SlideShare una empresa de Scribd logo

Cryptography for Smalltalkers

E
ESUG

Cryptography for Smalltalkers, Martin Kobetic. (ESUG 2004, Koethen)

Tecnología
1 de 25
Descargar para leer sin conexión
Cryptography for Smalltalkers Martin Kobetic Cincom Smalltalk Development ESUG 2004
To get the VW presentation  in the open repository in a bundle called Presentations-MK, class ESUG04Crypto. To load it and open it up in a recent version of VW just run this:  | profile |profile := Store.ConnectionProfile newname: 'open repository';driverClassName: 'PostgreSQLEXDIConnection'; environment: 'store.cincomsmalltalk.com:5432_store_public'; userName: 'guest'; password:'guest';yourself.  Store.RepositoryManager addRepository: profile;Store.DbRegistry connectTo: profile.Store.Bundle newestVersionWithName: 'Presentations-MK') loadSrc.ESUG04Crypto open
Cryptographic Objectives  confidentiality – encryption  integrity – message authentication codes (MAC)  authentication – signatures
Encryption  E(P)= C & D(C) = P  symmetric (secret) key ciphers – EK(P) = C & DK(C) = P  asymmetric (public) key ciphers – EK1(P) = C & DK2(C) = P  one-time pad
Secret Key Ciphers  bulk data encryption  built from simple, fast operations (xor, shift, x + y mod n, ...)  two fundamental classes – stream ciphers (RC4) – block ciphers (DES/AES)
Secret Key Ciphers key := ‘secret key’ asByteArray. alice := ARC4 key: key. msg := ‘Hello’ asByteArrayEncoding: #utf_8. msg := alice encrypt: ‘Hello’ msg asString. bob := ARC4 key: key. bob decryptInPlace: msg from: 1 to: 4. msg asStringEncoding: #utf_8.
Stream Ciphers  time-varying transformation on individual plain- text digits key-stream generator: k1, k2, k3, .... State S, NextState(S), Output(S) E: ci = pi xor ki D: pi = ci xor ki  Pike, A5, RC4, SEAL  key reuse is catastrophic! (a xor k) xor (b xor k) = a xor b
RC4 (1992)  leakedtrade secret of RSA Security (1994)  256 byte S-Box; 2 counters i=j=0 S-Box initialization: next key-stream byte: S = 0, ..., 255 i = (i + 1) mod 256 K = 256B of replicated key j = (j+Si) mod 256 for i=0 to 255: swap Si and Sj j = (j + Si + Ki) mod 256 t = (Si + Sj) mod 256 swap Si and Sj K = St
RC4 alice := ARC4 key: key. msg := alice encrypt: 'Hello' asByteArray. msg asHexString. bob := ARC4 key: key. (bob decrypt: msg) asString
Block Ciphers  fixed transformation on blocks of plaintext (e.g 64, 128 bits)  basic transformation applied in rounds  DES, IDEA, CAST, Blowfish, RC2, RC5
DES (1977)  csrc.nist.gov: FIPS PUB 46 (1977)  FIPS PUB 46-3 (1999) – triple DES still approved – single DES legacy systems only  64 bit block size  56 bit key (64 bits with parity)  16 rounds using 48 bit subkeys
Block Ciphers - Padding key := ‘secret8B’ asByteArray. alice := DES key: key. alice encrypt: ‘Hello World!’ asByteArray. alice := BlockPadding on: DES new. alice setKey: key. (alice encrypt: ‘Hello World!’ asByteArray) asString.
Block Ciphers - Padding  must be reversible  pad with bits “100…0”  pad with padding size (1-8) – aka PKCS#5 padding  ciphertext stealing – different for different modes (ECB, CBC)  some modes don’t need padding
Block Ciphers - ECB  electronic codebook mode  Ci = Ek(Pi)  Pi = Dk(Ci)  don’t use !
Block Ciphers - CBC  cipher block chaining mode  Ci = Ek(Pi xor Ci-1)  Pi = Ci-1 xor Dk(Ci)  initialization vector (IV) – isn’t secret but unique, random – timestamp, nonce, random nr
Block Ciphers - CBC alice := CipherBlockChaining on: DES new iv: ‘nonce 8B’ asByteArray. alice setKey: ‘secret8B’ asByteArray. msg := ‘a block a block ’ asByteArray. msg := alice encrypt: msg. msg asString
Block Ciphers - CBC alice := DES newBP_CBC. alice setKey: 'secret8B' asByteArray. alice setIV: 'nonce 8B' asByteArray. msg := 'Hello World!' asByteArray. msg := alice encrypt: msg. msg asString.
Block Ciphers - OFB  output feedback mode  Si = Ek(Si-1)  Ci = Pi xor Si  Pi = Ci xor Si  like synchronous stream cipher (OutputFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
Block Ciphers - CTR  counter mode  Si := Ek(Nonce || i)  Ci = Pi xor Si  Pi = Ci xor Si  OFB variant
Block Ciphers - CFB  cipher feedback mode  Ci = Pi xor Ek(Ci-1)  Pi = Ci xor Ek(Ci-1)  like self-synchronizing stream cipher (CipherFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
Block Ciphers - Mixing  interleaving – parallelizing “chained” modes  multiple encryption with single cipher – double encryption – no good – 3EDE (inner/outer CBC)  cascading different ciphers
Block Ciphers - Mixing des3 := TrippleEDEOuterCBC first: DES new second: DES new third: DES new. des3 := DES new3EDE_CBC. des3 setKey: ’24bytes for 3 keys’ asByteArray. des3 setIV: ‘nonce 8B’ asByteArray.
AES (2001)  NIST FIPS PUB 197 (2001) - Rijndael  15 submissions (1998)  5 finalists: MARS, Serpent, Twofish, RC6  modes: ECB, CBC, CFB, OFB, CTR  block size 128 bits  key sizes 128, 192, 256 bits  10, 12, 14 rounds
Blowfish (1993)  http://www.counterpane.com/blowfish.html  block size 64-bits  variable key size 32-448 bits  not patented, royalty-free  2 parts: key expansion & data encryption  16 rounds, key dependent S-Boxes
Books  Anderson: Security Engineering  Ferguson, Schneier: Practical Cryptography  Kahn: The Codebreakers, …  Menezes, van Oorschot, Vanstone: Handbook of Applied Cryptography  Schneier, B: Applied Cryptography

