AES uses a key-
expansion process. If the number of rounds is Nr , the
key-expansion routine creates Nr + 1 128-bit round keys
from one single 128-bit cipher key.
Key Expansion in AES-128
7.46
ContinuedContinued
Example :
Figure 7.21 shows the state entries in one round, round 7, in Figure 7.21 shows the state entries in one round, round 7, in Example 7.10.Example 7.10.
Figure 12: States in a single round
7.47
ContinuedContinued
Example :
One may be curious to see the result of encryption when the One may be curious to see the result of encryption when the plaintext and cipher key is made of all 0s. Using the cipher plaintext and cipher key is made of all 0s. Using the cipher key in Example 7.10 yields the ciphertext.key in Example 7.10 yields the ciphertext.
7.48
ANALYSIS OF AES
This section is a brief review of the three characteristics
of AES.
1. Security
2. Implementation
3. Simplicity and Cost
7.49
Security
AES was designed after DES. Most of the known attacks on DES were already tested on AES.
Brute-Force AttackAES is definitely more secure than DES due to the larger-size key.
Statistical AttacksNumerous tests have failed to do statistical analysis
of the ciphertext.
Differential and Linear AttacksThere are no differential and linear attacks on AES as yet.
7.50
Implementation
AES can be implemented in software, hardware, and firmware. The implementation can use table lookup process or routines that use a well-defined algebraic structure.
Simplicity and Cost
The algorithms used in AES are so simple that they can be easily implemented using cheap processors and a minimum amount of memory.
Uses of AES Algorithm
7.51
AES is used in programs (WINZIP) the user
request dataset after encrypt compressed.
Used in the protocol TLS, a protocol to
establish a secure connection.
Use of the IPsec protocol, a protocol to ensure
safety in the connections that are powered by IP
over the Internet
Uses in the military….etc.
7.54
Pratap Chandra Mandal has evaluated the following
algorithms: DES, 3DES ,AES and Blowfish
Pentium IV of 2.4 GHz CPU speed
4 GB RAM.
text files sizes range from 50 KB to 22300 KB.
Experiment
7.59
William Stallings, CRYPTOGRAPHY AND NETWORK SECURITY, FIFTH EDITION,2011, USA
www.cs.bc.edu/~straubin/cs381-05/blockciphers/rijndael_ingles2004.swf
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Pratap Chandra Mandal., Kolkata, W.B., Evaluation of performance of the Symmetric Key Algorithms: DES, 3DES ,AES and Blowfish.Journal of Global Research in Computer Science, 3 (8), August 2012, 67-70.
Handout
Reference
Performance Evaluation of Symetric
Cryptography Algorithm
by
Mohsin Khan, Sadaf Hussain, Malik Imran
Article journal, Volume 2, Issue, April 2012-13. Islamabad
Abstract
This survey paper discussed about the symmetric
cryptographic algorithms and their performance in
context of power consumption issues, Memory and
CPU processing time.
Also, their performance based on algorithm, key
generation process and length.
Introduction
Cryptography converts the message into a non
readable format and send it over an unsecure
channel.
There are five requirements for symmetric
encryption, plain text, cipher text, encryption
algorithm, decryption algorithm, and secret key.
In general, encryption uses two techniques like.
Encryption
Symmetric Asymmetric
RSA ECC Etc.BlowfishDES,3DES
AESRC2/6
Fig 1: Cryptography Diagram
---------------------------
------
---------------------------
------
Secret key
Secret key
Encryption Decryption
------------------------
-----
------------------------
-----
Message Message
M Y=E(M,K) M=D(Y,K)
K K
@^^&-=!!l&%-*kuh&^
@^^&-=!!l&%-*kuh&^
Fig 2: Symmetric Encryption Algorithm process
Description of some symmetric encryption
algorithms like AES, DES, Blowfish, Modified DES,
and Modified Blowfish, and their strengths and
weaknesses.
1. DES (Data Encryption Standard) Algorithm
It is a block cipher which encrypts 64 bit plaintext at a time and
uses 56 bit key.
