Cybersecurity Essentials Course

Lec 6

Dr. Eman Zahran

 Stream and Block ciphers
2. The way in which the plaintext is processed

- A stream cipher processes the input elements

continuously, producing output one element at a
time, as it goes along

- The block cipher processes the input one block of

elements at a time, producing an output block for each
input block
 A Bit string
• At the implementation level, modern ciphers do not
really use letters/alphabets, instead they use encoding
scheme to convert the message into sequence of
binary digits (bits) – 0s and 1s.

• The bit sequence representing plaintext is

transformed to produce the ciphertext bit sequence
 XOR operation
• Since cipher algorithms operate on binary strings we
must be familiar with a common operator on two bits
called Exclusive-OR, often written as XOR or

Example:
1 0 0 1 1
1 1 0 0 1
------------------------------
0 1 0 1 0
 Stream cipher

• Operates on streams of plaintext and ciphertext one

bit or byte
• The encryption is done by applying XOR operator on
the plaintext string and the key string

• Ci=Pi Ki
• i is the position of the bit within the stream

– Change the bit, indicated by key value = 1

– Leave the bit unchanged, indicated by key value =
0.
 What is a Stream cipher?

PLAINTEXT XOR CIPHERTEXT

DATA

SEQUENCE
GENERATOR
 Stream ciphers
Ci = Pi Ki Pi = Ci
Ki

• Example: plaintext 1100101

keystream 1000110 ……… encryption
ciphertext 0100011
keystream 1000110 ……… decryption
plaintext 1100101
Encryption process
Plain Text (P)

0 0 11
Cipher Text (C)

0 1 01 011 0

Keystream (K)
P 0 0 1 1
K 0 1 0 1
C 0 1 1 0
Decryption process
Cipher Text (C)

01 10 Plain Text (P)

0 0 1 1
01 01

Key (K)
C 0 1 1 0
K 0 1 0 1
P 0 0 1 1
 Generating key sequence

• It must be obvious, that the key sequence is

an important component of stream cipher

• A stream cipher takes a (short) key to

generate a long key and this is done using
what is called a binary sequence generator
 Generating key sequence

• Short keys will encounter repeats and these

are vulnerabilities which can be attacked.

• Hence, keystream sequence must be

unpredictable and avoid repeats such that
knowledge of some of it should not allow
attacker to deduce the rest
 Generating key sequence

• Generally key length n will repeat after

2n-1 bits

• Designing a good generator is challenging.

• A secure stream cipher depends on the

randomness/non-repeating quality of the
keystream
 Binary sequence generator

• A good keystream must pass a series of

intense statistical tests for randomness, for
example:
– Frequency test,
– Serial test,
– Poker test
– autocorrelation tests, etc
 Random number generator
• Randomness requires a good source of
random number generator
– In the industry, real serious applications use RRG
(Real Random Generator), examples using
• reliable source of thermal noise in electrical circuit

– Otherwise, amateurs use PRNG (Pseudorandom

Number generator) which uses software
 Advantages of stream cipher
• No propagation error, since each symbol is processed
unrelated to other symbols.

• Used in situation where transmission error is highly

probable

• Useful in application where data can only be processed one

symbol at a time, i.e. equipment has no memory or limited
buffer

• Speed very fast, operate bit by bit, actual time taken

doesn’t have to wait for availability of other symbols.

• Ease of implementation in hardware

 Disadvantages of stream Ciphers

• The key must be as long as the message

to be encoded, random quality may be
difficult to achieve

• Vulnerable to insertion and modification

attacks
 Block Ciphers

• Modern block ciphers are the most widely

used types of cryptographic algorithms

• DES (Data Encryption Standard)

• AES (Advanced Encryption Standard)
 Block Ciphers
• Block ciphers process messages in terms of
blocks, which is some number of bits. All bits
have to be available before the block can be
processed

– Example: they encrypt 128-bit plaintext and

generate 128-bit ciphertext

– The plaintext and ciphertext processed at a time

are always of the same size
• Many current industry ciphers are block
ciphers
• Thus we will focus of Block ciphers
 Block ciphers
• Break the plaintext into blocks and encrypt
each with the same algorithm

• Operate on blocks of plaintext and ciphertext

• The same plaintext block will always be

encrypted to the same ciphertext block, using
the same key
 Block Ciphers
• Block Ciphers, originally, seem to be more suited
to implementation in software to execute on a
general purpose computer.

• However, with the advance in hardware

technology, and requirement for speed, they have
been implemented in hardware

• Examples of block ciphers DES, 3DES, Idea,

RC5.
 Shannon and S-P Cipher

• S-P networks are based on the two

primitive cryptographic operations we
have seen before:
– substitution (S-box)
– permutation (P-box)

• provide confusion and diffusion of message

• these form the basis of modern block
ciphers
 Confusion and Diffusion
• Cipher needs to completely obscure statistical
properties of original message

• more practically Shannon suggested

combining elements to obtain:

– diffusion – dissipates statistical structure of

plaintext over bulk of ciphertext

– confusion – makes relationship between ciphertext

and key as complex as possible
 Confusion and Diffusion

• Confusion is an encryption operation where the

relationship between key and ciphertext is
obscured. Today, a common element for
achieving confusion is substitution, which is
found in both DES and AES.
 Confusion and Diffusion

• Diffusion is an encryption operation where

the influence of one plaintext symbol is
spread over many ciphertext symbols with
the goal of hiding statistical properties of
the plaintext.

• Diffusion is used frequently in DES.

 Confusion and Diffusion

• Ciphers which only perform confusion, such

as the Shift Cipher or the World War II
encryption machine Enigma, are not secure.
Neither are ciphers which only perform
diffusion.

• The concatenation of both confusion and

diffusion operations produces a strong cipher.
 Confusion and Diffusion
• The concatenating several encryption
operation was also proposed by Shannon.
Such ciphers are known as product ciphers.

• All of today’s block ciphers are product

ciphers as they consist of rounds which are
applied repeatedly to the data.
 Confusion and Diffusion
• Principle of an N round
product cipher, where each round
performs a confusion and diffusion
operation
 Confusion and Diffusion

• Modern block ciphers possess excellent

diffusion properties.
• On a cipher level this means that
changing of one bit of plaintext results
on average in the change of half the
output bits, i.e., the second ciphertext
looks statistically independent of the
first one.
 Confusion and Diffusion

The input strings differ in one bit while the output (ciphertext)
 Confusion and Diffusion
• Note that modern block ciphers have block lengths
of 64 or 128.

DES is a symmetric block cipher in which each block of

plaintext, is encrypted using 16 rounds
 DES Algorithm

strong cryptographic algorithm.

Decryption requires only a reversed key

schedule, which is an advantage in
software and hardware
implementations.
 Key distribution for symmetric key encryption

Key distribution can be achieved in a number of ways. For two

parties A and B:
1. A key could be selected by A and physically delivered to B.

2. A third party could select the key and physically deliver it to A

and B.
3. If A and B have previously and recently used a key, one party
could transmit the new key to the other, encrypted using the old
key.
4. If A and B each have an encrypted connection to a third party
C, C could deliver a key on the encrypted links to A and B.
Key distribution for symmetric key encryption
Encryption Algorithm
Summary

Algorithm Type Key Size Features

DES Block 56 bits Most Common, Not

Cipher strong enough
TripleDES Block 168 bits Modification of DES,
Cipher (112 effective) Adequate Security
Blowfish Block Variable Excellent Security
Cipher (Up to 448 bits)
AES Block Variable Replacement for DES,
Cipher (128, 192, or Excellent Security
256 bits)
RC4 Stream Variable Fast Stream Cipher,
Cipher (40 or 128 bits) Used in most SSL
implementations
Limitations of Symmetric Encryption

• Any exposure to the secret key compromises secrecy

of ciphertext
• A key needs to be delivered to the recipient of the
coded message for it to be deciphered
– Potential for eavesdropping attack during transmission of
key
 Applications of Symmetric Encryption

 Banking sector
• Payment applications, such as card
transactions
• Validations to confirm that the sender of a
message is who he claims to be.
 Data at rest (to safeguard inactive data
wherever it resides by encrypting individual
sensitive files before storage or encrypting the
entire storage medium)
Asymmetric Encryption
Basics
• Uses a pair of keys for encryption
– Public key for encryption
– Private key for decryption
• Messages encoded using public key can only be decoded by
the private key
– Secret transmission of key for decryption is not required
– Every entity can generate a key pair and release its public key

Plain Text Cipher Text Plain Text

Cipher Cipher

Public Key Private Key

Asymmetric Encryption
The RSA cipher is used in most asymmetric encryption

• Developed by Ron Rivest, Adi Shamir, Len Adelman

• Both public and private key are interchangeable
• Variable Key Size (512, 1024, or 2048 buts)
• Most popular public key algorithm
 Limitations of Asymmetric Encryption

