for long term use 3DES was not reasonable for long term use NIST called for

For long term use 3des was not reasonable for long

This preview shows page 10 - 16 out of 33 pages.

for long term use 3DES was not reasonable for long term use NIST called for proposals for a new AES in 1997 NIST called for proposals for a new AES in 1997 Should have a security strength equal to or better than 3DES Should have a security strength equal to or better than 3DES Significantly improved efficiency Significantly improved efficiency Symmetric block cipher Symmetric block cipher 128 bit data and 128/192/256 bit keys 128 bit data and 128/192/256 bit keys Selected Rijndael in November 2001 Selected Rijndael in November 2001 Published as FIPS 197 Published as FIPS 197 10
Image of page 10
Practical Security Issues Typically symmetric encryption is applied to a unit of data larger than a single 64-bit or 128-bit block Electronic codebook (ECB) mode is the simplest approach to multiple-block encryption Each block of plaintext is encrypted using the same key Cryptanalysts may be able to exploit regularities in the plaintext Modes of operation Alternative techniques developed to increase the security of symmetric block encryption for large sequences Overcomes the weaknesses of ECB 11
Image of page 11
Encrypt Encryption K Figure2.2 Types of Symmetric Encryption b b b b P 1 C 1 P 2 C 2 b b P n C n Encrypt K Encrypt K Decrypt Decryption K b b b b C 1 P 1 C 2 P 2 b b C n P n Decrypt (a) Block cipher encryption (electronic codebook mode) (b) Stream encryption K Decrypt K Pseudorandom byte generator (key stream generator) Plaintext bytestream M Key K Key K k k Plaintext bytestream M Ciphertext bytestream C ENCRYPTION Pseudorandom byte generator (key stream generator) DECRYPTION 12
Image of page 12
Block & Stream Ciphers Processes the input one block of elements at a time Produces an output block for each input block Can reuse keys More common Processes the input one block of elements at a time Produces an output block for each input block Can reuse keys More common Block Cipher Processes the input elements continuously Produces output one element at a time Primary advantage is that they are almost always faster and use far less code Encrypts plaintext one byte at a time Pseudorandom stream is one that is unpredictable without knowledge of the input key Processes the input elements continuously Produces output one element at a time Primary advantage is that they are almost always faster and use far less code Encrypts plaintext one byte at a time Pseudorandom stream is one that is unpredictable without knowledge of the input key Stream Cipher 13
Image of page 13
Message Authentication Protects against active attacks Verifies received message is authentic Can use conventional encryption Contents have not been altered From authentic source Timely and in correct sequence Only sender & receiver share a key 14
Image of page 14
Message MAC K K Transmit MAC algorithm MAC algorithm Compare Figure 2.3 Message Authentication Using a Message Authentication Code (MAC).
Image of page 15
Image of page 16

You've reached the end of your free preview.

Want to read all 33 pages?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture