Download Symmetric Encryption, DES, AES, and Message Authentication and more Exams Data Mining in PDF only on Docsity!
HMAC
Unit-
CONVENTIONAL ENCRYPTION PRINCIPLES, CONVENTIONAL ENCRYPTION ALGORITHMS, CIPHER BLOCK MODES OF OPERATION, LOCATION OF ENCRYPTION DEVICES, KEY DISTRIBUTION APPROACHES OF MESSAGE AUTHENTICATION, SECURE HASH FUNCTIONS AND HMAC
Conventional Encryption principles
A Symmetric encryption scheme has five ingredients
- Plain Text : This is the original message or data which is fed into the algorithm as input.
2_._ Encryption Algorithm : This encryption algorithm performs various substitutions and transformations on the plain text.
- Secret Key : The key is another input to the algorithm. The substitutions and transformations performed by algorithm depend on the key.
- Cipher Text : This is the scrambled (unreadable) message which is output of the encryption algorithm. This cipher text is dependent on plaintext and secret key. For a given plaintext, two different keys produce two different cipher texts.
5_._ Decryption Algorithm : This is the reverse of encryption algorithm. It takes the cipher text and secret key as inputs and outputs the plain text.
HMAC
Two main requirements are needed for secure use of conventional encryption:
(i). A strong encryption algorithm is needed. It is desirable that the algorithm should be in such a way that, even the attacker who knows the algorithm and has access to one or more cipher texts would be unable to decipher the ciphertext or figure out the key. (ii). The secret key must be distributed among the sender and receiver in a very secured way. If in any way the key is discovered and with the knowledge of algorithm, all communication using this key is readable.
The important point is that the security of conventional encryption depends on the secrecy of the key, not the secrecy of the algorithm i.e. it is not necessary to keep the algorithm secret, but only the key is to be kept secret. This feature that algorithm need not be kept secret made it feasible for wide spread use and enabled manufacturers develop low cost chip implementation of data encryption algorithms. With the use of conventional algorithm, the principal security problem is maintaining the secrecy of the key.
Cryptography
A cipher is a secret method of writing, as by code. Cryptography , in a very broad sense, is the study of techniques related to aspects of information security. Hence cryptography is concerned with the writing (ciphering or encoding) and deciphering (decoding) of messages in secret code. Cryptographic systems are classified along three independent dimensions:
1. The type of operations used for performing plaintext to ciphertext
All the encryption algorithms make use of two general principles; substitution and transposition through which plaintext elements are rearranged. Important thing is that no information should be lost.
2. The number of keys used
If single key is used by both sender and receiver, it is called symmetric, single-key, secret-key or conventional encryption. If sender and receiver each use a different key, then it is called asymmetric, two-key or public-key encryption.
3. The way in which plaintext is processed
A block cipher process the input as blocks of elements and generated an output block for each input block. Stream cipher processes the input elements continuously, producing output one element at a time as it goes along.
HMAC Cryptography can be defined as the conversion of data into a scrambled code that can be deciphered and sent across a public or a private network.
A Ciphertext-only attack is an attack with an attempt to decrypt ciphertext when only the ciphertext itself is available.
A Known-plaintext attack is an attack in which an individual has the plaintext samples and its encrypted version(ciphertext) thereby allowing him to use both to reveal further secret information like the key
A Chosen- plaintext attack involves the cryptanalyst be able to define his own plaintext, feed it into the cipher and analyze the resulting ciphertext.
A Chosen-ciphertext attack is one, where attacker has several pairs of plaintext-ciphertext and ciphertext chosen by the attacker.
An encryption scheme is unconditionally secure if the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext and time is available to the opponent. Example for this type is One-time Pad. An encryption scheme is computationally secure if the ciphertext generated by the scheme meets the following criteria: ^ ^ Cost of breaking cipher exceeds the value of the encrypted information.
Time required to break the cipher exceeds the useful lifetime of the information. The average time required for exhaustive key search is given below:
Key Size Number of Time required at 1 Time required at (bits) Alternative Keys decryption/μs 10^6 decryptions/μs 32 232 = 4.3 10 (^9 231) μs = 35.8 minutes 2.15 milliseconds 56 256 = 7.2^1016 255 μs = 1142 years^ 10.01 hours 128 2128 = 3.4 1038 2127 μs = 5.4 1024 years 5.4 1018 years 168 2168 = 3.7 1050 2167 μs = 5.9 1036 years 5.9 1030 years
HMAC
Substitution Encryption Techniques
These techniques involve substituting or replacing the contents of the plaintext by other letters, numbers or symbols. Different kinds of ciphers are used in substitution technique.
Caesar Ciphers:
It is the oldest of all the substitution ciphers. A Caesar cipher replaces each letter of the plaintext with an alphabet. Two examples can be given:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Choose k, Shift all letters by k For example, if k = 5 A becomes F, B becomes G, C becomes H, and so on… Mathematically give each letter a number, a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
then have Caesar cipher as: c = E( p ) = ( p + k ) mod (26) p = D(c) = (c – k ) mod (26) With a Caesar cipher, there are only 26 possible keys, of which only 25 are of any use, since mapping A to A etc doesn't really obscure the message!
Monoalphabetic Ciphers :
Here, Plaintext characters are substituted by a different alphabet stream of characters shifted to the right or left by n positions. When compared to the Caesar ciphers, these monoalphabetic ciphers are more secure as each letter of the ciphertext can be any
permutation of the 26 alphabetic characters leading to 26! or greater than 4 x 10^26 possible keys. But it is still vulnerable to cryptanalysis, when a cryptanalyst is aware of the nature of the plaintext, he can find the regularities of the language. To overcome these attacks, multiple substitutions for a single letter are used. For example, a letter can be substituted by different numerical cipher symbols such as 17, 54, 69….. etc. Even this method is not completely secure as each letter in the plain text affects on letter in the ciphertext.
Or, using a common key which substitutes every letter of the plain text. The key ABCDEFGHIIJ KLMNOPQRSTUVWXYZ QWERTYUIIOPAS DFGHJ KLZXCV BNM Would encrypt the message II think therefore II am into OZIIOFAZIITKTYGKTOQD
HMAC
letters appear on the same row: replace them with the letters to their immediate right respectively
letters appear on the same column: replace them with the letters immediately below respectively
not on the same row or column: replace them with the letters on the same row respectively but at the other pair of corners of the rectangle defined by the original pair.
Based on the above three rules, the cipher text obtained for the given plain text is
HE GH ER DR YS IQ WH HE SC OY KR AL RY
Another example which is simpler than the above one can be given as: Here, key word is playfair. Plaintext is Hellothere hellothere becomes----- he lx lo th er ex. Applying the rules again, for each pair, If they are in the same row, replace each with the letter to its right (mod 5) he
KG If they are in the same column, replace each with the letter below it (mod 5) lo
RV Otherwise, replace each with letter we’d get if we swapped their column indices lx
YV p l^ a^ y i r^ b^ c e g h k n o q s u v^ w^ x f d m t z So the cipher text for the given plain text is KG YV RV QM GI KU To decrypt the message, just reverse the process. Shift up and left instead of down and right. Drop extra x’s and locate any missing I’s that should be j’s. The message will be back into the original readable form. no longer used by military forces because of the advent of digital encryption devices. Playfair is now regarded as insecure for any purpose because modern hand-held computers could easily break the cipher within seconds.
Hill Cipher:
It is also a multiletter encryption cipher. It involves substitution of ‘ m ’ ciphertext letters for ‘ m’ successive plaintext letters. For substitution purposes using ‘ m’ linear equations, each of the characters are assigned a numerical values i.e. a=0, b=1, c=2, d=3,…….z=25. For example if m=3, the system can be defined as: c 1 = (k 11 p 1 + k 12 p 2 + k 13 p 3 ) mod 26 c 2 = (k 21 p 1 + k 22 p 2 + k 23 p 3 ) mod 26 c 3 = (k 31 p 1 + k 32 p 2 + k 33 p 3 ) mod 26 If we represent in matrix form, the above statements as matrices and column vectors:
Information Security Unit- 2 Symmetric Encryption, DES, AES Message Authentication, Hash algorithms, HMAC
c 1 k 11 k 12 k 13 p 1 c 2 = k 21 k 22 k 23 p 2 mod 26 c 3 k 31 k 32 k 33 p 3 Thus, C = KP mod26, where C= Column vectors of length 3
P = Column vectors of length 3 K = 3x3 encryption key matrix.
