INFORMATION SECURITY LECTURE NOTES

lecture notes on information system security and information security lecture notes in computer science and how is information security important pdf
Dr.LeonBurns Profile Pic
Dr.LeonBurns,New Zealand,Researcher
Published Date:21-07-2017
Your Website URL(Optional)
Comment
INFORMATION SECURITY LECTURE NOTES (Subject Code: BIT 301) for Bachelor of Technology in Information Technology Department of Computer Science and Engineering & Information Technology Veer Surendra Sai University of Technology (Formerly UCE, Burla) Burla, Sambalpur, Odisha Lecture Note Prepared by: Asst.Prof. Sumitra Kisan Asst.Prof. D. Chandrasekhar Rao MODULE 1 The security problem in computing 1.1 The meaning of computer security The meaning of the term computer security has evolved in recent years. Before the problem of data security became widely publicized in the media, most people’s idea of computer security focused on the physical machine. Traditionally, computer facilities have been physically protected for three reasons: • To prevent theft of or damage to the hardware • To prevent theft of or damage to the information • To prevent disruption of service Computer security is security applied to computing devices such as computers and smartphones, as well as computer networkssuch as private and public networks, including the whole Internet. The field covers all the processes and mechanisms by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction, and are of growing importance in line with the increasing reliance on computer systems of most societies worldwide. It includes physical security to prevent theft of equipment, and information security to protect the data on that equipment. It is sometimes referred to as "cyber security" or "IT security", though these terms generally do not refer to physical security (locks and such). Some important terms used in computer security are: Vulnerability Vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities.This practice generally refers to software vulnerabilities in computing systems. Backdoors A backdoor in a computer system, is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. It may also fake information about disk and memory usage. Denial-of-service attack Unlike other exploits, denials of service attacks are not used to gain unauthorized access or control of a system. They are instead designed to render it unusable. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victim account to be locked, or they may overload the capabilities of a machine or network and block all users at once. These types of attack are, in practice, very hard to prevent, because the behaviour of whole networks needs to be analyzed, not only the behaviour of small pieces of code. Distributed denial of service (DDoS) attacks are common, where a large number of compromised hosts (commonly referred to as "zombie computers", used as part of a botnet with, for example; a worm, trojan horse, or backdoor exploit to control them) are used to flood a target system with network requests, thus attempting to render it unusable through resource exhaustion. Direct-access attacks An unauthorized user gaining physical access to a computer (or part thereof) can perform many functions, install different types of devices to compromise security, including operating system modifications, software worms, key loggers, and covert listening devices. The attacker can also easily download large quantities of data onto backup media, for instance CD-R/DVD-R, tape; or portable devices such as key drives, digital cameras or digital audio players. Another common technique is to boot an operating system contained on a CD-ROM or other bootable media and read the data from the hard drive(s) this way. The only way to defeat this is to encrypt the storage media and store the key separate from the system. Direct-access attacks are the only type of threat to Standalone computers (never connect to internet), in most cases. Eavesdropping Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on a network. For instance, programs such as Carnivore and NarusInsight have been used by the FBI and NSA to eavesdrop on the systems of internet service providers. Spoofing Spoofing of user identity describes a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. Tampering Tampering describes an intentional modification of products in a way that would make them harmful to the consumer. Repudiation Repudiation describes a situation where the authenticity of a signature is being challenged. Information disclosure Information Disclosure (Privacy breach or Data leak) describes a situation where information, thought as secure, is released in an untrusted environment. Elevation of privilege Elevation of Privilege describes a situation where a person or a program want to gain elevated privileges or access to resources that are normally restricted to him/it. Exploits An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a software "bug" or "glitch" in order to cause unintended or unanticipated