计算机对称密钥加密算法

Cipher text block n
Step 1
Step 2
Step n
Fig 3.6
Chapter 3
11
Decryption in ECB Mode 电码本模式解密
Cipher text block 1 Cipher text block 2 Cipher text block n
Key
Decrypt
Cipher text j bits
Cipher text j bits
Cipher text j bits
Fig 3.14
Chapter 3
18
Exercise 练习
Fill in the blank with the mathematically expression
Chapter 3
19
Answer to exercise 练习答案
Cipher Feedback (CFB)
Output Feedback (OFB)
These two modes work on block ciphers.
These two modes work on block ciphers acting as stream ciphers.
电码本
密码块链接 密码反馈 输出反馈

Plain text block 1
Plain text block 2
Plain text block n
Step 1
Step 2
Step n
Fig 3.7
Chapter 3
12
Advantages and Limitations of ECB 电码本的优缺点
In binary format Plain text
XOR operation with the key
01011100 10010101
ZTU91_^%D
11001001
Cipher text
Fig 3.3
Chapter 3
6
Block Cipher Example 块加密举例
FOUR Encrypt VFa% _AND_ Encrypt *yT1x FOUR Encrypt VFa% Cipher text Plain text
Cipher text block 2 Step 2
Cipher text block n Step n
Fig 3.8
Chapter 3
14
Decryption in CBC Mode 加密块链接模式解密
Cipher text block 1 Cipher text block 2 Cipher text block n
Chapter 3
1
Computer-based Symmetric Key Cryptographic Algorithm 计算机对称密钥加密算法
Chapter 3
2
Algorithm type and modes 算法类型和模式
Algorithm type defines what size of plain text should be encrypted in each step 算法类型定义算法每一步要加密的明文长度 Algorithm mode defines the details of the cryptography algorithm 算法模式定义具体算法类型中的加密算法细节
Chapter 3
4
Types of Cipher 加密的类型
Algorithm Types
Stream Ciphers
Block Ciphers
流加密
Fig 3.1
块加密
Chapter 3
5
Stream Cipher Example 流加密举例
In normal format Pay 100
+
(a) The Encryption Process at the sender's end
VFa% Decrypt FOUR
*yT1x Decrypt _AND_
VFa% Decrypt FOUR
Cipher text
Plain text
(b) The Decryption Process at the receiver's end Fig 3.4
Chapter 3
10
Encryption in ECB Mode 电码本模式加密
Plain text block 1 Plain text block 2 Plain text block n
Key
Encrypt
Key
Encrypt
Key
Encrypt
Cipher text block 1
Cipher text block 2
用两个不同的密钥32chapter3doubledesencryption双重des加密originalplaintextencryptciphertextencryptciphertextfig336k1k233chapter3doubledesdecryption双重des解密originalplaintextdecryptdecryptciphertextciphertextfig337k2k134chapter3doubledesmathematicallyexpressed双重des的算术表达ppencryptencrypttemporaryresulttencryptencryptcek1pek2ek1ptek1pcek2ek1pfig338k1k235chapter3meetinthemiddle中间人攻击?attackinvolvesencryptionfromoneenddecryptionfromtheotherandmatchingtheresultsinthemiddle攻击的思想是从一端加密另一端解密在中间进行结果匹配?theattackerencryptstheplaintextmessagefromoneendwithallpossiblekeysgeneratesitstable攻击者从一端尝试所有密钥加密明文消息产生一张表?theattackerdecryptstheciphertextfromtheotherendwitheachpossiblekeymatchingtheplaintextwitheachrowinthetablegeneratedearlier从另一端尝试每一个密钥解密密文以试图满足先前产生的那张表?iftheattackerfindsamatchsheknowsthatthekeyusedforencryptionisfoundandthereforecantryandcrackotherciphertextmessagesgeneratedwiththiskey36chapter3tripledeswiththreekeys三重des使用三个密钥originalplaintextencryptciphertext1finalciphertextfig341k1encryptk2ciphertext2encryptk337chapter3tripledes
Cipher text j bits
Fig 3.13
Chapter 3
17
Encryption in OFB Mode 输出反馈模式加密
IV (Shift register) IV (Shift register) IV (Shift register)
Key
Encrypt
Key
Encrypt
Key
Chapter 3
20