The drawback can be easily prone to Brute Force to break the
key, 256 possible .
So DES is not so secure.
Round 1
Round 2
Initial permutayion
Round 16
32 bit swap
Inv initial permutation
Permuted choice 2
Left circular shift
Permuted choice 2
Left circular shift
Left circular shift
Permuted choice 2
Permutation choice
64-bit plain text
64-bit cipher text
64-bit key
56
56
56
56
5648
48
48
64
64
64
64
Key Generation
EncryptionFig 3: DES Algorithm
2. AES (Advanced Encryption Standard) Algorithm
AES is a variable bit block cipher and uses variable key
length of 128, 192 and 256 bits.
AES performs different processing rounds.
Substitute bytes
Shift rows
Mix column
Add round key
AES encryption is fast, flexible and higher secure
The key length is variable.
Blowfish Encryption Algorithm
designed in 1993 by Bruce BlowfishIt’s 64 bit block cipher with variable length key.Fast : It encrypts data on large 32-bit microprocessors at a
rate of 26 clock cycles per byte.Compact: It can run in less than 5K of memory. Simple: It uses addition, XOR, lookup table with 32-bit
operands.Secure: The key length is variable ,it can be in the range of
32~448 bits: default 128 bits key length.Unpatented and royality-free.
Cont..
It is suitable and efficient for hardware
implementation
blowfish algorithm has yet to be cracked as the
key size is high, requires 2448 combinations
The processing speed is less than DES and AES.
simple to implement
Description of Algorithm:
• Feistel network. • This algorithm is divided into two parts.
1. Key-expansion•The key expansion step converts 448 bit key into 4168
bytes.• A P-array of size 18 and four S-boxes whose size is 256
2. Data Encryption• Divide 64-bits into two 32-bit halves: XL, XR • For i = 1 to 16
o XL = XL XOR Pi o XR=F(XL) XOR XR o Swap XL and XR
• Swap XL and XR (Undo the last swap ) • XR=XR XOR P17 • XL = XL XOR P18 • Concatenate XL and XR
Key-expansion:
It will converts a key of 448 bits into several subkey arrays totaling 4168 bytes. Blowfish uses large number of subkeys.
These keys are generate earlier to any data encryption or decryption.
The p-array consists of 18, 32-bit subkeys:
P1,P2,………….,P18
Four 32-bit S-Boxes consists of 256 entries each:
S1,0, S1,1,………. S1,255
S2,0, S2,1,……….. S2,255
S3,0, S3,1,……….. S3,255
S4,0, S4,1,..............S4,255
Modified Blowfish Algorithm
Modified by Monika and Paradeep in 2012. They
modify the blowfish algorithm with a random number
Rn, the remaining processing is same as blowfish.
Modified blowfish algorithm uses the concept of
random number and flags,
flags decide where f function process is required or
not.
Cont...
As the result of the number of f function calls is
reduced, lead to,
increase the CPU processing time
decrease memory usage
increased the throughput.
The second advantage of modified blowfish
algorithm is increased in security.
Modified DES Algorithm using Fuse Data Technique
DES algorithm is modified by Al Hamami et al in . They present Fuse DES with Blowfish and Genetic
Algorithm (GA). DES has a disadvantage of shortest key, since it is not
more secure. The algorithm uses 2 subkeys:-right subkey and Left subkey is a 768 bit length and
16 blocks of 48 bits called Pi through both 16th round left subkey is generated.
Cont..
the CPU time increased, as well as, memory usage
and as result of slow processing, the throughput
decreased compare to DES.
This is more secure encryption algorithm as uses two
subkeys, R,L.
Conclusion
one secret key is used in the symmetric encryption algorithms
the symmetric key algorithms are more prone to attacks and provide less security than asymmetric algorithms.
the processing time, throughput, and memory usage of this algorithms are very less
DES is a less secure algorithmThe drawback is solved in Fused DES through GA
Technique and Blowfish key generation.The more secure algorithm is blowfish.
Critique The title of the article is appropriate and clear
However, the abstract is rather general and not
specific.
