Need different IV when restarting encryption OpenSSL EVP optionally derives IV

Need different iv when restarting encryption openssl

This preview shows page 47 - 55 out of 85 pages.

° Need different IV when restarting encryption ° OpenSSL EVP optionally derives IV from MD5 of key ° Converting a password to a key ° OpenSSL EVP_BytesToKey() generates key and IV from password using MD5 47 EE 5815 – Topics in Security Technology
Image of page 47
Block Cipher: Summary Substitution/Permutation ° 64-bit or 128-bit blocks ° DES ° small key ´ (use 3DES) ° test of time ° widely available ° S boxes are strength ° IDEA -- optimized for hardware/software ° blowfish -- key-dependent S-boxes, fast ° RC5 -- input-dependent rotations ° CAST -- nonlinear S-boxes, round-dependent functions ° Rijndael – S-boxes, optimized for hardware/software , AES winner 48 EE 5815 – Topics in Security Technology Need key, padding, IV, and ECB/CBC/OFB/CFB/CTR
Image of page 48
Lecture 3: Outline Secret-key Cryptography ° Introduction ° Block Cipher ° Feistel Structure / DES ° AES ° Stream Cipher ° Appendix 49 EE 5815 – Topics in Security Technology
Image of page 49
Stream ciphers ° encrypt a byte/bit at a time (telecomm) ° XOR plaintext with keystream P i K i ± C i Decrypt C i K i ± P i keystream : from pseudorandom number generator ° efficient in hardware ° much theoretical analysis (LFSR's) ° faster than block ciphers (hardware) ° synchronous (independent of plain/cipher), pad/OFB ° asynchronous (feedback) CFB ° easily misused ´ ° examples (many proprietary) ° one-time pad ° hash PRNG's ° OFB/CFB (can make a block a stream) ° PKZIP ° RC4 (in 802.11, PPTP, Lotus Notes, CDPD, SQL, ssh,WORD/Excel) ° A5 (3 LFSR's) in Europe's GSM cell phone, US cellular ORYX 3 32-bit LFSRs ° E0 (4 LFSR's) for bluetooth
Image of page 50
One-time Pad ° C = P K ° P = C K ° Achieve Shannon’s perfect secrecy if ° K is as long as P ° K is truly random ° K must not be reused in whole or part P: plaintext sequence C: ciphertext sequence K: keystream : bitwise XOR P : 0 0 1 0 1 1 0 1 0 1 1 1 0 0 1 K : 0 1 0 0 1 1 0 1 1 0 1 0 0 1 0 C : 0 1 1 0 0 0 0 0 1 1 0 1 0 1 1 51 EE 5815 – Topics in Security Technology
Image of page 51
Random Numbers Good cryptography requires good random numbers . ° non-crypto: games, simulation ° salt, cookie, nonce (challenge) ° used for one-time pad or seed ° Encryption initialization vectors (IV) ° used for public keys (RSA, D-H) ° per-message secrets (DSS k, PGP) ° used for secret keys (KDC/ssh session key) ° TCP sequence number ° used for blinding predictable = vulnerable (can guess the key) 52 EE 5815 – Topics in Security Technology
Image of page 52
Random Numbers ° equally likely to choose any element ( uniform distribution ) ° independence – can’t infer one value in the sequence from others ° tests of random sequences (Knuth) ° half the bits 1 ° Chi-square (bin tests), Komolgorov-Smirnov ° spectral test ° runs tests, n-D tests ° bit, byte, word correlations ° FIPS 140 tests: runs, poker, monobit ° show that it's NOT random ° Software: Diehard or NIST Tests ° cryptographic random numbers need to be ° unpredictable ° resistant to attack ° By observing random output, can’t predict next nor back-guess ° Can’t significantly influence output or initial seed 53 EE 5815 – Topics in Security Technology
Image of page 53
True random numbers Sources for a random seed ° coin toss, dice ° radioactive source ° noisy diode ° unplugged microphone (/dev/audio) ° lava lamps (video, SHA, BBS) ° FORTEZZA card has random source ?
Image of page 54
Image of page 55

You've reached the end of your free preview.

Want to read all 85 pages?

  • Fall '14
  • Cryptography, Advanced Encryption Standard, Block cipher, Security technology

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture