Network Security-Unit1.pdf

Document Details

DelightedEuphoria6424

Uploaded by DelightedEuphoria6424

Dr. Bhim Rao Ambedkar University

Tags

network security computer security data protection information technology

Full Transcript

Network Security Unit –I Network Security Introduction- OSI security architecture- classical encryption techniques, cipher principles, Data Encryption Standards, Block Cipher Design Principles and modes of Operation. Computer Security: The protection afforded to...

Network Security Unit –I Network Security Introduction- OSI security architecture- classical encryption techniques, cipher principles, Data Encryption Standards, Block Cipher Design Principles and modes of Operation. Computer Security: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/ data, and telecommunications). With the introduction of the computer, the need for automated tools for protecting files and other information stored on the computer became evident. This is especially the case for a shared system, and the need is even more acute for systems that can be accessed over the Internet. The generic name for the collection of tools designed to protect data and to thwart hackers is computer security. Network security is a set of rules and configurations designed to protect the integrity, confidentiality and accessibility of computer networks and data using both software and hardware technologies. The basic principle of network security is protecting huge stored data and networks in layers that ensure the bedding of rules and regulations that have to be acknowledged before performing any activity on the data. Types of Network Security: The few types of network securities are discussed below : 1. Access Control: Not every person should have a complete allowance for the accessibility to the network or its data. One way to examine this is by going through each personnel’s details. This is done through Network Access Control which ensures that only a handful of authorized personnel must be able to work with the allowed amount of resources. 2. Antivirus and Anti-malware Software: This type of network security ensures that any malicious software does not enter the network and jeopardize the security of the data. The malicious software like Viruses, Trojans, and Worms is handled by the same. This ensures that not only the entry of the malware is protected but also that the system is well equipped to fight once it has entered. 3. Cloud Security: Now a day, a lot many organizations are joining hands with cloud technology where a large amount of important data is stored over the internet. This is very vulnerable to the malpractices that few unauthorized dealers might pertain. This data must be protected and it should be ensured that this protection is not jeopardized by anything. Many businesses embrace SaaS 1 applications for providing some of their employees the allowance of accessing the data stored over the cloud. This type of security ensures creating gaps in the visibility of the data. OSI Security Architecture- OSI Security Architecture defines the well-planned standard architecture for security features in computer networking. Need of OSI Architecture: Below listed are the needs for OSI Architecture in an organization: 1. Security Needs:  OSI Architecture caters to the security needs of an organization.  Safety and security are ensured by OSI Architecture to prevent risk and threats. 2. Systematic Arrangement:  OSI Architecture gives a systematic approach to the security requirements of an organization.  Security policies are well maintained through OSI Architecture. 3. Centralised Processing:  OSI Architecture maintains a central processing environment.  LAN and WAN help in the Centralised Processing of OSI Architecture. Benefits of OSI Architecture: Below listed are the benefits of OSI Architecture in an organization: 1. Providing Security:  OSI Architecture in an organization provides the needed security and safety, preventing potential threats and risks.  Managers can easily take care of the security and there is hassle-free security maintenance done through OSI Architecture. 2. Organising Task:  Managers get the opportunity to organize tasks in an organization effectively.  A well-planned standard architecture for security features enhances performance. 3. Meets International Standards:  Security services are defined and recognized internationally meeting international standards.  The standard definition of requirements defined using OSI Architecture is globally accepted. Three Pillars of OSI Security Architecture: OSI Security Architecture is categorized into three broad categories mentioned - Security Attacks, Security mechanisms, and Security Services. 1. Security attack: Any action that compromises the security of information owned by an organization. 2 Passive attacks: are in the nature of eavesdropping on, or monitoring of, transmissions.The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are the - release of message contents and traffic Analysis Active Attacks: Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service. - A masquerade takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges. - Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. 3 - Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. For example, a message meaning “Allow John Smith to read confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts.” - The denial of service prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target for example; an entity may suppress all messages directed to a particular destination - - 2. Security Mechanism 4 The mechanism that is built to identify any breach of security or attack on the organization is called a security mechanism. Security Mechanisms are also responsible for providing ways in which an attack can be prevented as soon as it is detected. Security mechanism is a mechanism that is designed to detect, prevent, or recover from a security attack. 