NS Unit 3

Chapter 3
Symmetric and Asymmetric key for

Ciphers
CO3:-Illustrate various Symmetric and Asymmetric

keys for Ciphers.
Chapter 3 – Symmetric and
Asymmetric key for Ciphers
All the afternoon Mungo had been working on
Stern's code, principally with the aid of the latest
messages which he had copied down at the
Nevin Square drop. Stern was very confident. He
must be well aware London Central knew about
that drop. It was obvious that they didn't care
how often Mungo read their messages, so
confident were they in the impenetrability of the
code.
—Talking to Strange Men, Ruth Rendell
Unit 3 – Content
Block Cipher principles & Algorithms (DES,
AES, Blowfish),
Differential and Linear Crypt analysis,
Block cipher modes of operation,
Stream ciphers, RC4,
Location and placement of encryption
function,
Key distribution, Asymmetric key Ciphers,
Principles of public key crypto systems,
Algorithms (RSA, Diffie-Hellman, ECC), Key
Distribution.
Algorithm types
An algorithm type defines what size of
plain text should be encrypted in each step
of the algorithm.
Stream Ciphers
In Stream Ciphers , the plain text is encrypted
one byte at a time.
Stream Cipher technique involves the encryption

of one plain text byte at a time. The decryption
Block Ciphers
In Block Ciphers , rather than encrypting one byte at
a time, a block of bytes is encrypted at one go.
Suppose we have a plain text FOUR_AND_FOUR
that needs to be encrypted.
Using block cipher, FOUR could be encrypted first,
followed by _AND_ and finally FOUR.
Block Cipher technique involves encryption of one
block of text at a time.
Decryption also takes one block of encrypted text at
a time.
Block Ciphers
Algorithm modes
An algorithm mode is a combination of a
series of the basic algorithm steps on block
cipher and some kind of feedback from the
previous step.
There are four important algorithm modes,
Electronic Code Book(ECB),
Cipher Block Chaining (CBC),
Cipher Feedback (CFB)
Output Feedback (OFB).
Algorithm modes
Electronic Code Book (ECB) Mode
Electronic Code Book (ECB) is the
simplest mode of operation. Here, the
incoming plain text message is divided into
blocks of 64 bits each.
Each such block is then encrypted
independently of the other blocks. For all
blocks in a message, the same key is used
for encryption.
At the receiver’s end, the incoming data
is divided into 64-bit blocks and by using
the same key as was used for encryption,
each block is decrypted to produce the
corresponding plain text block.
Cipher Block Chaining Mode
The Cipher Block Chaining (CBC) mode
ensures that even if a block of plain text
repeats in the input, these two (or more)
identical plain text blocks yield totally
different cipher text blocks in the output.
For this, a feedback mechanism is used
Chaining adds a feedback mechanism to a block
cipher. In Cipher Block Chaining (CBC), the results
of the encryption of the previous block are fed back
into the encryption of the current block.
That is, each block is used to modify the encryption
of the next block. Thus, each block of cipher text is
dependent on the corresponding current input plain
text block, as well as all the previous plain text
blocks.
Modern Block Ciphers
now look at modern block ciphers
one of the most widely used types of
cryptographic algorithms
provide secrecy /authentication services
focus on DES (Data Encryption Standard)
to illustrate block cipher design principles
Block vs Stream Ciphers
block ciphers process messages in blocks,
each of which is then en/decrypted
like a substitution on very big characters
● 64-bits or more
stream ciphers process messages a bit or
byte at a time when en/decrypting
many current ciphers are block ciphers
broader range of applications
Block Cipher Principles
most symmetric block ciphers are based on a
Feistel Cipher Structure
Needed to decrypt cipher text to recover
messages efficiently
block ciphers look like an extremely large
substitution
would need table of 264 entries for a 64-bit
block
instead create from smaller building blocks
using idea of a product cipher
Claude Shannon and
Substitution-Permutation Ciphers
Claude Shannon introduced idea of
substitution-permutation (S-P) networks in 1949
paper
form basis of modern block ciphers
S-P nets are based on the two primitive
cryptographic operations seen before:
● substitution (S-box)
● permutation (P-box)
provide confusion & diffusion of message & key
This approach is to develop a block cipher with
a key length of k bits and a block length of n
bits, allowing a total of 2k possible
transformations, rather than the 2n!
transformations available with the
ideal block cipher.
Feistel proposed the use of a cipher that
alternates substitutions and permutations.
This is a practical application of a proposal by
Claude Shannon to develop a product cipher
The Feistel cipher structure, which, in turn, is based
on Shannon's proposal of 1945, is the structure used
by many significant symmetric block ciphers
currently in use.
partitions input block into two halves
● process through multiple rounds which
● perform a substitution on left data half
● based on round function of right half & subkey
● then have permutation swapping halves
implements Shannon’s S-P net concept

