the encryption standards
play

The Encryption Standards Appendix F Computer Security: Art and - PowerPoint PPT Presentation

Apr 11, 2024 •178 likes •499 views

The Encryption Standards Appendix F Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F - 1 Outline Data Encryption Standard Algorithm Advanced Encryption Standard Background mathematics Algorithm Computer

  1. The Encryption Standards Appendix F Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F - 1

  2. Outline • Data Encryption Standard • Algorithm • Advanced Encryption Standard • Background mathematics • Algorithm Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-2

  3. Data Encryption Standard (DES) • Input: 64 bit blocks • Key: 64 bits • 8 bits are immediately discarded, so it is effectively 56 bits • Output: 64 bit blocks Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-3

  4. Main Algorithm • Key permuted, split into 2 28-bit parts • Each part rotated left by 1 or 2 bits • Then the halves combined, permuted, and 48 bits output ( round key ) • Input permuted, split into 2 32-bit parts • Right half, round key fed into function f • Result of this xor’ed with left half • This left half becomes right half, right half becomes left half, as input to next round (but in the last round, this does not occur) • After 16 rounds, halves combined, then permuted and that is output • Permutation here is inverse of initial input permutation Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-4

  5. DES Algorithm: Rounds input L 15 = R 14 R 15 = L 14 ⊕ f ( R 14 , k 15 ) IP f k 16 ⊕ L 0 R 0 f k 1 L 16 = L 15 ⊕ f ( R 15 , k 16 ) R 16 ⊕ R 1 = L 0 ⊕ f ( R 0 , k 1 ) L 1 = R 0 IP -1 16 rounds; only first and last are shown output Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-5

  6. DES Algorithm: f R i k i 32 bits E 48 bits 48 bits ⊕ S 1 S 2 S 3 S 4 S 5 S 6 S 7 S 8 P f ( R i , k i ) Version 1.0 Computer Security: Art and Science, 2nd Edition Slide F-6

  7. DES Algorithm: Round Key Generation key 16 round keys generated 64 bits PC-1 56 bits C 0 D 0 LSH( s 16 ) LSH( s 16 ) LSH( s 1 ) LSH( s 1 ) C 1 D 1 48 bits k 1 PC-2 C 1 D 1 48 bits k 1 PC-2 Version 1.0 Computer Security: Art and Science, 2nd Edition Slide F-7

  8. How to Read the Tables • The i th element of the table, t i , means that t i is the bit of input that is output • Example: first row of IP table is: 58 50 42 34 26 18 10 2 so the first bit out output is bit 58 of the input; the second bit of output is bit 50 of the input; and so forth • LSH table: when generating the i th round key, the corresponding table entry si is the number of bits to rotate left (note: rotate , not shift) • Example: s i = 1 means rotate to the left 1 bit; s i = 2 means rotate to the left 2 bits Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-8

  9. Advanced Encryption Standard • All take input of 128 bits and produce outputs of 128 bits • AES-128: key length of 128 bits, 10 rounds • AES-192: key length of 192 bits, 12 rounds • AES-256: key length of 256 bits, 14 rounds • In what follows: • Nk number of 32 bit words in the key • Nb number of 32 bit words in the block size • Nr number of rounds • w i the i th set of 32 bits (4 bytes) of key schedule • Represent bytes as 2 hexadecimal digits or 8 binary digits Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-9

  10. Background: Polynomials in GF (2 8 ) • Manipulation of bytes treat them as polynomials in GF (2 8 ), each bit being a coefficient • Byte b5 (hex) is 10110101 (binary) and x 7 + x 5 + x 4 + x 2 + 1 (polynomial) • Arithmetic involving coefficients is done modulo 2 • Addition: same as exclusive or of two bytes: 5b 01011011 ⊕ a4 as, in binary, ⊕ 10101000 f3 11110011 Version 1.0 Computer Security: Art and Science, 2nd Edition Slide F-10