behaviour to occur on computer software, hardware, or something electronic (usually computerized). This frequently includes such things as gaining control of a computer system or allowing privilege escalation or a denial of service attack. The term "exploit" generally refers to small programs designed to take advantage of a software flaw that has been discovered, either remote or local. The code from the exploit program is frequently reused in Trojan horses and computer viruses. Indirect attacks An indirect attack is an attack launched by a third-party computer. By using someone else's computer to launch an attack, it becomes far more difficult to track down the actual attacker. There have also been cases where attackers took advantage of public anonymizing systems, such as the tor onion router system. Computer crime: Computer crime refers to any crime that involves a computer and a network. Top 10 Cyber Crime Prevention Tips 1. Use Strong Passwords Use different user ID / password combinations for different accounts and avoid writing them down. Make the passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis. 2. Secure your computer o Activate your firewall Firewalls are the first line of cyber defence; they block connections to unknown or bogus sites and will keep out some types of viruses and hackers. o Use anti-virus/malware software Prevent viruses from infecting your computer by installing and regularly updating anti-virus software. o Block spyware attacks Prevent spyware from infiltrating your computer by installing and updating anti-spyware software. 3. Be Social-Media Savvy Make sure your social networking profiles (e.g. Facebook, Twitter, Youtube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online. Once it is on the Internet, it is there forever 4. Secure your Mobile Devices Be aware that your mobile device is vulnerable to viruses and hackers. Download applications from trusted sources. 5. Install the latest operating system updates Keep your applications and operating system (e.g. Windows, Mac, Linux) current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software. 6. Protect your Data Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups of all your important data, and store it in another location. 7. Secure your wireless network Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured. Review and modify default settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Avoid conducting financial or corporate transactions on these networks. 8. Protect your e-identity Be cautious when giving out personal information such as your name, address, phone number or financial information on the Internet. Make sure that websites are secure (e.g. when making online purchases) or that you’ve enabled privacy settings (e.g. when accessing/using social networking sites). 9. Avoid being scammed Always think before you click on a link or file of unknown origin. Don’t feel pressured by any emails. Check the source of the message. When in doubt, verify the source. Never reply to emails that ask you to verify your information or confirm your user ID or password. 10. Call the right person for help Don’t panic If you are a victim, if you encounter illegal Internet content (e.g. child exploitation) or if you suspect a computer crime, identity theft or a commercial scam, report this to your local police. If you need help with maintenance or software installation on your computer, consult with your service provider or a certified computer technician. Principle security There are five principles of security. They are as follows:  Confidentiality: The principle of confidentiality specifies that only the sender and the intended recipient should be able to access the content of the message. A B  Integrity: The confidential information sent by A to B which is accessed by C without the permission or knowledge of A and B. A B C  Authentication: Authentication mechanism helps in establishing proof of identification.  Non-repudiation:  Access control: Access control specifies and control who can access what.  Availability: It means that assets are accessible to authorized parties at appropriate times. Attacks We want our security system to make sure that no data are disclosed to unauthorized parties.  Data should not be modified in illegitimate ways  Legitimate user can access the data Types of attacks Attacks are grouped into two types:  Passive attacks: does not involve any modification to the contents of an original message  Active attacks: the contents of the original message are modified in some ways. 1.4 ELEMENTARY CRYPTOGRAPHY: SUBSTITUTION CIPHER Encryption is the process of encoding a message so that its meaning is not obvious; decryption is the reverse process, transforming an encrypted message back into its normal, original form. Alternatively, the terms encode and decode or encipher and decipher are used instead of encrypt and decrypt.That is, we say that we encode, encrypt, or encipher the original message to hide its meaning. Then, we decode, decrypt, or decipher it to reveal the original message. A system for encryption and decryption is called a cryptosystem. The original form of a message is known as plaintext, and the encrypted form is called cipher text. For convenience, we denote a plaintext message P as a sequence of individual characters P = p1, p2, …, pn. Similarly, cipher text is written as C = c1, c2, …,cm. Plain text Cipher text Encryption Cipher text plain tex Decryption t For instance, the plaintext message "I want cookies" can be denoted as the message string I, ,w,a,n,t,c,o,o,k,i,e,s. It can be transformed into cipher textc1, c2, …,c14, and the encryption algorithm tells us how the transformation is done. We use this formal notation to describe the transformations between plaintext and cipher text. For example: we write C = E (P) and P = D(C), where C represents the cipher text, E is the encryption rule, P is the plaintext, and D is the decryption rule. P = D (E(P)). In other words, we want to be able to convert the message to protect it from an intruder, but we also want to be able to get the original message back so that the receiver can read it properly. The cryptosystem involves a set of rules for how to encrypt the plaintext and how to decrypt the cipher text. The encryption and decryption rules, called algorithms, often use a device called a key, denoted by K, so that the resulting cipher text depends on the original plaintext message, the algorithm, and the key value. We write this dependence as C =E (K, P). Essentially, E is a set of encryption algorithms, and the key K selects one specific algorithm from the set. There are many types of encryption. In the next sections we look at two simple forms of encryption: substitutions in which one letter is exchanged for another and transpositions, in which the order of the letters is rearranged. Cryptanalyst: cryptanalyst is a person who studies encryption and encrypted message and tries to find the hidden meanings (to break an encryption). Confusion: it is a technique for ensuring that ciphertext has no clue about the original message. Diffusion: it increases the redundancy of the plaintext by spreading it across rows and columns. Substitutions Cipher: It basically consists of substituting every plaintext character for a different cipher text character. It is of two types- I. Mono alphabetic substitution cipher II. Poly alphabetic substitution cipher Mono alphabetic substitution cipher: Relationship between cipher text symbol and plain text symbol is 1:1.  Additive cipher: Key value is added to plain text and numeric value of key ranges from 0 – 25. Example: Plain text(P)- H E L LO (H=7,E=4,L=11,L=11,O=14) Key (K)=15 Cipher text (C)= 7+15,4+15,11+15,11+15,14+15 = 22,19, 26,26,(29%26)=3 = W T A AD  Affine cipher: C= (P+K) mod 26 It is the combination of additive and multiplicative cipher P= (C-K) mod 26 Let K1 and K2 are two keys C= (P x K1) + K2 mod 26 -1 P= (C-K2) x K1 mod 26 Polyalphabetic substitution cipher In polyalphabetic cipher each occurrence of a character may have different substitution. The relationship between characters in plain text and cipher text is 1 to many.  Auto key cipher  Playfair cipher  Vigegeire cipher  Hill cipher Auto key cipher:  In this cipher, key is stream of subkeys in which subkey is used to encrypt the corresponding character in the plain text. st nd st  Here 1 subkey is predefined and 2 subkey is the value of the 1 character of the rd nd plain text 3 subkey is the value of the 2 plain text and so on. Example: A T T A C K 0 19 19 0 2 10 Key=12 12 0 19 19 0 2 Cipher text(C)= (12,19,38 19,2 12)%26 M T M T C M Playfair cipher In playfair cipher the secret key is made of 25 characters arranged in 5x5 matrix Rules:-  If 2 letters in a plaintext are located in the same row of the secret key then the corresponding encrypted character for each letter is next letter to the right.  If 2 letters in a pair are in same column then the corresponding encrypted character is next below in the same column.  If 2 letters are neither in same row or in same column then encrypted character is in its own row but in the same column as the other character. Example: L G D B A Q M H E C K= U R N I/J F X V S O K Z Y W T P Plain text= HELLO It is then made as pair. H E L X L O H E L Q L B E C X Z O X Vigener cipher: The key stream is the repetition of the initial secret key stream of length m. (1=m=26) Example: Plaintext- A B C D E F G H Ks= 0, 5, 8 A B C D E F G H (B=1 =1+5=6=G) 0 5 8 0 5 8 0 5 0 6 10 3 9 13 6 12 A G K D J N G M = ciphertext Transposition cipher: A transposition cipher is a method of encryption by which the positions held by units of plaintext (which are commonly characters or groups of characters) are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is changed. The goal of substitution is confusion; the transposition method is an attempt to make it difficult i.e diffusion. 1. Keyless transposition cipher There are two methods for permutation of characters  Text is written into a table column by column and transmitted row by row Example: plaintext- meet me at the park m e m a t e a k e t e t h p r ciphertext- memateaketethpr  Text is written into the table row by row and then transmitted column by column. Example: m e e t m e a t t h e p a r k ciphertext- mmtaeehreaekttp 2. Keyed transposition cipher Plaintext is divided into groups and permutes the character in each group. Example: plaintext- “enemy attack at night” keys: 3 1 4 5 2 encryption decryption 1 2 3 4 5 appended to make a group of 5 characters e n e m y a t t a c k a t n i g h t y z (Group of 5 characters) encryption: e e m y n t a a c t t k n i k t g y z h decryption: e n e m y a t t a c k a t n i g h t y z the characters exceeding the length of plaintext are discarded. Like y and z two characters are discarded 3. Combining the two approaches: Encryption and decryption is done in three steps.  Text is written into a table row by row.  Permutation is done by reordering the column.  New table is read column by column 1.5 MAKING GOOD ENCRYPTION ALGORITHM So far, the encryption algorithms we have seen are trivial, intended primarily to demonstrate the concepts of substitution and permutation. At the same time, we have examined several approaches cryptanalysts use to attack encryption algorithms. Now we examine algorithms that are widely used in the commercial world. For each type of encryption we considered, has the advantages and disadvantages. But there is a broader question: What does it mean for a cipher to be "good"? The meaning of good depends on the intended use of the cipher. A cipher to be used by military personnel in the field has different requirements from one to be used in a secure installation with substantial computer support. In this section, we look more closely at the different characteristics of ciphers. Shannon's Characteristics of "Good" Ciphers In 1949, Claude Shannon SHA49 proposed several characteristics that identify a good cipher. 1. The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption. 2. The set of keys and the enciphering algorithm should be free from complexity. This principle implies that we should restrict neither the choice of keys nor the types of plaintext on which the algorithm can work. For instance, an algorithm that works only on plaintext having an equal number of A's and E's is useless. Similarly, it would be difficult to select keys such that the sum of the values of the letters of the key is a prime number. Restrictions such as these make the use of the encipherment prohibitively complex. If the process is too complex, it will not be used. Furthermore, the key must be transmitted, stored, and remembered, so it must be short. 3. The implementation of the process should be as simple as possible. Principle 3 was formulated with hand implementation in mind: A complicated algorithm is prone to error or likely to be forgotten. With the development and popularity of digital computers, algorithms far too complex for hand implementation became feasible. Still, the issue of complexity is important. People will avoid an encryption algorithm whose implementation process severely hinders message transmission, thereby undermining security. And a complex algorithm is more likely to be programmed incorrectly. 4. Errors in ciphering should not propagate and cause corruption of further information in the message. Principle 4 acknowledges that humans make errors in their use of enciphering algorithms. One error early in the process should not throw off the entire remaining ciphertext. For example, dropping one letter in a columnar transposition throws off the entire remaining encipherment. Unless the receiver can guess where the letter was dropped, the remainder of the message will be unintelligible. By contrast, reading the wrong row or column for a polyalphabetic substitution affects only one character and remaining characters are unaffected. 5. The size of the enciphered text should be no larger than the text of the original message. The idea behind principle 5 is that a ciphertext that expands dramatically in size cannotpossibly carry more information than the plaintext, yet it gives the cryptanalyst more datafrom which to infer a pattern. Furthermore, a longer ciphertext implies more space for storage and more time to communicate. Properties of "Trustworthy" Encryption Systems Commercial users have several requirements that must be satisfied when they select an encryption algorithm. Thus, when we say that encryption is "commercial grade," or "trustworthy," we mean that it meets these constraints:  It is based on sound mathematics. Good cryptographic algorithms are not just invented; they are derived from solid principles.  It has been analyzed by competent experts and found to be sound. Even the best cryptographic experts can think of only so many possible attacks, and the developers may become too convinced of the strength of their own algorithm. Thus, a review by critical outside experts is essential.  