Skip to content

Latest commit

 

History

History
175 lines (130 loc) · 6.47 KB

1.1-symmetric-schemes.md

File metadata and controls

175 lines (130 loc) · 6.47 KB

Symmetric Schemes

  • Process of protection and deprotection uses the same key;
  • Keys are usually used during a short period of time;
  • Keys are established after a negotiation process between who encrypts and who decrypts;
  • Used in:
    • Symmetric cipher;
    • MAC.

Symmetric Cipher

SymmetricCipher

Algorithms (G, E, D):

  • G - probabilistic function for key generation;
    • G :-> Keys;
  • E - probabilistic function for cipher;
    • E: Keys -> {0, 1}* -> {0, 1}*;
  • D - deterministic function for decipher;
    • D: Keys -> {0, 1}* -> {0, 1}*.

SymmetricCipherScheme

Properties

  • Keys: D(k)(E(k)(m)) = m;
  • Security property: is computationally infeasible to find m (plain text) from c (ciphered text), without knowing the key k;
  • Symmetric scheme: use of the same key k in the functions E and D;
  • Message m and ciphered text c are byte sequences with variable dimension ({0,1}*);
  • Does not guarantee data integrity;
  • Examples: DES-CBC-PKCS5Padding, AES-CBC-PKCS5Padding, etc.

MAC (Message Authentication Code) Scheme

MAC

Algorithms (G, T, V):

  • G - probabilistic function for key generation;
    • G :-> Keys;
  • T - probabilistic function for tag generation;
    • T: Keys -> {0, 1}* -> Tags;
  • V - deterministic function for tag verification;
    • V: Keys -> ( Tags x {0, 1}* ) -> {true, false}.

MACScheme

Properties

  • Keys: V(k)(T(k)(m), m) = true;
  • Security property: is computationally infeasible to find m (plain text) from t (tag), without knowing the key k;
  • Symmetric Scheme: use of the same key k in the functions T and V;
  • Message m and tag t are byte sequences with variable dimension ({0,1}*);
  • Tag t has fixed dimension (e.g. 160, 256 bits);
  • Code detectors and error correctors do not serve for MAC schemes;
  • Examples: HMAC-SHA1, HMAC-SHA256, etc.

Symmetric Cipher Primitives

  • To use symmetric cipher schemes, we need to choose a symmetric cipher primitive;
  • Examples: DES, AES, Blowfish, etc;
  • Block cipher primitive:
    • n - block dimension;
    • l - key dimension;
    • Function E: {0, 1}^l -> {0, 1}^n -> {0, 1}^n;
    • Function D: {0, 1}^l -> {0, 1}^n -> {0, 1}^n.

SymmetricCipherPrimitives

Features

  • The block dimension n must be sufficiently high to prevent attacks based on the statistics of the plain text;
  • The key dimension l must be sufficiently high to prevent attacks based on brute force.

Operation Modes

  • Plain text patterns should not be evident in the ciphered text;
  • The efficiency of the used method should be higher than the efficiency of the cipher primitive;
  • Ciphered text dimension should be approximately equal to plain text dimension;
  • The decipher should be capable of error detection and correction;
  • Random access - ability to decipher and change only part of the ciphered text.

ECB (Electronic Code Book) Mode

ECB

  • Plain text blocks equal, ciphered with the same key, imply ciphered text blocks equal;
  • Interdependence in the cipher - The cipher is performed independently in each block;
  • Error propagation - Error occurrence in a ciphered text block affects only the decipher of that block;
  • Random access.

CBC (Cipher Block Chaining) Mode

CBC

  • Under the same key and under the same initialization vector (IV), two equal messages imply equal ciphered texts;
  • Interdependence in the cipher - The cipher is performed independently in each block;
  • Error propagation - Error occurrence in a ciphered text block cj affects the decipher of that block and the next block cj+1;
    • The decipher of the block cj+1 will have errors in the same positions as the block cj;
  • Reordering the ciphered text blocks affects the decipher;
  • It is relatively easy to manipulate a given plain text block.

IV - Initialization Vector

  • Should be stored and transmitted in plain;
  • Should not be reused - uniqueness;
  • Should not be predictable - unpredictability.

Padding

  • Padding is a way to take data that may or may not be a multiple of the block size for a cipher and extend it out so that it is;
  • X is the bytes count to add to the message dimension to make it a multiple of the block dimension;
  • Example: PKCS#5 and PKCS#7 padding.

Stream Operation Modes

Modes like CBC need different algorithms to cipher and decipher.

StreamOperationModes

CTR (Counter) Mode

  • Under the same key and under the same initialization vector (IV), two equal messages imply equal ciphered texts;
  • Error propagation - Error occurrence in a ciphered text block cj affects only the decipher of that block;
    • The decipher of the block cj will have errors in the same positions as the block cj;
  • Random access;
  • It is relatively easy to manipulate a given plain text block.

Authenticated Cipher

  • To guarantee confidentiality and simultaneously authenticity, it is necessary to use a combination of the Cipher and MAC schemes;
  • There are two approaches:
    • Encrypt-then-MAC - The tag indicates whether there was a change or not in the ciphered text;
    • MAC-then-Encrypt - The tag is generated over the message, and is then all encrypted;
  • There are operation modes whose objective is to produce an authenticated cipher by combining the operations in a single algorithm:
    • Galois/Counter Mode (GCM);
    • Offset Codebook Mode (OCB);
    • Counter with CBC-MAC (CCM).