cryptography
play

Cryptography [Symmetric Encryption] Spring 2020 Franziska (Franzi) - PowerPoint PPT Presentation

Mar 24, 2023 •355 likes •583 views

CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2020 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner, John

  1. CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2020 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials ...

  2. Admin • Final Lab 1 deadline now Friday 5/1 (not Wed) • More help – We�ll be adding one more OH on Frida�s – More on sploit 5 in section this week • Homework 2 (crypto) will be out soon – Due on 5/8 (designed to give you hands-on experience with crypto concepts, not be tricky -- should not take you a full 2 weeks) 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 2

  3. Reducing Key Size • What to do when it is infeasible to pre-share huge random keys? – When one- time pad is unrealistic� • Use special cryptographic primitives: block ciphers, stream ciphers – Single key can be re-used (with some restrictions) – Not as theoretically secure as one-time pad 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 3

  4. Block Ciphers • Operates on a single chunk ��block�� of plaintext – For example, 64 bits for DES, 128 bits for AES – Each key defines a different permutation – Same key is reused for each block (can use short keys) Plaintext block Key cipher Ciphertext 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 4

  5. Keyed Permutation Plaintext • Not just shuffling of input bits! – Suppose plaintext � ������ block Key Then ����� is not the onl� cipher possible ciphertext! • Instead: Ciphertext – Permutation of possible outputs – Use secret key to pick a permutation 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 5

  6. Keyed Permutation possible possible input output output etc. 000 010 111 � Key = 00 001 111 110 � Key = 01 010 101 000 � 011 110 101 � � � � 111 000 110 � For N-bit input, 2 N ! possible permutations For K-bit key, 2 K possible keys 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 6

  7. Block Cipher Security • Result should look like a random permutation on the inputs – Recall: not just shuffling bits. N-bit block cipher permutes over 2 N inputs. • Only computational guarantee of secrecy – Not impossible to break, just very expensive • If there is no efficient algorithm (unproven assumption!), then can only break by brute-force, try-every-possible-key search – Time and cost of breaking the cipher exceed the value and/or useful lifetime of protected information 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 7

  8. Block Cipher Operation (Simplified) Block of plaintext Key Add some secret key bits S S S S to provide confusion S S S S Each S-box transforms its input bits in a “ random-looking ” way repeat for several rounds to provide diffusion (spread plaintext bits throughout ciphertext) S S S S Procedure must be reversible Block of ciphertext (for decryption) 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 8

  9. Standard Block Ciphers • DES: Data Encryption Standard – Feistel structure: builds invertible function using non- invertible ones – Invented by IBM, issued as federal standard in 1977 – 64-bit blocks, 56-bit key + 8 bits for parity 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 9

  10. DES and 56 bit keys • 56 bit keys are quite short • 1999: EFF DES Crack + distributed machines – < 24 hours to find DES key • DES ---> 3DES – 3DES: DES + inverse DES + DES (with 2 or 3 diff keys) 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 10

  11. Standard Block Ciphers • DES: Data Encryption Standard – Feistel structure: builds invertible function using non- invertible ones – Invented by IBM, issued as federal standard in 1977 – 64-bit blocks, 56-bit key + 8 bits for parity • AES: Advanced Encryption Standard – New federal standard as of 2001 • NIST: National Institute of Standards & Technology – Based on the Rijndael algorithm • Selected via an open process – 128-bit blocks, keys can be 128, 192 or 256 bits 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 11

  12. Encrypting a Large Message • So� we�ve got a good block cipher� but our plaintext is larger than 128-bit block size 128-bit plaintext (arranged as 4x4 array of 8-bit bytes) 128-bit ciphertext • What should we do? 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 12

  13. Electronic Code Book (ECB) Mode plaintext key key key key key block block block block block cipher cipher cipher cipher cipher ciphertext • Identical blocks of plaintext produce identical blocks of ciphertext • No integrity checks: can mix and match blocks 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 13

  14. Information Leakage in ECB Mode Encrypt in ECB mode [Wikipedia] 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 14

  15. Oops https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick- look-at-the-confidentiality-of-zoom-meetings/ 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 15

  16. Cipher Block Chaining (CBC) Mode: Encryption plaintext � � � � Initialization vector key key key key (random) block block block block cipher cipher cipher cipher Sent with ciphertext (preferably encrypted) ciphertext • Identical blocks of plaintext encrypted differently • Last cipherblock depends on entire plaintext • Still does not guarantee integrity 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 16

