CH02-CompSec4e.pdf - Computer Security Principles and Practice Fourth Edition By William Stallings and Lawrie Brown 1 Chapter 2 Cryptographic Tools 2

CH02-CompSec4e.pdf - Computer Security Principles and...

This preview shows page 1 - 11 out of 43 pages.

Computer   Security: Principles   and   Practice Fourth   Edition By:    William   Stallings   and   Lawrie   Brown 1
Image of page 1
Chapter   2 Cryptographic Tools 2
Image of page 2
Symmetric   Encryption The universal technique for providing confidentiality for transmitted or stored data Also referred to as: conventional encryption or single-key encryption secret key encryption Two requirements for secure use: Need a strong encryption algorithm Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure 3
Image of page 3
Plaintext input Y = E[ K , X ] X = D[ K , Y ] X K K Transmitted ciphertext Plaintext output Secret key shared by sender and recipient Secret key shared by sender and recipient Encryption algorithm (e.g., DES) Decryption algorithm (reverse of encryption algorithm) Figure 2.1 Simplified Model of Symmetric Encryption 4
Image of page 4
Secret key cryptography between Alice and Bob o Alice creates a secret key K and sends it to Bob o Alice and Bob now both have the same symmetric key o Alice generates a message M o She encrypts the message with K and forwards it to Bob o Bob uses the secret key K to decrypt the message, and gets the message M o Problem? Secret key K Secret key K ( ) K M Symmetric   Encryption 5
Image of page 5
Mike can intercept the key K!!! And the encrypted message!!! And is then also able to decrypt the message!!! Secret key K Secret key K ( ) K M ( ) M ( ) K M Symmetric   Encryption 6
Image of page 6
Attacking   Symmetric   Encryption Cryptanalytic Attacks Brute-Force Attacks Rely on: Nature of the algorithm Some knowledge of the general characteristics of the plaintext Some sample plaintext- ciphertext pairs Exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or the key being used If successful all future and past messages encrypted with that key are compromised Try all possible keys on some ciphertext until an intelligible translation into plaintext is obtained On average half of all possible keys must be tried to achieve success 7
Image of page 7
Table   2.1 Comparison of Three Popular Symmetric Encryption Algorithms DES Triple DES AES Plaintext block size (bits) 64 64 128 Ciphertext block size (bits) 64 64 128 Key size (bits) 56 112 or 168 128, 192, or 256 DES = Data Encryption Standard AES = Advanced Encryption Standard 8
Image of page 8
Data   Encryption   Standard (DES) Until recently (2008) was the most widely used encryption scheme FIPS PUB 46 Referred to as the Data Encryption Algorithm (DEA) Uses 64 bit plaintext block and 56 bit key to produce a 64 bit ciphertext block Strength concerns: Concerns about the algorithm itself •DES is the most studied encryption algorithm in existence Concerns about the use of a 56-bit key •The speed of commercial off-the-shelf processors makes this key length woefully inadequate 9
Image of page 9