• Efficiency is lower than Symmetric Algorithms

– A 1024-bit asymmetric key is equivalent to 128-bit
symmetric key
• Potential for man-in-the middle attack
• It is problematic to get the key pair generated for the
encryption
• It is used for smaller amounts of data
 Applications of Asymmetric Encryption

• Authentication
• Digital Certificates
• Digital signatures (Digital signatures serve to
identify any unauthorized alterations to data
and verify the identity of the individual signing)
 Asymmetric Encryption
Session-Key Encryption

• Used to improve efficiency

– Symmetric key is used for encrypting data
– Asymmetric key is used for encrypting the symmetric key

Plain Text Cipher Cipher Text

(DES)

Send to Recipient

Encrypted
Cipher Key
(RSA)
Session Key

Recipient’s Public Key

Asymmetric Encryption
Encryption Protocols
• Pretty Good Privacy (PGP)
– Used to encrypt e-mail using session key encryption
– Combines RSA, TripleDES, and other algorithms

• Secure/Multipurpose Internet Mail Extension (S/MIME)

– Newer algorithm for securing e-mail
– Backed by Microsoft, RSA, AOL

• Secure Socket Layer(SSL) and Transport Layer Socket(TLS)

– Used for securing TCP/IP Traffic
– Mainly designed for web use
– Can be used for any kind of internet traffic
Key Agreement in Asymmetric Encryption

• Key agreement is a method to create secret key by exchanging only public

keys.
• Example
– Bob sends Alice his public key
– Alice sends Bob her public key
– Bob uses Alice’s public key and his private key to generate a session key
– Alice uses Bob’s public key and her private key to generate a session key
– Using a key agreement algorithm both will generate same key
– Bob and Alice do not need to transfer any key
Alice’s
Private Key

Bob’s Cipher
Public Key
(DES) Alice and Bob
Bob’s Session Key
Generate Same
Private Key Session Key!
Alice’s Cipher
Public Key
(DES)
 Digital Signatures

cryptographic technique analogous to hand-written

signatures.
• sender (Bob) digitally signs document, establishing he is
document owner/creator.
• verifiable, nonforgeable: recipient (Alice) can prove to
someone that Bob, and no one else (including Alice),
must have signed document

8: Network Security 8-44

 Digital Signatures
simple digital signature for message m:
• Bob “signs” m by encrypting with his private key KB,
- -
creating “signed” message, KB(m)
-
Bob’s message, m K B Bob’s private -
K B(m)
key
Dear Alice
Bob’s message,
Oh, how I have missed public key m, signed
you. I think of you all the
time! …(blah blah blah) encryption (encrypted) with
algorithm his private key
Bob

8: Network Security 8-45

 Digital Signatures (more)
-
• suppose Alice receives msg m, digital signature KB(m)
• Alice verifies m signed by Bob by applying Bob’s public key KB
+ - + -
to KB(m) then checks KB(KB(m) ) = m.
+ -
• if KB(KB(m) ) = m, whoever signed m must have used Bob’s
private key.
Alice thus verifies that:
 Bob signed m.
 No one else signed m.
 Bob signed m and not m’.
non-repudiation:
 Alice can take m, and signature KB(m) to court and prove
that Bob signed m. -

8: Network Security 8-46

 Cryptanalysis

• Objective: to recover the plaintext of a ciphertext

or, more typically, to recover the secret key.
• Kerkhoff’s principle: the adversary knows all
details about a cryptosystem except the secret key.
• Two general approaches:
– brute-force attack
– non-brute-force attack (cryptanalytic attack)
 Brute-Force Attack
• Try every key to decipher the ciphertext.
• On average, need to try half of all possible keys
• Time needed proportional to size of key space
Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/µs decryptions/µs
32 232 = 4.3  109 231 µs = 35.8 minutes 2.15 milliseconds

56 256 = 7.2  1016 255 µs = 1142 years 10.01 hours

128 2128 = 3.4  1038 2127 µs = 5.4  1024 years 5.4  1018 years

168 2168 = 3.7  1050 2167 µs = 5.9  1036 years 5.9  1030 years

26 characters 26! = 4  1026 2  1026 µs = 6.4  1012 years 6.4  106 years
(permutation)

48
 Cryptanalytic Attacks
• May be classified by how much information
needed by the attacker:
– Ciphertext-only attack
– Known-plaintext attack
– Chosen-plaintext attack
– Chosen-ciphertext attack

49
 Ciphertext-only attack
• Given: a ciphertext c & the algorithm
• Q: what is the plaintext m?
• An encryption scheme is completely insecure
if it cannot resist ciphertext-only attacks.