Confusion and Diffusion
cipher needs to completely obscure
statistical properties of original message
a one-time pad does this
more practically Shannon suggested
combining S & P elements to obtain
diffusion – dissipates statistical structure
of plaintext over bulk of ciphertext
confusion – makes relationship between
ciphertext and key as complex as possible
Feistel Cipher Design Elements
block size
key size
number of rounds
Sub key generation algorithm
round function
fast software en/decryption
ease of analysis
• block size - increasing size improves security, but
slows cipher
• key size - increasing size improves security, makes
exhaustive key searching harder, but may slow
cipher
• number of rounds - increasing number improves
security, but slows cipher
• Sub key generation algorithm - greater complexity
can make analysis harder, but slows cipher
• round function - greater complexity can make
analysis harder, but slows cipher
• fast software en/decryption - more recent concern
for practical use
• ease of analysis - for easier validation & testing of
strength
Data Encryption Standard (DES)
most widely used Symmetric key block

cipher in world
DES is a block cipher.
adopted in 1977 by National Bureau of
standards, (NBS) (now (NIST) National
Institute of Standards and technology )
encrypts 64-bit data using 56-bit key
has widespread use
Data Encryption Standard
(DES)
Block Size – 64 bit plain text
No of rounds – 16 rounds
Key sixe- 64 bit
No of sub keys- 16 sub keys
Sub key Size- 48 bit sub key
Cipher Text – 64 bit cipher text
Data Encryption Standard
(DES)
DES Encryption Block Diagram
DES Encryption
The DES encryption takes as input 64-bits of
data and of key.
The left side shows the basic process for
enciphering a 64-bit data block which
consists of:
- an initial permutation (IP) which shuffles
the 64-bit input block
- 16 rounds of a complex key dependent
round function involving substitutions &
permutations
DES Encryption
- a final permutation, being the inverse of
IP
The right side shows the handling of the
56-bit key and consists of:
- an initial permutation of the key (PC1)
which selects 56-bits out of the 64-bits
input, in two 28-bit halves
- 16 stages to generate the 48-bit sub keys
using a left circular shift and a permutation
of the two 28-bit halves
DES Encryption
Details of Single Round
Key Discarding Process
DES uses a 56-bit key
The initial key consists of 64 bits.
Every eighth bit of the key is discarded to
produce a 56-bit key.
Bit positions 8, 16, 24, 32, 40, 48, 56 and 64
are discarded.
Discarding of every 8th bit of the key
produces a 56-bit key from the original 64-bit
key.
Steps In DES
Steps In DES
1.Initial Permutation (IP) function.
2. The Initial Permutation is performed on plain text.
3. The Initial Permutation (IP) produces two halves
of the permuted block, say Left Plain Text (LPT)
and Right Plain Text (RPT).
4. Each of LPT and RPT go through 16 rounds of
encryption process.
5. At Last LPT and RPT are rejoined and Final
Permutation (FP) is performed on the combined
block.
6. The result of this process produces 64-bit cipher
text.
Initial Permutation (IP)
Initial Permutation (IP) happens only once and
it happens before the first round.
It suggests how the transposition in IP should
proceed IP replaces the 1st bit of the original
th
plain text block with the 58 bit of the original
plain text block, the second bit with the 50th
bit of the original plain text block and so on.
This is nothing but rearranging of bit
positions of the original plain text block.
After IP is done, the resulting 64-bit permuted text block is

divided into two half blocks.
Each half block consists of 32 bits. We have called the left
block as LPT and the right block as RPT.
Rounds
Each of the 16 rounds, in turn, consists of the broad
level steps outlined in Fig. below.
Key transformation
Initial 64-bit key is transformed into a 56-bit key by
discarding every 8th bit of the initial key. For each
round, a 56-bit key is available.
From 56-bit key, a different 48-bit sub-key is
generated during each round using a process called
as key transformation.
The 56-bit key is divided into two halves, each of 28
bits. These halves are circularly shifted left by one
or two positions, depending on the round.
For example, if the round number is 1, 2, 9 or 16, the
shift is done by only position. For other rounds, the
circular shift is done by two positions.
Key transformation
The number of key bits shifted per round is
shown in Fig. below.
Expansion permutation
During this, RPT is expanded from 32 bits to
48 bits. increasing the bit size from 32 to 48,
the bits are permuted as well, hence the name
expansion permutation.
32-bit RPT is divided into 8 blocks, with each
block consisting of 4 bits.
Each 4-bit block of the previous step is then
expanded to a corresponding 6-bit block. per
4-bit block, 2 more bits are added.
They are actually the repeated first and the
fourth bits of the 4-bit block.
The second and the third bits are written down
as they were in the input. Note that the first bit
inputted is outputted to the second output
position and also repeats in output position 48.
Similarly, the 32nd input bit is found in the
47th output position as well as in the first
output position.
1 4th bit of previous block
1 2
2 3
3 4
4 5
6 1st bit of next block
S-box substitution
This process accepts 48-bit input from XOR
operation involving compressed key and expanded
RPT and produces a 32-bit output using substitution
technique.
The substitution is performed by eight substitution
boxes (also called as S-boxes).
Each S-boxes has a 6-bit input and a 4-bit output.
The 48-bit input block is divided into 8 sub-blocks
(each containing 6 bits) and each such sub-block is
given to an S-box.
The S-box transforms the 6-bit input into a 4-bit
output.
S-box substitution
S-box substitution
The 6-bit input indicates row and column number
Let us assume six bits of a S-box are indicated by b1, b2,
b3, b4, b5 and b6. Bits b1 and b6 are combined to form a
two-bit number.
Two bits can store any decimal number between 0 (binary
00) and 3 (binary 11). This specifies the row number.
The remaining four bits b2, b3, b4, b5 make up a four-bit
number, which specifies the column number between
decimal 0 (binary 0000) and 15 (binary 1111).
Thus, 6-bit input automatically selects the row number and
column number for the selection of the output.
S-box substitution
S-box substitution
Suppose the bits 5 to 8 of the 48-bit input (i.e.
the input to the second S-box) contain a value
101101 in binary.
we have (b1, b6) = 11 in binary (i.e. 3 in
decimal) and (b2, b3, b4, b5) = 0110 in binary
(i.e. 6 in decimal).
Thus, the output of S-box 1 at the intersection
of row number 3 and column number 6 will be
selected, which is 4.).
S-box substitution
S BOX S1
P-box permutation
The output of S-box consists of 32 bits. These
32 bits are permuted using a P-box.
This involves simple permutation (replacement
of each bit with another bit, without any
expansion or compression).
This is called as P-box Permutation .
For example, a 16 in the first block indicates
that bit at position 16 of the original input moves
to bit at position 1 in the output and 10 in the
block number 16 indicates that the bit at the
position 10 of the original input moves to bit at
position 16 in the output.
XOR and Swap
performing all these operations only on the 32-bit
right half portion of the 64-bit original plain text (i.e.
on the RPT).
The left half portion (i.e. LPT) was untouched so far.
At this state, left half portion of the initial 64-bit
plain text block is XORed with the output produced
by P-box permutation.
The result of this XOR operation becomes the
new right half (i.e. RPT).
The old right half (i.e. RPT) becomes the new left
half, in a process of swapping.
Final Permutation
At the end of the 16 rounds, the Final
Permutation is performed (only once).
This is a simple transposition, For instance,
the 40th input bit takes the position of the
1st output bit and so on.
The output of the Final Permutation is the
64-bit encrypted block.
Strength of DES – Analytic
Attacks
now have several analytic attacks on DES
these utilise some deep structure of the cipher
● by gathering information about encryptions
● can eventually recover some/all of the sub-key bits
● if necessary then exhaustively search for the rest
generally these are statistical attacks

