Chapter 2
Cryptographic Tools


Symmetric Encryption
•
•
•

The universal technique for providing confidentiality for transmitted or stored data
Also referred to as conventional encryption or single-key encryption
Two requirements for secure use:

•
•

Need a strong encryption algorithm
Sender and receiver must have obtained copies
secure fashion and must

of the secret key in a
keep the key secure


Secret key shared by
sender and recipient

Secret key shared by
sender and recipient

K

K
Transmitted
ciphertext

X

Y =E[K, X]
Plaintext
input

Encryption algorithm
(e.g., DES)

X =D[K, Y]
Decryption algorithm
(reverseof encryption
algorithm)

Figure 2.1 Simplified Model of Symmetric Encryption

Plaintext
output


Attacking Symmetric Encryption
Cryptanalytic Attacks






Rely on:




Nature of the algorithm



Some sample plaintext-ciphertext pairs

Some knowledge of the general
characteristics of the plaintext

Exploits the characteristics of the algorithm
to attempt to deduce a specific plaintext or
the key being used



If successful all future and past
messages encrypted with that key are
compromised

Brute-Force Attack




Try all possible keys on some ciphertext until
an intelligible translation into plaintext is
obtained
 On average half of all possible keys
must be tried to achieve success


Table 2.1
DES

TripleDES

AES

Plaintext block size(bits)

64

64

128

Ciphertext block size(bits)

64

64

128


Key size(bits)

56

112 or 168

128, 192, or 256

DES = Data Encryption Standard
AES = Advanced Encryption Standard

Comparison of Three Popular Symmetric Encryption Algorithms


Data Encryption Standard
(DES)
•

The most widely used encryption scheme

•

FIPS PUB 46

•

Referred to as the Data Encryption

•


Uses 64 bit plaintext block and 56 bit key to

Algorithm (DEA)
produce a 64 bit ciphertext

block

Strength concerns:

•

Concerns about algorithm

•

•

DES is the most studied encryption algorithm in existence

Use of 56-bit key

•

Electronic Frontier Foundation (EFF) announced in July 1998 that it had broken
a DES encryption


Table 2.2
Key size

(bits)
56

Cipher
DES

Number of
Alternative
Keys

TimeRequired at 109
decryptions/s

TimeRequired
at 1013
decryptions/s

256 ≈ 7.2 × 1016

255 ns = 1.125 years

1 hour

≈ 3.4 ×

2127 ns = 5.3 × 1021
years

5.3 × 1017 years


Triple DES

2167 ns = 5.8 × 1033
2168 ≈ 3.7 × 1050 years

5.8 × 1029 years

192

AES

2192 ≈ 6.3 × 1057 2191 ns = 9.8 × 1040
years

9.8 × 1036 years

256

AES

2256 ≈ 1.2 × 1077 2255 ns = 1.8 × 1060
years

1.8 × 1056 years

128
168

AES


2128

1038

Average Time Required for Exhaustive Key Search


Triple DES (3DES)




Repeats basic DES algorithm three times using either two or three unique keys
First standardized for use in financial applications in ANSI standard X9.17 in 1985
Attractions:






168-bit key length overcomes the vulnerability to brute-force attack of DES
Underlying encryption algorithm is the same as in DES

Drawbacks:




Algorithm is sluggish in software

Uses a 64-bit block size


Advanced Encryption Standard (AES)

Should
Should have
have a
a security
security strength
strength

Needed a

equal
equal to
to or
or better
better than
than 3DES
3DES

NIST called for

replacement for

proposals for a new

3DES
was not

3DES

AES in 1997

Significantly
Significantly improved
improved efficiency
efficiency

reasonable for long
term use

Selected Rijndael in
November 2001
Published as
FIPS 197

Symmetric
Symmetric block
block cipher
cipher

128
128 bit
bit data
data and
and 128/192/256
128/192/256 bit
bit
keys

keys


Practical Security Issues


Typically symmetric encryption is applied to a unit of data larger than a single 64-bit
or 128-bit block



Electronic codebook (ECB) mode is the simplest approach to multiple-block encryption

 Each block of plaintext is encrypted using the same key
 Cryptanalysts may be able to exploit regularities in the plaintext



Modes of operation

 Alternative techniques developed to increase the security
sequences

 Overcomes the weaknesses of ECB

of symmetric block encryption for large


Decryption


Encryption

P1

P2

b

K

K

Encrypt

b

K

Encrypt

b

Encrypt

b

C1

C2


C1

C2

b

K

Pn
b

b

Cn

Cn
b

K

Decrypt

b

K

Decrypt

b


Decrypt

b

P1

b

P2

Pn

(a) Block cipher encryption (electronic codebook mode)

Key
K

Key
K

Pseudorandombyte
generator
(key streamgenerator)

