module 4 enhancing cryptographic security & modes of encryption
DESCRIPTION
Module 4 Enhancing Cryptographic security & Modes Of Encryption. MModified by :Ahmad Al Ghoul PPhiladelphia University FFaculty Of Administrative & Financial Sciences BBusiness Networking & System Management Department RRoom Number 32406 EE-mail Address: [email protected]. - PowerPoint PPT PresentationTRANSCRIPT
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 1
Module 4Module 4 Enhancing Cryptographic security & Modes Of Enhancing Cryptographic security & Modes Of
EncryptionEncryption
MModified by :Ahmad Al GhoulPPhiladelphia UniversityFFaculty Of Administrative & Financial SciencesBBusiness Networking & System Management DepartmentRRoom Number 32406EE-mail Address: [email protected]
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 2
Objectives
Key Escrow Types of Ciphers General Types of Ciphers Some encryption Trends Monoalphabetic Substitution Ciphers Polyalphabetic Substitution Ciphers Transposition Ciphers DES RSA Error Prevention and Detection Cipher Block Chain One Way Encryption
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 3
Encyption – can it be broken?
Theoretically, it is possible to devise unbreakable cryptosystems
However, practical cryptosystems almost always are breakable, given adequate time and computing power
The trick is to make breaking a cryptosystem hard enough for the intruder
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 4
Types of Ciphers Ciphers can be broadly classified into the following two
categories depending upon whether
(i) a symbol of plaintext is immediately converted into a symbol of ciphertext (Stream Ciphers)
(ii) or a group of plaintext symbols are converted as a block into a group of ciphertext symbols (Block Ciphers)
– Speed of Encryption• stream symmetric > block symmetric > asymmetric
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 5
Stream Ciphers A symbol of plaintext is immediately converted into a
symbol of ciphertext Advantages
– Speed of transformation
– Low error propagation Disadvantages
– Low diffusion (Change in the plaintext should affect many parts of the ciphertext)
– Susceptible to malicious insertions and modifications
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 6
Block Ciphers A group of plaintext symbols are converted as a block into
a group of ciphertext symbols Advantages
– Diffusion
– Immunity to insertions Disadvantages
– Slowness of encryption
– Error propagation
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 7
Trends
Block size: larger block sizes mean greater security
Key Size: larger key size means greater security
Number of rounds: multiple rounds offer increasing security
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 8
DES
DES developed at IBM, every five years re-certification is held, it is a block cipher algorithm, it maps 64-bit plaintext into 64 block of cipher text, keys are 56 bit long, the procedures is repeated several time, the brute force approach to decipher requires 70 million billion trials (2 raised on 56)
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 9
Overview of DES
DES is a careful combination of two fundamental building blocks of encryption:
substitution and permutation (transposition)
Algorithm repeats these operation in 16 cycles
Algorithm uses only standard arithmetic and logical operation on up to 64 numbers, althoughcomplex, the algorithm is repetitive, making itsuitable for implementation on a single purposechip,Several such chips are available on the market
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 10
Rivest-Shamir-Adleman Encryption
RSA incorporates results from number theory, combinedwith the difficulties of determining the prime factors of a targetRSA operates with arithmetic mod nTwo keys d and e are used for encryption and decryptionThey are interchangeable, the plain text is encrypted asP(e)mod nThe decrypting key d is chosen, so that ((P(e)d) mod n=P
The underlying problem on which the RSA is based is that offactoring large numbers
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 11
RSABecause of symmetry in modular arithmetic, encryption and decryption are mutual inverse and commutative
The encryption key consists of a pair of integers (e,n) andthe decryption key is (d,n), e and d are used as:
P=C mod n = (P ) mod n = (P ) mod n
The value of n should be quite large, a product of twoprimes p and q
Both should be large themselves, 100 digits each, and n is 200digits long
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 12
the RSA powerTo give an intuitive feel what this means, suppose we have to find the two factors of the number 437, which two numbersmultiplied together give 437. This can be solved easily bya calculator, but numbers made sufficiently large, likethose requiring several hundreds or thousand of bits torepresent them make this task even difficult for computers
The state of art in factoring in 1994 was demonstrated by wellpublicized event - the factoring of a 129 digit (429 bit) RSA modules.The total processing power required was 4 600 MIPS years orto a processing done by Pentium 100 running non stop for 46 year.
Today it is considered that 1024 bit modules provide enoughprotection even for the computer power beyond year 2000
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 13
ALGORITHM Key Generation
1. Generate two large prime numbers, p and q 2. Let n = pq 3. Let m = (p-1)(q-1) 4. Choose a small number e, coprime to m 5. Find d, such that de % m = 1
Publish e and n as the public key.Keep d and n as the secret key.