include
● differential cryptanalysis
● linear cryptanalysis
● related key attacks

Strength of DES – Timing
Attacks
attacks actual implementation of cipher
use knowledge of consequences of
implementation to derive information
about some/all subkey bits
specifically use fact that calculations can
take varying times depending on the
value of the inputs to it
particularly problematic on smartcards
Differential Cryptanalysis
one of the most significant recent (public)
advances in cryptanalysis
known by NSA in 70's cf DES design
Murphy, Biham & Shamir published in
90’s
powerful method to analyse block ciphers
used to analyse most current block
ciphers with varying degrees of success
DES reasonably resistant to it, cf Lucifer
a statistical attack against Feistel ciphers
uses cipher structure not previously used
design of S-P networks has output of function f
influenced by both input & key
hence cannot trace values back through cipher
without knowing value of the key
differential cryptanalysis compares two related
pairs of encryptions
Compares Pairs of Encryptions
with a known difference in the input
searching for a known difference in output
when same subkeys are used
have some input difference giving some
output difference with probability p
if find instances of some higher
probability input / output difference pairs
occurring
can infer subkey that was used in round
then must iterate process over many
rounds (with decreasing probabilities)
perform attack by repeatedly encrypting plaintext pairs with
known input XOR until obtain desired output XOR
when found
● if intermediate rounds match required XOR have a right
pair
● if not then have a wrong pair, relative ratio is S/N for
attack
can then deduce keys values for the rounds
● right pairs suggest same key bits
● wrong pairs give random values
for large numbers of rounds, probability is so low that more

