# Network Security Encryption Decryption

Document Sample

```					    Network Security
(Encryption & Decryption)

Dr. R. K. Rao
Entropy & Equivocation
• The concept entropy is employed in the
design of secure systems.
• Entropy is a measure of uncertainty of a
message source
• Entropy also defines the average amount
of information per message
Information in a Message
• Is related to the probability of occurrence
of the message
• Messages with probability of either 0 or 1
contain no information, since we can be
confident concerning our prediction of their
occurrence.
• What is Information and how do we define
it?
Measure of Information
• Consider two messages:
M1: Today temperature in London is 8
M2: Today there was an earthquake in
London downtown which leveled down
many buildings.
• Which of the two messages convey more
information? M1 or M2
Measure of Information
• M1 does convey some information, which
has cleared our uncertainty about the
temperature in London (such temperatures
are common around this time of the year)
• M2 is more surprising and certainly
• Therefore, we can say that the information
is related to the probability of occurrence
of the message
Measure of Information
• More probable the occurrence of the
message, less is the information it
conveys
• Less probable the message is, more is the
information it conveys

1
I (M 1)  log 2
P(M 1)
Definition of Entropy
• Suppose we have a message source:
[M ]  M1 , M 2 ,...,M n

• The Entropy or the Average Uncertainty of
the source is
n                  1
H ( M )   P( M i ) log 2
i 1             P( M i )
Definition of Entropy
• The Entropy can be considered as a
measure of how much choice is involved
in the selection of a message M
• When base of the logarithm is 2, the
amount of uncertainty is expressed in
bits/message
• When base is e, it is expressed in
nats/message
What the Cryptanalyst wants?
• Cryptanalyst will have intercepted some
ciphertext, C, and will want to know how
confidently he can predict a message (or
key) given that particular ciphertext is
• That is, the conditional Entropy, H(M|C), of
M given C.
n   m                    1
H ( M / C )    P( M , C ) log 2
i 1 j 1            P( M / C )
Equivocation
• Equivocation, H(M|C), can be thought of
as the uncertainty that message M was
• The cryptanalyst would like this
equivocation to approach to ZERO as the
the amount of intercepted ciphertext, C,
increases
Practical Security Systems
• Consider, for example, a key is configured
as a permutation of the alphabet.
• There are then 26! possibilites
• In an exhaustive search, one might expect
to reach the right key at about halfway
through the search.
• If we assume that each trial requires
1micro second, what is the total time
required to end the search?
Confusion & Diffusion
• In practice, a statistical analysis using the
frequency of occurrence of individual
characters and character combinations
can be used to solve many cipher systems
• Shannon, suggested two encryption
concepts for frustrating the statistical
endeavors of cryptanalysts
• These are: Confusion and Diffusion
Confusion
• Confusion involves substitutions that
render the final relationship between the
key and ciphertext as complex as possible
• This makes it difficult to utilize a statistical
analysis to narrow the search to a
particular subset of the key variable space
• Confusion ensures that the majority of the
key is needed to decrypt even very short
sequences of ciphertext
Diffusion
• Involves transformations, nonlinear, that
smooth out the statistical differences
between characters and between
character combinations
• An example of diffusion with 26-letter
alphabet is to transform a message
sequence M , M ,..., into a new message
0   1

sequence Y0 , Y1 ,..., .
Diffusion
• Use the transformation
s 1
Yn   M ni mod ulo  26
i 0

• Where each character in the sequence is
regarded as an integer modulo-26, s is
some chosen integer and n=0, 1,..
• The letter frequency in the new message
Y will be uniform than that of M
Substitution
• Substitution encryption techniques, such
as Caesar cipher and Trithemius
progressive key cipher, are widely used in
puzzles
• These ciphers offer little encryption
protection. For substitution ciphers to fulfill
Shannon’s concept of confusion, a more
complex relationship is required
Substitution Box (Example)
S-box (Example)
• This is an example of providing greater
substitution complexity through the use of
a non-linear transformation
• In general, n input bits are first
represented as one of 2^n different
characters
• The set of 2^n characters are then
permuted so that each character is
transposed to one of the others in the set
• The character is then converted back to an
n-bit output
S-box (Example)
• In general, it can be shown that there are
(2^n)! different substitution or connection
patterns possible
• When n=128, (2^128)! Is an astronomical
number
Is the transformation non-linear?
• To verify that the transformation is non-
linear, perform the following operations:
• C=T(a)+T(b)
• C’=T(a+b)
• If C=C’, the transformation is linear,
otherwise it is non-linear
Permutation Box or P-box
• In permutation (transposition), the
positions of the plaintext letters in the
message are simply rearranged, rather
than being substituted with other letters of
the alphabet as in classic ciphers
• For example, THINK might appear, after
permutation, as the ciphertext HKTNI.
P-box example (binary data
permulation)
P-box example
• In the example, input data are simply
rearranged or permuted
• This technique has one major drawback –
it is vulnerable to trick messages
• A trick message is illustrated in the Figure.
• A single 1 at the input and all the rest 0
quickly reveals one of the internal
connections.
Product Cipher System
• Shannon suggested using product cipher
or combinations of S-box and P-box
transformations, which together yield a
cipher system more powerful than either
one alone
• This approach has been used by IBM in
the LUCIFER system
• This approach is also the basis for Data
Encryption Standard (DES)
Product Cipher System
Product Cipher System
• Uses combination of P-boxes and S-boxes
• Decryption is accomplished by running the
data backward, using the inverse of each
box
• The system is difficult to implement since
each S-box is different, a randomly
generated key is not usable and the
system does not lend itself to repeated
use of the same circuitry
Lucifer System
• Used two different types of S-boxes which
could be publicly revealed
• The input data are transformed by the
sequence of S- and P- boxes under the
dictates of a key
• The 25-bit key in this example designates,
the choice of S1 and S0 of each of the 25
S-boxes in the block. The details of the
encryption devices can be revealed since
security of the system is provided by the
key
Present-day Ciphers
• The iterated structure of the product cipher
system is typical of present-day ciphers
• The messages are partitioned into
successive blocks of n bits, each of which
is encrypted with the same key.
• The n-bit block represents one of the 2^n
different characters, allowing (2^n)!
different substitution patterns

```
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
 views: 10 posted: 3/19/2012 language: English pages: 29