LESOTHO

BIC3263 Systems Security

CHAPTER 2
Cryptographic Techniques
Faculty of Information & Communication Technology

Cryptography
Cryptology: This is the study of techniques for ensuring the
secrecy and/or authenticity of information. The two main
branches of cryptology are
o Cryptography: which is the study of the design of such
techniques; and
o Cryptanalysis: which deals with the defeating such
techniques, to recover information, or forging information
that will be accepted as authentic.

Systems Security

BIC3263

Security services
Security services: The assurance that the communicating entity
is the one that it claims to be.
The primary security services are divided into five categories,
although some of these services are interrelated.
-Confidentiality
-Integrity
-Non-repudiation
-Authentication
-Authorization /Access control
Privacy/Confidentiality: When a message is sent electronically,
the sender and receiver may desire that the message remain
confidential, and thus not be read by any other parties.
Systems Security

BIC3263

Security services
Integrity: The assurance that data received are exactly as sent by
an authorized entity (i.e., contain no modification, insertion, deletion,
or replay).
Nonrepudiation: Nonrepudiation prevents either sender or receiver
from denying a transmitted message. Thus, when a message is sent,
the receiver can prove that the alleged sender in fact sent the
message. Similarly, when a message is received, the sender can
prove that the alleged receiver in fact received the message.
Authentication: When an electronic message is received by a user
or a system, the identity of the sender need to be verified
(authenticated) in order to determine if the sender is who they claim
to be.
Access control: Limiting access to data and system only to
authorized users is the objective of access controls in order to gain
entry into the desired part of the system.
Systems Security

BIC3263

Security services
The five security services:
Security Issue

Security objective

Security Techniques

Confidentiality

Privacy of message

Encryption

Message Integrity

Deleting message
Tampering

Hashing (Digest)

Authentication

Origin verification

Digital signatures
Challenger response
Passwords
Biometric devices

Non-repudiation

Proof of origin, receipt and

contents (sender cannot falsely
deny sending or receiving the
message)

Bi-directional hashing
Digital signatures
Transaction certificates
Time stamps
Confirmation services

Access
controls/Authorization

Limiting entry to authorized

users

Firewalls
Passwords
Biometric devices

Systems Security

BIC3263

Encryption and decryption

Systems Security

BIC3263

Encryption and decryption

A message in human readable form is referred to in
cryptographic terms
as plaintext or cleartext.
The process of disguising a message in such a way as to hide
its substance is called encryption/enciphering and the
resulting message is referred to as ciphertext .

The reverse process decryption/deciphering ,takes

ciphertext as input and restores the original plaintext.
Systems Security

BIC3263

Encryption and decryption

Plaintext is denoted by P, whereas ciphertext is denoted by C.
The encryption function E operates on P to produce C:
In the reverse process, the decryption function D operates on C
to produce P:
A cryptographic algorithm, also called a cipher , is a
mathematical function used for encryption and decryption.
A restricted cryptosystem requires the encryption and
decryption algorithms to be kept secret. This method is called
security by obscurity and should be used only in very specific
cases.

Systems Security

BIC3263

Encryption and decryption

The many schemes used for encryption constitute the area of study
known as
cryptography. Such a scheme is known as a cryptographic system or a
cipher.
Techniques used for deciphering a message without any knowledge
of the enciphering details fall into the area of cryptanalysis.
Cryptanalysis is what the layperson calls "breaking the code."
The areas of cryptography and cryptanalysis together are called
cryptology.
All modern encryption algorithms use a key, denoted by K. The
value of this key affects the encryption and decryption functions, so
that they can now be written as:
E ( K, P ) = C
D ( K, C ) = P
Systems Security

BIC3263

Symmetric encryption
Symmetric encryption implies that both parties to a
communication must first possess a copy of a single secret key,
as shown below. The most widely used algorithm in this
category was, until recently, the Data Encryption Standard
(DES).

Systems Security

BIC3263

10

Symmetric encryption

Systems Security

BIC3263

11

Symmetric encryption

Systems Security

BIC3263

12

 In January 1977, a standard encryption method called the Data

Encryption Standard was adopted by the U.S. government.
Though the algorithm used is complex, it is easily implemented
in hardware, and software implementations are widely available.
The American National Standards Institute (ANSI) approved DES
as an industry standard, calling it the Data Encryption
Algorithm (DEA).
The DES algorithm
DES is a block cipher . This means that it operates on a single
chunk of data at a time, encrypting 64 bits (8 bytes) of plaintext
to produce 64 bits of ciphertext.
The key length is 56 bits, often expressed as an eight-character
string with the extra bits used as a parity check.
The algorithm has 19 distinct stages.