Recomendados

Cryptography for Smalltalkers - ESUG 2004
Cryptography for Smalltalkers - ESUG 2004Cryptography for Smalltalkers - ESUG 2004
Cryptography for Smalltalkers - ESUG 2004Martin Kobetic
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Martin Kobetic
 
Tuga IT 2017 - Redis
Tuga IT 2017 - RedisTuga IT 2017 - Redis
Tuga IT 2017 - RedisNuno Caneco
 
Hands on with Smart Contracts session #3
Hands on with Smart Contracts session #3Hands on with Smart Contracts session #3
Hands on with Smart Contracts session #3Gene Leybzon
 
Codable routing
Codable routingCodable routing
Codable routingPushkar Kulkarni
 
Opentalk at Large - StS 2005
Opentalk at Large - StS 2005Opentalk at Large - StS 2005
Opentalk at Large - StS 2005Martin Kobetic
 
LLVM Workshop Osaka Umeda, Japan
LLVM Workshop Osaka Umeda, JapanLLVM Workshop Osaka Umeda, Japan
LLVM Workshop Osaka Umeda, Japanujihisa
 
Raspberry Pi for IPRUG
Raspberry Pi for IPRUGRaspberry Pi for IPRUG
Raspberry Pi for IPRUGFrank Carver
 

Recomendados

Cryptography for Smalltalkers - ESUG 2004
Cryptography for Smalltalkers - ESUG 2004Cryptography for Smalltalkers - ESUG 2004
Cryptography for Smalltalkers - ESUG 2004Martin Kobetic
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Martin Kobetic
 
Tuga IT 2017 - Redis
Tuga IT 2017 - RedisTuga IT 2017 - Redis
Tuga IT 2017 - RedisNuno Caneco
 
Hands on with Smart Contracts session #3
Hands on with Smart Contracts session #3Hands on with Smart Contracts session #3
Hands on with Smart Contracts session #3Gene Leybzon
 
Codable routing
Codable routingCodable routing
Codable routingPushkar Kulkarni
 
Opentalk at Large - StS 2005
Opentalk at Large - StS 2005Opentalk at Large - StS 2005
Opentalk at Large - StS 2005Martin Kobetic
 
LLVM Workshop Osaka Umeda, Japan
LLVM Workshop Osaka Umeda, JapanLLVM Workshop Osaka Umeda, Japan
LLVM Workshop Osaka Umeda, Japanujihisa
 
Raspberry Pi for IPRUG
Raspberry Pi for IPRUGRaspberry Pi for IPRUG
Raspberry Pi for IPRUGFrank Carver
 
