SECURITY

SECURITY
 What ?
• Protect of the general assets
 Hardware
 Software
 Where ?
• Global Environment
• Electronics Environment
• Local Environment
SECURITY
WHY?
• Disturb of operation, function, integrity, availability of
Threat
system

• Weakness in design, configure, implement,

Vulnerability
management of system

• Specific technique to exploit a service of system such

as DoS, Virus.
Attacks • Active and Passive
Security Solutions
Security

Computer
System Security Cryptographic
Forensic

Antivirus Confidentiality Authentication Integrity Key Sharing Post Attack

Encryption Public/Private
Antimalware Hash Algorithm Diffie Hellman Data Collection
Key Based
Algorithms

Certificate
Firewall DES, AES, 3DES RSA SHA, MD5 Examination
Authority

Anti Spam DSS DSS Reporting

ECC
CRYPTOGRAPHY
 Cryptography (or cryptology; from Greek κρυπτός kryptós, )
 Hidden - secret

Source Destination

Plain Cipher Encryption

Key
Text Text

Cipher Plain Decryption

Key
Text Text
BLOCK
CIPHER

Classical DES
Symmetric

Security Block AES

Technique
s
Public/Private
Asymmetric 3DES
Key Based
BLOCK CIPHER
PRINCIPLES
Most symmetric block ciphers are based on a
Feistel Cipher Structure
Needed since must be able to decrypt ciphertext
to recover messages efficiently
Block ciphers look like an extremely large
substitution
Would need table of 264 entries for a 64-bit block

instead create from smaller building blocks using

idea of a block cipher
BLOCK CIPHER
CONCEPT
PROCESS

Key
Encryption Decryption
Generation
DATA ENCRYPTION STANDARD (DES)
SUBSTITUTION BOX (S-BOX)
CLASSICAL FEISTEL
NETWORK
•Horst Feistel devised the feistel cipher
•based on concept of invertible product
cipher
•partitions input block into two halves
•process through multiple rounds
which
•perform a substitution on left
data half
•based on round function of right half
& subkey then have permutation
swapping halves
•Implements Shannon’s substitution-
permutation network concept
FEISTEL ENCRYPTION AND DECRYPTION
FEISTEL CIPHER DESIGN PRINCIPLES
Block size
increasing size improves security, but slows cipher
Key size
increasing size improves security, makes exhaustive key
searching harder, but may slow cipher
Number of rounds
increasing number improves security, but slows cipher
Subkey generation
greater complexity can make analysis harder, but slows
cipher
Round function
greater complexity can make analysis harder, but slows
cipher
Fast software en/decryption & ease of analysis
are more recent concerns for practical use and testing
DATA ENCRYPTION STANDARD (DES)
DATA ENCRYPTION STANDARD (DES)
Data Encryption Standard (DES)
Iteration block
Data Encryption Standard (DES)
ONE ROUND IN DES CIPHERS
SINGLE ROUND OF DES
ALGORITHM
SINGLE ROUND OF DES
ALGORITHM
Li = Ri-1
Ri = Li-1 x F(Ri-1, Ki)
Data Encryption Standard (DES)

Calculation of F(R, K)
DATA ENCRYPTION STANDARD (DES)
S-BOX
DES ALGORITHM
TRIPLE
DES
Key Size 48 X
3
Round 16 X 3
Input 64 bit
Output 64 bit

DESK1 DESK2 DESK3

TRIPLE
DES
 Case I : K1= K2 =K3

Case II: K1 !=K2 !=K3

Case III: K1 !=K2 !

=K3

DESK1-16 DESK2-16 DESK3-16

ADVANCE ENCRYPTION STANDARD

AES is a block cipher intended to replace

DES for commercial applications.
It uses a 128-bit block size and a key size of
128, 192, or 256 bits.
AES does not use a Feistel structure.
Instead, each full round consists of four
separate functions:
 bytesubstitution, permutation,
arithmetic operations over a finite
field, and XOR with a key.
AES
PARAMETERS
AES
PROCEDURE
• AES, do not use a Feistel structure but
process the entire data block in parallel
during each round using substitutions and
permutation.
• The key that is provided as input is
expanded into an array of forty-four 32-bit
words, w[i].
• Four distinct words (128 bits) serve as a
round key for each round; these are
indicated in Figure.
REFERENCES
Cryptography and Network Security
Principles and Practices, Fourth Edition, William
Stallings