symmetric ciphers (week 3) Flashcards
what are the types of symmetric ciphers
block ciphers
stream ciphers
what are block ciphers
Block ciphers encrypt one block (64 or 128 bits) of plaintext after another
encryption starts after all the data is available
modern block ciphers are product ciphers that use both substitution and transposition methods
block ciphers are widely used to encrypt large amounts of data
what are stream ciphers
stream ciphers operate on the plaintext a single bit or byte at a time.
the encryption starts as the data becomes available
most effective in hardware implementation
one of the extensively used stream ciphers is RC4
how does stream cipher work ?
- The stream ciphers use pseudo-random keystream which is generated serially from a random seed value (Key) – such as millisecond of the current time
- The pseudo-random keystream is XORed with the plaintext in a similar fashion to the one-time pad cipher
- The original seed value serves as the cryptographic key to
regenerate the keystream to decrypt the ciphertext.
which cipher/algorithm modes are only available to the block ciphers
electronic codebook (ECB)
cipher block chaining (CBC)
which cipher/algorithm modes are only available to both the block ciphers and stream ciphers
Cipher feedback (CFB)
Output Feedback (OFB)
what happens in the electronic codebook mode ?
plaintext is divided into 64/128 bit blocks
each block is independently encrypted with the same key
if plain text blocks repeat so do the corresponding ciphertext blocks.
disadvantage of ecb
patterns in cipher text may not be well hidden. ecb exhibits weak diffusion
ECB was originally designed to encrypt messages that never span more than a single block, such as to encrypt keys to distribute for other operations
what happens in cipher block chaining mode (cbc) ?
encryption of each block is dependent not just on the key but also on the cipher text of the previous block. (except the first block)
an initialization vector(IV) is also introduced to make each unique by XORed with the first plaintext block
–> IV is a 64 bit block of random bits also called nonce
–> IV is never reused under the same key
–> distinct IV produces distinct ciphertexts even if the same message is encrypted many times
–> IV does not need to be a secret
what is the disadvantage of CBC
–> encryption in CBC cannot be parallelised and is slower than ECB encryption (since it is a sequential process so it needs to wait for the encryption/decryption of the previous block to happen first)
–> decryption process can be mostly parallel
–> due to chaining the errors can propagate to the subsequent block
what is Cipher Feedback Mode (CFB)
–> used for both block and stream ciphers
–> cipher text bits of the current block is fed to the next stage of encryption
disadvantage of Cipher Feedback Mode (CFB)
–> any error in a block can propogate to the subsequent block
–> encryption cannot be parallelised but decryption can as each block needs to wait for the ciphertext from the previous block to encrypt.
what is output feedback mode (OFB)
–> used for both block and stream ciphers
–> only output bits are fed to the next stage of encryption
–> OFB does not use the previous blocks of plaintext/ciphertext, so error in one block does not carry over.
differences between block and stream cipher
–> The modes used in block cipher are ECB
(Electronic Code Book) and CBC (Cipher Block
Chaining)
–> The algorithm modes used in stream cipher are
CFB (Cipher Feedback) and OFB (Output
Feedback).
–> block cipher Uses confusion as well as diffusion. Works on
transposition techniques like rail-fence,
columnar transposition, and etc.
–> stream cipher Uses only confusion. Works on substitution
techniques like Caesar cipher, etc
–> block cipher Converts the plain text by taking a block at a
time. The usual size of the block could be 64 or
128-bit.
–> stream cipher converts the text by taking one byte of the plaintext at a time
–> block cipher is Simple but slow as compared to a Stream
cipher
–> stream cipher is Fast but more complex in comparison to block
–> block cipher eg DES, 3DES, AES, IDEA, Blowfish, RC5
–> stream cipher eg TLS suites, RC4 for wireless networks, A5 for cellular networks, etc.
cipher
DES was originally called ?
lucifer
what is data encryption standard (des)
DES is a symmetric block cipher; it encrypts data in 64-bit blocks
A 64-bit block of plaintext goes in one end of the algorithm, and a 64-bit block of ciphertext comes out the other end.
The cipher uses only standard arithmetic and logical operations on numbers of 64-bit blocks
DES key length is 56 bits (64 bits - 8 bits which are used for error checking)
DES is a product cipher: confusion + diffusion.
–> 16 rounds of substitution followed by a permutation that is based on the key.
All security rests with the key. The cipher is in the public domain
how does padding in DES work ?
–> If the message does not end on a block boundary, add one bit, followed by enough zero bits to fill out the block.
–> If the message ends on a block boundary, a whole padding block will be added.
–> Padding bits are removed during the decryption process.
what are the DES steps
\Initial Permutation (IP): The plaintext is permuted according to a fixed permutation table.
16 rounds of the Feistel function: The plaintext is split into two halves, LPT and RPT. Each half is transformed using a specific function and the key schedule.
Final Permutation (FP): The transformed plaintext is permuted again according to a fixed permutation table.
4.The output is the ciphertext.
what is double DES
Perform DES twice with two different keys. It is not widely used
what is triple DES
Triple DES or 3DES is a symmetric-key encryption algorithm that uses a key bundle comprising three DES keys, K1, K2, and K3.
In the Three-key 3DES version, three unique keys are used, while in the two-key version, K1=K3 is used, making it less secure.
drawbacks of using many keys in an encryption system
Key Management: Managing multiple keys can be difficult, as it requires more effort to generate, distribute, and securely store the keys.
Complexity: The encryption process can become more complex when multiple keys are used, as it requires more steps and calculations to encrypt and decrypt the data.
Performance: The use of multiple keys can also affect the performance of the encryption system, as it may require more resources and processing power to handle the increased complexity.
Key Exchange: The key exchange protocol might be more complex if many keys are used, and it might not be as efficient as the key exchange with fewer keys.
true or false
Brute force attack is feasible as DES 56 bits key lengths is too short
true
original name of aes
Rijndael
what is AES
AES is a symmetric block cipher.
It encrypts data in 128 bit blocks.
AES key length can be either 128 (most use), 192 or 256 bits.
AES is a product cipher: confusion + diffusion
All security rests with the key. The cipher is in the public domain