For decryption process, inverse of matrix K i.e. K-1^ is required which is defined by the equation KK-1^ = K-^1 K = I, where I is the identity matrix that contains only 0’s and 1’s as its elements. Plaintext is recovered by applying K-^1 to the cipher text. It is expressed as C = EK(P) = KP mod26 P = DK(C) = K
KP = IP = P Example: The plain text is I can’t do it and the size of m is 3 and key K is chosen as
following:
The encryption process is carried out as follows
So, the encrypted text will be given as
EOM TMY SVJ
HMAC For the message COMPUTING GIVES INSIGHT and keyword LUCKY we proceed by repeating the keyword as many times as needed above the message, as follows. Encryption is simple: Given a key letter x and a plaintext letter y, the ciphertext letter is at the intersection of the row labeled x and the column labeled y ; so for L, the ciphertext letter would be N. So, the ciphertext for the given plaintext would be given as: Decryption is equally simple: The key letter again identifies the row and position of ciphertext letter in that row decides the column and the plaintext letter is at the top of that column. The strength of this cipher is that there are multiple ciphetext letters for each plaintext letter, one for each unique letter of the keyword and thereby making the letter frequency information is obscured. Still, breaking this cipher has been made possible because this reveals some mathematical principles that apply in cryptanalysis. To overcome the drawback of the periodic nature of the keyword, a new technique is proposed which is referred as an autokey system, in which a key word is concatenated with the plaintext itself to provide a running key. For ex In the above example, the key would be luckycomputinggivesin Still, this scheme is vulnerable to cryptanalysis as both the key and plaintext share the same frequency distribution of letters allowing a statistical technique to be applied. Thus, the ultimate defense against such a cryptanalysis is to choose a keyword that is as long as plaintext and has no statistical relationship to it. A new system which works on binary data rather than letters is given as Ci = pi i where, pi = ith binary digit of plaintext ki = ith binary digit of key Ci= ith binary digit of ciphertext = exclusive-or operation. Because of the properties of XOR, decryption is done by performing the same bitwise operation. pi = Ci i A very long but, repeation key word is used making cryptanalysis difficult.
HMAC
Pigpen Cipher
Pigpen cipher is a variation on letter substitution. Alphabets are arranged as follows:
Alphabets will be represented by the corresponding diagram. E.g., WAG would be
This is a weak cipher.
Transposition techniques
A transposition cipher is a method of encryption by which the positions held by units of plaintext (which are commonly characters or groups of characters) are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is changed. Transposition ciphers encrypt plaintext by moving small pieces of the message around. Anagrams are a primitive transposition cipher. This table shows "VOYAGER" being encrypted with a primitive transposition cipher where every two letters are switched with each other:
V O Y A G E R O V A Y E G R
HMAC
Feistel Cipher Structure
Most symmetric block ciphers are based on a Feistel Cipher Structure. It was first described by Horst Feistel of IBM in 1973 and is still forms the basis for almost all conventional encryption schemes. It makes use of two properties namely diffusion and confusion ; identified by Claude Shannon for frustrating statistical cryptanalysis. Confusion is basically defined as the concealment of the relation between the secret key and the cipher text. On the other hand, diffusion is regarded as the complexity of the relationship between the plain text and the cipher text.
HMAC The function of Feistel Cipher is shown in the above figure and can be explained by following steps: The input to the encryption algorithm is a plaintext block of length 2w bits and a key K.
^ ^ The plaintext block is divided into two halves: Li and Ri.
The two halves pass through n rounds of processing and then combine to produce the cipher text block
Each Round i has inputs Li-1 and Ri-1, derived from the previous round, as well as a unique subkey Ki generated by a sub-key generation algorithm.
All rounds have the same structure which involves substitution (mapping) on left half of data, which is done by applying a round function F to right half of data and then taking
XOR of the output of that function and left half of data. The round function F is common to every round but parameterized by round subkey Ki.
Then a permutation is performed that consists of interchange of the two halves of data.
For each round , compute
. Then the ciphertext is ( Rn + 1, Ln + 1).
Decryption of a ciphertext ( Rn + 1, Ln + 1) is accomplished by computing for
. Then ( L 0 , R 0 ) is the plaintext again.
The structure is a particular form of substitution-permutation network (SPN) proposed by Shannon. The realization or development of a Feistel encryption scheme depends on the choice of the following parameters and design features:
- Block size: larger block sizes mean greater security but slower processing. Block size of
64 bits has been nearly universal in block cipher design.
