AES Cryptosystem

1

by: Haitham Farag Daw

2013-14

FACULITY OF ELECTRONIC TECNOLOGY

COMPUTETR ENGINEERING (MSc)

Outline Introduction

AES Cryptosystem

Review of the article

Nmap Tool

Implementation (RSA)

Introduction

Cryptography

4

The term Cryptography is originally derived from the two

greek words “kryptos" and “graph", meaning hidden and

writing, 20th.

Cryptography is the science and study of methods of

protecting data in computer and communication systems

from unauthorized disclosure and modification.

Classified into two cryptosystems, private-key

cryptosystem and public-key cryptosystem. Both are

based on complex mathematical algorithms and are

controlled by keys.

Branches of cryptography

Cryptographic engineering

Visual cryptography

Steganography

Quantum cryptography

Multivariate cryptography

6

Uses of cryp.. techniques

Commitment

schemes

Secure multiparty

Computation

Electronic voting

Authentication

Digital signature

Protocol

Banking

Digital currency

Secret sharing

Anonymous remailer

Onion routing

Cryptosystems

Security Goals

7

1.Confidentiality or Privacy : Service is used to save the information content of all persons except that told them to get acquainted with them.

2.Data Integrity: This service is used to save the information of the change (delete or add or modify) by persons unauthorized to do so.

3.Proof of identity (Authentication): This service is used to prove the identity of the data handling (authorized).

Cont.

8

4. (Non-repudiation): This service is used to prevent a

person from denial to do something, Digital Signature.

Note :-

If the primary purpose of encryption is to provide these services to the people is to maintain the security of their information .

9

Ciphers

ClassicalRotor

Machines

Private KeySubstitution

Modern

Public Key

Stream Block

Transposition

Fig 3:- Types of Ciphers

Fig 3:- Types of Modern cipher.

Symmetric Asymmetric

• Ke=Kd=K• P=D(E(P,Ke),K)

• Ke ≠ Kd• P=D(E(P,Ke),Kd)

•DES•Tripl DES• AES• BLOWFISH• CASTS• IDEA• Serpent• Twofish

•DES•Tripl DES• AES• BLOWFISH• CASTS• IDEA• Serpent• Twofish

• RSA• ElGamal• Diffie-Hellman• Rabin• ECDSA• XTR

• RSA• ElGamal• Diffie-Hellman• Rabin• ECDSA• XTR

Modern

• RC4• BMGL•SEAL •SNOW •SOBER

• RC4• BMGL•SEAL •SNOW •SOBER

Block Stream

Symmetric Encryptionprivate-key / single-keysender and recipient share a common keyall classical encryption algorithms are

private-key

Advanced Encryption Standard (AES)

7.13

Main topics

To review a short history of AES

To define the basic structure and trans.. of AES

To define the key expansion process

To define ANALYSIS and Uses of AES

Comparison

Reference

7.14

Clear a replacement for DES was neededo have theoretical attacks that can break ito have demonstrated exhaustive key search

attacks, ” deep crack (88b) in 3 days” Can use (3-DES) – but slow, has small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were shortlisted in Aug-99

o (Rijndael, SERPENT, TWOFISH, RC6, MARS).

History

Introduction

The Advanced Encryption Standard (AES).

Is a symmetric-key block cipher .

Rijndael was selected as the AES in Oct-2000

Published by the (NIST) in December 2001.

The criteria defined by NIST for selecting AES fall

into three areas: 1. Security 2. Cost3. Implementation.

7.16

designed by Rijmen-Daemen in Belgium has 128/192/256 bit keys, 128 bit data an iterative rather than Feistel cipher

processes data as block of 4 columns of 4 bytes operates on entire data block in every round

designed to have: resistance against known attacks speed and code compactness on many CPUs design simplicity

The AES Cipher - Rijndael

7.17

Continue

Figure 1:General design of AES encryption cipher

AES Structure

data block of 4 columns of 4 bytes is state key is expanded to array of words has 10/12/14 rounds in which state undergoes:

byte substitution (1 S-box used on every byte) shift rows (permute bytes between groups/columns) mix columns (subs using matrix multiply of groups) add round key (XOR state with key material) view as alternating XOR key & scramble data bytes

initial XOR key material & incomplete last round with fast XOR & table lookup implementation

7.19 Figure 2:Ciphers and inverse ciphers of the original design

7.20

Continue

7.21

Structure of Each Round

Figure 3:Structure of each round at the encryption site

Some Comments on AES

key expanded into array of 32-bit words four words form round key in each round

4 different stages are used as shown has a simple structure only AddRoundKey uses key AddRoundKey a form of Vernam cipher each stage is easily reversible decryption uses keys in reverse order decryption does recover plaintext final round has only 3 stages

7.23

Data Units.

