CSC 386 – Computer Security

Scott Heggen

Agenda

• Cryptography (i.e., Confusion and Diffusion)

The Fundamental Flaw of Ciphers

Original Alphabet

Caesar Offset

(shift +2)

RandomSubstitution

…

A C L

B E K

C F M

D G Y

E H A

F I J

G J F

… … …

k =

Message index

Pseudo-Random

Offset

0 Shift +4

1 Shift -4

2 Shift +6

3 Shift +22

4 Shift +1

5 Shift -14

6 Shift -8

… …

Frequency Analysis

• The English language has trends:• “e” appears in English about 12% of the time• “t” = ~9%• “a” = ~8%•

• Common digrams:• “he”• “an”• “in”• “th”

Data Encryption Standard (DES)

• Developed by IBM in the 70s as the standard for encryption by the U.S. government• Based on Feistel networks• Remained the standard for 20+ years• Has since been broken by exhaustive search and replaced with a new

standard

Feistel Network

Reversible function! (meaning the decryption method is the same as encryption)

The Key

• A single key is permutated into 16 subkeys• A series of left-shifts on the original key• Each subkey is then permuted (diffused)

The F-function

• First, the block is expanded• Second, the expanded block is X-

OR’ed with the subkey• Next, fed into “S boxes” which

map 6 bits to 4 bits• Based on a table

• Finally, output is permuted• bits are diffused

DES

Assignment

• For Wednesday:• Read up on DES (Chapter 14, Page 265 – 266). I highly suggest reading up on

additional sources on the web, such as: • http://en.wikipedia.org/wiki/Data_Encryption_Standard• http://www.youtube.com/watch?v=qHZKze24kVo• http://people.eku.edu/styere/Encrypt/JS-DES.html

• Quiz on DES:• 1 question on The Feistel Structure• 1 question on the f-function• 1 question on Sub-key Generation