  11. Background: Polynomials in GF (2 8 ) • To multiply a and b ( a • b ), convert them to polynomials, multiply them mod x 8 + x 4 + x 3 + x + 1 • Note multiplication of coefficients is done mod 2 • Example: multiply bytes 57 (hex; 01010111 binary), 83 (hex; 10000011 binary) ( x 6 + x 4 + x 2 + x + 1)( x 7 + x + 1) = x 13 + x 11 + x 9 + x 8 + x 6 + x 5 + x 4 + x 3 + 1 = ( x 8 + x 4 + x 3 + x + 1)( x 5 + x 3 ) + ( x 7 + x 6 + 1) So the result is 11000001 (binary) or c1 (hex), so 57 • 83 = c1 Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-11

  12. AES: Input, State, Output in 0 in 4 in 8 in 12 s 0,0 s 0,1 s 0,2 s 0,3 out 0 out 4 out 8 out 12 in 1 in 5 in 9 in 13 s 1,0 s 1,1 s 1,2 s 1,3 out 1 out 5 out 9 out 13 → → in 2 in 6 in 10 in 14 s 2,0 s 2,1 s 2,2 s 2,3 out 2 out 6 out 10 out 14 in 3 in 7 in 11 in 15 s 3,0 s 3,1 s 3,2 s 3,3 out 3 out 7 out 11 out 15 input bytes state array output bytes Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-12

  13. AES: Basic Encryption Transformations Built up from 4 of these: • SubBytes • ShiftRows • MixColumns • AddRoundKey Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-13

  14. AES: SubBytes • A substitution table: takes 1 byte of input, produces 1 byte of output • First 4 bits give the row, next 4 the column • Table constructed as follows: • Map byte 00 to itself, other bytes to their multiplicative inverse in GF (2 8 ); call the result b , with bits b 0 b 1 b 2 b 3 b 4 b 5 b 6 b 7 • Let c i be the i th bit of 01100011 • Construct b’, with bits b 0 ’ b 1 ’ b 2 ’ b 3 ’ b 4 ’ b 5 ’ b 6 ’ b 7 ’, where for i = 0, …, 7: b i ’ = b i + b ( i +4) mod 8 + b ( i +5) mod 8 + b ( i +6) mod 8 + b ( i +7) mod 8 + c i Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-14

  15. AES: ShiftRows • Rotate (shift cyclically) to the left by the number of the row s 0,0 s 0,1 s 0,2 s 0,3 s 0,0 s 0,1 s 0,2 s 0,3 s 1,0 s 1,1 s 1,2 s 1,3 s 1,1 s 1,2 s 1,3 s 1,0 → s 2,0 s 2,1 s 2,2 s 2,3 s 2,2 s 2,3 s 2,0 s 2,1 s 3,0 s 3,1 s 3,2 s 3,3 s 3,3 s 3,0 s 3,1 s 3,2 state array before state array after Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-15

  16. AES: MixColumns Let c = 0, 1, 2, 3 and s 0, c ’, s 1, c ’, s 2, c ’ and s 3, c ’ the outputs of this • s 0, c ’ = ( 02 • s 0, c ) ⨁ ( 03 • s 1, c ) ⨁ s 2, c ⨁ s 3, c • s 1, c ’ = s 0, c ⨁ ( 02 • s 1, c ) ⨁ ( 03 • s 2, c ) ⨁ s 3, c • s 2, c ’ = s 0, c ⨁ s 1, c ⨁ ( 02 • s 2, c ) ⨁ ( 03 • s 3, c ) • s 3, c ’ = ( 03 • s 0, c ) ⨁ s 1, c ⨁ s 2, c ⨁ ( 02 • s 3, c ) Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-16

  17. AES: AddRoundKey • Let r be the current round • Remember w i is i th set of 32 bits of key schedule • Let c = 0, 1, 2, 3 and s 0, c ’, s 1, c ’, s 2, c ’ and s 3, c ’ the outputs of this [ s 0, c ’, s 1, c ’, s 2, c ’, s 3, c ’] = [ s 0, c , s 1, c , s 2, c , s 3, c ] ⨁ [ w 4 r + c ] Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-17

  18. AES: Encryption Algorithm encrypt( byte in [4*Nb], byte out[4*NB], word w[Nb*(Nr+1)]) begin byte state[4,Nb]; state := in ; AddRoundKey(state, w[0, Nb-1]); for round := 1 to Nr-1 do begin SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state, w[round*Nb, (round+1)*Nb-1]); end SubBytes(state); ShiftRows(state); AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]); out := state; end Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-18

  19. AES: Basic Encryption Transformations Built up from 4 of these: • SubBytes • ShiftRows • MixColumns • AddRoundKey Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-19

  20. AES: SubBytes • A substitution table: takes 1 byte of input, produces 1 byte of output • First 4 bits give the row, next 4 the column • Table constructed as follows: • Map byte 00 to itself, other bytes to their multiplicative inverse in GF (2 8 ); call the result b , with bits b 0 b 1 b 2 b 3 b 4 b 5 b 6 b 7 • Let c i be the i th bit of 01100011 • Construct b’, with bits b 0 ’ b 1 ’ b 2 ’ b 3 ’ b 4 ’ b 5 ’ b 6 ’ b 7 ’, where for i = 0, …, 7: b i ’ = b i + b ( i +4) mod 8 + b ( i +5) mod 8 + b ( i +6) mod 8 + b ( i +7) mod 8 + c i Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-20

  21. AES: ShiftRows • Rotate (shift cyclically) to the left by the number of the row s 0,0 s 0,1 s 0,2 s 0,3 s 0,0 s 0,1 s 0,2 s 0,3 s 1,0 s 1,1 s 1,2 s 1,3 s 1,1 s 1,2 s 1,3 s 1,0 → s 2,0 s 2,1 s 2,2 s 2,3 s 2,2 s 2,3 s 2,0 s 2,1 s 3,0 s 3,1 s 3,2 s 3,3 s 3,3 s 3,0 s 3,1 s 3,2 state array before state array after Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-21

  22. AES: MixColumns Let c = 0, 1, 2, 3 and s 0, c ’, s 1, c ’, s 2, c ’ and s 3, c ’ the outputs of this • s 0, c ’ = ( 02 • s 0, c ) ⨁ ( 03 • s 1, c ) ⨁ s 2, c ⨁ s 3, c • s 1, c ’ = s 0, c ⨁ ( 02 • s 1, c ) ⨁ ( 03 • s 2, c ) ⨁ s 3, c • s 2, c ’ = s 0, c ⨁ s 1, c ⨁ ( 02 • s 2, c ) ⨁ ( 03 • s 3, c ) • s 3, c ’ = ( 03 • s 0, c ) ⨁ s 1, c ⨁ s 2, c ⨁ ( 02 • s 3, c ) Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-22

  23. AES: AddRoundKey • Let r be the current round • Remember w i is i th set of 32 bits of key schedule • Let c = 0, 1, 2, 3 and s 0, c ’, s 1, c ’, s 2, c ’ and s 3, c ’ the outputs of this [ s 0, c ’, s 1, c ’, s 2, c ’, s 3, c ’] = [ s 0, c , s 1, c , s 2, c , s 3, c ] ⨁ [ w 4 r + c ] Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide F-23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about encryption? Encryption Certificates Crypto Currencies Public Key AES Encryption Privacy SSH VPN HTTPS TLS Quantum Digital Signatures

837 views • 46 slides
Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware

Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware

Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware Encryption S Web Encryption S Email Encryption OpenPGP S S/MIME S S Online Social Network Public Key Encryption S Encryption/Decryption

842 views • 26 slides
The Advanced Encryption Standard - see Susan Landaus paper: Communications security for the

The Advanced Encryption Standard - see Susan Landaus paper: Communications security for the

The Advanced Encryption Standard - see Susan Landaus paper: Communications security for the twenty-first century: the advanced encryption standard. In 1997, the NIST (the National Institute of Standards and Technology, formerly the NBS)

