Document 7367724

Download Report

Transcript Document 7367724

Computer System Security
CSE 5339/7339
Lecture 8
September 14, 2004
Computer Science and Engineering
Contents
 Announcements
 More on DES
 Advanced Encryption Standard (AES)
 Saeed’s Presentation
Computer Science and Engineering
Guest Lecture on 9/16
Electronic Crimes – Secret Service
Computer Science and Engineering
Five Security Articles
IEEE Computer, June 2004
1. Securing the High-Speed Internet, pp 33
2. Computer Security in the Real World, pp 37
3. Worm Epidemics in High-Speed Networks, pp
48
4. Making the Gigabit IPsec VPN Architecture
Secure, pp 54
5. A Quantitative Study of Firewall Configuration
Errors, pp62
Computer Science and Engineering
Solution of Group Work on 9/9
Find keys d and e for the RSA cryptosystem with p
= 7 and q = 11.
Solution
P*q = 77
(p-1) * (q-1) = 60
d = 13
e = 37
13 * 37 = 481 = 1 mod 60
Computer Science and Engineering
Does DES Work?
 Differential Cryptanalysis Idea
 Use two plaintext that barely differ
 Study the difference in the
corresponding cipher text
 Collect the keys that could
accomplish the change
 Repeat
Computer Science and Engineering
Handouts
 3-round baby DES
 Why the initial permutation?
 Why 16 rounds?
 Why these particular S-boxes?
Computer Science and Engineering
Cracking DES
During the period NBS was soliciting comments on the
proposed algorithm, the creators of public key
cryptography, Martin Hellman and Whitfield Diffie,
registered some objections to the use of DES. Hellman
wrote: "Whit Diffie and I have become concerned that the
proposed data encryption standard, while probably secure
against commercial assault, may be extremely vulnerable
to attack by an intelligence organization" (letter to NBS,
October 22, 1975).
Computer Science and Engineering
Cracking DES (cont.)
Diffie and Hellman then outlined a "brute force" attack on
DES. (By "brute force" is meant that you try as many of
the 2^56 possible keys as you have to before decrypting
the ciphertext into a sensible plaintext message.)
They proposed a special purpose "parallel computer using
one million chips to try one million keys each" per second,
and estimated the cost of such a machine at $20 million.
Computer Science and Engineering
Cracking DES (cont.)
In 1998, under the direction of John Gilmore of the EFF
(Electronic Frontier Foundation), a team spent $220,000
and built a machine that can go through the entire 56-bit
DES key space in an average of 4.5 days. On July 17,
1998, they announced they had cracked a 56-bit key in 56
hours. The computer, called Deep Crack, uses 27 boards
each containing 64 chips, and is capable of testing 90
billion keys a second.
Computer Science and Engineering
Cracking DES (cont.)
In early 1999, Distributed. Net used the DES Cracker and a
worldwide network of nearly 100,000 PCs to break DES in
22 hours and 15 minutes. The DES Cracker and PCs
combined were testing 245 billion keys per second when
the correct key was found. In addition, it has been shown
that for a cost of one million dollars a dedicated hardware
device can be built that can search all possible DES keys in
about 3.5 hours. This just serves to illustrate that any
organization with moderate resources can break through
DES with very little effort these days.
Computer Science and Engineering
The Birth of AES
As computers became progressively faster and more
powerful, it was recognized that a 56-bit key was simply
not large enough for high security applications. As a result,
NIST (New name of NBS) abandoned their official
endorsement of DES in 1997 and began work on a
replacement, to be called the Advanced Encryption
Standard (AES). Despite the growing concerns about its
vulnerability, DES is still widely used by financial services
and other industries worldwide to protect sensitive on-line
applications.
Computer Science and Engineering
DES Group Exercise
What would be the 64-bit output of round 1 be
using the plaintext and key given below (in
hexadecimal format):
P = 2D 75 F4 DB A3 3E 3F 89
K = D4 3C B1 9A E4 90 D7 C6
Computer Science and Engineering
Advanced Encryption Standard (ASE)
- NIST, call 1997
- One was selected out of five
- Rijndael (Rine dahl)  Vincent Rijmen & Joam Daemen
- In 2001, it was formally adopted by US
- 9, 11, 13 cycles (rounds) for keys of 128, 192, 256 bits
Computer Science and Engineering
ASE (cont)
- Each cycle consists of 4 steps
-
Byte substitution (BSB)
Shift row (SR)
Mix column (MC)
Add Round key (ARK)
Computer Science and Engineering
ASE Overview
Plaintext (128)
ARK
Subkey0
9 rounds
BSB
SR
Ciphertext (128)
ARK
Subkey10
Computer Science and Engineering
Round i
BSB
SR
CM
ARK
Subkeyi
Computer Science and Engineering
State
-128-bit block  4 x 4 matrix
-128 bits  b0, b1, b2, .., b15
b0
b4
b8
b12
b1
b5
b9
b13
b2
b6
b10
b14
b3
b7
b11
b15
Computer Science and Engineering
4 Operations
1. s[i,j]  s’[i,j] (predefined substitution table, Table 10-11
page 663)
2. Rows – left circular shift
3. The 4 elements in each column are multiplied by a
polynomial
4. Key is derived and added to each column
Computer Science and Engineering
Exercise
Using the table,
Find the substitution of
6b, ff, 6e, 09
Computer Science and Engineering
Shift Row
1
5
9
13
1
5
9
13
2
6
10
14
6
10
14
2
3
7
11
15
11
15
3
7
4
8
12
16
16
4
8
12
Computer Science and Engineering
Mix Column
=
2
3
1
1
1
2
3
1
1
1
2
3
3
1
1
2
*
Multiplying by 1  no change
Multiplying by 2 shift left one bit
Multiplying by 3  shift left one bit and XOR with original value
More than 8 bits  100011011 is subtracted
Computer Science and Engineering
Exercise
?
?
?
?
=
2
3
1
1
e5
1
2
3
1
a8
1
1
2
3
3
1
1
2
*
6f
33
Computer Science and Engineering
Add Key
b0
b4
b8
b12
k0
k4
k8
k12
b1
b5
b9
b13
k1
k5
k9
k13
b2
b6
b10
b14
k2
k6
k10
k14
b3
b7
b11
b15
k3
k7
k11
k15
b’x
=
bx
XOR
kx
Computer Science and Engineering
Example
k = 1f 34 0c da 5a 29 bb 71 6e a3 90 f1 47 d6 8b 12
B = e5 a8 6f 33 0a 52 31 9c c2 75 f8 1e b0 46 de 3a
B’ = fa 9c 63 9e 50 7b 8a ed ac d6 68 ef f7 90 55 28
Computer Science and Engineering
Key Generation
4 bytes
4 bytes
4 bytes
4 bytes
Circular left shift 1byte
S-box
X-OR
X-OR
4 bytes
4 bytes
4 bytes
Round constant
4 bytes
Computer Science and Engineering
Round Constant Table
Round
1
2
3
4
5
6
7
8
9
Final
Round Constant (hex)
01 00 00 00
02 00 00 00
04 00 00 00
08 00 00 00
10 00 00 00
20 00 00 00
40 00 00 00
80 00 00 00
1b 00 00 00
36 00 00 00
Computer Science and Engineering
Group Exercise
k = 1f 34 0c da 5a 29 bb 71 6e a3 90 f1 47 d6 8b 12
Final 4 bytes = 47 d6 8b 12
After shift = d6 8b 12 47
Find the next sub key
Computer Science and Engineering