Computer
Security:
Principles
and
Practice
Fourth
Edition
By:
William
Stallings
and
Lawrie
Brown
1

Chapter
2
Cryptographic Tools
2

Symmetric
Encryption
•
The universal technique for providing confidentiality
for transmitted or stored data
•
Also referred to as:
•
conventional encryption or
•
single-key encryption
•
secret key encryption
•
Two requirements for secure use:
•
Need a strong encryption algorithm
•
Sender and receiver must have obtained copies
of the secret key in a secure fashion and must
keep the key secure
3

Plaintext
input
Y
= E[
K
,
X
]
X
= D[
K
,
Y
]
X
K
K
Transmitted
ciphertext
Plaintext
output
Secret key shared by
sender and recipient
Secret key shared by
sender and recipient
Encryption algorithm
(e.g., DES)
Decryption algorithm
(reverse of encryption
algorithm)
Figure 2.1
Simplified Model of Symmetric Encryption
4

•
Secret key cryptography between Alice
and Bob
o
Alice creates a secret key K and sends it to Bob
o
Alice and Bob now both have the same symmetric key
o
Alice generates a message M
o
She encrypts the message with K and forwards it to Bob
o
Bob uses the secret key K to decrypt
the message, and gets
the message M
o
Problem?
Secret
key K
Secret
key K
(
)
K
M
Symmetric
Encryption
5

•
Mike can intercept the key K!!!
•
And the encrypted message!!!
•
And is then also able to decrypt
the message!!!
Secret
key K
Secret
key K
(
)
K
M
(
)
M
(
)
K
M
Symmetric
Encryption
6

Attacking
Symmetric
Encryption
Cryptanalytic Attacks
Brute-Force Attacks
Rely on:
Nature of the algorithm
Some knowledge of the
general characteristics of the
plaintext
Some sample plaintext-
ciphertext pairs
Exploits the characteristics of
the algorithm to attempt to
deduce a specific plaintext or
the key being used
If successful all future and past
messages encrypted with that
key are compromised
Try all possible keys on some
ciphertext until an intelligible
translation into plaintext is
obtained
On average half of all possible
keys must be tried to achieve
success
7

Table
2.1
Comparison of Three Popular Symmetric
Encryption Algorithms
DES
Triple DES
AES
Plaintext block size (bits)
64
64
128
Ciphertext block size (bits)
64
64
128
Key size (bits)
56
112 or 168
128, 192, or 256
DES = Data Encryption Standard
AES = Advanced Encryption Standard
8

Data
Encryption
Standard
(DES)
•
Until recently (2008) was the most
widely used encryption scheme
•
FIPS PUB 46
•
Referred to as the Data Encryption
Algorithm (DEA)
•
Uses 64 bit plaintext block and 56 bit key to
produce a 64 bit ciphertext block
Strength concerns:
•
Concerns about the algorithm itself
•DES is the most studied encryption
algorithm in existence
•
Concerns about the use of a 56-bit key
•The speed of commercial off-the-shelf
processors makes this key length woefully
inadequate
9