Cryptography Class by Casey W. O'Brien

MPICT Summer Faculty Development Week

Day 2

DES ECB v. CBC

Another demonstration comparing the Cipher-Block Chaining (CBC) and Electronic Codebook (ECB) modes of DES encryption.

The plaintext contains repeated text.

When encrypted in ECB mode, the ciphpertext shows repeated blocks, which is a flaw--some information about the plaintext has been preserved, which can be used to attack the cipher.

In CBC mode, the repeated plaintext does not lead to repeated ciphertext.

Unfortunately, with carefully chosen plaintext this system can be broken with the BEAST attack.

3DES

The usual way 3DES is implemented is: You could just encrypt three times, and that would work. But this implementation makes it easy to build a hardware device designed for 3DES which is also backwards-compatible with DES--just run it with K1=K2.

Ref: Why do we use encrypt-decrypt-encrypt (EDE) in 3DES, rather than encrypting three times?

Here's CrypTool performing AES with a key of:

AB CD 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Notice that patterns in the input do not lead to obvious patterns in the output:

RC4 with CrypTools

RC4 is a symmetric algorithm with key sizes from 1 to 256 bytes (8 to 4096 bits).

Here's Cryptool encrypting with a 8-bit key of AA:

Here is CrypTool Cracking RC4 with a brute force attack.

Here are the results: the low-entropy result is the correct plaintext.

PGP Encryption

We are using PGP v. 8.0.3 (the last freeware version) on Windows XP because it won't run on Win 7.

This "Secure Viewer" sounds interesting, using a special font to avoid radio emissions from a CRT monitor leaking your key. But when I tried it, it did not work.

ECB Mode Demo

Here's a demo from Wikipedia that shows why ECB mode is evil--images don't even become scrambled enough to rended the image unrecognizable.

I used CrypTools to prepare these three images:

Original Image

Encrypted with DES in ECB Mode

As you can see, the image is not well obscured--you can still see the apple.

Encrypted with DES in CBC Mode

This is much better--there is no trace of the original image visible.

Complete steps to do this project are here.

Encrypted with 3DES in ECB Mode

3DES uses more rounds of encryption, and two keys, to scramble the data more, but in ECB mode it still doesn't obscure the image.

Encrypted with 3DES in CBC Mode

This is much better--there is no trace of the original image visible.

Encrypted with AES (key = 0)

Encrypted with XOR (key = AA)

Encrypted with XOR (key = 0123456789ABCDEF)

Encrypted with RSA (key type RSA-512)

I was surprised to see patterns here, but I found a comment saying it suffers from a problem similar to ECB, unless "padding" or "armoring" is used.

Encrypted with Twofish (key = 0)

Encrypted with Serpent (key = 0)

Encrypted with RC6 (key = 0)

Encrypted with MARS (key = 0)

Last modified 1:22 pm Thursday, June 28, 2012