Security in Computing (3rd Edition)

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner Notes 9 1 Block Ciphers: In symmetric encryption schemes, Alice and Bob share a random key and use this single key to repeatedly exchange information securely despite the existence of an eavesdropping adversary, Eve. The block cipher is a fundamental building block in implementing a symmetric encryption scheme. In a block cipher, Alice and Bob share a k bit random key K , and use this to encrypt an n bit message into an n bit ciphertext. In mathematical notation this can be said as follows. There is an encryption function E : { , 1 } k { , 1 } n { , 1 } n . Once we fix the key K , we get a function mapping n bits to n bits: E K : { , 1 } n { , 1 } n defined by E K ( M ) = E ( K , M ) . E K is required to be a permutation on the n bit strings. The inverse mapping of this permutation D K is the decryption algorithm. D K ( E K ( M )) = M . The Data Encryption Standard (DES) is an example of a block cipher. It was designed by IBM in 1974 in response to a request from NIST for an encryption algorithm that could be standardized. DES uses a key length of k = 56 and a block length of n = 64. It was designed to have extremely fast VLSI implementations. In terms of security, DES has proved to be an impressively strong algorithm. After all these years, the best practical attack known is exhaustive key search (a symmetry in the key structure can be used to halve the search space) which requires 2 55 computations. Thus DES behaves very differently than the one-time pad. Even given a very large number of plaintext, ciphertext pairs, there appears to be no effective way to decrypt any new ciphertexts. The best such technique for DES is through linear cryptanalysis and requires 2 42 such chosen plaintext-ciphertext pairs. We will formalize these security properties of DES by saying that the function E K for a randomly chosen key K behaves like a random permutation on the n bit strings....
View Full Document

This note was uploaded on 01/29/2008 for the course CS 194 taught by Professor Joseph during the Fall '05 term at University of California, Berkeley.

Page1 / 3

Block ciphers - CS 161 Computer Security Fall 2005

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online