Encryption C = Pe % n
Decryption P = Cd % n
x % y means the remainder of x divided by y
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 14
Key Generation 1) Generate two large prime numbers, p and q
To make the example easy to follow I am going to use small numbers, but this is not secure. To find random primes, we start at a random number and go up ascending odd numbers until we find a prime. Lets have:
p = 7q = 19
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 15
Key Generation
2) Let n = pq n = 7 * 19 = 133
3) Let m = (p - 1)(q - 1) m = (7 - 1)(19 - 1) = 6 * 18 = 108
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 16
Key Generation 4) Choose a small number, e coprime to m e coprime to m, means that the largest number that
can exactly divide both e and m (their greatest common divisor, or gcd) is 1. Euclid's algorithm is used to find the gcd of two numbers, but the details are omitted here.
e = 2 => gcd(e, 108) = 2 (no)e = 3 => gcd(e, 108) = 3 (no)e = 4 => gcd(e, 108) = 4 (no)e = 5 => gcd(e, 108) = 1 (yes!)
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 17
Key Generation 5) Find d, such that de % m = 1 This is equivalent to finding d which satisfies de = 1 + nm where n is any integer. We can rewrite this as d = (1 + nm) / e. Now we work through values of n until an integer solution for e is found:
n = 0 => d = 1 / 5 (no)n = 1 => d = 109 / 5 (no)n = 2 => d = 217 / 5 (no)n = 3 => d = 325 / 5 = 65 (yes!)
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 18
Key Generation
To do this with big numbers, a more sophisticated algorithm called extended Euclid must be used.
Public Key n = 133e = 5
Secret Key n = 133d = 65
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 19
Communication Encryption The message must be a number less than the
smaller of p and q. However, at this point we don't know p or q, so in practice a lower bound on p and q must be published. This can be somewhat below their true value and so isn't a major security concern. For this example, lets use the message "6".
C = Pe % n = 65 % 133 = 7776 % 133 = 62
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 20
Decryption
This works very much like encryption, but involves a larger exponation, which is broken down into several steps
P = Cd % n = 6265 % 133 = 62 * 6264 % 133 = 62 * (622)32 % 133 = 62 * 384432 % 133 = 62 * (3844 % 133)32 % 133 = 62 * 12032 % 133
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 21
Decryption
We now repeat the sequence of operations that reduced 6265 to 12032 to reduce the exponent down to 1.
= 62 * 3616 % 133 = 62 * 998 % 133 = 62 * 924 % 133 = 62 * 852 % 133 = 62 * 43 % 133 = 2666 % 133 = 6
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 22
Java RSA Code A Java implementation of RSA is just a transcription of the algorithm: import java.math.BigInteger;import
java.security.SecureRandom; class Rsa{ private BigInteger n, d, e; public Rsa(int bitlen) { SecureRandom r = new SecureRandom(); BigInteger p = new BigInteger(bitlen / 2, 100, r); BigInteger q = new BigInteger(bitlen / 2, 100, r); n = p.multiply(q); BigInteger m = (p.subtract(BigInteger.ONE)) .multiply(q.subtract(BigInteger.ONE)); e = new BigInteger("3"); while(m.gcd(e).intValue() > 1) e = e.add(new BigInteger("2")); d = e.modInverse(m); } public BigInteger encrypt(BigInteger message) { return message.modPow(e, n); } public BigInteger decrypt(BigInteger message) { return message.modPow(d, n); }}
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 23
Enhancing Cryptographic Security Currently 3DES and RSA(1024) are
believed to be secure– An intruder is unlikely to discover the content
of a message encrypted under one of them
But some systems based on these cryptosystem may not achieve their goals– block replay– operation mode dependent
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 24
Error Prevention and Detection
In the DES and any block Cipher each block is an entity.
An interceptor who understood the format of a sender’s messages could modify messages without needing to break the encryption.
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 25
Error Prevention and Detection Attack : Block Replay
– If ECB mode (each block encrypted separately) is used, then intruder can replace the forth block arbitrarily using the previously used data
Solution– Block Chaining
• Error propagation - cannot reconstruct the whole ciphertext – Initial Chaining Value(Initial Vector)
• randomize the first block • candidates : random number, date, time, etc.
Name Account Amount
Block 1 Block 2 Block 3 Block 4 Block 5
Encrypted
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 26
One-Way Functions
One-way functions are relatively easy to compute, but significantly harder to reverse. That is, given x it is easy to compute f(x), but given f(x) it is hard to compute x. In this context, “hard” is defined as something like: It would take millions of years to compute x from f(x), even if all the computers in the world were assigned to the problem.
Breaking a plate is a good example of a one-way function. It is easy to smash a plate into a thousand tiny pieces. However, it’s not easy to put all of those tiny pieces back together into a plate.
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 27
One Way Encryption one-way encryption, allows for the encryption of
some plain text, but does not provide a way in which to convert the cipher text back to its original form.
it is a widely used technique for ensuring the integrity of system passwords.
if the one-way encrypted passwords somehow fall into the hands of a third-party, it isn't going to do much good because they can never be converted back to plain text.
Network Security Philadelphia Universityl
Ahmad Al-Ghoul 2010-2011 28
One Way Encryption The user enter his password, the input ( password ) is encrypted
using the one-way algorithm. The password that encrypted with one way encryption compared
with the stored encrypted password. If they match, the input password must be correct. The input parameter input_string is just the string that you
would like to encrypt. The second, optional input parameter salt refers to a bit-string
that will influence the encryption outcome to further eliminate the possibility of what are known as precomputation attacks