CS458: Introduction to Information Security Notes 3: Symmetric Cryptography Yousef M. Elmehdwi Department of Computer Science Illinois Institute of Technology [email protected] January 29 th , 2019 Slides: Modified from Computer Security: Principles and Practice, 4th Edition & Stephen R. Tate UNC Greensboro 1 / 90
Outline Threat Model Symmetric encryption principles Data Encryption Standard (DES) Advanced Encryption Standard (AES) Cipher block modes of operation Key distribution 2 / 90
Cryptography: Threat Model What does the adversary know? Algorithms? Typical user behavior? What can the adversary access? Access communication contents? What can the adversary do? Passive or active? Computing power? 3 / 90
Threat Model : Adversary Knowledge - Algorithms Saltzer and Schroeder Design Principles: Open Design Much older idea than Saltzer and Schroeder... Kerckhoff’s Principle (1883) : The security of a cryptosystem depends on the strength of the algorithm and the secrecy of the key. Trying to keep algorithms secret (“security through obscurity”) almost never works. Bottom Line: Better to use a system that experts have tried (and failed) to break 4 / 90
Threat Model : Adversary Knowledge - Behavior Some things an attacker might know: Language of messages (e.g., English) Common phrases (email headers, signatures, ...) Likely keys/pass-phrases (names, birthdays, etc.) 5 / 90
Threat Model : Adversary Access and Power For now: Access: Attacker can intercept/modify all communication content Power: “Probabilistic Polynomial-Time Algorithms” This is really important if you get into crypto - not so much here How to model crypto use for confidential communication? 6 / 90
Modern Cryptography Symmetric cryptography Public key (asymmetric) cryptography. We will cover it next 7 / 90
Symmetric Encryption Also referred to as: Conventional encryption Secret-key or single-key encryption Only alternative before public-key encryption in 1970’s Still most widely used alternative Two requirements for secure use: Need a strong encryption algorithm Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure Has five ingredients: Plaintext Encryption algorithm Secret key Ciphertext Decryption algorithm 8 / 90
Simplified Model of Symmetric Encryption 9 / 90
Symmetric Encryption: Stream Cipher Encrypts a digital data stream one bit or one byte at a time One time pad is example; but practical limitations Typical approach for stream cipher: Key ( K ) used as input to bit-stream generator algorithm Algorithm generates cryptographic bit stream ( k i ) used to encrypt plaintext Users share a key; use it to generate keystream 10 / 90
Symmetric Encryption: Block Cipher Most common type of symmetric cipher Encrypt a block of plaintext as a whole to produce same sized ciphertext Properties of a block cipher Must supply a full block of input bits in order to evaluate Partial block? Use padding More than one block?
You've reached the end of your free preview.
Want to read all 90 pages?