C235 – IT Security and

Management
Lecture 5.1
Modern Symmetric Ciphers

1
 Learning Objectives

• Explain the basic mechanism of symmetric key

algorithms
• Explain how modern cryptography is built

• Describe different attacks on encryption systems

2
What is Symmetric key Algorithm?

• The SAME key is used to encrypt and decrypt a

message
• Examples of Symmetric key algorithm:
 Caesar cipher
 Vigenere cipher
 Columnar Transposition cipher
 Rail Fence cipher
 One-Time Pad
3
What is Symmetric key Algorithm?

• The SAME key is used to encrypt and decrypt a

message
 Caesar cipher
Encryption Key : 4
BOMB FB SO Q
M FB F SQ F
Decryption Key : 4
 Vigenere cipher
Decryption
Encryption Key : SCOT
Plaintext K I N G O F E N G L A N D
Key S C O T S C O T S C O T S
CipherText C K B Z G H S G Y N O G V
5
 Modern Cryptography

• The two most common types of encryption algorithm

used in modern cryptography are the block and
stream ciphers.

• Modern ciphers are normally made of a set of

simple ciphers, e.g., XOR ciphers.

6
 XOR Cipher
• Exclusive XOR has the property needed for symmetric
operation
• XOR
 0  0 = 0
 0  1 = 1
 1  0 = 1
 1  1 = 0

XOR Encryption: XOR Decryption:

Text: 65 = 0100 0001 Cipher: 03 = 0000 0011
Key: 66 = 0100 0010 Key: 66 = 0100 0010
--------------- 
---------------
Cipher: 03 0000 0011 Text: 65 0100 0001
7
 Quiz Quiz
• Using XOR cipher, if the plaintext is 10001001
and the key is 01010101, what is the
ciphertext?
A. 10001011
B. 11011100
C. 11011000
D. 10011100

10
 Quiz Quiz
• An XOR cipher encrypts the plaintext
10110001 to ciphertext 10010000. What is the
key of this XOR cipher?
A. 00011011
B. 10011011
C. 00100001
D. 10110000

11
 Stream Cipher

• Stream Cipher
 Encrypt on byte by byte basis
 Faster but generally weaker
 Used in the following encryption
algorithm
• Caesar Bit stream generation
algorithm
• Vigenere
Plaintext

Byte-by-byte encryption Ciphertext

XOR
12
 Block Cipher

Block-by-block encryption Ciphertext

Encryption
Algorithm

• Block Cipher
 Encryption on group of bytes (block)
 Slower but generally stronger
 Used in the following encryption algorithm
• Rail Fence
Plaintext • Columnar Transposition
13
Modern Symmetric Ciphers

• DES

• 3DES

• AES

14
 Modern Symmetric Ciphers

• DES
 Block cipher
 Block size: 64 bits, Key sizes: 56 bits
• 3DES
 Block cipher
 Block size: 64 bits, Key size: (3*56 if all 3 keys are different) 168 bits
• AES
 Block cipher
 Block size: 128 bits
 Key sizes: 128, 192, and 256 bits
15
 DES

• Uses multiple combination of transposition and

substitution, together with XOR operations.

• We will illustrate how DES work in the next slide.

16
 How DES work?
64 bits

1. Each block of 64 bits are split into two equal halves

(Li and Ri) 32 bits 32 bits

2. 56-bit key is modified depending on the round and 56-bit key 48 bits are chosen
48 bits are selected
3. The right block is expanded from 32 bits to 48 bits 32 bits 48 bits
Ri
4. The 48 bits key sequence and 48 bits right block are
48 bits are chosen 48 bits
XORed
5. Eight S-boxes are used to transform the result into a
32-bit sequence S-Boxes

6. The 32-bit sequence is permuted by the P-box to

create a 32-bit block 32 bits Permuted by P-Box
7. The 32-bit block that is created is XORed with the
left block (Li) to create the right block half (Ri+1) for 32 bits 32 bits
the next round
8. Ri will become the left block portion for the next 32 bits 32 bits
round Ri Ri+1
9. The process is repeated for another 15 rounds
starting from step 2 17
 Quiz Quiz
• Which cipher can have key size up 256 bits?
A. DES
B. 3DES
C. 4DES
D. AES

18
What makes a Good Cryptosystem?

• Two properties that a good cryptosystem should

have to hinder statistical analysis:
• Confusion
• Diffusion

19
 Confusion and Diffusion

• Confusion
 Hides the relationship between the key and the ciphertext through
complexity.
 Can’t determine the key based on the ciphertext.
• Diffusion
 Hides the relationship between plaintext and ciphertext by spreading
the statistics of the plaintext onto the ciphertext
 To defeat statistical analysis (remember the weakest of substitution
ciphers, the hacker can use the letter frequency patterns to recover the
plaintext from the cipher text)
 Changing one bit of input results in at least 50% change in output.
 Uses a combination of transposition and substitution(or other more
elaborate) methods like DES. 20
 Quiz Quiz

• Does Caesar cipher has “Confusion” property?

