Computer and Network Security PowerPoint PPT Presentation

presentation player overlay
1 / 40
About This Presentation
Transcript and Presenter's Notes

Title: Computer and Network Security


1
Computer and Network Security
  • Secret Key Cryptography
  • (Chapter 3 and Chapter 4)

2
Generic Block Encryption
  • Random mapping from a block of plaintext to a
    block of ciphertext
  • when any one bit of plaintext changes, every bit
    in ciphertext has 50 chance to change
  • Substitution
  • Space complexity O(k 2k)
  • Permutation
  • Space complexity O(k log k)
  • Key

3
Example
  • Figure 3-1

4
Data Encryption Standard (DES)
  • Designed by IBM, published by NIST in 1977
  • 56-bit key, mapping a 64-bit input block to a
    64-bit output block
  • Not secure any more
  • Triple DES, 128-bit key

5
DES Overview
  • Figure 3-2

6
Initial/Final Permutations
  • Do not increase security
  • Page 66

7
Generating Per-Round Keys
  • Figure 3-5

8
A DES Round
  • Figure 3-6

9
Mangler Function
10
Other Secret Key Ciphers
  • IDEA International Data Encryption Algorithm
  • 64-bit block 128-bit key
  • AES Advanced Encryption Standard
  • 128-bit block 128-bit, 192-bit, 256-bit keys

11
Overall Structure of AES
Nb 4 words block Nk 4, 6, 8 words key Nr
10, 12, 14 rounds encryption
12
Primitive Operation 1 Block Substitution
13
Primitive Operation 2 MixColumn
14
MixColumn Shifted XOR
15
Reverse of Block Substitution
16
Reverse of MixColumn
17
Key Expansion Set 0
18
Key Expansion Set i
19
Round Operations
  • Block substitution
  • Row 1 rotated left by 1 byte
  • Row 2 rotated left by 2 bytes
  • Row 3 rotated left by 3 bytes
  • 3. MixColumn

20
Decryption
  • Reverse the operations
  • Keys
  • Block substitution
  • MixColumn
  • Rotation

21
RC4
  • One-time pad, generated by a stream cipher, which
    is essentially a random number generator

22
RC4
23
Exercise
  • Use rand() and srand() to write a stream cipher
    that takes a key of arbitrary size and a message
    of arbitrary size as input and produces a
    cipher-text output.

24
Encrypting Large Message
  • Electronic Code Book (ECB)
  • Cipher Block Chaining (CBC)
  • k-Bit Cipher Feedback Mode (CFB)
  • k-Bit Output Feedback Mode (OFB)
  • Counter Mode (CTR)

25
Electronic Code Book
  • Identical ciphertext blocks for identical message
    blocks
  • Predictable outcome by exchanging ciphertextblocks

26
Cipher Block Chaining (CBC)
  • Purpose of IV
  • Predictable outcome by changing a bit in
    ciphertext
  • Predictable outcome by rearranging ciphertext

27
Output Feedback Mode (OFM)
  • One-time pad can be generated in advance.
  • A missing or inserted ciphertext block garbles
    everything afterwards.
  • No block size.
  • Predictable outcome by changing a bit in the
    ciphertext.

28
Cipher Feedback Mode
  • Resynchronization after missing/extra ciphertext
    blocks
  • Predictable outcome after a bit in ciphtertext is
    changed, but more susceptible to detection
  • No block size

29
Counter Mode (CTR)
  • One-time pad can be generated in advance.
  • Decryption at any point.

30
Integrity Generating MAC
  • Integrity protection, error detection, and error
    correction
  • CRC and MAC
  • The value of MAC is dependent on all message
    blocks and their order.
  • How about use CFB to compute the residue.

31
Privacy and Integrity
  • Use one key to generate CBC residual, and append
    the residual to the message
  • Use another key to do CBC encryption over the
    whole thing
  • Why cant we use the same key?
  • How to protect the integrity for other encryption
    modes?

32
Double DES or Triple DES
  • M -gt E(k1) -gt E(k2) -gt C
  • M -gt E(k1) -gt E(k2) -gt E(k3) -gt C
  • M -gt E(k1) -gt D(k2) -gt E(k1) -gt C (encryption)
  • C -gt D(k1) -gt E(k2) -gt D(k1) -gt m (decryption)

33
Triple DES
  • CBC outside v.s. inside
  • Unpredictable outcome for one bit change
  • No self-synchronization
  • Parallel encryption

34
More Block-Cipher Modes
  • Block Chaining Mode
  • A message block XORs with all previous ciphertext
    blocks before encryption
  • No self-sychronization
  • Predictable outcome after one bit change in
    ciphertext

35
More Block-Cipher Modes
  • Propagating Cipher Block Chaining Mode
  • A message block XORs with the previous message
    block and the previous cipher block before
    encryption.
  • Encryption and integrity in one pass
  • Integrity check does not detect the swap of two
    ciphertext blocks.

36
More Block-Cipher Modes
  • Cipher Block Chaining with Checksum
  • A message block XORs with all previous message
    blocks and the previous cipher block before
    encryption.
  • No predictable outcome from a bit change in
    ciphertext
  • Encryption and Integrity check in one pass

37
Interleaving
  • Divide one stream of message blocks to multiple
    streams with interleaving blocks. This allows for
    parallel encryption and decryption.

38
More on Stream Cipher
  • Linear Congruential Generators
  • Xn (a Xn-1 b) mod m
  • maximal period generator, a 84589, b 45989, m
    217728
  • Not Secure

39
More on Stream Cipher
  • Feedback Shift Register
  • A shift register and a feedback function

40
More on Stream Cipher
  • Linear Feedback Shift Register
  • The feedback function is simply the XOR of
    certain bits in the register
  • Maximal period LFSR, (32, 7, 5, 3, 2, 1, 0)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2026 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Computer and Network Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!