3. Security Services: Security services refer to the different services available for maintaining the security and safety of an organization. They help in preventing any potential risks to security. Security services are divided into 5 types:  Authentication is the most basic service to ensure that desired permission is well verified and safe  Access Control ensures that only authorized users have access to the available resources.  Data Confidentiality is responsible for ensuring that the data is kept extremely safe from third-party intruders.  Data Integrity ensures that the transmitted information received by the receiver is well- authenticated and there is no tampering with the information received.  Non- repudiation restricts the forwarding of the transmitted message by either of the parties( sender and receiver). 5 Some basic terminology of network security and cryptography Cryptography The many schemes used for encryption constitute the area of study known as cryptography Crypt analysis Techniques used for deciphering a message without any knowledge of the enciphering details Cryptology The areas of cryptography and cryptanalysis together are called cryptology Cipher Encryption scheme is known as a cryptographic system or a cipher Plain Text This is the original intelligible message or data that is fed into the algorithm as input. Cipher Text This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different cipher texts. The cipher text is an apparently random stream of data and, as it stands, is unintelligible. Secret key The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key. Encryption The process of converting from plaintext to cipher text Decryption The process of restoring the plaintext from the cipher text Enciphering Algorithm The encryption algorithm performs various substitutions and transformations on the plaintext Deciphering Algorithm This is essentially the encryption algorithm run in reverse. It takes the cipher text and the secret key and produces the original plaintext. 6 Threat A potential for violation of security which exists when there is a circumstance, capability, action, or event, that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability. Attack An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. Security attack: Any action that compromises the security of information owned by an organization. Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. Principles of Security Symmetric Cipher Model A symmetric encryption scheme has five ingredients. They are Plain Text, Encryption Algorithm, Secret Key, Decryption Algorithm, Cipher Text There are two requirements for secure use of conventional encryption: We need a strong encryption algorithm. At a minimum, we would like the algorithm to be such that an opponent who knows the algorithm and has access to one or more cipher texts would be unable to decipher the cipher text or figure out the key. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. If someone can discover the key and knows the algorithm, all communication using this key is readable. Fig. 2.1 Model of Symmetric Encryption 7 Fig. 2.2 Model of Symmetric Cryptosystem Confidentiality: This term covers two related concepts: Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Authentication: The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication: Used in association with a logical connection to provide confidence in the identity of the entities connected. Data-Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed. Integrity: This term covers two related concepts: Data integrity: Assures that information and programs are changed only in a specified and authorized manner. System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. Non-repudiation Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin: Proof that the message was sent by the specified party 8 Nonrepudiation, Destination: Proof that the message was received by the specified party Access Control The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). DATA Availability Assures that systems work promptly and service is not denied to authorized users. 2.1 Cryptography Classifications: 2.2 Types of cryptanalysis: Cryptanalysis is the science of recovering the plaintext of a message without access to the key. Successful cryptanalysis may recover the plaintext or the key. The two basic categories of cryptanalysis are 1. Linear Cryptanalysis and 2. Differential cryptanalysis Linear Cryptanalysis: Linear cryptanalysis is a known plaintext attack, in which the attacker studies probabilistic linear relations known as linear approximations between parity bits of the plaintext, the Ciphertext and the secrete key. In this technique, the attacker obtains high probability approximations for the parity bit of the secrete key by analysing the parity bits of the known plaintexts and cipher texts. By use of several techniques such as the auxiliary technique, the attacker can extend the attack to find more bits of the secret key. Differential Cryptanalysis: Differential cryptanalysis can be described as a general form of cryptanalysis that is primarily applicable to block ciphers, cryptographic hash functions. In other words, it entails a careful analysis of how differences in information input can affect the resulting difference at the output. In block cipher, differential analysis can be described as a set of techniques for tracing differences through the network of transformation, discovering where the cipher exhibits what is known as non-random behaviour and exploiting such details to recover the secrete key (cryptography key). In the process, observing the desired output difference between the two chosen or unknown plaintext inputs suggests possible key values. 9 2.3 Classical Encryption Techniques 2.3.1 Substitution Cipher A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with cipher text bit patterns. Caesar Cipher The earliest known use of a substitution cipher, and the simplest, was by Julius Caesar. The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet. For example, Plain text : meet me after the toga party Cipher Text : PHHW PH DIWHU WKH WRJD SDUWB Note that the alphabet is wrapped around, so that the letter following Z is A. We can define the transformation by listing all possibilities, as follows: Plain Text: a b c d e f g h i j k l m n o p q r s t u v w x y z Cipher Text: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Let us assign a numerical equivalent to each letter: A b c d e F g h i j k l m 0 1 2 3 4 5 6 7 8 9 10 11 12 N o p q r s t u v w x y z 13 14 15 16 17 18 19 20 21 22 23 24 25 Then the algorithm can be expressed as follows. For each plaintext letter p, substitute the cipher text letter C C = E(3, p) = (p + 3) mod 26 A shift may be of any amount, so that the general Caesar algorithm is C = E(k, p) = (p + k) mod 26 where k takes on a value in the range 1 to 25. The decryption algorithm is simply p = D(k, C) = (C k) mod 26 If it is known that a given cipher text is a Caesar cipher, then a brute-force cryptanalysis is easily performed: Simply try all the 25 possible keys. Three important characteristics of this problem enabled us to use a brute-force cryptanalysis: The encryption and decryption algorithms are known. There are only 25 keys to try. The language of the plaintext is known and easily recognizable. 10 Play Fair Cipher The best-known multiple-letter encryption cipher is the Play fair, which treats digrams in the plaintext as single units and translates these units into cipher text digrams. The Play fair algorithm is based on the use of a 5 x 5 matrix of letters constructed using a keyword. M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z In this case, the keyword is monarchy. The matrix is constructed by filling in the letters of the keyword (minus duplicates) from left to right and from top to bottom, and then filling in the remainder of the matrix with the remaining letters in alphabetic order. The letters I and J count as one letter. Plaintext is encrypted two letters at a time, according to the following rules: Repeating plaintext letters that are in the same pair are separated with a filler letter, such as x, so that balloon would be treated as ba lx lo on Two plaintext letters that fall in the same row of the matrix are each replaced by the letter to the right, with the first element of the row circularly following the last. For example, ar is encrypted as RM Two plaintext letters that fall in the same column are each replaced by the letter beneath, with the top element of the column circularly following the last. For example, mu is encrypted as CM Otherwise, each plaintext letter in a pair is replaced by the letter that lies in its own row and the column occupied by the other plaintext letter. Thus, hs becomes BP and ea becomes IM (or JM, as the encipherer wishes) Hill cipher Another interesting multi-letter cipher is the Hill cipher, developed by the mathematician Lester Hill in 1929. The encryption algorithm takes m successive plaintext letters and substitutes for them m cipher text letters. The substitution is determined by m linear equations in which each character is assigned a numerical value (a = 0, b = 1... z = 25). For m = 3, the system can be described as follows: c1 = (k11P1 + k12P2 + k13P3) mod 26 c2 = (k21P1 + k22P2 + k23P3) mod 26 c3 = (k31P1 + k32P2 + k33P3) mod 26 11 This can be expressed in term of column vectors and matrices: C1 k11 k12 k13 C2 P1 P2 P3 k21 k22 k23 mod26 C3 k31 k32 k33 Or C = PK mod 26 where C and P are column vectors of length 3, representing the plaintext and cipher text, and K is a 3 x 3 matrix, representing the encryption key. Operations are performed in mod 26. P = D(K, C) = CK-1 mod 26 = PKK-1 = P One Time Pad An Army Signal Corp officer, Joseph Mauborgne suggested using a random key that is as long as the message, so that the key need not be repeated. In addition, the key is to be used to encrypt and decrypt a single message, and then is discarded. Each new message requires a new key of the same length as the new message. Such a scheme, known as a one-time pad, is unbreakable. It produces random output that bears no statistical relationship to the plaintext. Because the cipher text contains no information whatsoever about the plaintext, there is simply no way to break the code. An example should illustrate our point. Suppose that we are using a 27 characters in which the twenty-seventh character is the space character, but with a one-time key that is as long as the message. Consider the cipher text : ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS We now show two different decryptions using two different keys: key 1: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih plain text: mr mustard with the candlestick in the hall key 2: mfugpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt plain text: miss scarlet with the knife in the library If the actual key were produced in a truly random fashion, then the cryptanalyst cannot say that one of these two keys is more likely than the other. Thus, there is no way to decide which key is correct and therefore which plaintext is correct. Therefore, the code is unbreakable. 2.3.2 Transposition Cipher A kind of mapping is achieved by performing some sort of permutation on the plaintext letters. This technique is referred to as a transposition cipher. 12 Rail Fence Technique The simplest transposition cipher is the rail fence technique, in which the plaintext is written down as a sequence of diagonals and then read off as a sequence of rows. For example, to encipher the message "meet me after the toga party" with a rail fence of depth 2, we write the following: m e m a t r h t g p r y e t e f e t e o a a t The encrypted message is Simple Columnar Technique A more complex scheme is to write the message in a rectangle, row by row, and read the message off, column by column, but permute the order of the columns. The order of the columns then becomes the key to the algorithm. For example, Key: 3 4 2 1 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z 1 2 3 4 5 6 7 1 a t t a c k p 2 o s t p o n e 3 d u n t i l t 4 w o a m x y z Cipher text: TTNAAPTMTSUOAODWCOIXKNLYPETZ A pure transposition cipher is easily recognized because it has the same letter frequencies as the original plaintext. For the type of columnar transposition just shown, cryptanalysis is fairly straightforward and involves laying out the cipher text in a matrix and playing around with column positions. Digram and trigram frequency tables can be useful. The transposition cipher can be made significantly more secure by performing more than one stage of transposition. The result is a more complex permutation that is not easily reconstructed. Thus, if the foregoing message is re-encrypted using the same algorithm, Key: 3 4 2 1 5 6 7 1 2 3 4 5 6 7 13 1 t t n a p t m 2 t t s u o a o 3 d w c o i x k 4 n l y p e t z Cipher text: NSCYAUOPTTWLTTDNPOIETAXTMOKZ 2.4 Comparison of Stream Ciphers and Block Ciphers A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream ciphers are the autokeyed Vigenère cipher and the Vernam cipher. In the ideal case, a one-time pad version of the Vernam cipher would be used, in which the keystream is as long as the plaintext bit stream. If the cryptographic keystream is random, then this cipher is unbreakable by any means other than acquiring the keystream. However, the keystream must be provided to both users in advance via some independent and secure channel. This introduces insurmountable logistical problems if the intended data traffic is very large. Accordingly, for practical reasons, the bit-stream generator must be implemented as an algorithmic procedure, so that the cryptographic bit stream can be produced by both users. In this approach, the bit-stream generator is a key-controlled algorithm and must produce a bit stream that is cryptographically strong. Now, the two users need only share the generating key, and each can produce the keystream. Fig.2.1 Stream Cipher using algorithmic bit-stream generator A block cipher is an encryption/decryption scheme in which a block of plaintext is treated as a whole and used to produce a cipher text block of equal length. Typically, a block size of 64 or 128 bits is used. In general, they seem applicable to a broader range of applications than stream ciphers. The vast majority of network-based symmetric cryptographic applications make use of block ciphers. 14 Fig.2.2 Block Cipher Feistel Block Cipher Feistel proposed that we can approximate the ideal block cipher by utilizing the concept of a product cipher, which is the execution of two or more simple ciphers in sequence in such a way that the final result or product is cryptographically stronger than any of the component ciphers The essence of the approach is to develop a block cipher with a key length of k bits and a block length of bits, allowing a total of 987possible transformations, rather than the ! transformations available with the ideal block cipher. In particular, Feistel proposed the use of a cipher that alternates substitutions and permutations, where these terms are defined as follows: Substitution: Each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements. Permutation: A sequence of plaintext elements is replaced by a permutation of that sequence. That is, no elements are added or deleted or replaced in the sequence, rather the order in which the elements appear in the sequence is changed. product cipher that alternates confusion and diffusion functions. Diffusion: A cryptographic technique that seeks to obscure the statistical structure of the plaintext by spreading out the influence of each individual plaintext digit over many cipher text digits. Confusion: A cryptographic technique that seeks to make the relationship between the statistics of the cipher text and the value of the encryption key as complex as possible. This is achieved by the use of a complex scrambling algorithm that depends on the key and the input. Figure 2.3 depicts the structure proposed by Feistel. The inputs to the encryption algorithm are a plaintext block of length 2w bits and a key.The plaintext block is divided into two halves L0 and R0. The two halves of the data pass through rounds of processing and then combine to produce the ciphertext block. Each round i has as inputs Li-1 and Ri-1 derived from the previous round, as well as a subkey Ki derived from the overall K. In general, the subkeys Ki are different from K and from each other. In Figure 2.3, 16 rounds are used, although any number of rounds could be implemented. All rounds have the same structure. A substitution is performed on the left half of the data. This is done by applying a round function F to the right half of the data and then taking the exclusive-OR of the output of that function and the left half of the data. The round function has the same general structure for each round but is parameterized by the round subkey Ki. Another way to express this is to say that F is a