《计算机网络与通讯》课程教学资源（PPT课件讲稿，英文版）Chapter 07 Network Security

Symmetric key crypto: DES DES: Data Encryption Standard o US encryption standard [nIst 1993] 0 56-bit symmetric key, 64-bit plaintext input g How secure is dES? o DES Challenge: 56-bit-key-encrypted phrase CStrong cryptography makes the world a safer place" )decrypted(brute force)in 4 months o no known backdoor"decryption approach o making des more secure: o use three keys sequentially (3-DES)on each datum o use cipher-block chaining 361.F2003

Comp 361, Fall 2003 7: Network Security 11 Symmetric key crypto: DES DES: Data Encryption Standard  US encryption standard [NIST 1993]  56-bit symmetric key, 64-bit plaintext input  How secure is DES?  DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 months  no known “backdoor” decryption approach  making DES more secure:  use three keys sequentially (3-DES) on each datum  use cipher-block chaining

64-bit input 56bit key termite Symmetric Key L1 RI crypto: DES 48-bit KI fILL, RL, KID DES operation 12R2 initial permutation 48-bit K2 2R2K2 16 identical"rounds"of function application 13 each using different 48 bits of key final permutation 48-bit K16 t7R17 permu:e 64-bit output 361.F2003

Comp 361, Fall 2003 7: Network Security 12 Symmetric key crypto: DES initial permutation 16 identical “rounds” of function application, each using different 48 bits of key final permutation DES operation

AES: Advanced Encryption Standard o new(Nov 2001) symmetric-key NIST standard, replacing des O processes data in 128 bit blocks 0128, 192, or 256 bit keys o brute force decryption(try each key) taking 1 sec on des, takes 149 trillion years for AES 13 361.F2003

Comp 361, Fall 2003 7: Network Security 13 AES: Advanced Encryption Standard  new (Nov. 2001) symmetric-key NIST standard, replacing DES  processes data in 128 bit blocks  128, 192, or 256 bit keys  brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES

Public Key cryptography symmetric key crypto public key cryptography o requires sender, 口 radically different receiver know shared approach [Diffie secret key HelIman76, RSA781 oQ: how to agree on key o sender, receiver do in first place not share secret key (particularly if never 口 public encryption key met)? known to all 口 private decryption key known only to receiver 14 361.F2003

Comp 361, Fall 2003 7: Network Security 14 Public Key Cryptography symmetric key crypto  requires sender, receiver know shared secret key  Q: how to agree on key in first place (particularly if never “met”)? public key cryptography  radically different approach [Diffie￾Hellman76, RSA78]  sender, receiver do not share secret key  public encryption key known to all  private decryption key known only to receiver

Public key cryptography Bob's public k ≥K- Bob's private b ke plaintext encryption ciphertext decryption_plaintext message, algorithm kr(m) algorithm message m=K(Kr(m)) B 15

Comp 361, Fall 2003 7: Network Security 15 Public key cryptography plaintext message, m encryption ciphertext algorithm decryption algorithm Bob’s public key plaintext message K (m) B + K B + Bob’s private key K B - m = K (K (m)) B + B -