symmetric encryption and message confidentialitytaylorpat/courses_files/intro...part 2: modern...
TRANSCRIPT
Symmetric Encryption and MessageConfidentiality
Comp Sci 3600 Security
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Symmetric Encryption
• Also referred to as: Conventional, Secret-key, or single-keyencryption
• Only alternative before public-key encryption in 1970’s
• Still most widely used alternative
• Has five ingredients:
1 Plaintext2 Encryption algorithm3 Secret key4 Ciphertext5 Decryption algorithm
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Classified along Three Independent Dimensions
1 The type of operations used for transforming plaintext tociphertext
• Substitution – each element in the plaintext is mappedinto another element
• Transposition – elements in plaintext are rearranged
2 The number of keys used• Sender and receiver use same key – symmetric• Sender and receiver each use a different key - asymmetric
3 The way in which the plaintext is processed• Block cipher – processes input one block of elements at a
time• Stream cipher – processes the input elements continuously
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Cryptanalyis
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Computationally Secure Encryption Schemes
• Encryption is computationally secure if:• Cost of breaking cipher exceeds value of information• Time required to break cipher exceeds the useful lifetime
of the information
• Usually very difficult to estimate the amount of effortrequired to break
• Can estimate time/cost of a brute-force attack
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Classic Fiestel Network
Ciphertext (2w bits)
Figure 20.1 Classical Feistel Network
Ki
Round i
Li Ri
F
w bits w bits
K1
Round 1
Kn
Round n
Ln Rn
Ln+1 Rn+1
F
L0 R0
L1 R1
F
Plaintext (2w bits)
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Block Cipher Structure
• Symmetric block cipher consists of:• A sequence of rounds• With substitutions and permutations controlled by key
• Parameters and design features:• Block size• Key size• Number of rounds• Round key generation algorithm• Round function• Fast software encryption/decryption
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Data Encryption Standard (DES)
• Very widely used
• Minor variaton of the Fiestel Network
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Triple DES
E D E
K1 K2 K3
K3 K2 K1
P CA B
(a) Encryption
D E DC P
(b) Decryption
Figure 20.2 Triple DES
B A
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Advanced Encryption Standard (AES)
• The Advanced Encryption Standard (AES) was issued as afederal information processing standard (FIPS 197).
• It is intended to replace DES and triple DES with analgorithm that is more secure and efficient.
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
AES Enrcyption an Decryption
Add round key
w[4, 7]
w[0, 3]
Plaintext
Substitute bytes Expand key
Shift rows
Mix columnsRou
nd 1
Rou
nd 9
Rou
nd 1
0
Add round key
Substitute bytes
Shift rows
Mix columns
Add round key
Substitute bytes
Shift rows
Add round key
Ciphertext
(a) Encryption
Figure 20.3 AES Encryption and Decryption
Key
Add round key
Plaintext
Inverse sub bytes
Inverse shift rows
Inverse mix cols
Rou
nd 1
0R
ound
9R
ound
1
Add round key
Inverse sub bytes
Inverse shift rows
Inverse mix cols
Add round key
Inverse sub bytes
Inverse shift rows
Add round key
Ciphertext
(b) Decryption
w[36, 39]
w[40, 43]
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
AES Encryption Round
SSubBytes
State
State
State
State
State
ShiftRows
MixColumns
AddRoundKey
Figure 20.4 AES Encryption Round
S S S S S S S S S S S S S S S
M M M M
r0 r1 r2 r3 r4 r5 r6 r7 r8 r9 r10 r11 r12 r13 r14 r15
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Outline
1 Symmetric Encryption PrinciplesCryptographyCrpytanalysisFeistel Cipher Structure
2 Data Encryption StandardTriple DES
3 Advanced Encryption StandardOverviewAlgorithm Details
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Substitute Bytes Transformation
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
S-box
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Inverse S-box
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
ShiftRows
• To move individual bytes from one column to another andspread bytes over columns
• On encryption left rotate each row of State by 0,1,2,3bytes respectively
• Decryption does reverse
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Mix Column Transformation: MixColumns
• Operates on each column individually
• Mapping each byte to a new value that is a function of allfour bytes in the column
• Use of equations over finite fields
• To provide good mixing of bytes in column
Part 1:ModernSymmetricEncryption
SymmetricEncryptionPrinciples
