OFB T05 CIS326 Symmetric Key Cryptography V16170912 O IV E c 1 p 1 Encryption O

Ofb t05 cis326 symmetric key cryptography v16170912 o

This preview shows page 23 - 28 out of 52 pages.

… OFB … T05 CIS326 Symmetric Key Cryptography V16.170912 O 0 = IV E c 1 p 1 Encryption O i = Encrypt k ( O i-1 ), O 0 = IV, c i = p i O i k Decryption O i = Encrypt k ( O i-1 ), O 0 = IV, p i = c i O i E c 2 p 2 k E c 3 p 3 k E p 1 c 1 k E p 2 c 2 k E p 3 c 3 k O 1 O 2 O 3 O 2 O 1 O 3 O 0 = IV
Image of page 23
24 Assuming E is the XOR function ( only to simplify this exercise! ), use OFB to encrypt and decrypt the following: Blocksize=4, M=0010 1100 1001 0010, k=0110, IV=1111 Encryption O 0 =1111, k=0110, P 1 = 0010 => C 1 =O o k P 1 = 1001 0010=1011 O 1 =1001, k=0110, P 2 =1100 => C 2 =O 1 k P 2 = 1111 1100=0011 O 2 =1111, k=0110, P 3 =1001 => C 3 =O 2 k P 3 = 1001 1001=0000 O 3 =1001, k=0110, P 4 = 0010 => C 4 =O 3 k P 4 = 1111 0010=1101 So C= 1011 0011 0000 1101 Note how plaintext 0010 is now encrypted to 2 different ciphertext Q: Is XOR a good encryption function E to use for OFB? Decryption O 0 =1111, k=0110, C 1 =1011 => P 1 =O o k C 1 =1001 1011=0010 O 1 =1001, k=0110, C 2 =0011 => P 2 =O 1 k C 2 =1111 0011=1100 O 2 =1111, k=0110, C 3 =0000 => P 3 =O 2 k C 3 =1001 0000=1001 O 3 =1001, k=0110, C 4 =1101 => P 4 =O 3 k C 4 =1111 1101=0010 So M= 0010 1100 1001 0010 … OFB … T05 CIS326 Symmetric Key Cryptography V16.170912
Image of page 24
25 Advantages Like stream ciphers, a flipped bit in the ciphertext (eg. due to noise) results in a flipped bit in the plaintext. This allows error correcting codes to continue to work correctly even when applied before encryption Low risk of error propagation due to changed bits in the ciphertext of any block (remember that the keystream is generated, NOT distributed!) The encryption and decryption algorithms are exactly the same . Disadvantages Each block operation depends on all previous ones, so cannot be performed simultaneously Key Issues IV should NEVER be reused for other messages since it will produce an identical keystream Encrypted IV keystream should not produce repeated blocks of keystreams … OFB T05 CIS326 Symmetric Key Cryptography V16.170912
Image of page 25
26 Symmetric Encryption Standards A standard encryption system is desirable Having too many proprietary cryptosystems is both unscalable and unsound. Having a standard introduces cost savings in software or hardware solutions. If everyone uses the same standard, it will improve communications between vendors and organizations. T05 CIS326 Symmetric Key Cryptography V16.170912
Image of page 26