160 views • 15 slides
The Advanced Encryption Standard - see Susan Landaus paper: Communications security for the

The Advanced Encryption Standard - see Susan Landaus paper: Communications security for the

The Advanced Encryption Standard - see Susan Landaus paper: Communications security for the twenty-first century: the advanced encryption standard. In 1997, the NIST (the National Institute of Standards and Technology, formerly the NBS)

477 views • 24 slides
RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of encryption Wednesday, but none of these is good enough to be used in actual situations. Today well talk about one method, RSA Encryption, which is

1.01k views • 59 slides
Secret-Key Encryption Introduction Encryption is the process of encoding a message in such a

Secret-Key Encryption Introduction Encryption is the process of encoding a message in such a

Secret-Key Encryption Introduction Encryption is the process of encoding a message in such a way that only authorized parties can read the content of the original message History of encryption dates back to 1900 BC Two types of

533 views • 38 slides
Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure communication. Does not allow modifying encrypted data. Homomorphic Encryption: allows computation on encrypted data, but result remains encrypted Functional

987 views • 61 slides
Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2

Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2

Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2 What is Encryption? Want to prevent someone (an attacker) from accessing private data Permissions arent good enough Root user can

788 views • 20 slides
Functional Encryption for Regular Languages Brent Waters Public Key Encryption

Functional Encryption for Regular Languages Brent Waters Public Key Encryption

Functional Encryption for Regular Languages Brent Waters Public Key Encryption [DH76,M78,RSA78,GM84] Avoid Prior Secret Exchange PubK SK 2 Functional Encryption [SW05] Functionality: f( , ) MSK Authority Key: y 2 {0,1}* y SK CT: x

945 views • 16 slides
2.2.5 Advanced Encryption Standard (AES) A collection of proposals has been studied by the

2.2.5 Advanced Encryption Standard (AES) A collection of proposals has been studied by the

2.2.5 Advanced Encryption Standard (AES) A collection of proposals has been studied by the (American) National Institute of Standards and Technology (NIST for short) for a new industrial standard for a block cipher. The names of these proposals

767 views • 8 slides
Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too

Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too

Defining Encryption (ctd.) Lecture 3 CPA/CCA security Computational Indistinguishability Pseudo-randomness, One-Way Functions Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too strong (though too

1.36k views • 113 slides
Lecture 3 Encryption Suggested readings: Chs 1 & 2 in KPS Ch 1 in Stinson

Lecture 3 Encryption Suggested readings: Chs 1 & 2 in KPS Ch 1 in Stinson

Lecture 3 Encryption Suggested readings: Chs 1 & 2 in KPS Ch 1 in Stinson (recommended) 1 Encryption Principles A cryptosystem has (at least) five ingredients: 1. Plaintext 2. Secret Key 3. Ciphertext 4. Encryption algorithm 5.

657 views • 12 slides
Building Applications with Homomorphic Encryption A Presentation from the Homomorphic Encryption

Building Applications with Homomorphic Encryption A Presentation from the Homomorphic Encryption

Building Applications with Homomorphic Encryption A Presentation from the Homomorphic Encryption Standardization Consortium HomomorphicEncryption.org 0.1 Presenters Roger A. Hallman (SPAWAR Systems Center Pacific; Thayer School of

1.36k views • 91 slides
Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein University of Illinois at Chicago & m Technische Universiteit Eindhoven c k More details, credits: competitions.cr.yp.to network

1.33k views • 118 slides
Advanced Encryption Standard Lars R. Knudsen June 2014 L.R. Knudsen Advanced Encryption

Advanced Encryption Standard Lars R. Knudsen June 2014 L.R. Knudsen Advanced Encryption

Advanced Encryption Standard Lars R. Knudsen June 2014 L.R. Knudsen Advanced Encryption Standard AES - Advanced Encryption Standard US governmental encryption standard Open (world) competition announced January 97 Blocks: 128 bits Keys:

403 views • 39 slides
Authenticated Encryption in Practice mcgrew@cisco.com History Interface AEAD in standards

Authenticated Encryption in Practice mcgrew@cisco.com History Interface AEAD in standards

History Interface AEAD in standards AEAD in security architectures Desiderata Conclusions Authenticated Encryption in Practice mcgrew@cisco.com History Interface AEAD in standards AEAD in security architectures Desiderata Conclusions

959 views • 50 slides
Fast Byte-Granularity Software Fault Isolation Manuel Costa Microsoft Research, Cambridge Joint

Fast Byte-Granularity Software Fault Isolation Manuel Costa Microsoft Research, Cambridge Joint

Fast Byte-Granularity Software Fault Isolation Manuel Costa Microsoft Research, Cambridge Joint work with: Miguel Castro, Jean-Philippe Martin, Marcus Peinado, Periklis Akritidis, Austin Donnelly, Paul Barham, Richard Black Some edits and

522 views • 35 slides
Memory & C Pointers Yunhao Zhang Cornell University What is memory? cooling fan CPU under

Memory & C Pointers Yunhao Zhang Cornell University What is memory? cooling fan CPU under

Memory & C Pointers Yunhao Zhang Cornell University What is memory? cooling fan CPU under the cooling fan Memory * Images from https://www.123rf.com/ What is memory? Circuits connecting CPU and memory * Images from

336 views • 18 slides
CS 356: Introduction to Computer Networks Lecture 19: Transmission Control Protocol (TCP) Chap.

CS 356: Introduction to Computer Networks Lecture 19: Transmission Control Protocol (TCP) Chap.

CS 356: Introduction to Computer Networks Lecture 19: Transmission Control Protocol (TCP) Chap. 5.2 Xiaowei Yang xwy@cs.duke.edu Overview TCP Connection management Flow control When to transmit a segment Adaptive

931 views • 53 slides
CPSC 213 for Java and C programs by examining language features and deciding how

CPSC 213 for Java and C programs by examining language features and deciding how

The Big Picture Build machine model of execution CPSC 213 for Java and C programs by examining language features and deciding how they are implemented by the machine What is required design an ISA into which programs can

310 views • 6 slides
It Doesnt Have to Be So Hard: Efficient Symbolic Reasoning for CRCs Vaibhav Sharma, Navid

It Doesnt Have to Be So Hard: Efficient Symbolic Reasoning for CRCs Vaibhav Sharma, Navid

It Doesnt Have to Be So Hard: Efficient Symbolic Reasoning for CRCs Vaibhav Sharma, Navid Emamdoost, Seonmo Kim, Stephen McCamant University of Minnesota, Minneapolis, MN, USA Motivation Cyclic Redundancy Check (CRC) is commonly used

626 views • 39 slides
"why perl utf-8" also (bonus!) "why OmniGraffle is not a replacement for

"why perl utf-8" also (bonus!) "why OmniGraffle is not a replacement for

"why perl utf-8" also (bonus!) "why OmniGraffle is not a replacement for Powerpoint" perl programmers who everyone understand character sets me. and mark, sometimes. and nick. 10010110 byte character a

1.04k views • 34 slides
Personal SE Computer Memory Addresses C Pointers Computer Memory Organization Memory is a

Personal SE Computer Memory Addresses C Pointers Computer Memory Organization Memory is a

Personal SE Computer Memory Addresses C Pointers Computer Memory Organization Memory is a bucket of bytes . Computer Memory Organization Memory is a bucket of bytes. Each byte is 8 bits wide. Computer Memory Organization Memory

994 views • 42 slides
Bits and bytes Week 2: data representation Data is stored in the computer as bits. (20 cr

Bits and bytes Week 2: data representation Data is stored in the computer as bits. (20 cr

School of Computer Science, University of Birmingham. Java Lecture notes. M. D. Ryan. September 2000. Bits and bytes Week 2: data representation Data is stored in the computer as bits. (20 cr only) Bit stands for binary digit ; it has

76 views • 3 slides

More recommend