Rust vs C++
Rust vs C++Rust vs C++
Rust vs C++corehard_by
 
Chatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopChatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopyayaria
 
Coffee script
Coffee scriptCoffee script
Coffee scriptJordan Dichev
 
Start Wrap Episode 11: A New Rope
Start Wrap Episode 11: A New RopeStart Wrap Episode 11: A New Rope
Start Wrap Episode 11: A New RopeYung-Yu Chen
 
Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1Arduino Aficionado
 
Introduction to Grails
Introduction to Grails Introduction to Grails
Introduction to Grails Avi Perez
 
September Ethereum Berlin Workshop
September Ethereum Berlin WorkshopSeptember Ethereum Berlin Workshop
September Ethereum Berlin Workshopaeronbuchanan
 
An (abridged) Ruby Plumber's Guide to *nix
An (abridged) Ruby Plumber's Guide to *nixAn (abridged) Ruby Plumber's Guide to *nix
An (abridged) Ruby Plumber's Guide to *nixEleanor McHugh
 
Redis & ZeroMQ: How to scale your application
Redis & ZeroMQ: How to scale your applicationRedis & ZeroMQ: How to scale your application
Redis & ZeroMQ: How to scale your applicationrjsmelo
 
To Infinity & Beyond: Protocols & sequences in Node - Part 2
To Infinity & Beyond: Protocols & sequences in Node - Part 2To Infinity & Beyond: Protocols & sequences in Node - Part 2
To Infinity & Beyond: Protocols & sequences in Node - Part 2Bahul Neel Upadhyaya
 
Rust言語紹介
Rust言語紹介Rust言語紹介
Rust言語紹介Paweł Rusin
 
Introduce to Rust-A Powerful System Language
Introduce to Rust-A Powerful System LanguageIntroduce to Rust-A Powerful System Language
Introduce to Rust-A Powerful System Language安齊 劉
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Codemotion
 
GoでKVSを書けるのか
GoでKVSを書けるのかGoでKVSを書けるのか
GoでKVSを書けるのかMoriyoshi Koizumi
 
The Node.js Event Loop: Not So Single Threaded
The Node.js Event Loop: Not So Single ThreadedThe Node.js Event Loop: Not So Single Threaded
The Node.js Event Loop: Not So Single ThreadedBryan Hughes
 
Rust-lang
Rust-langRust-lang
Rust-langAnthony Broad-Crawford
 
part2
part2part2
part2Cameron White
 
Arp
ArpArp
ArpEbsil Sherly
 
Native or External?
Native or External?Native or External?
Native or External?ESUG
 
Rust: Systems Programming for Everyone
Rust: Systems Programming for EveryoneRust: Systems Programming for Everyone
Rust: Systems Programming for EveryoneC4Media
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin Jani
 

Más contenido relacionado

La actualidad más candente

Chatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopChatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopyayaria
 
Start Wrap Episode 11: A New Rope
Start Wrap Episode 11: A New RopeStart Wrap Episode 11: A New Rope
Start Wrap Episode 11: A New RopeYung-Yu Chen
 
Introduction to Grails
Introduction to Grails Introduction to Grails
Introduction to Grails Avi Perez
 
September Ethereum Berlin Workshop
September Ethereum Berlin WorkshopSeptember Ethereum Berlin Workshop
September Ethereum Berlin Workshopaeronbuchanan
 
An (abridged) Ruby Plumber's Guide to *nix
An (abridged) Ruby Plumber's Guide to *nixAn (abridged) Ruby Plumber's Guide to *nix
An (abridged) Ruby Plumber's Guide to *nixEleanor McHugh
 
Redis & ZeroMQ: How to scale your application
Redis & ZeroMQ: How to scale your applicationRedis & ZeroMQ: How to scale your application
Redis & ZeroMQ: How to scale your applicationrjsmelo
 
To Infinity & Beyond: Protocols & sequences in Node - Part 2
To Infinity & Beyond: Protocols & sequences in Node - Part 2To Infinity & Beyond: Protocols & sequences in Node - Part 2
To Infinity & Beyond: Protocols & sequences in Node - Part 2Bahul Neel Upadhyaya
 
Introduce to Rust-A Powerful System Language
Introduce to Rust-A Powerful System LanguageIntroduce to Rust-A Powerful System Language
Introduce to Rust-A Powerful System Language安齊 劉
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Codemotion
 
The Node.js Event Loop: Not So Single Threaded
The Node.js Event Loop: Not So Single ThreadedThe Node.js Event Loop: Not So Single Threaded
The Node.js Event Loop: Not So Single ThreadedBryan Hughes
 