Cryptography
Crpytanalysis
Feistel CipherStructure
DataEncryptionStandard
Triple DES
AdvancedEncryptionStandard
Overview
AlgorithmDetails
Add Round Key Transformation
• Simply XOR State with bits of expanded key
• Security from complexity of round key expansion and otherstages of AES
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Stream Ciphers
• Processes input elements continuously
• Key input to a pseudorandom bit generator• Produces stream of random like numbers• Unpredictable without knowing input key• XOR keystream output with plaintext bytes
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Stream Cipher Structure
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Stream Cipher Structure
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Relative Speed of Symmetric Ciphers
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
RC4
25525325343210S
T
S
(a) Initial state of S and T
(b) Initial permutation of S
Swap
T
K
T[i]
j = j + S[i] + T[i]
t = S[i] + S[j]
S[i] S[j]
keylen
i
S
(c) Stream Generation
Figure 20.5 RC4
Swap
j = j + S[i]
S[i] S[j] S[t]
k
i
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Block Cipher Modes of Operation
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Electronic Codebook (ECB)
• Simplest mode
• Plaintext is handled b bits at a time and each block isencrypted using the same key
• “Codebook” because have unique ciphertext value foreach plaintext block
• Not secure for long messages since repeated plaintext isseen in repeated ciphertext
• To overcome security deficiencies you need a techniquewhere the same plaintext block, if repeated, producesdifferent ciphertext blocks
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Cipher Block Chaining (CBC) Mode
Encrypt
Time = 1IV
K
P1
C1
IV
Encrypt
Time = 2
K
P2
C2
Encrypt
Time = N
K
PN
P1 P2 PN
CN
C1 C2 CN
CN–1
CN–1
DecryptK DecryptK DecryptK
(a) Encryption
(b) Decryption
Figure 20.6 Cipher Block Chaining (CBC) Mode
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
s-bit Cipher Feedback (CFB) Mode
Encrypt
IV
K
C1(a) Encryption
Figure 20.7 s-bit Cipher Feedback (CFB) Mode
b – s bits
64s bits
Shift register
b – s bitss bitsSelect Discard
P1
64
ss
s
EncryptK
b – s bits
64s bits
Shift register
b – s bitss bitsSelect Discard
P2
64
ss
C2
EncryptK
b – s bits
64s bits
Shift register
b – s bitss bitsSelect Discard
PM
64
ss
CM
CM–1
Encrypt
IV
K
P1(b) Decryption
b – s bits
64s bits
Shift register
b – s bitss bitsSelect Discard
C1
64
ss
s
C2s s
EncryptK
b – s bits
64s bits
Shift register
b – s bitss bitsSelect Discard
64
s
P2
EncryptK
b – s bits
64s bits
Shift register
b – s bitss bitsSelect Discard
CM
64
s
PM
CM–1
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Counter (CTR) Mode
Encrypt
Counter
K
P1
C1 C2 CN
(a) Encryption
(b) Decryption
Figure 20.8 Counter (CTR) Mode
Encrypt
Counter + 1
K
P2
Encrypt
Counter + N – 1
Counter Counter + 1 Counter + N – 1
K
PN
EncryptK
C1
P1 P2 PN
EncryptK
C2
EncryptK
CN
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Encryption on Frame Relay Network
Frame relaynetwork
= end-to-end encryption device
= link encryption device
FRN = frame relay node
Figure 20.9 Encryption Across a Frame Relay Network
FRN
FRN
FRN
FRN
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Outline
4 Stream Ciphers and RC4Steam Cipher StructureRC4 Algorithm
5 Block Cipher Modes of OperationElectronic Codebook ModeCipher Block Chaining ModeCipher Feedback ModeCounter Mode
6 Location of Symmetric Encryption
7 Key Distribution
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Key Distribution
The means of delivering a key to two parties that wish toexchange data without allowing others to see the key. Twoparties (A and B) can achieve this by:
• A key could be selected by A and physically delivered to B
• A third party could select the key and physically deliver itto A and B
• If A and B have previously and recently used a key, oneparty could transmit the new key to the other, encryptedusing the old key
• If A and B each have an encrypted connection to a thirdparty C, C could deliver a key on the encrypted links to Aand B
Part 2:ModernSymmetricEncryption
StreamCiphers andRC4
Steam CipherStructure
RC4 Algorithm
Block CipherModes ofOperation
ElectronicCodebook Mode
Cipher BlockChaining Mode
Cipher FeedbackMode
Counter Mode
Location ofSymmetricEncryption
KeyDistribution
Automatic Key Distribution forConnection-Oriented Protocols
Keydistribution
center
Network
1. Host sends packet requesting connection.2. Security service buffers packet; asks KDC for session key.3. KDC distributes session key to both hosts.4. Buffered packet transmitted.
Figure 20.10 Automatic Key Distribution for Connection-Oriented Protocol
HOST
Application
Securityservice
HOST
Application
Securityservice
2
3
4
1