信息安全導論(密碼學)復習試卷資料題

1、.信息安全導論信息安全導論, 胡海波胡海波2Generally, there are four general categories of security attacks Interception 竊聽竊聽 Modification 修改修改 Fabrication 偽裝偽裝1. About IS2. WWW IS?4. S_ Services31. About IS2. WWW IS?4. S_ ServicesGenerally, there are four general categories of security attacks Interruption 阻斷阻斷 Modific

2、ation 修改修改 Fabrication 偽裝偽裝4Generally, there are four general categories of security attacks Interruption 阻斷阻斷 Interception 竊聽竊聽 Fabrication 偽裝偽裝1. About IS2. WWW IS?4. S_ Services5Generally, there are four general categories of security attacks Interruption 阻斷阻斷 Interception 竊聽竊聽 Modification 修改修改1

3、. About IS2. WWW IS?4. S_ Services61. About IS2. WWW IS?4. S_ ServicesThese attacks involves some modification of the data stream or the creation of a false stream, which can be subdivided into four categories: masquerade (偽裝偽裝) replay (重放重放) modification of messages (篡改篡改) denial of service (拒絕服務拒絕

4、服務)Active Attack Passive attackand71. About IS2. WWW IS?4. S_ ServicesPassive attacks are in the nature of eavesdropping(偷聽偷聽) on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are: release of message conten

5、ts (泄密泄密) traffic analysis (流量分析流量分析)Active Attack Passive attackand8Security Services Confidentiality (保密性保密性) Availability (可用性可用性) Nonrepudiation (防抵賴防抵賴) Authentication (真實性真實性) Integrity (完整性完整性) Access Control (可控性可控性)1. About IS2. WWW IS?3. S_ Attacks9Security Services Confidentiality (保密性保密性

6、) Availability (可用性可用性) Nonrepudiation (防抵賴防抵賴) Authentication (真實性真實性) Integrity (完整性完整性) Access Control (可控性可控性)1. About IS2. WWW IS?3. S_ Attacks10Security Services Confidentiality (保密性保密性) Availability (可用性可用性) Nonrepudiation (防抵賴防抵賴) Authentication (真實性真實性) Integrity (完整性完整性) Access Control (可控

7、性可控性)1. About IS2. WWW IS?3. S_ AttacksI didnt send R the message !I didnt receive the message from S !11Security Services Confidentiality (保密性保密性) Availability (可用性可用性) Nonrepudiation (防抵賴防抵賴) Authentication (真實性真實性) Integrity (完整性完整性) Access Control (可控性可控性)1. About IS2. WWW IS?3. S_ AttacksIch bi

8、n Xiaofeng + CredentialVerify User and CredentialAuthorized12Security Services Confidentiality (保密性保密性) Availability (可用性可用性) Nonrepudiation (防抵賴防抵賴) Authentication (真實性真實性) Integrity (完整性完整性) Access Control (可控性可控性)1. About IS2. WWW IS?3. S_ Attacks13Security Services Confidentiality (保密性保密性) Avail

9、ability (可用性可用性) Nonrepudiation (防抵賴防抵賴) Authentication (真實性真實性) Integrity (完整性完整性) Access Control (可控性可控性)1. About IS2. WWW IS?3. S_ AttacksReadWriteAccess142. Classic CryptographyTerminology: homoionym homoionym ( (近義詞近義詞) ) Cryptography 密碼編碼學 encrypt, decrypt encryption, decryption code, coding e

10、ncode, decode cipher, ciphering encipher, deciphermessagecodemessageencryptdecryptplaintextciphertext152. Classic CryptographyTerminology: homoionym homoionym ( (近義詞近義詞) ) Cryptography 密碼編碼學 encrypt, decrypt encryption, decryption code, coding encode, decode cipher, ciphering encipher, deciphermessa

11、gecodemessageencryptdecryptplaintextciphertext162. Classic CryptographyCryptographyClassic Cryptography:（by WWII） typically for confidential usage A and B have already shared secret information, to protect their communicationModern Cryptography （from WWII） related to more security services, as: conf

12、identiality, integrity, authentication, and non-repudiation.172. Classic CryptographySymmetric C-Asymmetric C-C- Hash Function DecryptionAlgorithmEncryptionAlgorithm182. Classic CryptographySymmetric C-Asymmetric C-C- Hash FunctionDecryptionAlgorithmEncryptionAlgorithm192. Classic CryptographySymmet

13、ric C-Asymmetric C-C- Hash FunctionEncryptionAlgorithmDecryptionAlgorithm202. Classic CryptographySymmetric C-Asymmetric C-C- Hash FunctionHash FunctionHash Function213 2 Auguste Kerckhoffs1835-1903223 2 233 2 243 2 253 2 A group of plaintext symbols of size m (m 1) are encrypted together creating a

14、 group of ciphertext of the same size. A single key is used to encrypt the whole block even if the key is made of multiple values.T,X,T = EKe,x,tH,E,R = EKi,n,tC,I,P = EKp,l,a263 2 In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies

15、 during the encryption.P = EK3(a)I I = EK2(l)C = EK1(p)273 2 e.g.283 2 e.g.132121001111xxxyye.g.2110 11010 01293 2 XORXOR0 01 10 00 01 11 11 10 0+e.g.303 2 e.g.313 2 e.g.323 2 e.g.SplitCombine333 2 8 bit plain textblock1block2blocknkey mixerS-box 3S-box 1S-box 2S-box 412345678P-box8 bit middle textk

16、18 bit middle textk28 bit cipher textRound 1Round 2Round Key GeneratorK343 1 Horst Feistel 1915-1990LiRi+Li+1Ri+1FKiLi+1Ri+1353 1 363 2 DES64bit plaintext64bit ciphertextInitial permutationRound 1Round 2Round 16Final permutation.56bit keyK1K2K16Round-key generator373 2 383 2 A round in DES (encrypti

17、on site)Li = Ri-1Ri = Li-1 f(Ri-1, Ki)+39 The heart of DES is the DES function. The DES function applies a 48-bit round-key to the rightmost 32 bits to produce a 32-bit output.3 2 DES function403 2 Since Ri1 is a 32-bit input and Ki is a 48-bit key, we first need to expand Ri1 to 48 bits. 413 2 Afte

18、r the expansion permutation, DES uses the XOR operation on the expanded right section and the round key. Note that both the right section and the key are 48-bits in length. Also note that the round key is used only in this operation.423 2 The S-boxes do the real mixing (confusion). DES uses 8 S-boxe

19、s, each with a 6-bit input and a 4-bit output.433 2 The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output.443 2 e.g. input bits: 110100What are the output bits: ?The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit inp

20、ut and a 4-bit output.453 2 463 2 The last operation is Straight Permutation with a P-box as follow. 473 2 483 2 491 2 DESDESK1K2PlaintextMidtextCiphertext501 2 511 2 523 1 Basic Description:4 1. Block size：128 bits4 2. Key size：128 / 192 / 256 bits4 3. Rounds: 10 / 12 / 144 4. Round key size：128 bi

21、ts4 5. Not Feistel Cipher Note that:Add round key before round 1;i.No mix-columns in last round 533 1 543 1 0101001001010010 11010110 01111110 110011115252D67ECFAC8723242612BAC79954D2B4177609DA553 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round key563 1 1) Byte Substitution2) Shift Row

22、s3) Mix Columns4) Add Round key573 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round key0 01 12 23 34 45 56 67 78 89 9A AB BC CD DE EF F0 01 12 23 34 45 56 67 78 89 9A AB BC CD DE EF FAC2612BA87C7995423D2B417247609DA91F7C9F417C6EE2026B58DF036380157Find the locations in S-box to substitut

23、e input bytes9157583 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round key AES Encryption：S-box eg: S-box(AC) =91 AES Decryption：S-box-1 eg:S-box-1(91)=AC S-box、S-Box-1的構(gòu)造過程：的構(gòu)造過程：P110593 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round key This is a transposition/permutatio

24、n operation on rows.603 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round key The most complicated operation in AES613 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round key6291F7C9F4C6EE20178DF026B5363801570203010101020301010102030101020391C68D57=02 1001 000103 1100 0110 01 1

25、000 110101 0101 0111=0011 10010101 0001 1000 11010101 01111011 0010B2E5xxxxxxxxxxxxxxxxxxxxxxxx32xxnn矩陣的乘法，繼續(xù)Example3 Mix Columns633 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round key AES encryption：C AES decryption：C-1643 1 1) Byte Substitution2) Shift Rows3) Mix Columns4) Add Round

26、key AddRoundKey proceeds one column at a time. AddRoundKey adds a round key word with each state column matrix; the operation in AddRoundKey is matrix addition. The AddRoundKey transformation is the inverse of itself653 1 663 1 673 1 681 Any Problem?69 1 70 1 +IV+CN-1Q1: Decryption?71 1 +IV+CN-1Q1:

27、Decryption?Q2: whats IV?72 1 73 1 n bitsk1S1T1IV+r bitsr bitsr bitsr bitsP1C1N-r bitsk2S2T2+r bitsr bitsr bitsP2C2C1N-r bitskNSNTM+r bitsr bitsr bitsPNCNCN-1r bitsr bitsQ1: Decryption?74 1 n bitsk1S1T1IV+r bitsr bitsr bitsr bitsP1C1N-r bitsk2S2T2+r bitsr bitsr bitsP2C2C1N-r bitskNSNTM+r bitsr bitsr

28、bitsPNCNCN-1r bitsr bitsQ1: Decryption?75 1 Any Problem?76 1 77 1 n bitsk1S1T1IV+r bitsr bitsr bitsr bitsP1C1N-r bitsk2S2T2+r bitsr bitsr bitsP2C2k1N-r bitskNSNTM+r bitsr bitsr bitsPNCNkN-1r bitsr bitsError Propagation?78 1 79 1 8080 RC4 : Structure1 8181 RC4 : Structure1 8282 Stream Cipher: Procedure1 83S00000000S0=000000001S1=100000010S2=200000011S3=300000100S4=400000101S5=5.11111111S255=255Kxxxxxxxxxxxxxxxxxxxxxxxxk1knTxxxxxxxxxxxxxxxxxxxxxxxxk1knKxxxxxxxxxxxxxxxx