Figure 4: Data units used in AES

7.24

Figure 5:Changing plaintext to state

Continue

7.25

EA 04 65 85

83 01 5D 96

5C 33 98 B0

F1 2D AD C5

Initial XOR key

24 34 31 13

75 75 e2 Aa

A2 56 12 5

B3 88 00 87

00 12 0c 08

04 04 00 23

12 12 13 19

14 00 11 19

Input state Output stateKey Round

Plain text key Cipher text

+ =

7.26

TRANSFORMATIONS

To provide security, AES uses four types of transformations: substitution, permutation, mixing, and key-adding.

1. Substitution

2. Permutation

3. Mixing

4. Key Adding

Substitute Bytes

A simple substitution of each byte Uses one table of 16x16 bytes . Each byte of state is replaced by byte indexed

by row (left 4-bits) & column (right 4-bits) eg. byte {95} is replaced by byte in row 9

column 5 which has value {2A}

S-box constructed using defined transformation of values in GF(28)

Designed to be resistant to all known attacks

7.28

0 1 . . . . . . F

0 7C

.

.

.

.

.

F A1EA 04 65 85

83 01 5D 96

5C 33 98 B0

F1 2D AD C5

State

87 F2 4D 97

EC 7C 4C 90

4A C3 46 E7

A1 D8 95 A6

StateAfter substitute

S-b

ox

SubBytes

Figure 6: SubBytes transformation

7.29

7.30

Shift Rows

A circular byte shift in each each 1st row is unchanged 2nd row does 1 byte circular shift to left 3rd row does 2 byte circular shift to left 4th row does 3 byte circular shift to left

Decrypt inverts using shifts to right Since state is processed by columns, this step

permutes bytes between the columns

7.32

87 F2 4D 97

EC 7C 4C 90

4A C3 46 E7

A1 D8 95 A6

87 F2 4D 97

7C 4C 90 EC

46 E7 4A C3

A6 A1 D8 95

unchanged1 byte shift to left2 byte shift to left3 byte shift to left

StateAfter shifting

State

Shift Rows

Shift row

InShift row

Figure 7: shift rows

Mix Columns

Each column is processed separately Each byte is replaced by a value

dependent on all 4 bytes in the column Effectively a matrix multiplication in GF(28)

using prime poly m(x) =x8+x4+x3+x+1

Continue

Can express each col as 4 equations to derive each new byte in col

Decryption requires use of inverse matrix with larger coefficients, hence a little harder

Have an alternate characterisation each column a 4-term polynomial with coefficients in GF(28) and polynomials multiplied modulo (x4+1)

Coefficients based on linear code with maximal distance between codewords

7.35

Continue

7.36

02 03 01 01

01 02 03 01

01 01 02 03

03 01 01 02

87 F2 4D 97

6E 4C 90 EC

46 E7 4A C3

A6 A1 D8 95

47 S0,1 S0,2 S0,3

37 S1,1 S1,2 S1,3

94 S2,1 S2,2 S2,3

ED S3,1 S3,2 S3,3

=*

Old matrix New matrixConstant matrix * eg.:- (({02}*{87})+({03}*{6E})+({01}*{46})+({01}*{A6}))= {47}

InvMixColumns:The InvMixColumns transformation is basically the same as the MixColumns transformation.

Figure 8: Mixing bytes using matrix multiplication

Add Round Key

XOR state with 128-bits of the round key Again processed by column (though

effectively a series of byte operations) Inverse for decryption identical

since XOR own inverse, with reversed keys

Designed to be as simple as possible a form of Vernam cipher on expanded key requires other stages for complexity / security

7.38

Continue

Figure 9: AddRoundKey transformation

S0,0 S0,1 S0,2 S0,3

S1,0 S1,1 S1,2 S1,3

S2,0 S2,1 S2,2 S2,3

S3,0 S3,1 S3,2 S3,3

S0,0 S0,1 S0,2 S0,3

S1,0 S1,1 S1,2 S1,3

S2,0 S2,1 S2,2 S2,3

S3,0 S3,1 S3,2 S3,3

S0,0 S0,1 S0,2 S0,3

S1,0 S1,1 S1,2 S1,3

S2,0 S2,1 S2,2 S2,3

S3,0 S3,1 S3,2 S3,3

+ =

Figure 10: Invertibility of SubBytes and ShiftRows combinations

7.40

KEY EXPANSION

To create round keys for each round, AES uses a key-

expansion process. If the number of rounds is Nr , the

key-expansion routine creates Nr + 1 128-bit round keys

from one single 128-bit cipher key.