function of right-half block of w bits and a 15 subkey of y bits, which produces an output value of length w bits: F(REi, Ki+1). Following this substitution, a Fig.2.3 Feistel Encryption and Decryption The exact realization of a Feistel network depends on the choice of the following parameters and design features: Block size: Larger block sizes mean greater security (all other things being equal) but reduced encryption/decryption speed for a given algorithm. The greater security is achieved by greater diffusion. Traditionally, a block size of 64 bits has been considered a reasonable 16 trade off and was nearly universal in block cipher design. However, the new AES uses a 128- bit block size. Key size: Larger key size means greater security but may decrease encryption/ decryption speed. The greater security is achieved by greater resistance to brute-force attacks and greater confusion. Key sizes of 64 bits or less are now widely considered to be inadequate, and 128 bits has become a common size. Number of rounds: The essence of the Feistel cipher is that a single round offers inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds. Subkey generation algorithm: Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis. Round function F: Again, greater complexity generally means greater resistance to cryptanalysis. There are two other considerations in the design of a Feistel cipher: Fast software encryption/decryption: In many cases, encryption is embedded in applications or utility functions in such a way as to preclude a hardware implementation. Accordingly, the speed of execution of the algorithm becomes a concern. Ease of analysis: Although we would like to make our algorithm as difficult as possible to cryptanalyze, there is great benefit in making the algorithm easy to analyze. That is, if the algorithm can be concisely and clearly explained, it is easier to analyze that algorithm for cryptanalytic vulnerabilities and therefore develop a higher level of assurance as to its strength. DES, for example, does not have an easily analyzed functionality. Block Cipher Design Principles: A block cipher is one in which a block of plaintext is treated as a whole and used to produce a cipher text block of equal length. Typically a block size of 64 or 128 bits is used. o A block cipher operates on a plaintext block of n bits to produce a cipher-text block of n bits. There are 2n possible different plaintext blocks and, for the encryption to be reversible (i.e., for decryption to be possible), each must produce a unique ciphertext block. Such a transformation is called reversible, or nonsingular. 17 1. Number of Rounds This block cipher design principle indicates the overall strength of the ciphering algorithm. The more the number of rounds, the greater is the strength of the block cipher – making it more difficult to break into or decrypt the algorithm. In the event of a weak Function F design, the number of rounds can determine how easy (or difficult) it is to break into the algorithm. Simultaneously, a higher number of rounds can also make the encryption and decryption process slow and inefficient. this design principle is always a trade between efficiency and security. 2. Function F Design Based on the Feistel structure, the entire encryption process consists of multiple rounds of plain text processing – where the input block of each round is denoted by two halves namely, L (for left half) and R (for right half). Function F is essentially an encrypting function that takes in the encryption key “K” and “R” as the inputs and produces the encrypted output. It is the block cipher design principle that determines security. Function F should be designed in such a way that it cannot be unscrambled or substituted. The higher the non-linearity of function F, the more is its strength. In other words, this function must be designed based on the bit independence criteria, meaning the output bits must be independently changed whenever there is any change in the input bits. 3. Key Schedule Algorithm The key schedule algorithm calculates the round keys. This algorithm differs according to the block ciphering schemes or methods. For example, the key schedule algorithm in the DES scheme divides the 56-bit key into two halves of 28-bit each. Similarly, the Serpent algorithm uses the 256-bit key for generating 132 words with a length of 32 bits. 18 Block Cipher Modes of Operation When multiple blocks of plaintext are encrypted using the same key, a number of security issues arise. To apply a block cipher in a variety of applications, five modes of operation have been defined by NIST. In essence, a mode of operation is a technique for enhancing the effect of a cryptographic algorithm or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream. (i) Electronic Code Book (ECB) Mode This mode is a most straightforward way of processing a series of sequentially listed message blocks. Operation The user takes the first block of plaintext and encrypts it with the key to produce the first block of cipher text. He then takes the second block of plaintext and follows the same process with same key and so on so forth. The ECB mode is deterministic under the same key, the output cipher text blocks will be the same. In fact, for a given key technically we can create a codebook of cipher texts for all possible plaintext blocks. Encryption would then entail only looking up for required plaintext and select the corresponding cipher text. Thus, the operation is analogous to the assignment of code words in a codebook, and hence gets an official name: Electronic Codebook mode of operation (ECB). It is illustrated as follows: 19 Fig.2.4 ECB - Encryption and Decryption 20 (ii) Cipher Block Chaining (CBC) Mode CBC