It has stood the atest of time.a As a new algorithm gains popularity, people continue to review both its mathematical foundations and the way it builds on those foundations. Although a long period of successful use and analysis is not a guarantee of a good algorithm, the flaws in many algorithms are discovered relatively soon after their release. We can divide all the cryptography algorithms (ciphers) into two groups: symmetric key cryptography algorithms and asymmetric cryptography algorithms. Figure shows the taxonomy. CRYPTOGRAPHY SYMMETRIC -KEY ASYMMETRIC-KEY Fig :Categories of Cryptography 1. Symmetric·Key Cryptography In symmetric-key cryptography, the same key is used by both parties. The sender uses this key and an encryption algorithm to encrypt data; the receiver uses the same key and the corresponding decryption algorithm to decrypt the data. Fig :Symmetric-key Cryptography 2. Asymmetric-Key Cryptography: In asymmetric or public-key cryptography, there are two keys: a private key and a public key. The private key is kept by the receiver. The public key is announced to the public. Fig 7:Asymmetric-key Cryptography 1.6 PRIVATE KEY CRYPTO SYSTEM Symmetric encryption (also called private-key encryption or secret-key encryption) involves using the same key for encryption and decryption. Encryption involves applying an operation (an algorithm) to the data to be encrypted using the private key to make them unintelligible. The slightest algorithm (such as an exclusive OR) can make the system nearly tamper proof (there being so such thing as absolute security). However, in the 1940s, Claude Shannon proved that to be completely secure, private-key systems need to use keys that are at least as long as the message to be encrypted. Moreover, symmetric encryption requires that a secure channel be used to exchange the key, which seriously diminishes the usefulness of this kind of encryption system. The main disadvantage of a secret-key cryptosystem is related to the exchange of keys. Symmetric encryption is based on the exchange of a secret (keys). The problem of key distribution therefore arises: Moreover, a user wanting to communicate with several people while ensuring separate confidentiality levels has to use as many private keys as there are people. For a group of N people using a secret-key cryptosystem, it is necessary to distribute a number of keys equal to N (N-1) / 2. In the 1920s, Gilbert Vernam and Joseph Mauborgne developed the One-Time Pad method (sometimes called "One-Time Password" and abbreviated OTP), based on a randomly generated private key that is used only once and is then destroyed. During the same period, the Kremlin and the White House were connected by the famous red telephone, that is, a telephone where calls were encrypted thanks to a private key according tothe one-time pad method. The private key was exchanged thanks to the diplomatic bag (playing the role ofsecure channel). An important distinction in symmetric cryptographic algorithms is between stream and block ciphers. Stream cipher: Stream ciphers convert one symbol of plaintext directly into a symbol of ciphertext. Advantages:  Speed of transformation: algorithms are linear in time and constant in space.  Low error propogation: an error in encrypting one symbol likely will not affect subsequent symbols. Disadvantages:  Low diffusion: all information of a plaintext symbol is contained in a single ciphertext symbol.  Susceptibility to insertions/ modifications: an active interceptor who breaks the algorithm might insert spurious text that looks authentic. Block ciphers: It encrypt a group of plaintext symbols as one block. Advantages:  High diffusion: information from one plaintext symbol is diffused into several ciphertext symbols.  Immunity to tampering: difficult to insert symbols without detection. Disadvantages:  Slowness of encryption: an entire block must be accumulated before encryption / decryption can begin.  Error propagation: An error in one symbol may corrupt the entire block. Simple substitution is an example of a stream cipher. Columnar transposition is a block cipher. 1.7 THE DATA ENCRYPTION STANDARD The Data Encryption Standard (DES), a system developed for the U.S. government, was intended for use by the general public. It has been officially accepted as a cryptographic standard both in the United States and abroad. The DES algorithm is a careful and complex combination of two fundamental building blocks of encryption: substitution and transposition. The algorithm derives its strength from repeated application of these two techniques, one on top of the other, for a total of 16 cycles. The sheer complexity of tracing a single bit through 16 iterations of substitutions and transpositions has so far stopped researchers in the public from identifying more than a handful of general properties of the algorithm. The algorithm begins by encrypting the plaintext as blocks of 64 bits. The key is 64 bits long, but in fact it can be any 56-bit number. (The extra 8 bits are often used as check digits and do not affect encryption in normal implementations.) The user can change the key at will