Chapter 2. Symmetric Encryption and Message Confidentiality
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Chapter 3 – Block Ciphers and the Data Encryption Standard
Chapter 3 –Block Ciphers and the Data Cryptography and Network Encryption Standard Security All the afternoon Mungo had been working on Stern's Chapter 3 code, principally with the aid of the latest messages which he had copied down at the Nevin Square drop. Stern was very confident. He must be well aware London Central knew about that drop. It was obvious Fifth Edition that they didn't care how often Mungo read their messages, so confident were they in the by William Stallings impenetrability of the code. —Talking to Strange Men, Ruth Rendell Lecture slides by Lawrie Brown Modern Block Ciphers Block vs Stream Ciphers now look at modern block ciphers • block ciphers process messages in blocks, each one of the most widely used types of of which is then en/decrypted cryptographic algorithms • like a substitution on very big characters provide secrecy /hii/authentication services – 64‐bits or more focus on DES (Data Encryption Standard) • stream ciphers process messages a bit or byte at a time when en/decrypting to illustrate block cipher design principles • many current ciphers are block ciphers – better analysed – broader range of applications Block vs Stream Ciphers Block Cipher Principles • most symmetric block ciphers are based on a Feistel Cipher Structure • needed since must be able to decrypt ciphertext to recover messages efficiently • bloc k cihiphers lklook like an extremely large substitution • would need table of 264 entries for a 64‐bit block • instead create from smaller building blocks • using idea of a product cipher 1 Claude -
Chapter 3 – Block Ciphers and the Data Encryption Standard
Symmetric Cryptography Chapter 6 Block vs Stream Ciphers • Block ciphers process messages into blocks, each of which is then en/decrypted – Like a substitution on very big characters • 64-bits or more • Stream ciphers process messages a bit or byte at a time when en/decrypting – Many current ciphers are block ciphers • Better analyzed. • Broader range of applications. Block vs Stream Ciphers Block Cipher Principles • Block ciphers look like an extremely large substitution • Would need table of 264 entries for a 64-bit block • Arbitrary reversible substitution cipher for a large block size is not practical – 64-bit general substitution block cipher, key size 264! • Most symmetric block ciphers are based on a Feistel Cipher Structure • Needed since must be able to decrypt ciphertext to recover messages efficiently Ideal Block Cipher Substitution-Permutation Ciphers • in 1949 Shannon introduced idea of substitution- permutation (S-P) networks – modern substitution-transposition product cipher • These form the basis of modern block ciphers • S-P networks are based on the two primitive cryptographic operations we have seen before: – substitution (S-box) – permutation (P-box) (transposition) • Provide confusion and diffusion of message Diffusion and Confusion • Introduced by Claude Shannon to thwart cryptanalysis based on statistical analysis – Assume the attacker has some knowledge of the statistical characteristics of the plaintext • Cipher needs to completely obscure statistical properties of original message • A one-time pad does this Diffusion -
State of the Art in Lightweight Symmetric Cryptography
State of the Art in Lightweight Symmetric Cryptography Alex Biryukov1 and Léo Perrin2 1 SnT, CSC, University of Luxembourg, [email protected] 2 SnT, University of Luxembourg, [email protected] Abstract. Lightweight cryptography has been one of the “hot topics” in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products. In this paper, we discuss the different implementation constraints that a “lightweight” algorithm is usually designed to satisfy. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (nist...) and international (iso/iec...) standards are listed. We then discuss some trends we identified in the design of lightweight algorithms, namely the designers’ preference for arx-based and bitsliced-S-Box-based designs and simple key schedules. Finally, we argue that lightweight cryptography is too large a field and that it should be split into two related but distinct areas: ultra-lightweight and IoT cryptography. The former deals only with the smallest of devices for which a lower security level may be justified by the very harsh design constraints. The latter corresponds to low-power embedded processors for which the Aes and modern hash function are costly but which have to provide a high level security due to their greater connectivity. Keywords: Lightweight cryptography · Ultra-Lightweight · IoT · Internet of Things · SoK · Survey · Standards · Industry 1 Introduction The Internet of Things (IoT) is one of the foremost buzzwords in computer science and information technology at the time of writing. -
The Impetus to Creativity in Technology
The Impetus to Creativity in Technology Alan G. Konheim Professor Emeritus Department of Computer Science University of California Santa Barbara, California 93106 [email protected] [email protected] Abstract: We describe the technical developments ensuing from two well-known publications in the 20th century containing significant and seminal results, a paper by Claude Shannon in 1948 and a patent by Horst Feistel in 1971. Near the beginning, Shannon’s paper sets the tone with the statement ``the fundamental problem of communication is that of reproducing at one point either exactly or approximately a message selected *sent+ at another point.‛ Shannon’s Coding Theorem established the relationship between the probability of error and rate measuring the transmission efficiency. Shannon proved the existence of codes achieving optimal performance, but it required forty-five years to exhibit an actual code achieving it. These Shannon optimal-efficient codes are responsible for a wide range of communication technology we enjoy today, from GPS, to the NASA rovers Spirit and Opportunity on Mars, and lastly to worldwide communication over the Internet. The US Patent #3798539A filed by the IBM Corporation in1971 described Horst Feistel’s Block Cipher Cryptographic System, a new paradigm for encryption systems. It was largely a departure from the current technology based on shift-register stream encryption for voice and the many of the electro-mechanical cipher machines introduced nearly fifty years before. Horst’s vision directed to its application to secure the privacy of computer files. Invented at a propitious moment in time and implemented by IBM in automated teller machines for the Lloyds Bank Cashpoint System. -
Chapter 2 the Data Encryption Standard (DES)
Chapter 2 The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmet- ric or secret key cryptography and asymmetric or public key cryptography. Symmet- ric key cryptography is the oldest type whereas asymmetric cryptography is only being used publicly since the late 1970’s1. Asymmetric cryptography was a major milestone in the search for a perfect encryption scheme. Secret key cryptography goes back to at least Egyptian times and is of concern here. It involves the use of only one key which is used for both encryption and decryption (hence the use of the term symmetric). Figure 2.1 depicts this idea. It is necessary for security purposes that the secret key never be revealed. Secret Key (K) Secret Key (K) ? ? - - - - Plaintext (P ) E{P,K} Ciphertext (C) D{C,K} Plaintext (P ) Figure 2.1: Secret key encryption. To accomplish encryption, most secret key algorithms use two main techniques known as substitution and permutation. Substitution is simply a mapping of one value to another whereas permutation is a reordering of the bit positions for each of the inputs. These techniques are used a number of times in iterations called rounds. Generally, the more rounds there are, the more secure the algorithm. A non-linearity is also introduced into the encryption so that decryption will be computationally infeasible2 without the secret key. This is achieved with the use of S-boxes which are basically non-linear substitution tables where either the output is smaller than the input or vice versa. 1It is claimed by some that government agencies knew about asymmetric cryptography before this. -
Privacy-Enhancing Technologies for the Internet
Privacy-enhancing technologies for the Internet Ian Goldberg David Wagner Eric Brewer University of California, Berkeley iang,daw,brewer ¡ @cs.berkeley.edu Abstract ing privacy issues on the Internet, and Section 3 provides some relevant background. We then discuss Internet pri- The increased use of the Internet for everyday activi- vacy technology chronologically, in three parts: Section 4 ties is bringing new threats to personal privacy. This pa- describes the technology of yesterday, Section 5 explains per gives an overview of existing and potential privacy- today’s technology, and Section 6 explores the technology enhancing technologies for the Internet, as well as moti- of tomorrow. Finally, we conclude in Section 7. vation and challenges for future work in this field. 2. Motivation 1. Introduction The threats to one’s privacy on the Internet are two-fold: your online actions could be (1) monitored by unauthorized Recently the Internet has seen tremendous growth, with parties and (2) logged and preserved for future access many the ranks of new users swelling at ever-increasing rates. years later. You might not realize that your personal infor- This expansion has catapulted it from the realm of academic mation has been monitored, logged, and subsequently dis- research towards new-found mainstream acceptance and in- closed; those who would compromise your privacy have no creased social relevance for the everyday individual. Yet incentive to warn you. this suddenly increased reliance on the Internet has the po- The threat of long-term storage and eventual disclosure tential to erode personal privacies we once took for granted. of personal information is especially acute on the Internet. -
Blockchain and The
NOTES ACKNOWLEDGMENTS INDEX Notes Introduction 1. The manifesto dates back to 1988. See Timothy May, “The Crypto Anarchist Manifesto” (1992), https:// www . activism . net / cypherpunk / crypto - anarchy . html. 2. Ibid. 3. Ibid. 4. Ibid. 5. Ibid. 6. Timothy May, “Crypto Anarchy and Virtual Communities” (1994), http:// groups . csail . mit . edu / mac / classes / 6 . 805 / articles / crypto / cypherpunks / may - virtual - comm . html. 7. Ibid. 8. For example, as we wi ll describe in more detail in Chapter 1, the Bitcoin blockchain is currently stored on over 6,000 computers in eighty- nine jurisdictions. See “Global Bitcoin Node Distribution,” Bitnodes, 21 . co, https:// bitnodes . 21 . co / . Another large blockchain- based network, Ethereum, has over 12,000 nodes, also scattered across the globe. See Ethernodes, https:// www . ethernodes . org / network / 1. 9. See note 8. 10. Some blockchains are not publicly accessible (for more on this, see Chapter 1). These blockchains are referred to as “private blockchains” and are not the focus of this book. 11. See Chapter 1. 12. The Eu ro pean Securities and Market Authority, “Discussion Paper: The Dis- tributed Ledger Technology Applied to Securities Markets,” ESMA / 2016 / 773, June 2, 2016: at 17, https:// www . esma . europa . eu / sites / default / files / library / 2016 - 773 _ dp _ dlt . pdf. 213 214 NOTES TO PAGES 5–13 13. The phenomena of order without law also has been described in other con- texts, most notably by Robert Ellickson in his seminal work Order without Law (Cambridge, MA: Harvard University Press, 1994). 14. Joel Reidenberg has used the term “lex informatica” to describe rules imple- mented by centralized operators online. -
Pdf-Fulltext (142
IRIE International Review of Information Ethics Vol. XY (MM/YYYY) Breilla Zanon: Transparency for institutions, privacy for individuals: the globalized citi- zen and power relations in a postmodern democracy Abstract: The aim of this article is to observe how technologies of communication, especially the Internet - allow extensive and intensive connections between several global territories and how they begin to influence the formation of demands and the organization and participation of individuals/citizens around local and global causes. For this, the below article uses Wikileaks and the cypherpunk philosophy to exemplify how information can be both used and abused in the common space of the internet, allowing new citizenship developments as well as government control strategies. Agenda: Introduction .................................................................................................................................. 56 An information paradox ................................................................................................................ 56 Wikileaks and the lesson of transparency ............................................................................................. 57 Free and controlled information: a philosophical reflection on the conduction of practices ....................... 58 Conclusion ..................................................................................................................................... 59 Author: Breilla Zanon: Federal University of Uberlândia, João Naves -
Feistel Cipher
Chapter 3 – Block Ciphers and the CryptographyCryptography andand Data Encryption Standard Network Security Network Security All the afternoon Mungo had been working on Stern's code, principally with the aid of the latest ChapterChapter 33 messages which he had copied down at the Nevin Square drop. Stern was very confident. He must be well aware London Central knew Fifth Edition about that drop. It was obvious that they didn't care how often Mungo read their messages, so by William Stallings confident were they in the impenetrability of the Lecture slides by Lawrie Brown code. —Talking to Strange Men, Ruth Rendell (with edits by RHB) Outline Modern Block Ciphers • will consider: • now look at modern block ciphers – Block vs stream ciphers • one of the most widely used types of – Feistel cipher design & structure cryptographic algorithms – DES • provide secrecy/authentication services • details • Initially look at Data Encryption Standard • strength (DES) to illustrate block cipher design – Differential & linear cryptanalysis issues – Block cipher design principles Block vs Stream Ciphers Block vs Stream Ciphers Block vs Stream Ciphers • block ciphers process messages in blocks, each of which is then en/decrypted • like a substitution on very big characters – 64 -bits or more (these days, 128 or more) • stream ciphers process messages a bit or byte at a time when en/de -crypting • many current ciphers are block ciphers – better analysed – broader range of applications Block Cipher Principles Ideal Block Cipher • many symmetric block ciphers -