- Key Size: larger key size means greater security but slower processing. Most common
key length in modern algorithms is 128 bits.
- Number of rounds: multiple rounds offer increasing security but slows cipher. Typical
size is 16 rounds.
- Subkey generation algorithm: greater complexity will lead to greater difficulty of
cryptanalysis.
- Round Function: greater complexity will make cryptanalysis harder.
- Fast software en/decryption & ease of analysis: are more recent concerns for practical
use and testing.
HMAC
Conventional Encryption Algorithms
Simplified DES
S-DES is a reduced version of the DES algorithm. It has similar properties to DES but deals with a much smaller block and key size (operates on 8-bit message blocks with a 10- bit key). The S-DES decryption algorithm takes an 8-bit block of ciphertext and the same 10- bit key used to produce that ciphertext as input and produces the original 8-bit block of plaintext. S-DES scheme is shown below:
The encryption algorithm involves five functions: and initial permuatation(IP), a complex function labeled fk, which involves both permutations and substitution operations and depends on a key input, a single permutation function (SW) that switches the two halves of
the data, the function fk again and finally a permutation function that is inverse of the IP i.e.
IP
HMAC
As shown in figure, the function fk takes the data from encryption function along with 8- bit key. The key is choosen to be 10-bit length from which two 8-bit subkeys are generated. The initial 10-bit key is subjected to a permutation (P10) followed by a shift operation. The output of this shift operation then passes through a permutation function that produces an
8-bit output (P8) for the first key (k 1 ) and also feeds into another shift and another instance
of P8 to produce the second subkey (k 2 ). The encryption algorithm can be written as:
Ciphertext = IP
( f (^) k2(SW(f (^) k1(IP(plaintext))))) Where K 1 = P8(shift(p10(key))) K 2 = P8(shift(shift(p10(key)))) Decryption is also shown in the above figure and can be given as: Plaintext = IP
( f (^) k1(SW(f (^) k2(IP(ciphertext)))))
Key Generation: The key generation process is shown below:
As shown above, a 10-bit key shared between sender and receiver is used and fist passed through a permutation P10, Where P10 is a permutation with table:
P
HMAC
As shown above, the input to algorithm is an 8-bit block of plaintext which is permuted using the IP function. The inverse to this function IP
- is applied towards the end of algorithm. IP is the initial permutation and IP-1^ is its inverse.
IP
IP-^1
The function fk It is the most complex component of S-DES. Function fK consists of a combination of permutation and substitution functions. fK(L, R) = (L F(R, SK), R)
where, SK is a subkey (i.e. K 1 or K 2 ), L and R denote the leftmost and rightmost 4 bits of the
8-bit input fK and let F be a mapping function from 4-bit strings to 4-bit strings. The first operation is expansion/permutation operation given by: E/P 4 1 2 3 2 3 4 1
S 0 and S 1 are to S-boxes operates according to the following tables: S 0 : 1 0 3 2 3 2 1 0 0 2 1 3 3 1 3 2
S 1 : 0 1 2 3 2 0 1 3 3 0 1 0 2 1 0 3 And P4 would be another permutation. P 2 3 4 1
The output of P4 would be the output of function F.
HMAC
The Switch Function:
This function interchanges the left and right 4 bits so that the second instance of fK operates on a different 4 bits. For second instance all other parameters remain same, but the
key is K2. The S-boxes operates as follows:- The first and fourth input bits are treated as 2-bit numbers that specify a row of the S-box, and the second and third input bits specify a column of S-box. The entry in that row and column in base2 is the 2-bit output.
Data Encryption Standard
In 1974, IBM proposed "Lucifer", an encryption algorithm using 64-bit keys. Two years later (1977), NBS (now NIST) in consultation with NSA made a modified version of that algorithm into a standard. DES uses the two basic techniques of cryptography - confusion and diffusion. At the simplest level, diffusion is achieved through numerous permutations and confusion is achieved through the XOR operation and the S-Boxes. This is also called an S-P network The DES encryption scheme can be explained by the following figure
The plain text is 64 bits in length and the key in 56 bits in length. Longer plain text amounts are processed in 64-bit blocks. The main phases in the left hand side of the above figure i.e. processing of the plain text are,
Initial Permutation (IP): The plaintext block undergoes an initial permutation. 64 bits of the block are permuted.