mode of operation provides message dependence for generating ciphertext and makes the system non-deterministic. Operation The operation of CBC mode is depicted in the following illustration. The steps are as follows: Load the n-bit Initialization Vector (IV) in the top register XOR the n-bit plaintext block with data value in top register Encrypt the result of XOR operation with underlying block cipher with key K. Feed cipher text block into top register and continue the operation till all plaintext blocks are processed For decryption, IV data is XORed with first cipher text block decrypted. The first cipher text block is also fed into to register replacing IV for decrypting next cipher text block 21 Fig.2.5 CBC - Encryption and Decryption 22 (iii) Cipher Feedback (CFB) Mode In this mode, each ciphertext block ‘fed back’ into the next plaintext block in order to gets encryption process encrypt the next plaintext block. Operation The operation of CFB mode is depicted in the following illustration. For example, in the an initialization vector (IV) as the initial random n-bit input block. The IV need not be secret. Steps of operation are:  Load the IV in the top register  Encrypt the data value in top register with underlying block cipher with key K  Take only ‘s’ number of most significant bits (left bits) of output of encryption process and XOR them with ‘s’ bit plaintext message block to generate cipher text block.  Feed cipher text block into top register by shifting already present data to the left and continue the operation till all plaintext blocks are processed  Essentially, the previous cipher text block is encrypted with the key, and then the result is XORed to the current plaintext block Similar steps are followed for decryption. Pre-decided IV is initially loaded at the start of decryption 23 Fig.2.6 CFB - Encryption and Decryption (iv) Output Feedback (OFB) Mode It involves feeding the successive output blocks from the underlying block cipher back to it. These feedback blocks provide string of bits to feed the encryption algorithm which act as the key-stream generator as in case of CFB mode. The key stream generated is XOR-ed with the plaintext blocks. The OFB mode requires an IV as the initial random n-bit input block. The IV need not be secret. The operation is depicted in the following illustration: 24 Fig.2.7 OFB - Encryption and Decryption (v) Counter (CTR) Mode It can be considered as a counter-based version of CFB mode without the feedback. In this mode, both the sender and receiver need to access to a reliable counter, which computes a new shared value each time a cipher text block is exchanged. This shared counter is not necessarily a secret value, but challenge is that both sides must keep the counter synchronized. Operation Both encryption and decryption in CTR mode are depicted in the following illustration. Steps in operation are: Load the initial counter value in the top register is the same for both the sender and the receiver. It plays the same role as the IV in CFB (and CBC) mode Encrypt the contents of the counter with the key and place the result in the bottom register 25 Take the first plaintext block P1 and XOR this to the contents of the bottom register The result of this is C1. Send C1 to the receiver and update the counter. The counter update replaces the cipher text feedback in CFB mode Continue in this manner until the last plaintext block has been encrypted. The decryption is the reverse process. The cipher text block is XORed with the output of encrypted contents of counter value. After decryption of each cipher text block counter is updated as in case of encryption Fig.2.8 CTR - Encryption and Decryption 26 Table 2.1: Block Cipher Modes of Operation 2.5 Data Encryption Standard The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST). DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only). General Structure of DES is depicted in the following illustration: 27 Fig.2.9 DES Structure Since DES is based on the Feistel Cipher, all that is required to specify DES is: Round function Key schedule Initial and Final Permutation The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of each other. They have no cryptography significance in DES. The initial and final permutations are shown as follows: Fig.2.10 Initial Permutation 28 Fig.2.11 Final Permutation Details of one round in DES Fig.2.12 One Round in DES Round Function (F): The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the rightmost 32 bits to produce a 32-bit output. 29 Fig.2.13 Round function Expansion Permutation Box 32-bit and round key is a 48-bit, we first need to expand right input to 48 bits. Permutation logic is graphically depicted in the following illustration Fig.2.14 Expansion Permutation The graphically depicted permutation logic is generally described as table in DES specification illustrated as shown: Fig.2.15 Expansion Permutation Table 30 XOR (Whitener). operation on the expanded right section and the round key. The round key is used only in this operation. Substitution Boxes. -boxes carry out the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output. Refer the following illustration Fig.2.16 Substitution The S-box rule is illustrated below Fig.2.17 S-box rule There are a total of eight S-box tables. The output of all eight s-boxes is then combined in to 32-bit section. 31 Fig.2.18 S-boxes 32 Straight Permutation -bit output of S-boxes is then subjected to the straight permutation with rule shown in the following illustration: Fig.2.19 Permutation Table Key Generation The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of key generation is depicted in the following illustration Fig.2.20 Key Generation 33

Use Quizgecko on...
Browser
Browser