X

Download Block Cipher Modes PowerPoint Presentation

SlidesFinder-Advertising-Design.jpg

Login   OR  Register
X


Iframe embed code :



Presentation url :

Home / Computers & Web / Computers & Web Presentations / Block Cipher Modes PowerPoint Presentation

Block Cipher Modes PowerPoint Presentation

Ppt Presentation Embed Code   Zoom Ppt Presentation

PowerPoint is the world's most popular presentation software which can let you create professional Block Cipher Modes powerpoint presentation easily and in no time. This helps you give your presentation on Block Cipher Modes in a conference, a school lecture, a business proposal, in a webinar and business and professional representations.

The uploader spent his/her valuable time to create this Block Cipher Modes powerpoint presentation slides, to share his/her useful content with the world. This ppt presentation uploaded by editabletemplates in Computers & Web ppt presentation category is available for free download,and can be used according to your industries like finance, marketing, education, health and many more.

About This Presentation

Block Cipher Modes Presentation Transcript

Slide 1 - Block Cipher Modes Part 1  Cryptography 1
Slide 2 - Multiple Blocks How to encrypt multiple blocks? A new key for each block? As bad as (or worse than) a one-time pad! Encrypt each block independently? Make encryption depend on previous block(s), i.e., “chain” the blocks together? How to handle partial blocks? Part 1  Cryptography 2
Slide 3 - Modes of Operation Many modes of operation --- we discuss three Electronic Codebook (ECB) mode Obvious thing to do Encrypt each block independently There is a serious weakness Cipher Block Chaining (CBC) mode Chain the blocks together More secure than ECB, virtually no extra work Counter Mode (CTR) mode Acts like a stream cipher Popular for random access Part 1  Cryptography 3
Slide 4 - ECB Mode Notation: C=E(P,K) Given plaintext P0,P1,…,Pm,… Obvious way to use a block cipher is Encrypt Decrypt C0=E(P0,K), P0=D(C0,K), C1=E(P1,K), P1=D(C1,K), C2=E(P2,K),… P2=D(C2,K),… For a fixed key K, this is an electronic version of a codebook cipher A new codebook for each key Part 1  Cryptography 4
Slide 5 - ECB Weaknesses Suppose Pi=Pj Then Ci=Cj and attacker knows Pi=Pj This gives attacker some information, even if he does not know Pi or Pj Attacker might know Pi A “cut and paste” attack is also possible Part 1  Cryptography 5
Slide 6 - Alice Hates ECB Mode Alice’s uncompressed image, Alice ECB encrypted (TEA) Part 1  Cryptography 6 Why does this happen? Same plaintext block  same ciphertext!
Slide 7 - ECB Cut and Paste Attack Suppose plaintext is Alice digs Bob. Trudy digs Tom. Then (64-bit blocks and 8-bit ASCII) P0=“Alice di”, P1=“gs Bob. ”, P2=“Trudy di”, P3=“gs Tom. ” Ciphertext: C0,C1,C2,C3 Attacker cuts and pastes: C0,C3,C2,C1 Decrypts as Alice digs Tom. Trudy digs Bob. Part 1  Cryptography 7
Slide 8 - CBC Mode Blocks are “chained” together A random initialization vector (IV) is required to initialize CBC mode IV is random, but need not be secret Encryption Decryption C0 = E(IVP0,K), P0 = IVD(C0,K), C1 = E(C0P1,K), P1 = C0D(C1,K), C2 = E(C1P2,K),… P2 = C1D(C2,K),… Part 1  Cryptography 8
Slide 9 - CBC Mode Identical plaintext blocks yield different ciphertext blocks Cut and paste is still possible, but more complex (and will cause garbles) If C1 is garbled to, say, G then P1  C0D(G,K), P2  GD(C2,K) But, P3 = C2D(C3,K), P4 = C3D(C4,K), … Automatically recovers from errors! Part 1  Cryptography 9
Slide 10 - Alice Likes CBC Mode Alice’s uncompressed image, Alice CBC encrypted (TEA) Part 1  Cryptography 10 Why does this happen? Same plaintext yields different ciphertext!
Slide 11 - CTR (Counter) Mode CTR is popular for random access Use block cipher like stream cipher Encryption Decryption C0=P0E(IV,K), P0=C0E(IV,K), C1=P1E(IV+1,K), P1=C1E(IV+1,K), C2=P2E(IV+2,K),… P2=C2E(IV+2,K),… CBC can also be used for random access!!! Part 1  Cryptography 11
Slide 12 - Integrity Part 1  Cryptography 12
Slide 13 - Data Integrity Integrity --- prevent (or at least detect) unauthorized modification of data Example: Inter-bank fund transfers Confidentiality is nice, but integrity is critical Encryption provides confidentiality (prevents unauthorized disclosure) Encryption alone does not assure integrity (recall one-time pad and attack on ECB) Part 1  Cryptography 13
Slide 14 - MAC Message Authentication Code (MAC) Used for data integrity Integrity not the same as confidentiality MAC is computed as CBC residue Compute CBC encryption, but only save the final ciphertext block Part 1  Cryptography 14
Slide 15 - MAC Computation MAC computation (assuming N blocks) C0 = E(IVP0,K), C1 = E(C0P1,K), C2 = E(C1P2,K),… CN-1 = E(CN-2PN-1,K) = MAC MAC sent along with plaintext Receiver does same computation and verifies that result agrees with MAC Receiver must also know the key K Part 1  Cryptography 15
Slide 16 - Why does a MAC work? Suppose Alice has 4 plaintext blocks Alice computes C0 = E(IVP0,K), C1 = E(C0P1,K), C2 = E(C1P2,K), C3 = E(C2P3,K) = MAC Alice sends IV,P0,P1,P2,P3 and MAC to Bob Suppose Trudy changes P1 to X Bob computes C0 = E(IVP0,K), C1 = E(C0X,K), C2 = E(C1P2,K), C3 = E(C2P3,K) = MAC  MAC Error propagates into MAC (unlike CBC encryption) Trudy can’t change MAC to MAC without key Part 1  Cryptography 16
Slide 17 - Confidentiality and Integrity Encrypt with one key, compute MAC with another Why not use the same key? Send last encrypted block (MAC) twice? Can’t add any security! Using different keys to encrypt and compute MAC works, even if keys are related But still twice as much work as encryption alone Confidentiality and integrity with one “encryption” is a research topic Part 1  Cryptography 17
Slide 18 - Uses for Symmetric Crypto Confidentiality Transmitting data over insecure channel Secure storage on insecure media Integrity (MAC) Authentication protocols (later…) Anything you can do with a hash function (upcoming chapter…) Part 1  Cryptography 18