pairs are required than exist with 64-bit inputs
Biham and Shamir have shown how a 13-round iterated
characteristic can break the full 16-round DES
Linear Cryptanalysis
another recent development
also a statistical method
must be iterated over rounds, with
decreasing probabilities
developed by Matsui et al in early 90's
based on finding linear approximations
can attack DES with 243 known
plaintexts, easier but still in practise
infeasible
Linear Cryptanalysis
find linear approximations with prob p != ½
P[i1,i2,...,ia] ⊕ C[j1,j2,...,jb] = K[k1,k2,...,kc]
where ia,jb,kc are bit locations in P,C,K
gives linear equation for key bits
get one key bit using max likelihood alg
using a large number of trial encryptions
effectiveness given by: |p–1/2|
Advanced Encryption Standard
The Advanced Encryption Standard
(AES) was published by the National
Institute of Standards and Technology
(NIST) in 2001
AES is a symmetric block cipher
intended to replace DES for commercial
applications. It uses a 128-bit block size
and a key size of 128, 192, or 256 bits.
AES Requirements
private key symmetric block cipher
128-bit data, 128/192/256-bit keys
stronger & faster than Triple-DES
active life of 20-30 years (+ archival use)
provide full specification & design details
both C & Java implementations
NIST have released all submissions &
unclassified analyses
AES Evaluation Criteria
initial criteria:
security – effort for practical cryptanalysis
cost – in terms of computational efficiency
algorithm & implementation characteristics
final criteria
general security
ease of software & hardware
implementation
implementation attacks
flexibility (in en/decrypt, keying, other
factors)
The AES Cipher - Rijndael
designed by Rijmen-Daemen in Belgium
has 128/192/256 bit keys, 128 bit data
an iterative rather than feistel cipher
▪ processes data as block of 4 columns of 4
bytes
▪ operates on entire data block in every round
designed to be:
▪ resistant against known attacks
▪ speed and code compactness on many CPUs
▪ design simplicity
AES does not use a Feistel structure.
Each full round consists of four separate
functions:
byte substitution
Shift Rows
Mix Columns
XOR with a key.
Block Size -128 bit plain text
No. of Rounds-10 Rounds
Key size-128 bit (4 words/16 bytes)
No of sub keys-44 sub keys
Each sub key size-32 bit / 1 word / 4 bytes
Each Round - 4 sub keys(128 bit / 4 word /16
bytes)
Pre round calculation- 4 sub keys(128 bit/4
word/16bytes)
Structure of the AES process
AES Encryption and Decryption
AES Encryption and Decryption
Key expansion
Key expansion
Key expansion
16 byte Plain Text block (State)
The 16-byte plain text block is copied into a
two-dimensional 4 X4 array called as state.
The order of copying is in the column order.
The first four bytes of the plain text block
get copied into the first column of the state
array, the next four bytes of the plain text
block get copied into the second column of
the state array and so on.
16 byte Plain Text block (State)
XOR the State with the Key block
The first 16 bytes (i.e. four words W
[0], W [1], W [2] and W [3]) of the
expanded key are XORed into the
16-bytestate array (B1 to B16 shown
above).
Thus, every byte in the state array is
replaced by the XOR of itself and the
corresponding byte in the expanded
key.
Process in Each
Round
Substitute Bytes Transformation
The forward substitute byte transformation, called
Sub Bytes, is a simple table
AES defines a matrix of byte values, called an
S-box that contains a permutation of all possible
256 8-bit values.
Each individual byte of State is mapped into a new
byte in the following way:
The leftmost 4 bits of the byte are used as a row
value and the rightmost 4 bits are used as a column
value.
These row and column values serve as

