UNIT 2

Chapter 5 / Advanced Encryption Standard

 Describe AES and AES Structure

The Advanced Encryption Standard (AES) was published by the National Institute of
Standards and Technology (NIST) in 2001.

AES is a symmetric block cipher that is intended to replace DES as the approved
standard for a wide range of applications. Compared to public-key ciphers such as RSA, the
structure of AES and most symmetric ciphers is quite complex and cannot be explained as
easily as many other cryptographic algorithms.

General Structure AES

Figure 5.1 shows the overall structure of the AES encryption process. The cipher
takes a plaintext block size of 128 bits, or 16 bytes. The key length can be 16, 24, or 32
bytes (128, 192, or 256 bits).

UNIT2 Network Security Page 1

UNIT2 Network Security Page 2
  AES Key Expansion
The AES key expansion algorithm takes as input a four-word (16-byte) key and
produces a linear array of 44 words (176 bytes). This is sufficient to provide a fourword
round key for the initial AddRoundKey stage and each of the 10 rounds of the cipher.

The key is copied into the first four words of the expanded key. The remainder of the
expanded key is filled in four words at a time.

UNIT2 Network Security Page 3

UNIT2 Network Security Page 4
  An AES Example
For this example, the plaintext is a hexadecimal palindrome. The plaintext,
key, and resulting ciphertext are.

UNIT2 Network Security Page 5

  AES Implementation

 Equivalent Inverse Cipher: AES decryption cipher is not identical to the

encryption cipher That is, the sequence of transformations for decryption differs
from that for encryption, although the form of the key schedules for encryption
and decryption is the same.

Chapter 7: Principles of Pseudorandom Number Generation

 Principles of Pseudorandom Number Generation

Random numbers play an important role in the use of encryption for various network
security applications.
The Use of Random Numbers
A number of network security algorithms and protocols based on cryptography make use
of random binary numbers. For example,

UNIT2 Network Security Page 6

 1. Key distribution and reciprocal (mutual) authentication schemes. In such schemes, two
communicating parties cooperate by exchanging messages to distribute keys and/or
authenticate each other.
2. Session key generation. We will see a number of protocols in this book where a secret
key for symmetric encryption is generated for use for a particular transaction (or session)
and is valid for a short period of time. This key is generally called a session key.
3. Generation of keys for the RSA public-key encryption algorithm.
4. Generation of a bit stream for symmetric stream encryption
The following two criteria are used to validate that a sequence of numbers is random:
1. Uniform distribution: The distribution of bits in the sequence should be uniform; that is,
the frequency of occurrence of ones and zeros should be approximately equal.
2. Independence: No one subsequence in the sequence can be inferred from the others.

 Pseudorandom Number Generators

Pseudorandom number generator: An algorithm that is used to produce an open-ended

sequence of bits is referred to as a PRNG. A common application for an open-ended
sequence of bits is as input to a symmetric stream cipher,

 Two types of algorithms for PRNGs.

1. Linear Congruential Generators: A widely used technique for pseudorandom
number generation is an algorithm first proposed by Lehmer, which is known as the
linear congruential method.
2. Blum Blum Shub Generator: A popular approach to generating secure
pseudorandom numbers is known as the Blum Blum Shub (BBS) generator, It has

UNIT2 Network Security Page 7

 perhaps the strongest public proof of its cryptographic strength of any purpose-built
algorithm.

 Describe Pseudorandom Number Generation using Block Cipher

PRNG construction is to use a symmetric block cipher as the heart of the PRNG
mechanism. For any block of plaintext, a symmetric block cipher produces an output
block that is apparently random.

PRNG Using Block Cipher Modes of Operation

Two approaches that use a block cipher to build a PNRG have gained widespread
acceptance:

UNIT2 Network Security Page 8

  Explain StreamCiphers-RC4
Stream cipher encrypts plaintext one byte at a time, although a stream cipher
may be designed to operate on one bit at a time or on units larger than a byte at a time.

RC4 is a stream cipher designed in 1987 by Ron Rivest for RSA Security.
It is a variable key size stream cipher with byte-oriented operations. The
algorithm is based on the use of a random permutation. Analysis shows that the
period of the cipher is overwhelmingly likely to be greater than 10100.

UNIT2 Network Security Page 9

 Chapter 9: Public-Key Cryptography and RSA

 Describe Principles of Public-Key Cryptosystems

The concept of public-key cryptography evolved from an attempt to attack two of

the most difficult problems associated with symmetric encryption. The first problem
is that of key distribution.
 Public-Key Cryptosystems
Asymmetric algorithms rely on one key for encryption and a different but related key for
decryption. These algorithms have the following important characteristic.
1. It is computationally infeasible to determine the decryption key given only
knowledge of the cryptographic algorithm and the encryption key.
2. Either of the two related keys can be used for encryption, with the other used for
decryption.

UNIT2 Network Security Page 10

  Explain RSA Algorithm

RSA scheme is a cipher in which the plaintext and ciphertext are integers between 0 and
n - 1 for some n. A typical size for n is 1024 bits, or 309 decimal digits. That is, n is less than
21024.
 Description of the Algorithm
RSA makes use of an expression with exponentials. Plaintext is encrypted in blocks, with
each block having a binary value less than some number n. That is, the block size must be
less than or equal to log2(n) + 1; in practice, the block size is i bits, where 2i 6 n … 2i+1.
Encryption and decryption are of the following form, for some plaintext block M and
ciphertext block C.
C = Me mod n
M = Cd mod n = (Me)d mod n = Med mod n

UNIT2 Network Security Page 11

  The Security of RSA
Five possible approaches to attacking the RSA algorithm are
1. Brute force: This involves trying all possible private keys.
2. Mathematical attacks: There are several approaches, all equivalent in effort to
factoring the product of two primes.
3. Timing attacks: These depend on the running time of the decryption algorithm.
4. Hardware fault-based attack: This involves inducing hardware faults in the
processor that is generating digital signatures.
5. Chosen ciphertext attacks: This type of attack exploits properties of the RSA
algorithm.

