Lecture 6 - Week 6

NET3106 – Network Security
Lecturer:
Houshyar Honar Pajooh
Room Number : AE-3-28 (University Building - East)
Email: houshyarh@sunway.edu.my
Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
NET3106 – Network Security
WEEK (6)
Modes of operation for block Cipher and
stream cipher
SENSITIVE
Modes of
operation for
block Cipher
and stream
cipher
• Modes of Operation for Block Cipher
• Stream Cipher
• RC4
SENSITIVE
Need for Modes of Block Ciphers
• Block Ciphers deal with blocks of data
• In real life there are two important issues:
• plaintext much larger than a typical block length of 128 bits
• plaintext not a multiple of the block length
• These modes were first standardized in FIPS Publication 81 in 1980
• The obvious solution is the first mode, called the Electronic Code Book (ECB)
SENSITIVE
Electronic Code Book Mode (ECB)
• When a block cipher is used in ECB mode, each block of plaintext is coded independently
• This makes it not very secure for long segments of plaintext, especially plaintext containing repetitive information.
• Used primarily for secure transmission of short pieces of information, such as an encryption key.
SENSITIVE
SENSITIVE
ECB Example
SENSITIVE
CBC (Cipher-Block Chaining) Mode
SENSITIVE
Cipher
Feedback Mode
(CFB)
SENSITIVE
Output Feedback Mode (OFB)
SENSITIVE
Counter Mode (CTR)
SENSITIVE
SENSITIVE
• Many uses of random numbers in cryptography
• Generation of keys for the RSA public-key encryption (asymmetric
encryption)
• Generation of key stream for symmetric stream cipher
Random • Generation of symmetric key as temporary session key
• In key distribution scenarios (Kerberos to prevent from reply attack)
Numbers
• In all cases its critical that these values be
• Unpredictability (statistically random)
• Randomness (uniform distribution (same frequency of zeros and ones),
independent)
SENSITIVE
• Often use deterministic algorithmic techniques to create random numbers.
• Not truly random
Pseudorandom • But it can pass many tests of randomness
• Known as pseudorandom numbers
Number
Generators Created by Pseudorandom Number Generators (PRNGs).
SENSITIVE
• True random number generator (TRNG) : input is a random value
(system time).
• Pseudorandom number generator (PRNG) : input is a fixed value +
feedback
Pseudorandom • Pseudorandom function (PRF) : input is a fixed value + feedback +
specific value (e.g. user ID)
Number
Generators
SENSITIVE
Stream Cipher
• Block cipher processes one block of elements at a time.
• Stream cipher processes the input elements (1 bit or one units larger than 1 byte)
continuously.
• RC4 is the most popular symmetric stream cipher.
SENSITIVE
Block vs Stream Ciphers
• Blocks Ciphers process plaintext in large blocks.

• Stream Ciphers process plaintext in small blocks, even bits
• Block cipher are considered more secure than stream cipher
• Stream cipher are faster than block cipher
SENSITIVE
Stream Cipher Structure
• The key is input to pseudorandom byte generator.

• The key is unpredictable.
• The output of pseudorandom byte generator is called keystream.
• Keystream will combine with plaintext stream using XOR.
• E.g. :
• En :11001100 plaintext 01101100 Keystream = 10100000 Ciphertext
• De : 10100000 Ciphertext 01101100 Keystream = 11001100 plaintext
SENSITIVE
Stream Cipher Properties
• Some design considerations are:

• long period with no repetitions
• statistically random
• depends on large enough key, e.g. 128 bits
• Properly designed, can be as secure as a block cipher with same size key
• But usually simpler & faster
• Data communication channel and web : stream cipher
• File transferring, email and database : block cipher
SENSITIVE
RC4
• Its stream cipher

• Encrypt one bytes at a time
• Can use as a random number generator
• Very fast and simple
• Popular method, including WEP, WPA and SSL
• RC4 generates a pseudorandom stream of bits (a keystream) which, for encryption/decryption, is combined
with the plaintext using XOR
• Key size 1~256 bytes (8 to 2048 bits)
• Inputs: Key and Data
• Output: Unique keystream equal to the length of input data
SENSITIVE
• Contain Key Scheduling Algorithm (KSA) and Pseudorandom Generation Algorithm (PRGA) steps:
RC4 Structure
SENSITIVE
Main functions in RC4
• Key scheduling algorithm (KSA):

◦ A variable length key, between 40 and 256 bits, is used to initialize the 256-byte state vector (S) (permutation)
• Pseudo Random Generation Algorithm (PRGA)

◦ To generate the keystream
SENSITIVE
Steps in RC4
• The steps for RC4 encryption algorithm is as follows:

◦ Get the data to be encrypted and the selected key.
◦ Create two string arrays.
◦ Initiate one array with numbers from 0 to 255.
◦ Fill the other array with the selected key.
◦ Randomize the first array depending on the array of the key.
◦ Randomize the first array within itself to generate the final key stream.
◦ XOR the final key stream with the data to be encrypted to give cipher text.
SENSITIVE
RC4 Example
SENSITIVE
Thank you Questions!!!
SENSITIVE

Lecture 6 - Week 6

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lecture 6 - Week 6

Uploaded by

Copyright:

Available Formats

NET3106 – Network Security

• Block cipher processes one block of elements at a time.

• RC4 is the most popular symmetric stream cipher.

• Blocks Ciphers process plaintext in large blocks.

• The key is input to pseudorandom byte generator.

• Some design considerations are:

• Its stream cipher

• Key scheduling algorithm (KSA):

• Pseudo Random Generation Algorithm (PRGA)

• The steps for RC4 encryption algorithm is as follows:

You might also like