The Mathematics of Bitcoin Cyril Grunspan, Ricardo Pérez-Marco
The mathematics of Bitcoin Cyril Grunspan, Ricardo Pérez-Marco To cite this version: Cyril Grunspan, Ricardo Pérez-Marco. The mathematics of Bitcoin. European Mathematical Society Newsletter, 2020. hal-02486029 HAL Id: hal-02486029 https://hal.archives-ouvertes.fr/hal-02486029 Submitted on 20 Feb 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Newsletter of the EMS – Manuscript Page 1 The mathematics of Bitcoin Cyril Grunspan (De Vinci Research Center, Paris, France) Ricardo Pérez-Marco (CNRS, IMJ-PRG, Sorbonne Université, Paris, France) 1 Introduction to Bitcoin. Bitcoin is a new decentralized payment network that started operating in January 2009. This new technology was created by a pseudonymous author, or group of authors, called Satoshi Nakamoto in an article that was publically released [1] in the cypherpunk mailing list. The cypherpunks are anarchists and cryptographers that who have been concerned with personal privacy in the Internet since the 90’s. This article follows on a general presentation of Bitcoin by the second author [2]. We refer to this previous article for general background. Here we focuss on mathematics being a feature of the security and effectiveness of Bitcoin protocol. -
Bitcoin Yongdae Kim
EE817/IS893 Blockchain and Cryptocurrency Bitcoin Yongdae Kim 1 Cypherpunk v 1970년대 암호는 군과 스파이 기관의 전유물 v 1980년 경부터 큰 변화 – Data Encryption Standard (DES) by NIST – “New DirectionS in Cryptography” by Diffie-Hellman – David Chaum: ecaSh, pSeudonym, reputation, … v 1992년: Gilmore 등이 작은 그룹을 만듬 – Cypherpunk: cipher + cyberpunk, Cypherpunk mailing liSt v A Cypherpunk’S ManifeSto "Privacy iS neceSSary for an open Society in the electronic age. Privacy iS not Secrecy. A private matter iS Something one doeSn't want the whole world to know, but a Secret matter iS something one doesn't want anybody to know. Privacy is the power to selectively reveal oneSelf to the world.” – “Privacy”는 잘못된 것을 숨기는게 아님! 커텐은 집안에 나쁜게 있어서? 주목할 만한 Cypherpunk들 v Jacob Appelbaum: Tor v Paul Kocher: SSL 3.0 v Julian Assange: WikiLeaks v Moxie Marlinspike: Signal v Adam Back: Hashcash v Zooko Wilcox-O'Hearn: v Bram Cohen: BitTorrent DigiCash, Zcash v Hal Finney: PGP 2.0, v Philip Zimmermann: PGP 1.0 Reusable PoW v Matt Blaze: Clipper chip, v Tim Hudson: SSLeay, the crypto export control precursor to OpenSSL 3 Cypherpunk와 블록체인 v David Chaum (1980s) – "Security without Identification: Transaction Systems to Make Big Brother Obsolete” – Anonymous Digital Cash, Pseudonymous Reputation System v Adam Back (1997) – Hash cash: Anti-spam mechanism requiring cost to send email v Wei Dai (1998) – B-money: Enforcing contractual agreement between two anons – 1. Every participant maintain separate DB: Bitcoin – 2. deposit some money as potential fines or rewards: PoS v Hal Finney (2004) – Reusable PoW: Double spending detection was centralized v Nick Szabo (2005) – “Bit Gold”: Values based on amount of computational work – Concept of “Smart Contract” 4 What is Bitcoin? v Satoshi Nakamoto, who published the invention in 2008 and released it as open-source software in 2009. -
A Broad Evaluation of the Tor English Content Ecosystem
A Broad Evaluation of the Tor English Content Ecosystem Mahdieh Zabihimayvan Reza Sadeghi Department of Computer Science and Engineering Department of Computer Science and Engineering Kno.e.sis Research Center, Wright State University Kno.e.sis Research Center, Wright State University Dayton, OH, USA Dayton, OH, USA [email protected] [email protected] Derek Doran Mehdi Allahyari Department of Computer Science and Engineering Department of Computer Science Kno.e.sis Research Center, Wright State University Georgia Southern University Dayton, OH, USA Statesboro, GA, USA [email protected] [email protected] ABSTRACT It is an open question whether the fundamental and oen nec- Tor is among most well-known dark net in the world. It has noble essary protections that Tor provides its users is worth its cost: the uses, including as a platform for free speech and information dis- same features that protect the privacy of virtuous users also make semination under the guise of true anonymity, but may be culturally Tor an eective means to carry out illegal activities and to evade law beer known as a conduit for criminal activity and as a platform enforcement. Various positions on this question have been docu- to market illicit goods and data. Past studies on the content of mented [16, 22, 30], but empirical evidence is limited to studies that Tor support this notion, but were carried out by targeting popular have crawled, extracted, and analyzed specic subsets of Tor based domains likely to contain illicit content. A survey of past studies on the type of hosted information, such as drug tracking [12], may thus not yield a complete evaluation of the content and use of homemade explosives [20], terrorist activities [7], or forums [39].