  17. CBC Mode: Decryption plaintext � � � � Initialization vector key key key key decrypt decrypt decrypt decrypt ciphertext 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 17

  18. ECB vs. CBC AES in ECB mode AES in CBC mode Similar plaintext blocks produce similar ciphertext blocks (not good!) [Picture due to Bart Preneel] slide 18 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 18

  19. Initialization Vector Dangers plaintext � � � � Initialization vector key key key key (supposed to be random) DES DES DES DES ciphertext Found in the source code for Diebold voting machines: DesCBCEncrypt((des_c_block*)tmp, (des_c_block*)record.m_Data, totalSize, DESKEY, NULL, DES_ENCRYPT) 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 19

  20. Counter Mode (CTR): Encryption Initial ctr ctr ctr+1 ctr+2 ctr+3 (random) Key Key Key Key block block block block cipher cipher cipher cipher ฀ ฀ ฀ ฀ pt pt pt pt ciphertext • Identical blocks of plaintext encrypted differently • Still does not guarantee integrity; Fragile if ctr repeats 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 20

  21. Counter Mode (CTR): Decryption Initial ctr ctr ctr+1 ctr+2 ctr+3 Key Key Key Key block block block block cipher cipher cipher cipher ⊕ ⊕ ⊕ ⊕ ct ct ct ct pt pt pt pt 4/20/2020 CSE 484 / CSE M 584 - Spring 2020 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp;

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp;

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp; http://cseweb.ucsd.edu/users/mihir/cse207/ Brief History: Proliferation of computers and communication systems in 1960s brought with it a demand to protect

273 views • 24 slides
Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M,

Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M,

Karlstad University Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M, C, E, D, K) M: the set of plaintexts C: the set of ciphertexts E: M x K -&gt; C enciphering functions D: C x K

446 views • 40 slides
Intro to Cryptography Definitions Cryptography Cryptanalysis Cryptology CRYPTOGRAPHY

Intro to Cryptography Definitions Cryptography Cryptanalysis Cryptology CRYPTOGRAPHY

Intro to Cryptography Definitions Cryptography Cryptanalysis Cryptology CRYPTOGRAPHY Plaintext Cyphertext More definitions block cipher stream cipher hash function shared key public key digital signature

383 views • 16 slides
Symmetric Key Cryptography Introduction to Symmetric Key Cryptography What can we do?

Symmetric Key Cryptography Introduction to Symmetric Key Cryptography What can we do?

PQCRYPTO Summer School on Post-Quantum Cryptography 2017 Stefan Klbl June 20th, 2017 DTU Compute, Technical University of Denmark Symmetric Key Cryptography Introduction to Symmetric Key Cryptography What can we do? Authentication

711 views • 47 slides
Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Cryptography Concepts and Terminology Security Concepts Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and Terminology Cryptography School of Engineering and Technology CQUniversity

453 views • 11 slides
Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Cryptography Concepts and Terminology Security Concepts Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and Terminology Cryptography School of Engineering and Technology CQUniversity

322 views • 11 slides
Uses of Cryptography What can we use cryptography for? Lots of things Secrecy

Uses of Cryptography What can we use cryptography for? Lots of things Secrecy

Uses of Cryptography What can we use cryptography for? Lots of things Secrecy Authentication Prevention of alteration Lecture 4 Page 1 CS 236 Online Cryptography and Secrecy Pretty obvious Only those knowing the

303 views • 15 slides
Cryptography Modern cryptography was born in 1970s when computationally easy-to-verify but

Cryptography Modern cryptography was born in 1970s when computationally easy-to-verify but

Cryptography Modern cryptography was born in 1970s when computationally easy-to-verify but hard-to-solve problems were discovered. Computational Complexity, by Fu Yuxi Cryptography 1 / 75 Cryptography is closely related to some

785 views • 76 slides
Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information

1.95k views • 154 slides
Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography Symmetric cryptography DES 3DES AES Asymmetric cryptography Diffie-Hellman key exchange 2 Modern cryptography Moving into

338 views • 16 slides
Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is

Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is

Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is cryptography? Related fields: Cryptography (&quot;secret writing&quot;): Making secret messages Turning plaintext (an ordinary readable message)

1.2k views • 57 slides
Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 CCA Security SIM-CCA Security (PKE) Recv Send PK/Enc SK/Dec Replay Filter Secure (and correct) if: s.t. output of is distributed

1.26k views • 101 slides
Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Cryptography Public Key Cryptography Concepts of Public Key Cryptography Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 20 Feb 2020, public.tex, r1803 1

421 views • 7 slides
Its Applications Aaram Yun, UNIST FIF presentation, 2015 1 Cryptography 2 Cryptography

Its Applications Aaram Yun, UNIST FIF presentation, 2015 1 Cryptography 2 Cryptography

Homomorphic Cryptography &amp; Its Applications Aaram Yun, UNIST FIF presentation, 2015 1 Cryptography 2 Cryptography Bike lock of Internet Provides many important building blocks for security For example, encryption or

699 views • 31 slides
Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

PQCRYPTO Summer School on Post-Quantum Cryptography 2017 Stefan Klbl June 19th, 2017 DTU Compute, Technical University of Denmark Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security fail?

758 views • 72 slides
Handout 8 Summary of this handout: Asymmetric Cryptography Public Key Cryptography

Handout 8 Summary of this handout: Asymmetric Cryptography Public Key Cryptography

06-20008 Cryptography The University of Birmingham Autumn Semester 2012 School of Computer Science Eike Ritter 15 November, 2012 Handout 8 Summary of this handout: Asymmetric Cryptography Public Key Cryptography Diffie-Hellman Key

207 views • 8 slides
Introduc)on to the Remedial Acquisi)on Framework RAF 101 INTERNAL EPA USE ONLY Learning

Introduc)on to the Remedial Acquisi)on Framework RAF 101 INTERNAL EPA USE ONLY Learning

Introduc)on to the Remedial Acquisi)on Framework RAF 101 INTERNAL EPA USE ONLY Learning Objec)ves Increase awareness of pressures to change the Superfund remedial programs way of doing business Develop an understanding of the

803 views • 55 slides
Approche Algorithmique des Syst` emes R epartis (AASR) Guillaume Pierre

Approche Algorithmique des Syst` emes R epartis (AASR) Guillaume Pierre

Approche Algorithmique des Syst` emes R epartis (AASR) Guillaume Pierre guillaume.pierre@irisa.fr Dapr` es un jeu de transparents de Maarten van Steen VU Amsterdam, Dept. Computer Science 06a: Synchronization (1/2) Contents Chapter

603 views • 41 slides
Players Will discuss how to distribute key to all parties later Symmetric ciphers unusable for

Players Will discuss how to distribute key to all parties later Symmetric ciphers unusable for

Organisation Organisation Overview Block Ciphers Overview Block Ciphers Historic Ciphers Security of Block ciphers Historic Ciphers Security of Block ciphers Symmetric Ciphers Symmetric Ciphers Assume encryption and decryption use the

425 views • 5 slides
Pr t PrtPr

Pr t PrtPr

Pr t PrtPr sts rt s rst s rst r rst

679 views • 15 slides
Exposing iClass Key Diversification Contents Introduction RFID iClass and Picopass

Exposing iClass Key Diversification Contents Introduction RFID iClass and Picopass

Usenix WOOT 2011 Flavio D. Garcia Gerhard de Koning Gans Roel Verdult Exposing iClass Key Diversification Contents Introduction RFID iClass and Picopass Key Diversification iClass Key Diversification DES and

619 views • 42 slides
Amphi 2 : triangulations de Delaunay (I) Steve Oudot INF562 G eom etrie Algorithmique

Amphi 2 : triangulations de Delaunay (I) Steve Oudot INF562 G eom etrie Algorithmique

INF562 G eom etrie Algorithmique et Applications Amphi 2 : triangulations de Delaunay (I) Steve Oudot INF562 G eom etrie Algorithmique et Applications Amphi 2 : triangulations de Delaunay (I) Steve Oudot (certains slides

1.31k views • 113 slides
IntroductiontoCryptology(NSchapter2)

IntroductiontoCryptology(NSchapter2)

IntroductiontoCryptology(NSchapter2) ComputerandNetworkSecurity Encryption: plaintext+key ciphertext CMSC414 Decryption:

784 views • 16 slides
Computer Graphics - Introduction - Philipp Slusallek Computer Graphics WS 2019/20 Philipp

Computer Graphics - Introduction - Philipp Slusallek Computer Graphics WS 2019/20 Philipp

Computer Graphics - Introduction - Philipp Slusallek Computer Graphics WS 2019/20 Philipp Slusallek Overview Today Administrative stuff History of Computer Graphics (CG) Next lecture Overview of Ray Tracing Computer

818 views • 59 slides

More recommend