Native or External?
Native or External?Native or External?
Native or External?ESUG
 
Rust: Systems Programming for Everyone
Rust: Systems Programming for EveryoneRust: Systems Programming for Everyone
Rust: Systems Programming for EveryoneC4Media
 

La actualidad más candente (20)

Rust vs C++
Rust vs C++Rust vs C++
Rust vs C++
 
Chatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopChatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptop
 
Coffee script
Coffee scriptCoffee script
Coffee script
 
Start Wrap Episode 11: A New Rope
Start Wrap Episode 11: A New RopeStart Wrap Episode 11: A New Rope
Start Wrap Episode 11: A New Rope
 
Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1
 
Introduction to Grails
Introduction to Grails Introduction to Grails
Introduction to Grails
 
September Ethereum Berlin Workshop
September Ethereum Berlin WorkshopSeptember Ethereum Berlin Workshop
September Ethereum Berlin Workshop
 
An (abridged) Ruby Plumber's Guide to *nix
An (abridged) Ruby Plumber's Guide to *nixAn (abridged) Ruby Plumber's Guide to *nix
An (abridged) Ruby Plumber's Guide to *nix
 
Redis & ZeroMQ: How to scale your application
Redis & ZeroMQ: How to scale your applicationRedis & ZeroMQ: How to scale your application
Redis & ZeroMQ: How to scale your application
 
To Infinity & Beyond: Protocols & sequences in Node - Part 2
To Infinity & Beyond: Protocols & sequences in Node - Part 2To Infinity & Beyond: Protocols & sequences in Node - Part 2
To Infinity & Beyond: Protocols & sequences in Node - Part 2
 
Rust言語紹介
Rust言語紹介Rust言語紹介
Rust言語紹介
 
Introduce to Rust-A Powerful System Language
Introduce to Rust-A Powerful System LanguageIntroduce to Rust-A Powerful System Language
Introduce to Rust-A Powerful System Language
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
 
GoでKVSを書けるのか
GoでKVSを書けるのかGoでKVSを書けるのか
GoでKVSを書けるのか
 
The Node.js Event Loop: Not So Single Threaded
The Node.js Event Loop: Not So Single ThreadedThe Node.js Event Loop: Not So Single Threaded
The Node.js Event Loop: Not So Single Threaded
 
Rust-lang
Rust-langRust-lang
Rust-lang
 
part2
part2part2
part2
 
Arp
ArpArp
Arp
 
Native or External?
Native or External?Native or External?
Native or External?
 
Rust: Systems Programming for Everyone
Rust: Systems Programming for EveryoneRust: Systems Programming for Everyone
Rust: Systems Programming for Everyone
 

Similar a Cryptography for Smalltalkers

12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin Jani
 
Computer network (3)
Computer network (3)Computer network (3)
Computer network (3)NYversity
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Svetlin Nakov
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2ESUG
 
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Svetlin Nakov
 
Ch08-CryptoConcepts.ppt
Ch08-CryptoConcepts.pptCh08-CryptoConcepts.ppt
Ch08-CryptoConcepts.pptShounakDas16
 
Block Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptxBlock Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptxHodaAhmedBekhitAhmed
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network SecurityDr. Rupa Ch
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptographyPriyamvada Singh
 
introduction to cryptography (basics of it)
introduction to cryptography (basics of it)introduction to cryptography (basics of it)
introduction to cryptography (basics of it)neonaveen
 
Block ciphers & public key cryptography
Block ciphers & public key cryptographyBlock ciphers & public key cryptography
Block ciphers & public key cryptographyRAMPRAKASHT1
 
Computer security module 2
Computer security module 2Computer security module 2
Computer security module 2Deepak John
 

Similar a Cryptography for Smalltalkers (20)

12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptography
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
 
Computer network (3)
Computer network (3)Computer network (3)
Computer network (3)
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2
 
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
 
Ch08-CryptoConcepts.ppt
Ch08-CryptoConcepts.pptCh08-CryptoConcepts.ppt
Ch08-CryptoConcepts.ppt
 
Block Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptxBlock Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptx
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network Security
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptography
 
unit 2.ppt
unit 2.pptunit 2.ppt
unit 2.ppt
 
Stallings Kurose and Ross
Stallings Kurose and RossStallings Kurose and Ross
Stallings Kurose and Ross
 