Pseudorandombyte
generator
(key streamgenerator)

k
Plaintext

bytestream
M

ENCRYPTION

k
Ciphertext
bytestream
C

DECRYPTION

(b) Streamencryption

Figure2.2 Types of Symmetric Encryption

Plaintext
bytestream
M


Block & Stream Ciphers
Block Cipher

•
•
•
•

Processes the input one block of elements at a time

Produces an output block for each input block
Can reuse keys
More common

Stream Cipher

•
•
•
•
•

Processes the input elements continuously
Produces output one element at a time
Primary advantage is that they are almost always faster and use far less code
Encrypts
Encrypts plaintext
plaintext one
one byte
byte at
at a
a time
time
Pseudorandom stream is one that is unpredictable without knowledge of the input key


Message Authentication

• Contents have not been altered
• From authentic source

Timely and
in correct sequence
Protects against•active
attacks
Verifies received message is authentic

• Only encryption
sender & receiver share a key
Can use conventional


Message

K

Transmit

MAC
algorithm

Compare

MAC
algorithm
MAC
K
Figure 2.3 Message Authentication Using a Message
Authentication Code (MAC).




H

Message

Destination B

Message

Message

SourceA

H

K

K

E

D

Compare

H

Message

Message


Message

(a) Using symmetric encryption

H

PRa

PUa

E

D

Compare

(b) Using public-key encryption

Message

K

Message

Message

K

K


K

H

H

Compare

(c) Using secret value
Figure 2.5 Message Authentication Using a One-Way Hash Function.


Hash Function Requirements
Can
Can be
be applied
applied to
to a
a block
block of
of data
data of
of any
any size
size

Produces
Produces a
a fixed-length

fixed-length output
output

H(x)
H(x) is
is relatively
relatively easy
easy to
to compute
compute for
for any
any given
given x
x

One-way
One-way or
or pre-image
pre-image resistant
resistant

•

Computationally
Computationally infeasible
infeasible to
to find
find x
x such
such that

that H(x)
H(x) =
=h
h

Computationally
Computationally infeasible
infeasible to
to find
find y
y≠
≠x
x such
such that
that H(y)
H(y) =
= H(x)
H(x)

Collision
Collision resistant
resistant or
or strong
strong collision
collision resistance
resistance

•

Computationally

Computationally infeasible
infeasible to
to find
find any
any pair
pair (x,y)
(x,y) such
such that
that H(x)
H(x) =
= H(y)
H(y)


Security of Hash Functions

There are two approaches to
attacking a secure hash
function:

SHA most widely used hash

Additional secure hash

algorithm

function applications:

Cryptanalysis


Passwords

• Exploit logical weaknesses in the

• Hash of a password is stored by an

algorithm

operating system

Brute-force attack

Intrusion detection

• Strength of hash function depends solely

• Store H(F) for each file on a system and

on the length of the hash code produced
by the algorithm

secure the hash values


Some

Asymm

two


ol is

Uses

•

protoc

etric

form of

separ

needed

ate

for
distrib
ution

keys

•

Public

Based
on

mathe
matical
functio
ns

key

Publicl
y
propos
ed by
Diffie
and
Hellma
n in
1976

and
privat
e key

•

Public
key is

Public-Key Encryption Structure
made

public

for

others
to use




Plaintext





Encryption algorithm





Pair of keys, one for encryption, one for decryption

Ciphertext





Performs transformations on the plaintext


Public and private key





Readable message or data that is fed into the algorithm as input

Scrambled message produced as output

Decryption key



Produces the original plaintext


Bob

(a) Encryption with public key

Alice

Alice's
public key
ring
J oy

Ted
Mike


PRb

PUb

Bob's private
key

Bob
Bob's public
key
X=
D[PUb, Y]

Transmitted
ciphertext

X

Y =E[PRb, X]
Plaintext
input

Encryption algorithm
(e.g., RSA)
Bob

Decryption algorithm

(b) Encryption with privatekey


Plaintext
output

Alice

Figure2.6 Public-Key Cryptography

 User encrypts data using his or her own private key
 Anyone who knows the corresponding public key will be able
to decrypt the message


Table 2.3

Applications for Public-Key Cryptosystems

Algorithm

Digital Signature

Symmetric Key
Distribution

Encryption of
Secret Keys

RSA

Yes


Yes

Yes

Diffie-Hellman

No

Yes

No

DSS

Yes

No

No

Elliptic Curve

Yes

Yes

Yes



Requirements for Public-Key Cryptosystems
Computationally easy to create
key pairs

Computationally easy for sender
Useful if either key can be used

knowing public key to encrypt

for each role

messages

Computationally infeasible for

Computationally easy for

opponent to otherwise recover

receiver knowing private key to

original message

decrypt ciphertext

Computationally infeasible for
opponent to determine private
key from public key



Asymmetric Encryption Algorithms
RSA (Rivest,
Shamir,

Most widely accepted and
Developed in 1977

implemented approach to
public-key encryption

Adleman)

DiffieHellman key
exchange
algorithm

Enables two users to
securely reach agreement
about a shared secret
that can be used as a
secret key for subsequent

Limited to the exchange
of the keys

symmetric encryption of
messages

Digital
Signature

Standard

Provides only a digital

Cannot be used for

signature function with

encryption or key

SHA-1

exchange

(DSS)

Elliptic curve
cryptography
(ECC)

Security like RSA, but with
much smaller keys

Block cipher in which the
plaintext and ciphertext
are integers between 0
and n-1 for some n.