any time there is uncertainty about the Features: – Block size = 64 bits – Key size = 56 bits (in reality, 64 bits, but 8 are used as parity-check bits for error control, see next slide) – Number of rounds = 16 – 16 intermediary keys, each 48 bits 56 bit key plaintext ciphertext DES 64 bit 64 bit Working principle: 64 bit plaintext Initial permutation 56 bit cipher key Round 1 Round 2 Round key generation . . . Round 16 final permutation The Feistel (F) function The F-function, depicted in Figure 2, operates on half a block (32 bits) at a time and consists of four stages: Fig: —The Feistel function (F-function) of DES 1. Expansion — the 32-bit half-block is expanded to 48 bits using the expansion permutation, denoted E in the diagram, by duplicating half of the bits. The output consists of eight 6-bit (8 6 = 48 bits) pieces, each containing a copy of 4 corresponding input bits, plus a copy of the immediately adjacent bit from each of the input pieces to either side. 2. Key mixing — the result is combined with a subkey using an XOR operation. 16 48- bit subkeys — one for each round — are derived from the main key using the key schedule (described below). 3. Substitution — after mixing in the subkey, the block is divided into eight 6-bit pieces before processing by the S-boxes, orsubstitution boxes. Each of the eight S-boxes replaces its six input bits with four output bits according to a non-linear transformation, provided in the form of a lookup table. The S-boxes provide the core of the security of DES — without them, the cipher would be linear, and trivially breakable. 4. Permutation — finally, the 32 outputs from the S-boxes are rearranged according to a fixed permutation, the P-box. This is designed so that, after permutation, each S-box's output bits are spread across 4 different S boxes in the next round. The alternation of substitution from the S-boxes, and permutation of bits from the P-box and E-expansion provides so-called "confusion and diffusion" respectively, a concept identified by Claude Shannon in the 1940s as a necessary condition for a secure yet practical cipher. Key schedule Fig:— The key-schedule of DES Figure illustrates the key schedule for encryption — the algorithm which generates the subkeys. Initially, 56 bits of the key are selected from the initial 64 by Permuted Choice 1 (PC-1) — the remaining eight bits are either discarded or used as parity check bits. The 56 bits are then divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, both halves are rotated left by one or two bits (specified for each round), and then 48 subkey bits are selected by Permuted Choice 2 (PC-2) — 24 bits from the left half, and 24 from the right. The rotations (denoted by "" in the diagram) mean that a different set of bits is used in each subkey; each bit is used in approximately 14 out of the 16 subkeys. The key schedule for decryption is similar — the subkeys are in reverse order compared to encryption. Apart from that change, the process is the same as for encryption. The same 28 bits are passed to all rotation boxes. Security of the DES Since its was first announced, DES has been controversial. Many researchers have questioned the security it provides. Much of this controversy has appeared in the open literature, but certain DES features have neither been revealed by the designers nor inferred by outside analysts. In 1990, Biham and Shamir invented a technique, differential cryptanalysis, that investigates the change in algorithmic strength when an encryption algorithm is changed in some way. In 1991 they applied their technique to DES, showing that almost any change to the algorithm weakens it. Their changes included cutting the number of iterations from 16 to 15, changing the expansion or substitution rule, or altering the order of an iteration. In each case, when they weakened the algorithm, Biham and Shamir could break the modified version. Thus, it seems as if the design of DES is optimal. However, Diffie and Hellman argued in 1977 that a 56-bit key is too short. In 1977, it was prohibitive to test all 256 (approximately 1015) keys on then current computers. But they argued that over time, computers would become more powerful and the DES algorithm would remain unchanged; eventually, the speed of computers would exceed the strength of DES. Exactly that has happened. In 1997 researchers using over 3,500 machines in parallel were able to infer a DES key in four months' work. And in 1998 for approximately 100,000, researchers built a special "DES cracker" machine that could find a DES key in approximately four days. In 1995, the U.S. National Institute of Standards and Technology (NIST, the renamed NBS) began the search for a new, strong encryption algorithm. The response to that search has become the Advanced Encryption Standard, or AES. 1.8 The AES Encryption Algorithm The AES is likely to be the commercial-grade symmetric algorithm of choice for years, if not decades. Let us look at it more closely. The AES Contest In January 1997, NIST called for cryptographers