13528 l8
13528 l813528 l8
13528 l8
 
crypto1.ppt
crypto1.pptcrypto1.ppt
crypto1.ppt
 
needed.ppt
needed.pptneeded.ppt
needed.ppt
 
introduction to cryptography (basics of it)
introduction to cryptography (basics of it)introduction to cryptography (basics of it)
introduction to cryptography (basics of it)
 
crypto.ppt
crypto.pptcrypto.ppt
crypto.ppt
 
Block ciphers & public key cryptography
Block ciphers & public key cryptographyBlock ciphers & public key cryptography
Block ciphers & public key cryptography
 
Network Security Lec4
Network Security Lec4Network Security Lec4
Network Security Lec4
 
Computer security module 2
Computer security module 2Computer security module 2
Computer security module 2
 

Más de ESUG

Workshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingWorkshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingESUG
 
Technical documentation support in Pharo
Technical documentation support in PharoTechnical documentation support in Pharo
Technical documentation support in PharoESUG
 
The Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapThe Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapESUG
 
Sequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in PharoSequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in PharoESUG
 
Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...ESUG
 
Analyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsAnalyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsESUG
 
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6ESUG
 
A Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationA Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationESUG
 
Creating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingCreating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingESUG
 
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesThreaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesESUG
 
Exploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportExploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportESUG
 
Pharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsPharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsESUG
 
Garbage Collector Tuning
Garbage Collector TuningGarbage Collector Tuning
Garbage Collector TuningESUG
 
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseImproving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseESUG
 
Pharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FuturePharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FutureESUG
 
thisContext in the Debugger
thisContext in the DebuggerthisContext in the Debugger
thisContext in the DebuggerESUG
 
Websockets for Fencing Score
Websockets for Fencing ScoreWebsockets for Fencing Score
Websockets for Fencing ScoreESUG
 
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScriptShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScriptESUG
 
Advanced Object- Oriented Design Mooc
Advanced Object- Oriented Design MoocAdvanced Object- Oriented Design Mooc
Advanced Object- Oriented Design MoocESUG
 
A New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsA New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsESUG
 

Más de ESUG (20)

Workshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingWorkshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programming
 
Technical documentation support in Pharo
Technical documentation support in PharoTechnical documentation support in Pharo
Technical documentation support in Pharo
 
The Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapThe Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and Roadmap
 
Sequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in PharoSequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in Pharo
 
Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...
 
Analyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsAnalyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early results
 
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
 
A Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationA Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test Generation
 
Creating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingCreating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic Programming
 
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesThreaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
 
Exploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportExploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience Report
 
Pharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsPharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIs
 
Garbage Collector Tuning
Garbage Collector TuningGarbage Collector Tuning
Garbage Collector Tuning
 
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseImproving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
 
Pharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FuturePharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and Future
 
thisContext in the Debugger
thisContext in the DebuggerthisContext in the Debugger
thisContext in the Debugger
 
Websockets for Fencing Score
Websockets for Fencing ScoreWebsockets for Fencing Score
Websockets for Fencing Score
 
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScriptShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
 
Advanced Object- Oriented Design Mooc
Advanced Object- Oriented Design MoocAdvanced Object- Oriented Design Mooc
Advanced Object- Oriented Design Mooc
 
A New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsA New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and Transformations
 

Último

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024Stephanie Beckett
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfFIDO Alliance
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityScyllaDB
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...CzechDreamin
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxJennifer Lim
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKUXDXConf
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...FIDO Alliance
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Patrick Viafore
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfFIDO Alliance
 

Último (20)

