Symmetric key cryptography A-B A-B plaintext encryption ciphertext decryption plaintext message,m algorithm algorithm KA-m) m=KA-(K-e(m)) symmetric key crypto:Bob and Alice share know same (symmetric)key:K e.g.,key is knowing substitution pattern in mono alphabetic substitution cipher Q:how do Bob and Alice agree on key value? 8:Network Security 8-11
8: Network Security 8-11 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? ciphertext plaintext KA-B encryption algorithm decryption algorithm A-B KA-B plaintext message, m K (m) A-B K (m) A-B m = K ( ) A-B
Symmetric key crypto:DES DES:Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key,64-bit plaintext input ▣How secure is DES? o DES Challenge:56-bit-key-encrypted phrase ("Strong cryptography makes the world a safer place")decrypted (brute force)in 4 months o no known "backdoor"decryption approach Omaking DES more secure: o use three keys sequentially(3-DES)on each datum o use cipher-block chaining 8:Network Security 8-12
8: Network Security 8-12 Symmetric key crypto: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input How secure is DES? DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 months no known “backdoor” decryption approach making DES more secure: use three keys sequentially (3-DES) on each datum use cipher-block chaining
64-bit inpul 56bit key Symmetric key permute crypto:DES 48-6i1K1 CL1,R1KID DES operation 2 R2 initial permutation 48-bit K2 2.R2,K2D 16 identical "rounds"of function application, [3 R3 each using different 48 bits of key final permutation 48-bit K16 L17R17 permute 64-bit output 8:Network Security 8-13
8: Network Security 8-13 Symmetric key crypto: DES initial permutation 16 identical “rounds” of function application, each using different 48 bits of key final permutation DES operation
AES:Advanced Encryption Standard new (Nov.2001)symmetric-key NIST standard,replacing DES processes data in 128 bit blocks 128,192,or 256 bit keys brute force decryption (try each key) taking 1 sec on DES,takes 149 trillion years for AES 8:Network Security 8-14
8: Network Security 8-14 AES: Advanced Encryption Standard new (Nov. 2001) symmetric-key NIST standard, replacing DES processes data in 128 bit blocks 128, 192, or 256 bit keys brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES
Public Key Cryptography symmetric key crypto public key cryptography ▣requires sender, radically different receiver know shared approach [Diffie- secret key Hellman76,RSA78] ▣Q:how to agree on key ▣sender,receiver do in first place not share secret key (particularly if never public encryption key "met")? known to all ▣private decryption key known only to receiver 8:Network Security 8-15