to develop a new encryption system. As with the call for candidates from which DES was selected, NIST made several important restrictions. The algorithms had to be  Unclassified  publicly disclosed  available royalty-free for use worldwide  symmetric block cipher algorithms, for blocks of 128 bits  usable with key sizes of 128, 192, and 256 bits AES is based on a design principle known as a substitution-permutation network, combination of both substitution and permutation, and is fast in both software and 9 hardware. Unlike its predecessor DES, AES does not use a Feistel network. AES is a variant of Rijndael which has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits. By contrast, the Rijndael specification per se is specified with block and key sizes that may be any multiple of 32 bits, both with a minimum of 128 and a maximum of 256 bits. AES operates on a 4×4 column-major order matrix of bytes, termed the state, although some versions of Rijndael have a larger block size and have additional columns in the state. Most AES calculations are done in a special finite field. The key size used for an AES cipher specifies the number of repetitions of transformation rounds that convert the input, called the plaintext, into the final output, called the ciphertext. The number of cycles of repetition are as follows:  10 cycles of repetition for 128-bit keys.  12 cycles of repetition for 192-bit keys.  14 cycles of repetition for 256-bit keys. Each round consists of several processing steps, each containing four similar but different stages, including one that depends on the encryption key itself. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key. High-level description of the algorithm 1. KeyExpansions—round keys are derived from the cipher key using Rijndael's key schedule. AES requires a separate 128-bit round key block for each round plus one more. 2. InitialRound 1. AddRoundKey—each byte of the state is combined with a block of the round key using bitwise xor. 3. Rounds 1. SubBytes—a non-linear substitution step where each byte is replaced with another according to a lookup table. 2. ShiftRows—a transposition step where the last three rows of the state are shifted cyclically a certain number of steps. 3. MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in each column. 4. AddRoundKey 4. Final Round (no MixColumns) 1. SubBytes 2. ShiftRows 3. AddRoundKey. The SubBytes steps In the SubBytes step, each byte in the state is replaced with its entry in a fixed 8-bit lookup table, S; b =S(a ). ij ij In the SubBytes step, each byte in the state matrix is replaced with a SubByte using an 8-bit substitution box, the Rijndael S-box. This operation provides the non-linearity 8 in the cipher. The S-box used is derived from the multiplicative inverse over GF(2 ), known to have good non-linearity properties. To avoid attacks based on simple algebraic properties, the S-box is constructed by combining the inverse function with an invertible affine transformation. The S-box is also chosen to avoid any fixed points (and so is a derangement), i.e., , and also any opposite fixed points, i.e., . While performing the decryption, Inverse SubBytes step is used, which requires first taking the affine transformation and then finding the multiplicative inverse (just reversing the steps used in SubBytes step). The ShiftRows step In the ShiftRows step, bytes in each row of the state are shifted cyclically to the left. The number of places each byte is shifted differs for each row. The ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row by a certain offset. For AES, the first row is left unchanged. Each byte of the second row is shifted one to the left. Similarly, the third and fourth rows are shifted by offsets of two and three respectively. For blocks of sizes 128 bits and 192 bits, the shifting pattern is the same. Row n is shifted left circular by n-1 bytes. In this way, each column of the output state of the ShiftRows step is composed of bytes from each column of the input state. (Rijndael variants with a larger block size have slightly different offsets). For a 256-bit block, the first row is unchanged and the shifting for the second, third and fourth row is 1 byte, 3 bytes and 4 bytes respectively—this change only applies for the Rijndael cipher when used with a 256-bit block, as AES does not use 256-bit blocks. The importance of this step is to avoid the columns being linearly independent, in which case, AES degenerates into four independent block ciphers. The MixColumns step In the MixColumns step, each column of the state is multiplied with a fixed polynomial c(x). In the MixColumns step, the four bytes of each column of the state are combined using an invertible linear transformation. The MixColumns function takes four bytes as input and outputs four bytes, where each input byte affects all four output bytes. Together with ShiftRows, MixColumns provides diffusion in the cipher.

Advise: Why You Wasting Money in Costly SEO Tools, Use World's Best Free SEO Tool Ubersuggest.