Computer Security:

Ciphers

Practice #2
2
 Block ciphers

Each cipher algorithm has fixed length for input.

If the message M is longer than the input of the algorithm
we divide it to blocks with the fixed length of the cipher
algorithm.
The block that shorter than the fixed length of the input is
padded.
Examples: DES, AES
3
 Modes of Operation

How do we use the cipher? For each mode we will check:

Does the situation where Mi=Mj iff Ci=Cj exists?
Which block have to be re-encrypted because of
change in Mi?
Which blocks we wont be able to decrypt because of
error in Ci?
How fast is the mode?
4
Electronic codebook (ECB)

5
 Electronic codebook (ECB)

Every block encrypted independently.

Mi=Mj iff Ci=Cj
Change in Mi: encryption of Ci again.
Error in Ci: error in decryption of Ci only
The time for encryption of one block
6
 ECB - Disadvantage

Disadvantage: identical plain text block encrypted in the

same way:

7
Cipher-block chaining (CBC)

8
 Cipher-block chaining (CBC)

Mi=Mj iff Ci=Cj does not happens.

Change in Mi: Change in all blocks MiMn
Error in Ci: error in decryption of Ci, Ci+1

9
 CBC - Disadvantages

Can not be parallelized

Change in one bit in the plain text causes a change the
entire encryption
One bit change to the cipher text causes complete
corruption of the corresponding block of plaintext and
the one after

10
Output feedback (OFB)

11
 Output feedback (OFB)

We produce key stream (V1..Vn) and each block Mi

encrypted with Vi.
Mi=Mj iff Ci=Cj not happens
Change in Mi: change in Ci only
Error in Ci: error in decryption of Ci.

12
 Output feedback (OFB)

Very fast the time to do the xor operation. We can

produce the key stream ahead.

Synchronous Stream Cipher (plaintext bits are combined

with a pseudorandom cipher bit stream)

13
Cipher feedback (CFB)

14
 Cipher feedback (CFB)

The same as OFB, but now the key stream depends also
on the previous Ci.
Mi=Mj iff Ci=Cj not happens
Change in Mi: Change of the encryption from Mi to Mn.
Error in Ci: Error in decryption in Ci and Ci+1
Fast decryption if the blocks arrive with some delay.
15
 Cipher feedback (CFB)

Used when the data arrived in stream.

The data divided to small blocks:2,4,8 bits.
Block Ci depends on:
Mi
K
i
M1Mi-1, C1Ci-1
16
 Stream Vs. Block Ciphers

Stream:
Can be used in hardware
Faster
Used in satellite and cellular systems
Block:
Safer
Widely used in all kind of systems

17
 Attacking Symmetric Encryption:
Brute-force

Brute-force attack (Exhaustive Search)

Try all possible keys on some cipher text until get an
intelligible translation into plaintext
An algorithm that finds a solution by trying every
possibility.
In security, we will try to find the encryption key for a
couple of plain text and cipher text.

18
 Attacking Symmetric Encryption:
Cryptanalysis

Rely on nature of the algorithm

Plus some knowledge of plaintext characteristics
Even some sample plain text cipher text pairs
Exploits characteristics of the algorithm to deduce
specific plaintext or key

19
 Types of Attacks on Ciphers

Cipher text only attack

The attacker has only a set of {C}. His goal is to achieve
the corresponding set of {M}. E.g., frequency attack.
Known plain text attack
The attacker has pairs of {(M,C)}. His goal is to achieve
the encryption key K or the ability to encrypt messages
he doesnt know. E.g., in WWII The Bletchley Park team
would guess some of the plaintext based upon when the
message was sent (according to the weather) .
20
 Types of Attacks on Ciphers cont.

Chosen plain text attack

The attacker chooses a set of {M} so the attacked party
will encrypt the set of messages ({C}). His goal is to find
the encryption key for the set of chosen messages.
Important in algorithms that use public key.
Adaptive chosen plain text attack
The same as the chosen plaintext attack, but the attacker
will do it several times.
21