Key Expansion in AES-128

7.41

Key Expansion in AES-128

Figure 11: Key expansion in AES

7.42

Continue

7.43

Examples

7.44

ContinuedContinued

7.45

ContinuedContinued

7.46

ContinuedContinued

Example :

Figure 7.21 shows the state entries in one round, round 7, in Figure 7.21 shows the state entries in one round, round 7, in Example 7.10.Example 7.10.

Figure 12: States in a single round

7.47

ContinuedContinued

Example :

One may be curious to see the result of encryption when the One may be curious to see the result of encryption when the plaintext and cipher key is made of all 0s. Using the cipher plaintext and cipher key is made of all 0s. Using the cipher key in Example 7.10 yields the ciphertext.key in Example 7.10 yields the ciphertext.

7.48

ANALYSIS OF AES

This section is a brief review of the three characteristics

of AES.

1. Security

2. Implementation

3. Simplicity and Cost

7.49

Security

AES was designed after DES. Most of the known attacks on DES were already tested on AES.

Brute-Force AttackAES is definitely more secure than DES due to the larger-size key.

Statistical AttacksNumerous tests have failed to do statistical analysis

of the ciphertext.

Differential and Linear AttacksThere are no differential and linear attacks on AES as yet.

7.50

Implementation

AES can be implemented in software, hardware, and firmware. The implementation can use table lookup process or routines that use a well-defined algebraic structure.

Simplicity and Cost

The algorithms used in AES are so simple that they can be easily implemented using cheap processors and a minimum amount of memory.

Uses of AES Algorithm

7.51

AES is used in programs (WINZIP) the user

request dataset after encrypt compressed.

Used in the protocol TLS, a protocol to

establish a secure connection.

Use of the IPsec protocol, a protocol to ensure

safety in the connections that are powered by IP

over the Internet

Uses in the military….etc.

7.52

Comparison

7.53

7.54

Pratap Chandra Mandal has evaluated the following

algorithms: DES, 3DES ,AES and Blowfish

Pentium IV of 2.4 GHz CPU speed

4 GB RAM.

text files sizes range from 50 KB to 22300 KB.

Experiment

7.55

7.56

7.57

7.58

7.59

William Stallings, CRYPTOGRAPHY AND NETWORK SECURITY, FIFTH EDITION,2011, USA

www.cs.bc.edu/~straubin/cs381-05/blockciphers/rijndael_ingles2004.swf

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Pratap Chandra Mandal., Kolkata, W.B., Evaluation of performance of the Symmetric Key Algorithms: DES, 3DES ,AES and Blowfish.Journal of Global Research in Computer Science, 3 (8), August 2012, 67-70.

Handout

Reference

Presentation of review article

Performance Evaluation of Symetric

Cryptography Algorithm

by

Mohsin Khan, Sadaf Hussain, Malik Imran

Article journal, Volume 2, Issue, April 2012-13. Islamabad

Outline

Abstract

Introduction

Description

Modified Blowfish Algorithm

Conclusion

Critique

Abstract

This survey paper discussed about the symmetric

cryptographic algorithms and their performance in

context of power consumption issues, Memory and

CPU processing time.

Also, their performance based on algorithm, key

generation process and length.

Introduction

Cryptography converts the message into a non

readable format and send it over an unsecure

channel.

There are five requirements for symmetric

encryption, plain text, cipher text, encryption

algorithm, decryption algorithm, and secret key.

In general, encryption uses two techniques like.

Encryption

Symmetric Asymmetric

RSA ECC Etc.BlowfishDES,3DES

AESRC2/6

Fig 1: Cryptography Diagram

---------------------------

------

---------------------------

------

Secret key

Secret key

Encryption Decryption

------------------------

-----

------------------------

-----

Message Message

M Y=E(M,K) M=D(Y,K)

K K

@^^&-=!!l&%-*kuh&^

@^^&-=!!l&%-*kuh&^

Fig 2: Symmetric Encryption Algorithm process

Description of some symmetric encryption

algorithms like AES, DES, Blowfish, Modified DES,

and Modified Blowfish, and their strengths and

weaknesses.

