Chapter 3 Symmetric key crypto
Problems solved for chapter 3: 3,4,5,7,9,10,11,12,16,30,33
Stream Ciphers: A5/1 GSM cell phones, RC4 SSL. LIKE A ONE-TIME PAD, used in wireless communication due to a single bit error will only cause a single plaintext bit to be garbled.
|Takes a key of n bits in length and
stretches it into a long keystream. The keystream is then XORed with
the plaintext P to produce ciphertext C.
An IV chosen at random is less secure than an IV selected in sequence.
To decrypt with a stream cipher, the same keystream is generated and XORed with the ciphertext.
|Block Ciphers: Concern:
cut-and-paste attack and single bit errors causing two blocks to be garbled.
All are invertible, the whole algorithm is invertible, consequently AES can decrypt as well as encrypt.
Confusion: Obscure the relationship between plaintext and ciphertext.
Diffusion: Spread the plaintext statisticts through the ciphertext.
Is a general cipher design principle, not a specific cipher. The plaintext is split into two halves.
Li = Ri-1
Ri = Li-1 XOR F(Ri-1, Ki)
F is the round function
A Feistel cipher you can decrypt regardless of the round function.
Tiny Encryption Algorithm
Uses a 64 bit block length and a 128-bit key. All matematical operations use 232, arcitecture with 32-bit words.
|A block cipher splits the plaintext into
fixed blocks and generates fixed sized blocks of ciphertext.
The ciphertext is obtained from the plaintext by iterating a function F over some number of rounds.
F is known as the round function because it depends on the output of the previous round and the key K.
For a fixed key K a block cipher is a codebook, since it creates a fixed mapping between plaintext and ciphertext.
How should multiple blocks be encrypted? Or a partial block?
ECB (electronic code book) The blocks are changed, but the blocks are at the same place. For a fixed key K, a block cipher is a codebook.
Security problems: There are cases where an attacker would know part of the text and then it would be easy to find the key since you see the cipher text with the plaintext.
CBC (cipher block chaining)
CTR (counter) Block cipher into a stream cipher .
|MAC (message authentication code) uses block
cipher to ensure data integrity. It encrypts data in CBC mode,
discards all ciphertext blocks except the final block, which is the MAC.
Plaintext and MAC is sent together.
The encryption and the decryption key must be different, but they can be related in a known way.