Symmetric Key Cryptography 对称密钥加密法
Same key used for encryption and decryption 加解密使用相同密钥 Examples: DES, IDEA, RC5, Blowfish, AES 例如: 例如:DES, IDEA, RC5, Blowfish, AES Quite popular and fast 使用很广泛并且加密速度快
Encrypt
Take just the leftmost 8 bits
Take just the leftmost 8 bits
Take just the leftmost 8 bits
XOR
XOR
XOR
Plain text j bits
Plain text j bits
Plain text j bits
Plain text
Fig 3.15
Chapter 3
Data Encryption Standard (DES) 数据加密标准( 数据加密标准(DES) )
most widely used block cipher in world 世界上被广泛应用于块加密 adopted in 1977 by NBS (now NIST) 1977年被 年被NBS采纳 年被 采纳 encrypts 64-bit data using 56-bit key 采用56位密钥加密 位密钥加密64位数据 采用 位密钥加密 位数据 has been considerable controversy) over its security 关于其安全性受到众多争议 关于其安全性受到众多争议
Chapter 3
7
Concepts of confusion and diffusion
混淆和扩散
cipher needs to completely obscure statistical properties of original message 加密需要完全弄乱原始消息的统计信息 a one-time pad does this 一次板可以实现该目标 more practically Shannon suggested combining elements to obtain: 香农提出结合性原理包含两个概念: 香农提出结合性原理包含两个概念:
repetitions in message may show in cipher text 在密文中出现明文消息的重复 weakness due to encrypted message blocks being independent 加密消息块相互独立成为被攻击的弱点 main use is sending a few blocks of data 适用于少量数据的传输
Key
Decrypt IV XOR
Key
Decrypt
Key
Decrypt
XOR
XOR
Plain text block 1
Plain text block 2
Plain text block n
Step 1
Step 2 Fig 3.9
Step n
Chapter 3
15
Advantages and Limitations of CBC
Take just the leftmost 8 bits
Take just the leftmost 8 bits
XOR
XOR
XOR
Plain text j bits
Plain text j bits
Plain text j bits
Cipher text j bits
Cipher text j bits
Chapter 3
21
Symmetric Key Cryptography 对称密钥加密法
Sender (A)
Receive r (B)
Plain text
Encrypt with symmetric key
Cipher text
Net wor k
Cipher text Decrypt with symmetric key
Chapter 3
13
Encryption in CBC Mode 加密块链接模式加密
IV Plain text block 1 XOR Plain text block 2 XOR Plain text block n XOR
Key
Encrypt
Key
Encrypt
Key
Encrypt
Cipher text block 1 Step 1
i =1
the statistical properties of the plain text disappear
Chapter 3
9
Algorithm Modes 算法模式
Algorithm Modes
Electronic Code Book (ECB)
Cipher Block Chaining (CBC)
Chapter 3
3
Ciphers 加密法
Mechanism that decides the process of encryption/decryption 决定加/解密过程的一种机制 决定加 解密过程的一种机制 Stream Cipher: Bit-by-bit encryption / decryption 流加密法:一位一位加/解密 流加密法:一位一位加 解密 Block Cipher: Block-by-block encryption / decryption 块加密法:一块一块加/解密 块加密法:一块一块加 解密 many current ciphers are block ciphers
Chapter 3
8
Concepts of confusion and diffusion
混淆和扩散
Confusion is a technique of ensureing that a cipher text gives no clue about the plain text 混淆是为了保证密文中不会反映出明文线索 Diffusion increases the redundancy of the plain text by spreading it across rows and columns 扩散增加明文的冗余度(统计信息), ),使其分 扩散增加明文的冗余度(统计信息),使其分 布在行和列中 k e.g yn = ∑ mn + i (mod 26) m should be character
Chapter 3
16
Encryption in CFB Mode 加密反馈模式加密
IV (Shift register) IV (Shift register) IV (Shift register)
Key
Encrypt
Key
Encrypt
Key
Encrypt
Take just the leftmost 8 bits
加密块链接的优缺点
each ciphertext block depends on all message blocks 每个密文块依赖于所有的信息块 thus a change in the message affects all ciphertext blocks 明文消息中一个改变会影响所有密文块 need Initial Vector (IV) known to sender & receiver 发送方和接收方都需要知道初始化向量