1. DES (Data Encryption Standard) Algorithm

It is a block cipher which encrypts 64 bit plaintext at a time and

uses 56 bit key.

The drawback can be easily prone to Brute Force to break the

key, 256 possible .

So DES is not so secure.

Round 1

Round 2

Initial permutayion

Round 16

32 bit swap

Inv initial permutation

Permuted choice 2

Left circular shift

Permuted choice 2

Left circular shift

Left circular shift

Permuted choice 2

Permutation choice

64-bit plain text

64-bit cipher text

64-bit key

56

56

56

56

5648

48

48

64

64

64

64

Key Generation

EncryptionFig 3: DES Algorithm

2. AES (Advanced Encryption Standard) Algorithm

AES is a variable bit block cipher and uses variable key

length of 128, 192 and 256 bits.

AES performs different processing rounds.

Substitute bytes

Shift rows

Mix column

Add round key

AES encryption is fast, flexible and higher secure

The key length is variable.

Fig 4: AES Processing Diagram

Blowfish Encryption Algorithm

designed in 1993 by Bruce BlowfishIt’s 64 bit block cipher with variable length key.Fast : It encrypts data on large 32-bit microprocessors at a

rate of 26 clock cycles per byte.Compact: It can run in less than 5K of memory. Simple: It uses addition, XOR, lookup table with 32-bit

operands.Secure: The key length is variable ,it can be in the range of

32~448 bits: default 128 bits key length.Unpatented and royality-free.

Cont..

It is suitable and efficient for hardware

implementation

blowfish algorithm has yet to be cracked as the

key size is high, requires 2448 combinations

The processing speed is less than DES and AES.

simple to implement

Fig5:- Blowfish Encryption Algorithm process

Description of Algorithm:

• Feistel network. • This algorithm is divided into two parts.

1. Key-expansion•The key expansion step converts 448 bit key into 4168

bytes.• A P-array of size 18 and four S-boxes whose size is 256

2. Data Encryption• Divide 64-bits into two 32-bit halves: XL, XR • For i = 1 to 16

o XL = XL XOR Pi o XR=F(XL) XOR XR o Swap XL and XR

• Swap XL and XR (Undo the last swap ) • XR=XR XOR P17 • XL = XL XOR P18 • Concatenate XL and XR

Key-expansion:

It will converts a key of 448 bits into several subkey arrays totaling 4168 bytes. Blowfish uses large number of subkeys.

These keys are generate earlier to any data encryption or decryption.

The p-array consists of 18, 32-bit subkeys:

P1,P2,………….,P18

Four 32-bit S-Boxes consists of 256 entries each:

S1,0, S1,1,………. S1,255

S2,0, S2,1,……….. S2,255

S3,0, S3,1,……….. S3,255

S4,0, S4,1,..............S4,255

Modified Blowfish Algorithm

Modified by Monika and Paradeep in 2012. They

modify the blowfish algorithm with a random number

Rn, the remaining processing is same as blowfish.

Modified blowfish algorithm uses the concept of

random number and flags,

flags decide where f function process is required or

not.

Cont...

As the result of the number of f function calls is

reduced, lead to,

increase the CPU processing time

decrease memory usage

increased the throughput.

The second advantage of modified blowfish

algorithm is increased in security.

Modified DES Algorithm using Fuse Data Technique

DES algorithm is modified by Al Hamami et al in . They present Fuse DES with Blowfish and Genetic

Algorithm (GA). DES has a disadvantage of shortest key, since it is not

more secure. The algorithm uses 2 subkeys:-right subkey and Left subkey is a 768 bit length and

16 blocks of 48 bits called Pi through both 16th round left subkey is generated.

Cont..

the CPU time increased, as well as, memory usage

and as result of slow processing, the throughput

decreased compare to DES.

This is more secure encryption algorithm as uses two

subkeys, R,L.

Figure 7 : The Fused DES algorithm process

Fig 8 : The F function process .

Conclusion

one secret key is used in the symmetric encryption algorithms

the symmetric key algorithms are more prone to attacks and provide less security than asymmetric algorithms.

the processing time, throughput, and memory usage of this algorithms are very less

DES is a less secure algorithmThe drawback is solved in Fused DES through GA

Technique and Blowfish key generation.The more secure algorithm is blowfish.