Chapter 14: Key Management and Distribution

 Describe Symmetric Key Distribution Using Symmetric Encryption

For symmetric encryption to work, the two parties to an exchange must share the same
key, and that key must be protected from access by others. Furthermore, frequent key
changes are usually desirable to limit the amount of data compromised if an attacker learns
the key. Therefore, the strength of any cryptographic system rests with the key distribution
technique, a term that refers to the means of delivering a key to two parties who wish to
exchange data without allowing others to see the key.
For two parties A and B, key distribution can be achieved in a number of ways, as
follows:
1. A can select a key and physically deliver it to B.
2. A third party can select the key and physically deliver it to A and B.
3. If A and B have previously and recently used a key, one party can transmit the new
key to the other, encrypted using the old key.
4. . If A and B each has an encrypted connection to a third party C, C can deliver a key
on the encrypted links to A and B.
 A Key Distribution Scenario
The key distribution concept can be deployed in a number of ways. A typical
Scenario is illustrated in Figure 14.3

UNIT2 Network Security Page 12

  Hierarchical Key Control: It is not necessary to limit the key distribution function
to a single KDC. Indeed, for very large networks, it may not be practical to do so. As
an alternative, a hierarchy of KDCs can be established.
For example, there can be local KDCs, each responsible
for a small domain of the overall internetwork, such as a single LAN or a single
building. For communication among entities within the same local domain, the
local KDC is responsible for key distribution.
 Session Key Lifetime: The more frequently session keys are exchanged, the more
secure they are, because the opponent has less ciphertext to work with for any given
session key. On the other hand, the distribution of session keys delays the start of
any exchange and places a burden on network capacity.

 A Transparent Key Control Scheme: The approach is useful for providing end
to- end encryption at a network or transport level in a way that is transparent to the
end users. The approach assumes that communication makes use of a connection-
oriented end-to-end protocol, such as TCP.

UNIT2 Network Security Page 13

  Decentralized Key Control: The use of a key distribution center imposes the
requirement that the KDC be trusted and be protected from subversion. This requirement
can be avoided if key distribution is fully decentralized.
A decentralized approach requires that each end system be able to communicate
in a secure manner with all potential partner end systems for purposes of session key
distribution.

 Controlling Key Usage: The concept of a key hierarchy and the use of automated
key distribution techniques greatly reduce the number of keys that must be manually
managed and distributed.

UNIT2 Network Security Page 14

  Symmetric Key Distribution Using Asymmetric Encryption

 Simple Secret Key Distribution: An extremely simple scheme was put forward by
Merkle, . If A wishes to communicate with B, the following procedure is employed:

 Secret Key Distribution with Confidentiality and Authentication: provides

protection against both active and passive attacks. We begin at a point when it is
assumed that A and B have exchanged public keys by one of the schemes described
subsequently.

UNIT2 Network Security Page 15

  Describe Distribution of Public Keys
Several techniques have been proposed for the distribution of public keys. Virtually
all these proposals can be grouped into the following general schemes:
1. Public announcement
2. Publicly available directory
3. Public-key authority
4. Public-key certificates
 Public Announcement of Public Keys: On the face of it, the point of public-key
encryption is that the public key is public.

UNIT2 Network Security Page 16

  Publicly Available Directory: A greater degree of security can be achieved by
maintaining a publicly available dynamic directory of public keys.

 Public-Key Authority: Stronger security for public-key distribution can be

achieved by providing tighter control over the distribution of public keys from the
directory.

UNIT2 Network Security Page 17

  Public-Key Certificates: is attractive, yet it has some drawbacks. The public-key
authority could be somewhat of a bottleneck in the system, for a user must appeal to the
authority for a public key for every other user that it wishes to contact.

UNIT2 Network Security Page 18

  Explain X.509 Certificates

X.509 defines a framework for the provision of authentication services by the X.500
directory to its users. The directory may serve as a repository of public-key certificates.
Each certificate contains the public key of a user and is signed with the private key of a
trusted certification authority.
In addition, X.509 defines alternative authentication protocols based on the use of
public-key certificates.

X.509 is an important standard because the certificate structure and authentication

protocols defined in X.509 are used in a variety of contexts.
X.509 was initially issued in 1988. The standard was subsequently revised to
address some of the security concerns documented and revised recommendation was
issued in 1993. A third version was issued in 1995 and revised in 2000.

X.509 is based on the use of public-key cryptography and digital signatures. The
standard does not dictate the use of a specific algorithm but recommends RSA.

UNIT2 Network Security Page 19

  Diffie- Hellman Key Exchange
The Diffie-Hellman algorithm depends for its effectiveness on the difficulty of
computing discrete logarithms.
The purpose of the algorithm is to enable two users to securely exchange a key
that can then be used for subsequent symmetric encryption of messages. The algorithm
itself is limited to the exchange of secret values.

UNIT2 Network Security Page 20

 Written by: Abdijabar Awais Osman

END

UNIT2 Network Security Page 21