MACRaushan

DES simple fiestel network

3 1PlainTextBlocks

2*4=8bits

3 1

f

=0011 xor 0011=0000 = 0

f(r,k)=(2*r+k^2)%8

f(1,5)=(2*1+5^2)%8=3xor3

3 xor 3

k1=5

01

fxor1

k2=7

00

=0001 xor 0001=0000 = 0

f(r,k)=(2*r+k^2)%8

f(0,7)=(2*0+7^2)%8=1

1 xor 1

CipherText

2 Round simple fiestel network

0 0

ECB

p1 p2 p3p4

p1 p2 p3 p4

PlainTextBlocks

4*4=16bits2*4=8bits

c1 c2 c3c4CipherText

Block Cipher

Encryption e.g. DES, AES

Block Cipher

Encryption e.g.

DES, AES

Disadvantage: ciphertext

repeats for same plaintext

KK

ECB: example

3 1 31

3 1 3 1

PlainTextBlocks

4*4=16bits2*4=8bits

3 1

f

=0011 xor 0011=0000 = 0

f(r,k)=(2*r+k^2)%8

f(1,5)=(2*1+5^2)%8=3xor3

3 xor 3

k1=5

01

fxor1

k2=7

00

=0001 xor 0001=0000 = 0

f(r,k)=(2*r+k^2)%8

f(0,7)=(2*0+7^2)%8=1

1 xor 1

3 1

fxor3

k1=5

01

fxor1

k2=7

00

0 0 00CipherText

2 Round simple fiestel network

CBC : Code Block Chainingp1 p2 p3

p4p1 p2 p3 p4

PlainTextBlocks

c1 c2CipherText

Block cipher Encryption Algorithm (e.g. DES, AES etc.)

Block cipher Encryption Algorithm (e.g. DES, AES etc.)

xorInitial Vector xor

c3 c4

to avoid repeating cipher

text for same plaintext

Code Block Chaining: example3 1 3

13 1 3 1

PlainTextBlocks

7 6

CipherText

xor

Initial Vector=

27 xor

0 3

0011000100100101—————00010100—————

16

1 6

fxor

5k1=

5

46

fxor

1k2=

7

67

=0001 xor 0101=0100 = 4

f(r,k)=(2*r+k^2)%8

f(1,5)=(2*6+5^2)%8=5

1 xor 5

=0110 xor 0001=0111 = 7

f(r,k)=(2*r+k^2)%8

f(4,7)=(2*4+7^2)%8=1

6 xor 1

760011000101110110—————01000111—————

47

4 7

fxor

7k1=

5

37

fxor

7k2=

7

30

f(r,k)=(2*r+k^2)%8

=0100 xor 0111=0011 = 3

f(7,5)=(2*7+5^2)%8=7

4 xor 7

=0111 xor 0111=0000 = 0

f(r,k)=(2*r+k^2)%8

f(3,7)=(2*3+7^2)%8=7

7 xor 7

7 6 03

Why Integrity Check

So far we have encrypted message which gives confidentiality. But, how can we ensure that Bob is receiving correct

message from Alice? that is message is not modified by Eve.

This is known as Integrity Check.One way is “Message Authentication Code”

MAC• In cryptography, a message authentication

code (often MAC) is a short piece of information used to authentication a message and to provide integrity and authenticity assurances on the message.

• Integrity assurances detect accidental and intentional message changes, while authenticity assurances affirm the message's origin.

MAC• MACs differ from digital signatures as MAC values are

both generated and verified using the same secret key.

• For the same reason, MACs do not provide the property of non-repudiation offered by signatures: any user who can verify a MAC is also capable of generating MACs for other messages.

• In contrast, a digital signature is generated using the private key of a key pair. Since this private key is only accessible to its holder, a digital signature proves that a document was signed by none other than that holder. Thus, digital signatures do offer non-repudiation.

MAC

• MAC algorithms can be constructed from other cryptographic primitives, such as cryptographic hash functions (as in the case of HMAC) or from block cipher algorithms ( OMAC, CBC, PMAC).

• However many of the fastest MAC algorithms such as UMAC, VMAC are constructed based on universal hashing

Message Integrity

Alice

Bob

Alice sends message m_a.

Bob receives message m_b.Bob wants to verify that m_b=m_a.

EveEve might alter message m_a to

m_e

Message Authentication Code (MAC)

• MAC uses two algorithms:

• MAC Signing Algorithm (Alice signs m_a)

• MAC Verification Algorithm (Bob verifies if m_b=m_a)

MAC

Alice Bob

Alice sends message m_a

and a tag using MAC signing

algo

[m_a, tag]

Bob uses MAC verification

Algo to check if m_b=m_a

MAC signing Algo

m_aK

tagMAC

verifying Algo,

m_b=m_a?

m_bK

tagyes/no

k Alice & Bob shares a key

MAC

MAC

• Notice: we are sending message (plaintext or encrypted) and sending a tag

• message can be gigabits, but tag is small 90/100bits.

• How to generate tag? By using MAC signing Algo.

• One example is CBC-MAC.

MAC signing Algo: example CBC-MAC

p1 p2 p3p4

p1 p2 p3 p4

PlainTextBlocks

c1 c2

Block cipher Encryption Algorithm (e.g. DES, AES etc.)

Block cipher Encryption Algorithm (e.g. DES, AES etc.)

xorInitial

Vector=0 xor

c3 c4

tag

Here, message = p1p2p3p4

tag=c3c4

Note: CBC-MAC uses IV=0

CBC-MAC: example3 1 3

13 1 3 1

PlainTextBlocks

0 0

xor

Initial Vector=

0 xor

0 0

0011000100000000—————00110001—————

31

3 1

fxor

3k1=

5

01

fxor

1k2=

7

00

=0011 xor 0011=0000 = 0

f(r,k)=(2*r+k^2)%8

f(1,5)=(2*1+5^2)%8=3

3 xor 3

=0001 xor 0001=0000 = 0

f(r,k)=(2*r+k^2)%8

f(0,7)=(2*0+7^2)%8=1

1 xor 1

00 0011000100000000—————00110001—————

31

3 1

fxor

3k1=

5

01

fxor

1k2=

7

00

Now, Alice sendsmessage = 3131

andtag=00

MAC verifying Algo: example CBC-MAC

Now, Bob receives

message = 3131 and

tag=00

Bob uses CBC-MAC and generates the tag_bob.Then checks, if tag_bob=tag.

If yes, then the message is authentic otherwise tampered.

MAC• It uses key

• Used for integrity check

• CBC is used for encrypting message whereas CBC-MAC is used for integrity check.

• It is slow. Integrity check must be fast. Another way is hash[keyless].

• Hash - next class..