Critique The title of the article is appropriate and clear

However, the abstract is rather general and not

specific.

In introduction, the purpose of the article was not

clearly stated

So few information regarding the description of

AES algorithm.

Diagram of modified blowfish is required.

Overall Critique

Modified Blowfish was not clearly described( round

numbers), as well as, GA

There are so much repetition (DES)

Figures and charts was not appropriately placed.

Review of previous researches should be mentioned

in introduction.

Language of the article was not properly academic.

Nmap Tool

Outline

Introduction

IP Addresses

Port Scanning

Nmap

Anti-Port Scanning

Reference

Introduction

Hacking is a term used to refer to activities

aimed at exploiting security flaws to obtain critical

information for gaining access to secured

networks.

General Hacking Methods

1. Identify the target system.

2. Gathering Information on the target system.

3. Finding a possible loophole in the target system.

4. Exploiting this loophole using exploit code.

5. Removing all traces from the log files and escaping

without a trace.

Various Types of Attacks

The most common ones are: Denial of Services attacks (DOS Attacks)

SMURF Attacks

Threat from Sniffing and Key Logging Trojan Attacks

RAT (Remote Administration Tool)

IP Spoofing Buffer Overflows All other types of Attacks

IP Addresses

An attacker’s first step is to find out the IP Address of

the target system.

IP Addresses: Finding out an IP Address

Through Instant Messaging Software

C:\>netstat -n

Through Internet Relay Chat

Through Your website

by using simply JAVA applets or JavaScript code.

Through Email Headers

IP Addresses: Dangers & Concerns

IP Addresses: Dangers & Concerns

DOS Attacks

Disconnect from the Internet

Trojans Exploitation

Geographical Information

File Sharing Exploits

Type of Scanning

Port scanning

Network scanning

Vulnerability scanning

Port Scanning

Port Scanning is normally the first step that an

attacker undertakes.

List of Open Ports

Services Running

Exact Names and Versions of all the Services or

Daemons.

Operating System name and version

Port Scanning : Major Tools Available

Some of the best and the most commonly used Port Scanners are:NmapSuperscanHpingNessus

Common Features of all above Port Scanners:Very Easy to UseDisplay Detailed Results

Nmap

Introduction Nmap (Network Mapper) is a

security scanner originally written by Gordon Lyon (Fyodor), (1997).

Is a free and open source, Website nmap.org.Nmap was originally a Linux-only utility, but it was

ported to Microsoft Windows,Nmap runs on all major computer operating systemsused to discover hosts and services on acomputer

network, and security auditing thus creating a "map" of the network. To accomplish

its goal.

Determain what operating systems (and OS versions) they are running, vulnerability detection.

type of packet filters/firewalls are in use, and dozens of other characteristics.

It was designed to rapidly scan large networksNmap is also capable of adapting to network

conditions including latency and congestion during a scan

Nmap sends specially crafted packets to the target host and then analyzes the responses.

Cont..

Technique of Scan

M///mm

Nmap featuresHost discovery – Identifying hosts on a network.Port scanning – Enumerating the open ports on target

hosts.Version detection – Interrogating network services on

remote devices to determine application name and version number.

OS detection – Determining the operating system and hardware characteristics of network devices.

Scriptable interaction with the target – using Nmap Scripting Engine (NSE) and Lua programming language.

Nmap can provide further information on targets, including reverse DNS names, device types, and MAC addresses.

Typical uses of Nmap

Auditing the security of a device or firewall by identifying the network connections which can be made to, or through it.

Identifying open ports on a target host in preparation for auditing.

Network inventory, network mapping, maintenance and asset management.

Auditing the security of a network by identifying new servers.

Generating traffic to hosts on a network.

Network scanning

GIF LANCUARD

Vulnerability scanning

Nessus

Anti-Port Scanning

Some useful Anti-Port Scanning software available are:

Scanlogd (A Unix based Port Scan Detector & Logger)

BlackICE (A Windows based Port Scan Detector &

Logger)

Snort: A packet sniffer cum IDS.

Abacus Port sentry: Capable of Detecting both normal

and stealth port scanning attempts.

Reference

http://nmap.org/book/man.htmlhttp://nmap.org/book/install.htmlhttp://nmap.org/nsedochttp://nmap.org/book/zenmap.htmlhttp://nmap.org/changelog.htmlhttp://seclists.orghttp://nmap.online-domain-tools.comhttp://[email protected]