indexes into the S-box to select a unique
8-bit output value.
Ex.10010101
Row is 9
Column is 5
ShiftRows Transformation
The forward shift row transformation, called
ShiftRow.
The first row of State is not altered.
nd
2 row a 1-byte circular left shift is performed.
3rd row a 2-byte circular left shift is performed.
4th row, a 3-byte circular left shift is performed.
MixColumns Transformation
The forward mix column transformation,
called Mix Columns, operates on each
column individually.
Each byte of a column is mapped into a new
value that is a function of all four bytes in
that column.
The transformation can be defined by the
following matrix multiplication on State
The MixColumns transformation on a single
column j(0 j 3) of State can be expressed as
Add RoundKey Transformation
Stream Ciphers
process message bit by bit (as a stream)
have a pseudo random keystream
combined (XOR) with plaintext bit by bit
randomness of stream key completely
destroys statistically properties in
message
Ci = Mi XOR StreamKeyi
but must never reuse stream key
otherwise can recover messages (cf
book cipher)
Stream Cipher Structure
Stream Cipher Properties
▪ some design considerations are:
▪ long period with no repetitions
▪ statistically random
▪ depends on large enough key
▪ large linear complexity
▪ properly designed, can be as secure
as a block cipher with same size key
▪ but usually simpler & faster
RC4
RC4 is stream cipher was designed by Ron Rivest of
RSA security in 1987.Official name is Rivest cipher
Ron Rivest design is simple but effective
variable key size, byte-oriented stream cipher
widely used (web SSL/TLS, wireless WEP)
key forms random permutation of all 8-bit values
uses that permutation to scramble input info processed
byte at a time
Implementation in both software and hardware possib
Does not consume many resources.
RC4
RC4 generates a pseudorandom stream of bits
called as keystream.
This is combined with the plain text using XOR
for encryption.
Even decryption is performed in a similar
manner.
There is a variable length key consisting of 1 to
256 bytes (or 8 to 2048 bits). This key is used
to initialize a 256-byte state vector with
elements identified as S[0].S[1]. ...., S[255].
RC4
To perform encryption or decryption
operation, one of these 256 bytes of S is
selected and processed.
The resulting output is called as k. After
this, the entries in S are permuted once
again.
there are three processes involved:
(a) Initialization of S
(b) Initialization permutation of S
(b) Stream generation.
Initialization of S
1.Choose a key (K) of length between 1 and 256 bytes.
2. Set values in the state vector S equal to the values
from 0 to 255 in an ascending order.
In other words, we should have S[0] = 0, S[1] = 1, ...,
S[255] = 255.
3. Create another temporary array T.
If the length of the key K (termed as keylen) is 256
bytes, copy K into T as is.
After copying K to T, whatever are the remaining
positions in T are filled with the values of K again.
At the end, T should be completely filled.
Initialization of S
for i = 0 to 255
// Copy the current value of i into the current
position in the S array
S[i]=i;
// Now copy the contents of the current
position of the K array into T. If K is
exhausted, loop back
// to get the values of the K array from the
un-exhausted portion of K.
T[i]=K[imodkeylen];
Initialization Permutation of of S
T array is used to produce initial permutation
of S.
For this purpose, a loop executes,
iterating i from 0 to 255.
In each case, the byte at the position S[i] is
swapped with another byte in the S array, as
per an arrangement decided by T[i].
For this purpose, the following logic is used
Initialization Permutation of of S
j=0;
fori=0to255
j=(j+S[i]+T[i])mod256;
swap(S[i],S[j]);
Note this is just a permutation. The values

