Network Security
Download as PPT, PDF10 likes5,740 views
The document discusses network security and cryptography. It covers symmetric encryption, public key cryptography, cryptographic algorithms like DES and AES, and cryptanalysis techniques. It also describes the Feistel cipher structure, which partitions the plaintext into blocks and performs multiple rounds of substitutions and permutations using subkeys. Feistel ciphers include algorithms like DES.
Network Security
- 3. Attacks
- 5. Model for Network Security
- 6. Cryptogrphy Symmetric Encryption and Message Confidentiality. Public Key Cryptography and Message Authentication
- 7. Symmetric Enryption DES, 3-DES, AES Principles of Encryption Five Ingredients Plain text, Encryption Algorithm, Secret Key, Cipher text, Decryption Algorithm
- 8. Model for Network Security using this model requires us to: design a suitable algorithm for the security transformation generate the secret information (keys) used by the algorithm develop methods to distribute and share the secret information specify a protocol enabling the principals to use the transformation and secret information for a security service
- 10. Requirements two requirements for secure use of symmetric encryption: a strong encryption algorithm a secret key known only to sender / receiver mathematically have: Y = E K ( X ) X = D K ( Y ) assume encryption algorithm is known implies a secure channel to distribute key
- 11. Model of Conventional Crypto System
- 12. Cryptography characterize cryptographic system by: type of encryption operations used substitution / transposition / product number of keys used single-key or private / two-key or public way in which plaintext is processed block / stream
- 13. Cryptanalysis objective to recover key not just message general approaches: cryptanalytic attack brute-force attack
- 14. Cryptanalytic Attacks ciphertext only only know algorithm & ciphertext, is statistical, can identify plaintext known plaintext also have plaintext for the ciphertext chosen plaintext Also can select plaintext and obtain ciphertext chosen ciphertext Also can select ciphertext and obtain plaintext
- 15. Level of Security unconditional security no matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext computational security Cost exceed the value of information Time exceeds the useful life of information
- 16. Brute Force Search always possible to simply try every key most basic attack, proportional to key size assume either know / recognise plaintext 6.4 10 6 years 2 10 26 µs = 6.4 10 12 years 26! = 4 10 26 26 characters permutation 5.9 10 30 years 2 167 µs = 5.9 10 36 years 2 168 = 3.7 10 50 168 5.4 10 18 years 2 127 µs = 5.4 10 24 years 2 128 = 3.4 10 38 128 10.01 hours 2 55 µs = 1142 years 2 56 = 7.2 10 16 56 2.15 milliseconds 2 31 µs = 35.8 minutes 2 32 = 4.3 10 9 32 Time required at 10 6 decryptions/µs Time required at 1 decryption/µs Number of Alternative Keys Key Size (bits)
- 17. Feistel Cipher Many encryption algorithims are based on Feistel Cipher.
- 18. Confusion and Diffusion cipher needs to completely obscure statistical properties of original message a one-time pad does this diffusion – dissipates statistical structure of plaintext over bulk of ciphertext confusion – makes relationship between ciphertext and key as complex as possible
- 19. Feistel Cipher Structure Horst Feistel devised the feistel cipher based on concept of invertible product cipher partitions input block into two halves process through multiple rounds which perform a substitution on left data half based on round function of right half & subkey then have permutation swapping halves implements Shannon’s S-P net concept
- 21. Feistel Cipher Design Elements block size key size number of rounds subkey generation algorithm round function fast software en/decryption ease of analysis
- 23. On the Encryption side
Editor's Notes
- #6: In considering the place of encryption, its useful to use the following two models from Stallings section 1.6. The first, illustrated in Figure 1.5, models information flowing over an insecure communications channel, in the presence of possible opponents. Hence an appropriate security transform (encryption algorithm) can be used, with suitable keys , possibly negotiated using the presence of a trusted third party .
- #9: This general model shows that there are four basic tasks in designing a particular security service, as listed.
- #10: Detail the five ingredients of the symmetric cipher model, shown in Stallings Figure 2.1: plaintext - original message encryption algorithm – performs substitutions/transformations on plaintext secret key – control exact substitutions/transformations used in encryption algorithm ciphertext - scrambled message decryption algorithm – inverse of encryption algorithm
- #11: We assume that it is impractical to decrypt a message on the basis of the cipher- text plus knowledge of the encryption/decryption algorithm, and do not need to keep the algorithm secret; rather we only need to keep the key secret. This feature of symmetric encryption is what makes it feasible for widespread use. It allows easy distribution of s/w and h/w implementations. Can take a closer look at the essential elements of a symmetric encryption scheme: mathematically it can be considered a pair of functions with: plaintext X, ciphertext Y, key K, encryption algorithm E K , decryption algorithm D K .
- #13: Cryptographic systems can be characterized along these three independent dimensions.
- #14: Typically objective is to recover the key in use rather then simply to recover the plaintext of a single ciphertext. There are two general approaches: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some sample plaintext-ciphertext pairs. Brute-force attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. On average,half of all possible keys must be tried to achieve success.
- #15: Stallings Table 2.1 summarizes the various types of cryptanalytic attacks, based on the amount of information known to the cryptanalyst, from least to most. The most difficult problem is presented when all that is available is the ciphertext only. In some cases, not even the encryption algorithm is known, but in general we can assume that the opponent does know the algorithm used for encryption. Then with increasing information have the other attacks. Generally, an encryption algorithm is designed to withstand a known-plaintext attack.
- #16: Two more definitions are worthy of note. An encryption scheme is unconditionally secure if the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available. An encryption scheme is said to be computationally secure if either the cost of breaking the cipher exceeds the value of the encrypted information, or the time required to break the cipher exceeds the useful lifetime of the information. Unconditional security would be nice, but the only known such cipher is the one-time pad (later). For all reasonable encryption algorithms, we have to assume computational security where it either takes too long, or is too expensive, to bother breaking the cipher.
- #17: A brute-force attack involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. On average, half of all possible keys must be tried to achieve success. Stallings Table 2.2 shows how much time is required to conduct a brute-force attack, for various common key sizes (DES is 56, AES is 128, Triple-DES is 168, plus general mono-alphabetic cipher), where either a single system or a million parallel systems, are used.
- #19: The terms diffusion and confusion were introduced by Claude Shannon to capture the two basic building blocks for any cryptographic system. Every block cipher involves a transformation of a block of plaintext into a block of ciphertext, where the transformation depends on the key. The mechanism of diffusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key. Confusion seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible, again to thwart attempts to discover the key. So successful are diffusion and confusion in capturing the essence of the desired attributes of a block cipher that they have become the cornerstone of modern block cipher design.
- #20: Horst Feistel, working at IBM Thomas J Watson Research Labs devised a suitable invertible cipher structure in early 70's. One of Feistel's main contributions was the invention of a suitable structure which adapted Shannon's S-P network in an easily inverted structure. It partitions input block into two halves which are processed through multiple rounds which perform a substitution on left data half , based on round function of right half & subkey, and then have permutation swapping halves. Essentially the same h/w or s/w is used for both encryption and decryption, with just a slight change in how the keys are used. One layer of S-boxes and the following P-box are used to form the round function.
- #21: Stallings Figure 3.2 illustrates the classical feistel cipher structure, with data split in 2 halves, processed through a number of rounds which perform a substitution on left half using output of round function on right half & key, and a permutation which swaps halves, as listed previously.
- #22: The exact realization of a Feistel network depends on the choice of the following parameters and design features: block size - increasing size improves security, but slows cipher key size - increasing size improves security, makes exhaustive key searching harder, but may slow cipher number of rounds - increasing number improves security, but slows cipher subkey generation algorithm - greater complexity can make analysis harder, but slows cipher round function - greater complexity can make analysis harder, but slows cipher fast software en/decryption - more recent concern for practical use ease of analysis - for easier validation & testing of strength
- #23: The process of decryption with a Feistel cipher, as shown in Stallings Figure 3.3, is essentially the same as the encryption process. The rule is as follows: Use the ciphertext as input to the algorithm, but use the subkeys Ki in reverse order. That is, use Kn in the first round, Kn –1 in the second round, and so on until K 1 is used in the last round. This is a nice feature because it means we need not implement two different algorithms, one for encryption and one for decryption.