50
 Known-plaintext attack
• Given: (m1,c1), (m2,c2), …, (mk,ck) and a new
ciphertext c.

• Q: what is the plaintext of c?

• Q: what is the secret key in use?

51
 Applications of symmetric and asymmetric

Messaging applications,
like Signal or Whatsapp, use end-to-end
encryption to protect the confidentiality and
privacy of the users’ communications and to
authenticate the users.
 Chosen-plaintext attack

• Given: (m1,c1), (m2,c2), …, (mk,ck), where m1,

m2, …, mk are chosen by the adversary; and a
new ciphertext c.

• Q: what is the plaintext of c, or what is the

secret key?

53
 Chosen-ciphertext attack
• Given: (m1,c1), (m2,c2), …, (mk,ck), where c1, c2,
…, ck are chosen by the adversary; and a new
ciphertext c.

• Q: what is the plaintext of c, or what is the

secret key?

54
 Confidentiality
• Alice and Bob communicating through insecure channel
• Eve can listen and understand what is being said
How Encryption helps Confidentiality
• The insecure channel is secured by encrypting the communication
• Eve can listen but cannot understand what is being said
How Encryption helps Confidentiality
 Integrity
• An unprotected message is susceptible to a modification that cannot be
detected easily
• Eve, here, changes the time that Alice wants meet Bob
• Bob will not know that the time was modified
 How Encryption helps Integrity (cont.)

• Any modification to a protected message can be detected easily

• Bob will know that there is something wrong with message he has
received

Let’s meet at 02h

 How Encryption helps Integrity (cont.)

Integrity mechanisms employ a combination of

cryptographic methods, including hashing,
encryption, and digital signatures.
 Other requirements
• Authentication an entity can be verified to be
who he claims to be.

• Accountability entity can be verified to have

been responsible/owned an activity/event.

• Non-repudiation achieved when the

requirement for accountability is fulfilled.
 Authentication

• The message says that it is from Alice, but

there is no proof that the message is from
Alice
 Authentication (cont.)
• Eve can impersonate Alice and send messages to Bob
• Bob still cannot prove that the message is not from Alice

This message
is from Alice
 How encryption helps…
• Bob can verify that the message is from
Alice since the key is shared only with her
 How encryption helps…
• Eve cannot impersonate Alice since the key she uses is different from
the key that Bob shares with Alice
• Bob will find easily that the message is not from Alice!

This message
is from Alice
Cryptography for secure Email
 Secure e-mail
 Alice wants to send confidential e-mail, m, to Bob.

KS
KS(m ) KS(m )
m K ( .)
S
KS( ) . m

+ Internet
- KS

KS
+
KB( ). + +
-
K B( ) .
KB(KS ) KB(KS )
K+
B KB-

Alice:
 generates random symmetric private key, KS.
 encrypts message with KS (for efficiency)
 also encrypts KS with Bob’s public key.
 sends both KS(m) and KB(KS) to Bob.
8: Network Security 8-67
 Secure e-mail
 Alice wants to send confidential e-mail, m, to Bob.

KS
KS(m ) KS(m )
m K ( .)
S
KS( ) . m

+ Internet
- KS

KS
+
KB( ). + +
-
K B( ) .
KB(KS ) KB(KS )
K+
B KB-

Bob:
 uses his private key to decrypt and recover KS
 uses KS to decrypt KS(m) to recover m

8: Network Security 8-68

 Secure e-mail (continued)
• Alice wants to provide sender authentication message integrity.

KA- KA+
- -
m H(.)
-
KA( ). KA(H(m)) KA(H(m)) +
KA( ). H(m )

+ Internet
- compare

m H( ). H(m )
m

• Alice digitally signs message.

• sends both message (in the clear) and digital signature.

8: Network Security 8-69

 Secure e-mail (continued)
• Alice wants to provide secrecy, sender authentication,
message integrity.
KA-
-
m .
H( )
-
KA( ). KA(H(m))
KS

+ KS( ) .
m + Internet

KS
+
KB( ) . +
KB(KS )
K+
B

Alice uses three keys: her private key, Bob’s public key, newly
created symmetric key

8: Network Security 8-70