Data Encryption Standard

(DES)

Systems Security

BIC3263

13

Data Encryption Standard

(DES)
The first stage reorders the bits of the 64-bit input block by
applying a fixed permutation.
The last stage is the exact inverse of this permutation.
The stage penultimate to the last one exchanges the leftmost
32 bits with the rightmost 32 bits.
The remaining 16 stages (called rounds ) are functionally
identical but take as an input a quantity computed from the
key Ki and the old right half Ri , where i is the current round
number.
Ki is derived from the original 56-bit key passed as input to the
algorithm. Figure below shows the overall process.
At each iteration, the algorithm takes in two 32-bit inputs and
produces two 32-bit outputs.
Systems Security

BIC3263

14

Data Encryption Standard

(DES)
The left output is simply a copy of the right input. The right
output is an exclusive OR (XOR) of the left input and a function
of the right input and the key for the stage K i
All the complexity lies in the function f, which does a number of
substitutions and permutations using simple hardware
elements called S-boxes (for substitution) and P-boxes (for
permutation).
Decryption in the DES algorithm uses the same sequence of
steps, but the keys used at each of the 16 stages (K 1 to K16) are
applied in reverse order.

Systems Security

BIC3263

15

Data Encryption Standard

(DES)
The DES algorithm.

Systems Security

BIC3263

16

Data Encryption Standard

(DES)
Cracking DES
All encryption algorithms can theoretically be broken using the
so-called
brute-force attack.
Brute-force attack: The attacker tries every possible key on a
piece of ciphertext until an intelligible translation into plaintext is
obtained.
On average, half of all possible keys must be tried to achieve
success.
If either type of attack succeeds in deducing the key, the effect
is catastrophic: All future and past messages encrypted with that
key are
compromised.

Systems Security

BIC3263

17

Triple DES
Triple DES is a more secure alternative to DES and is appealing in
that it requires no new algorithms or hardware over and above
conventional
DES.

Figure below shows three 56-bit DES keys being used as input to
an
array of three DES chips (or software blocks).
The pattern used for the encryption step is encrypt-decrypt-encrypt
(EDE) with a DED pattern being used to reverse the process. Using
these combinations allows us to be backwardly compatible with the
single version of the DES algorithm.
In one variation of Triple DES, K1 is set to be equal to K3, giving a
112-bit key length. The latter mode is sometimes referred to as 2
key Triple DES ,as opposed to 3 key Triple DES when K1, K2, and K3
are distinct, yielding a total key length of 168 bits.
Systems Security

BIC3263

18

Triple DES
The Triple DES algorithm.

Its greatest appeal will be for the very large number of financial
institutions that have an installed base of equipment with DES hardware.
However, software implementations of Triple DES are slow in comparison,
as we have to compute three DES functions. Also, Triple DES uses the
same 64-bit block size as DES, which is considered to be weak.
Systems Security

BIC3263

19

Advanced Encryption Standard

(AES)
DES has weaknesses:
-slow (by modern standards)
-weak (can be broken by fast computers)
AES will be a new FIPS-Federal Information Processing Standard
that will specify a cryptographic algorithm for use by U.S.
government organizations to protect sensitive (unclassified)
information
NIST(National Institute of Standards and Technology) ran a
competition to replace DES.
NIST selected five algorithms from the original 15 submissions.
The candidate algorithms were MARS,RC6, Rijndael, Serpent, and
Twofish.
Systems Security

BIC3263

20

Rijndael
Rijndael, had been selected as the proposed AES invented by
Vincent Rijmen and Joan Daeman
No patenting allowed
Round block cipher of similar structure to DES but faster, more
secure
Rijndael is a symmetric block cipher with variable key and block
sizes of 128, 192, and 256 bits.
However, since most of the cryptanalytic study during the
standards process focused on the 128-bit block size, this will be
the preferred block size included in the standard.
Rijndael has considerable speed improvements over DES in
both hardware and software implementations.
Systems Security

BIC3263

21

Rijndael
The cipher consists of between 10 or 14 rounds (Nr), depending
on the key length (Nk) and the block length (Nb). A plaintext
block X undergoes n rounds of operations to produce an output
block Y.
Each operation is based on the value of the nth round key.
The round keys are derived from the cipher key by first
expanding the key and then selecting parts of the expanded
key for each round.
Figure below shows an overview of the process.