A. Yes
B. No

21
 Quiz Quiz

• Does Caesar cipher has “Diffusion” property?

A. Yes
B. No

22
Evaluating Cryptosystems
• Kerckhoffs’s principle
 “a cryptosystem should be secure even if everything about
the system, except the key, is public knowledge”
• Therefore:
 The key is the only thing that is secret
 The algorithms (methods) should not be secret
• Good cryptosystem must be open
• Only openness ensures rigorous testing by cryptography experts
• If after rigorous testing, it is still secure – then the encryption is
truly secure
• Security through obscurity is bad 23
 Attack on Cryptosystem

• Two common attack on cryptosystem are

 Brute force attack
 Dictionary attack

24
 Brute Force Attack

• Tries all possible permutations of key or password

 Example: for 2-character long password
aa, ab, ac, ... , ba, bb, ... , ca, ... , zy, zz
• Time consuming
• Good crypto systems are virtually impossible to brute
force the key or password
• Time required is dependent on computing power . As
technology improves, what is considered a secure
key length will need to be increased

25
 Brute Force Attack

Possible Passwords

26
 Number of Possible Passwords

Number of Possible
26 * 26
Passwords
26 * 26 * 26 * 26 = 26 4

1-char 2-char 4-char 6-char 8-char

(8-bit) (16-bit) (32-bit) (48-bit) (64-bit)

a-z
(26 chars) 26 676 456,976 308,915,776 208,827,064,576

a-z, 0-9
(36 chars) 36 1296 1,679,616 2,176,782,336 2,821,109,907,456

a-z, A-Z, 0-9

(62 chars) 62 3844 14,776,336 56,800,235,584 218,340,105,584,896

• Each character is 8-bit ASCII

• But not all its bits are used
27
Time to Brute Force on Passwords

Time to brute force (assume one million attempts per second)

262 / 106 264 / 106
1-char 2-char 4-char 6-char 8-char
(8-bit) (16-bit) (32-bit) (48-bit) (64-bit)

a-z (26 chars) very fast very fast 0.5 seconds 5 minutes 2.4 days

a-z, 0-9
(36 chars) very fast very fast 1.7 seconds 36 minutes 33 days

a-z, A-Z, 0-9

(62 chars) very fast very fast 15 seconds 16 hours 6.9 years

28
 Brute Force on the Key
232
Time to brute force the Key (assume one million attempts per second)
Key
Length 32-bit 40-bit 48-bit 56-bit 64-bit 128-bit
Number of
Possible
Keys 4,294,967,296 1 * 1012 2x1014 7x1016 1.8x1019 3x1038
2 / 10
32 6

1.08x1025
years
(more than
3 times the
lifetime of
Time to 1.2 13 8.9 2300 580,000 the
brute force hours days years years years Universe)

29
 Brute force with Modern computers
 An average computer can perform a
few million password cracks per
second.
 Modern computing clusters can cycle
through billion of passwords guesses
per second!
 To crack a 8 character long Windows
password using say 350 billion of
passwords guesses per second will
takes:
26 Uppercase/ 26 lowercase/
95^8/350000000000 10 digits/ 33 symbols
= less than 5.5 hours ! 350 billion
30
 Quiz Quiz

• Upper case and lower case alphabet characters

are used to form a password. If the password is
11 characters long, what is the total number of
passwords that can be formed?
A. 26^11 (^ is used to denote power)
B. 11^26
C. 52^11
D. 11^52
31
 Quiz Quiz

• Upper case and lower case alphabet characters,

and ten digits are used to form a 10 characters
long password. If a computer can process
1,000,000 of passwords guesses per second, how
many days is required to crack the password?
A. (62^10)/1000000
B. (62^10)/(1000000x24)
C. (62^10)/(1000000x24x60)
D. (62x10)/(1000000x24x60x60)
32
 Dictionary Attack

• Dictionary attack is a guessing attack which uses

precompiled list of options, rather then trying every
option as in brute force attack.
• It may be based on
 knowing key information about a particular target (family
member names, birthday, etc.).
 patterns seen across a large number of users and known
passwords (e.g., what is the most globally likely answers).

33
 Dictionary Attack

Dictionary

34
 Quiz Quiz

• Which of the following passwords is most

vulnerable to dictionary attack?
A. AnBC123
B. Weakp@$$word
C. Congratulation
D. @#$!@$%cracked!

35
 At the end of you should be able to:
the lesson,

• Explain the basic mechanism of symmetric key

algorithms
• Explain how modern cryptography are built

• Describe different attacks on encryption systems