of S are simply being rearranged, not
changed.
Stream generation.
Now S array is ready with the above
initializations and permutations,
the initial key array K is discarded.
Now, we need to again loop for i = 0 to
255.
In each step, we swap S [i] with another
byte in S, as per the mechanism decided
by the implementation of S.
Once we exhaust the 255 positions, we
need to restart at S[0]
Stream generation
The logic is as follows:
i=0; j=0;
while(true)
i=(i+1)mod256;
j=(j+S[i])mod256;
swap(S[i],S[j]);
t=(S[i]+S[j])mod256;
k=S[t];
Some vulnerability has been found in RC4, hence
not recommended for new applications.
RC4 Overview
Encryption and Decryption
For encryption, k is XORed with the next byte
of the plain text.
For decryption, k is XORed with the next byte
of the cipher text.
Encryption:
CT=Plain Text XOR Keystream
Decryption:
PT=Cipher Text XOR Keystream
Stream Cipher
Private-Key Cryptography
Traditional private/secret/single key
cryptography uses one key
Shared by both sender and receiver
If this key is disclosed communications
are compromised
also is symmetric, parties are equal
hence does not protect sender from
receiver forging a message & claiming is
sent by sender
Public-Key Cryptography
probably most significant advance in the
3000 year history of cryptography
uses two keys – a public & a private key
asymmetric since parties are not equal
uses clever application of number
theoretic concepts to function
complements rather than replaces
private key crypto
Why Public-Key Cryptography?
developed to address two key issues:
key distribution – how to have secure
communications in general without having
to trust a KDC with your key
digital signatures – how to verify a
message comes intact from the claimed
sender
public invention due to Whitfield Diffie &
Martin Hellman at Stanford Uni in 1976
known earlier in classified community
public-key/two-key/asymmetric cryptography
involves the use of two keys:
a public-key, which may be known by anybody, and
can be used to encrypt messages, and verify
signatures
a private-key, known only to the recipient, used to
decrypt messages, and sign (create) signatures
is asymmetric because
those who encrypt messages or verify signatures
cannot decrypt messages or create signatures
Suppose A wants to send a message to B
without having to worry about its security.
A and B should each have a private key and a
public key.
• A should keep her private key secret
• B should keep her private key secret
• A should inform B about her public key
• B should inform A about her public key
Matrix of Private and Public
key
Asymmetric key cryptography
Real Life example
consider a practical situation that describes asymmetric key
cryptography as used in real life.
Bank accepts many requests for transactions from its
customers over an insecure network.
Bank can have a private key – public key pair. Bank can
publish its public key to all its customers.
customers can use this public key of the bank for
encrypting messages before they send them to the bank.
bank can decrypt all these encrypted messages with its
private key, which remains with itself.
only bank can perform the decryption, as it alone knows its
private key.
Real Life example
RSA Algorithm
1. Choose two large prime numbers P and Q.
2. Calculate N = P Q.
3. Select the public key (i.e. the encryption key) E such
that it is not a factor of (P – 1) and (Q – 1).
4. Select the private key (i.e. the decryption key) D
such that the following equation is true:
(D x E) mod (P – 1) (Q – 1) = 1.
Public Key={E,N}
Private Key={D,N}
RSA Algorithm
5. For encryption, calculate the cipher text CT
from the plain text PT as follows:
CT = PTE mod N
6. Send CT as the cipher text to the receiver.
7. For decryption, calculate the plain text PT
from the cipher text CT as follows:
PT = CTD mod N
Example of RSA algorithm
1. Select primes: p=17 & q=11
2. Compute n = pq =17 x 11=187
3. Compute ø(n)=(p–1)(q-1)=16 x 10=160
4. Select e: gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160
Value is d=23 since 23x7=161= 10x160+1
6. Publish public key PU={7,187}
7. Keep secret private key PR={23,187}
RSA Security
possible approaches to attacking RSA are:
brute force key search (infeasible given size
of numbers)
mathematical attacks (based on difficulty of
computing ø(n), by factoring modulus n)
timing attacks (on running of decryption)
chosen cipher text attacks (given properties
of RSA)
Placement of Encryption
have two major placement alternatives
link encryption
encryption occurs independently on every
link
implies must decrypt traffic between links
requires many devices, but paired keys
end-to-end encryption
encryption occurs between original source
and final destination
need devices at each end with shared keys
when using end-to-end encryption must leave
headers in clear
so network can correctly route information
hence although contents protected, traffic
pattern flows are not
ideally want both at once
end-to-end protects data contents over entire
path and provides authentication
link protects traffic flows from monitoring
can place encryption function at various layers
in OSI Reference Model
link encryption occurs at layers 1 or 2
end-to-end can occur at layers 3, 4, 6, 7
as move higher less information is encrypted
but it is more secure though more complex
with more entities and keys
Key Distribution
given parties A and B have various key
distribution alternatives:
A can select key and physically deliver to B
third party can select & deliver key to A & B
if A & B have communicated previously can
use previous key to encrypt a new key
if A & B have secure communications with a
third party C, C can relay key between A & B
Key Hierarchy
typically have a hierarchy of keys
session key
temporary key
used for encryption of data between users
for one logical session then discarded
master key
used to encrypt session keys
shared by user & key distribution center
Key Distribution Scenario
Key Distribution Issues
hierarchies of KDC’s required for large
networks, but must trust each other
session key lifetimes should be limited for
greater security
use of automatic key distribution on behalf
of users, but must trust system
use of decentralized key distribution
controlling key usage
Symmetric versus Asymmetric Key
Cryptography

NS Unit 3

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

NS Unit 3

Uploaded by

Copyright:

Available Formats

Chapter 3

Symmetric and Asymmetric key for

CO3:-Illustrate various Symmetric and Asymmetric

Stream Cipher technique involves the encryption

● perform a substitution on left data half

● based on round function of right half & subkey

● then have permutation swapping halves

implements Shannon’s S-P net concept

most widely used Symmetric key block

After IP is done, the resulting 64-bit permuted text block is

● can eventually recover some/all of the sub-key bits

● if necessary then exhaustively search for the rest

generally these are statistical attacks

● related key attacks

● wrong pairs give random values

for large numbers of rounds, probability is so low that more

These row and column values serve as

Note this is just a permutation. The values

You might also like