Systems Security

BIC3263

22

Rijndael
Overall structure of Rijndael cipher.

Systems Security

BIC3263

23

RC2, RC4, and RC5

In anticipation of the demise of DES, Ron Rivest, a noted cryptographer,
has been developing a family of ciphers for RSA Data Security, Inc., that
might be used to replace it.
RC (Rivest Cipher).
It appears as though RC1 never got beyond the design stage, and RC3
was broken before it was released.
RC2 was released and is used in a number of commercial products. It is a
64-bit block cipher with a variable-length key.
RC4 can also use a variable-length key, but operates as a stream cipher. A
commodity export license was obtained for 40-bit versions of RC2 and
RC4, and the latter was used as the stream cipher in the first secure Web
browsers that became available in 1995.
No patents have been applied for, and the details of the algorithms are
only available subject to a non-disclosure agreement with RSA Data
Security, Inc. In September 1994.
Systems Security

BIC3263

24

RC5,RC6
The penultimate algorithm in the series is RC5 , which is a totally
parameterized system.
Among the items that may be changed are the block size, the key
length, and the number of rounds.
The basic algorithm is a block cipher, but stream versions are also
defined.
RC6 is the most recent block cipher designed by Ronald Rivest and
was among the five finalist candidate algorithms for the AES.
The main goal for the inventors was to meet the requirements for the
AES.
RC6 is based on RC5 and, like RC5, it is a parameterized algorithm in
which the block size, key size, and number of rounds are variable.
The upper limit to the key size for RC6 is 2,040 bits.

Systems Security

BIC3263

25

Message digesting or hashing

One way to provide integrity without confidentiality is to use a technique
known as a message digest. This involves applying a digesting or oneway hash function to the (long) message to produce a (short) message
digest.
The secret key can be applied to this hash and the result sent with
the message across the network.
The hash is then encrypted to become a message authentication code
(MAC), which is appended to the message before transmission.
Since the encryption is only being applied to a very small quantity, and
message digesting is faster than, encryption, this process can be
considerably faster than encrypting the entire message.
When the message arrives, the receiver computes a hash of the
message using the same algorithm. If this matches the decrypted MAC
that came with the message, then the message has not been tampered
with.
Systems Security

BIC3263

26

Message digesting or hashing

Systems Security

BIC3263

27

Message digesting or hashing

Computing a message authentication code (MAC).

Systems Security

BIC3263

28

Message digesting or hashing

Systems Security

BIC3263

29

Message digesting or hashing

For any string s, H(s), the hash of s, is of fixed length (shorter
than s), sometimes called a message digest
A good one-way hash function will have two properties.
-Difficult to invert-one way. This means that attempting to
produce a message that would yield a given hash should be
completely unfeasible.
- It should also be resistant to collision, which means that there
should be a low probability of finding two messages with the
same hash.
Two well-known hash functions that have found a place in payment
protocols are MD5 and SHA.

Systems Security

BIC3263

30

MD5 Algorithm
The MD5 algorithm is one of a series (including MD2 and
MD4) of
message digest algorithms developed by Ron Rivest.
It involves appending a length field to a message and padding it
up to a multiple of 512-bit blocks.
Each of these 512-bit blocks is then fed through a four-round
process involving rotation and a range of Boolean operations
producing a
chaining value that is input into the processing of the next 512-bit
block.
The hashed output is the 128-bit chaining value produced in
processing
the last block of the message.
Systems Security

BIC3263

31

The Secure Hash Algorithm

(SHA)
The secure hash algorithm is based quite heavily on the work of
Ron Rivest in the MD series of algorithms.
The message is first padded as with MD5, and then fed through
four rounds, which are more complex than those used in MD5.
The chaining value passed from one round to the next is 160
bits in length, which means that the resulting message digest is
also 160 bits.

Systems Security

BIC3263

32

Kerberos
Kerberos protocol, which provides message authentication and
confidentiality facilities for communicating parties and is used
as the basis for a number of payment systems.
It is based on the trusted third-party model presented by
Needham and Schroeder .
The Kerberos authentication service was developed at the
Massachusetts Institute of Technology (MIT) for Project Athena
and the following discussion is based on version 5 of the
protocol.
Kerberos allows a client to prove its identity to a third-party
server without sending any sensitive information across the
network and also encrypts the channel between the two.

Systems Security

BIC3263

33