Part 1

The Yenepoya Institute of Arts, Science, Commerce and
Management (YIASCM)
Course: BCA(Big Data Analytics and Cloud

Computing)- Vr2
BCS504: Cryptography and Network

Security
Unit-3:-Cryptography, Part-1 Jamuna K M
Dept.of Computer Science, YIASCM
1
Objectives
• At the end of this session the leaner will able
to understand about
 Encipherment using Modern Symmetric-Key
Ciphers
 Summary
 References
Objectives
❏ To show how modern standard ciphers, such as
DES or AES, can be used to encipher long
messages.
❏ To discuss five modes of operation designed
to be used with modern block ciphers.
❏ To define which mode of operation creates
stream ciphers out of the underlying block
❏ ciphers.
To discuss the security issues and the error
propagation of different modes of operation.
❏ To discuss two stream ciphers used forreal-
time processing of data.
Introduction
• Digital data is represented in strings of binary digits
(bits) unlike alphabets.
• Modern cryptosystems need to process this binary
strings to convert in to another binary string.
• Based on how these binary strings are processed, a
symmetric encryption schemes can be classified in
to −
a. Stream cipher
b. Block cipher
Stream Ciphers
• In this scheme, the plaintext is processed one
bit at a time i.e. one bit of plaintext is taken,
and a series of operations is performed on it
to generate one bit of ciphertext.
• Technically, stream ciphers are block ciphers
with a block size of one bit.
Block Ciphers
• In this scheme, the plain binary text is
processed in blocks (groups) of bits at a time;
i.e. a block of plaintext bits is selected, a series
of operations is performed on this block to
generate a block of ciphertext bits.
• The number of bits in a block is fixed.
• For example, the schemes DES and AES have
block sizes of 64 and 128, respectively.
USE OF MODERN BLOCK CIPHERS
Symmetric-key encipherment can be done using

moder n block cipher s. Modes of operation have been
devised to encipher text of any size employing either
DES or AES.
Modes of
operation
Electronic Codebook (ECB) Mode
The simplest mode of operation is called the electronic
codebook (ECB) mode.
Electronic codebook (ECB) mode

Example:1
It can be proved that each plaintext block at Alice’s site is exactly
recovered at Bob’s site. Because encryption and decryption are
inverses of each other,
Example :2
This mode is called electronic codebook because one can
precompile 2K codebooks (one for each key) in which each
codebook has 2n entries in two columns. Each entry can list the
plaintext and the corresponding ciphertext blocks. However, if K
and n are large, the codebook would be far too large to precompile
and maintain.
Assume that Eve works in a company a few hours per month (her
monthly payment is very low). She knows that the company uses
several blocks of information for each employee in which the
seventh block is the amount of money to be deposited in the
employee’s account. Eve can intercept the ciphertext sent to the
bank at the end of the month, replace the block with the
information about her payment with a copy of the block with the
information about the payment of a full-time colleague. Each
month Eve can receive more money than she deserves.
Error Propagation
A single bit error in transmission can create errors in
several in the corresponding block. However, the error
does not have any effect on the other blocks.
Cipher text Stealing
A technique called cipher text stealing (CTS) can make
it possible to use ECB mode without padding. In this
technique the last two plaintext blocks, PN−1 and PN , are
encrypted differently and out of order, as shown below,
assuming that PN−1 has n bits and PN has m bits, where m
≤n.
In CBC mode, each plaintext block is exclusive-
ored with the previous cipher text
block before being
encrypted Cipher block chaining (CBC) mode
Cipher block chaining (CBC) mode
Example 4
It can be proved that each plaintext block at Alice’s site is
recovered exactly at Bob’s site. Because encryption and decryption
are inverses of each other,
Initialization Vector (IV)

The initialization vector (IV) should be known by
the sender and the receiver.
Error Propagation
In CBC mode, a single bit error in cipher text block Cj
during transmission may create error in most bits in
plaintext block Pj during decryption.
Cipher text Stealing
The cipher text stealing technique described for ECB
mode can also be applied to CBC mode, as shown
below.
The head function is the same as descr ibed in ECB

mode; the pad function inserts 0’s.
In some situations, we need to use DES or AES as
secure ciphers, but the plaintext or cipher text block
sizes are to be smaller.
Encryption in cipher feedback (CFB) mode
Not
e
In CFB mode, encipherment and decipherment use
the encryption function of the underlying block
cipher.
The relation between plaintext and cipher text blocks is

shown below:
CFB as a Stream Cipher
Figure 8.5 Cipher feedback (CFB) mode as a

stream cipher
Output Feedback (OFB) Mode
In this mode each bit in the cipher text is independent of
the previous bit or bits. This avoids er ror propagation.
Encryption in output feedback (OFB) mode
OFB as a Stream Cipher
Output feedback (OFB) mode as a stream
cipher
Counter (CTR) Mode
In the counter (CTR) mode, there is no feedback. The
pseudo randomness in the key stream is achieved using
a counter.
Encryption in counter (CTR) mode
Counter (CTR) mode as a stream cipher
Comparison of Different Modes
USE OF STREAM CIPHERS
Although the five modes of oper ations enable the use

of block cipher s for encipher ment of messages or
files in lar ge units and small units, sometimes pure
stream are needed for encipher ing small units of
data such as char acter s or bits.
RC4
RC4 is a byte-oriented stream cipher in which a byte (8
bits) of a plaintext is exclusive-ored with a byte of key to
produce a byte of a cipher text.
State
RC4 is based on the concept of a state.
A5/1
A5/1 (a member of the A5 family of cipher s) is used in
the Global System for Mobile Communication (GSM), a
networ k for mobile telephone communication..
General outline of A5/1
Key Management
Alice and Bob need to share a secret key between

themselves to securely communicate using a symmetric-
key cipher. If there are n entities in the community, n(n
− 1)/2 keys are needed.
Key Generation
Different symmetric-key cipher s need keys of different

sizes. The selection of the key must be based on a
systematic approach to avoid a secur ity leak. The keys
need to be chosen randomly. This implies that there is a
need for random (or pseudorandom) number gener ator.
References
• MichaelE.WhitmanandHerbertJ.Mattord.
(2012).PrinciplesofInformationSecurity,2ndEd.,T
homson, CengageDelmarLearning.
• WilliamStalling.
(2012).NetworkSecurityEssentials:ApplicationsandS
tandards,4thEd.,Pear sonEducation.
• BehrouzA.Forouzan,DebdeepMukhopadhyay.
(2011).CryptographyandNetworkSecur ity,2ndEd.,
SpecialIndianEdition, TataMcGraw-Hill.

Part 1

Uploaded by

Copyright:

Available Formats

Part 1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Part 1

Uploaded by

Copyright:

Available Formats

The Yenepoya Institute of Arts, Science, Commerce and

Course: BCA(Big Data Analytics and Cloud

BCS504: Cryptography and Network

Symmetric-key encipherment can be done using

Electronic codebook (ECB) mode

Initialization Vector (IV)

The head function is the same as descr ibed in ECB

The relation between plaintext and cipher text blocks is

Figure 8.5 Cipher feedback (CFB) mode as a

Although the five modes of oper ations enable the use

Alice and Bob need to share a secret key between

Different symmetric-key cipher s need keys of different

You might also like