In introduction, the purpose of the article was not
clearly stated
So few information regarding the description of
AES algorithm.
Diagram of modified blowfish is required.
Overall Critique
Modified Blowfish was not clearly described( round
numbers), as well as, GA
There are so much repetition (DES)
Figures and charts was not appropriately placed.
Review of previous researches should be mentioned
in introduction.
Language of the article was not properly academic.
Introduction
Hacking is a term used to refer to activities
aimed at exploiting security flaws to obtain critical
information for gaining access to secured
networks.
General Hacking Methods
1. Identify the target system.
2. Gathering Information on the target system.
3. Finding a possible loophole in the target system.
4. Exploiting this loophole using exploit code.
5. Removing all traces from the log files and escaping
without a trace.
Various Types of Attacks
The most common ones are: Denial of Services attacks (DOS Attacks)
SMURF Attacks
Threat from Sniffing and Key Logging Trojan Attacks
RAT (Remote Administration Tool)
IP Spoofing Buffer Overflows All other types of Attacks
IP Addresses
An attacker’s first step is to find out the IP Address of
the target system.
IP Addresses: Finding out an IP Address
Through Instant Messaging Software
C:\>netstat -n
Through Internet Relay Chat
Through Your website
by using simply JAVA applets or JavaScript code.
Through Email Headers
IP Addresses: Dangers & Concerns
IP Addresses: Dangers & Concerns
DOS Attacks
Disconnect from the Internet
Trojans Exploitation
Geographical Information
File Sharing Exploits
Port Scanning
Port Scanning is normally the first step that an
attacker undertakes.
List of Open Ports
Services Running
Exact Names and Versions of all the Services or
Daemons.
Operating System name and version
Port Scanning : Major Tools Available
Some of the best and the most commonly used Port Scanners are:NmapSuperscanHpingNessus
Common Features of all above Port Scanners:Very Easy to UseDisplay Detailed Results
Introduction Nmap (Network Mapper) is a
security scanner originally written by Gordon Lyon (Fyodor), (1997).
Is a free and open source, Website nmap.org.Nmap was originally a Linux-only utility, but it was
ported to Microsoft Windows,Nmap runs on all major computer operating systemsused to discover hosts and services on acomputer
network, and security auditing thus creating a "map" of the network. To accomplish
its goal.
Determain what operating systems (and OS versions) they are running, vulnerability detection.
type of packet filters/firewalls are in use, and dozens of other characteristics.
It was designed to rapidly scan large networksNmap is also capable of adapting to network
conditions including latency and congestion during a scan
Nmap sends specially crafted packets to the target host and then analyzes the responses.
Cont..
Nmap featuresHost discovery – Identifying hosts on a network.Port scanning – Enumerating the open ports on target
hosts.Version detection – Interrogating network services on
remote devices to determine application name and version number.
OS detection – Determining the operating system and hardware characteristics of network devices.
Scriptable interaction with the target – using Nmap Scripting Engine (NSE) and Lua programming language.
Nmap can provide further information on targets, including reverse DNS names, device types, and MAC addresses.
Typical uses of Nmap
Auditing the security of a device or firewall by identifying the network connections which can be made to, or through it.
Identifying open ports on a target host in preparation for auditing.
Network inventory, network mapping, maintenance and asset management.
Auditing the security of a network by identifying new servers.
Generating traffic to hosts on a network.
Anti-Port Scanning
Some useful Anti-Port Scanning software available are:
Scanlogd (A Unix based Port Scan Detector & Logger)
BlackICE (A Windows based Port Scan Detector &
Logger)
Snort: A packet sniffer cum IDS.
Abacus Port sentry: Capable of Detecting both normal
and stealth port scanning attempts.
Reference
http://nmap.org/book/man.htmlhttp://nmap.org/book/install.htmlhttp://nmap.org/nsedochttp://nmap.org/book/zenmap.htmlhttp://nmap.org/changelog.htmlhttp://seclists.orghttp://nmap.online-domain-tools.comhttp://sectools.orgh.mondo89@yahoo.com
top related