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 

Cryptography for Smalltalkers

  • 1. Cryptography for Smalltalkers Martin Kobetic Cincom Smalltalk Development ESUG 2004
  • 2. To get the VW presentation  in the open repository in a bundle called Presentations-MK, class ESUG04Crypto. To load it and open it up in a recent version of VW just run this:  | profile |profile := Store.ConnectionProfile newname: 'open repository';driverClassName: 'PostgreSQLEXDIConnection'; environment: 'store.cincomsmalltalk.com:5432_store_public'; userName: 'guest'; password:'guest';yourself.  Store.RepositoryManager addRepository: profile;Store.DbRegistry connectTo: profile.Store.Bundle newestVersionWithName: 'Presentations-MK') loadSrc.ESUG04Crypto open
  • 3. Cryptographic Objectives  confidentiality – encryption  integrity – message authentication codes (MAC)  authentication – signatures
  • 4. Encryption  E(P)= C & D(C) = P  symmetric (secret) key ciphers – EK(P) = C & DK(C) = P  asymmetric (public) key ciphers – EK1(P) = C & DK2(C) = P  one-time pad
  • 5. Secret Key Ciphers  bulk data encryption  built from simple, fast operations (xor, shift, x + y mod n, ...)  two fundamental classes – stream ciphers (RC4) – block ciphers (DES/AES)
  • 6. Secret Key Ciphers key := ‘secret key’ asByteArray. alice := ARC4 key: key. msg := ‘Hello’ asByteArrayEncoding: #utf_8. msg := alice encrypt: ‘Hello’ msg asString. bob := ARC4 key: key. bob decryptInPlace: msg from: 1 to: 4. msg asStringEncoding: #utf_8.
  • 7. Stream Ciphers  time-varying transformation on individual plain- text digits key-stream generator: k1, k2, k3, .... State S, NextState(S), Output(S) E: ci = pi xor ki D: pi = ci xor ki  Pike, A5, RC4, SEAL  key reuse is catastrophic! (a xor k) xor (b xor k) = a xor b
  • 8. RC4 (1992)  leakedtrade secret of RSA Security (1994)  256 byte S-Box; 2 counters i=j=0 S-Box initialization: next key-stream byte: S = 0, ..., 255 i = (i + 1) mod 256 K = 256B of replicated key j = (j+Si) mod 256 for i=0 to 255: swap Si and Sj j = (j + Si + Ki) mod 256 t = (Si + Sj) mod 256 swap Si and Sj K = St
  • 9. RC4 alice := ARC4 key: key. msg := alice encrypt: 'Hello' asByteArray. msg asHexString. bob := ARC4 key: key. (bob decrypt: msg) asString
  • 10. Block Ciphers  fixed transformation on blocks of plaintext (e.g 64, 128 bits)  basic transformation applied in rounds  DES, IDEA, CAST, Blowfish, RC2, RC5
  • 11. DES (1977)  csrc.nist.gov: FIPS PUB 46 (1977)  FIPS PUB 46-3 (1999) – triple DES still approved – single DES legacy systems only  64 bit block size  56 bit key (64 bits with parity)  16 rounds using 48 bit subkeys
  • 12. Block Ciphers - Padding key := ‘secret8B’ asByteArray. alice := DES key: key. alice encrypt: ‘Hello World!’ asByteArray. alice := BlockPadding on: DES new. alice setKey: key. (alice encrypt: ‘Hello World!’ asByteArray) asString.
  • 13. Block Ciphers - Padding  must be reversible  pad with bits “100…0”  pad with padding size (1-8) – aka PKCS#5 padding  ciphertext stealing – different for different modes (ECB, CBC)  some modes don’t need padding
  • 14. Block Ciphers - ECB  electronic codebook mode  Ci = Ek(Pi)  Pi = Dk(Ci)  don’t use !
  • 15. Block Ciphers - CBC  cipher block chaining mode  Ci = Ek(Pi xor Ci-1)  Pi = Ci-1 xor Dk(Ci)  initialization vector (IV) – isn’t secret but unique, random – timestamp, nonce, random nr
  • 16. Block Ciphers - CBC alice := CipherBlockChaining on: DES new iv: ‘nonce 8B’ asByteArray. alice setKey: ‘secret8B’ asByteArray. msg := ‘a block a block ’ asByteArray. msg := alice encrypt: msg. msg asString
  • 17. Block Ciphers - CBC alice := DES newBP_CBC. alice setKey: 'secret8B' asByteArray. alice setIV: 'nonce 8B' asByteArray. msg := 'Hello World!' asByteArray. msg := alice encrypt: msg. msg asString.
  • 18. Block Ciphers - OFB  output feedback mode  Si = Ek(Si-1)  Ci = Pi xor Si  Pi = Ci xor Si  like synchronous stream cipher (OutputFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
  • 19. Block Ciphers - CTR  counter mode  Si := Ek(Nonce || i)  Ci = Pi xor Si  Pi = Ci xor Si  OFB variant
  • 20. Block Ciphers - CFB  cipher feedback mode  Ci = Pi xor Ek(Ci-1)  Pi = Ci xor Ek(Ci-1)  like self-synchronizing stream cipher (CipherFeeback on: DES new) setKey: ‘secret8B’ asByteArray; setIV: ‘nonce 8B’ asByteArray
  • 21. Block Ciphers - Mixing  interleaving – parallelizing “chained” modes  multiple encryption with single cipher – double encryption – no good – 3EDE (inner/outer CBC)  cascading different ciphers
  • 22. Block Ciphers - Mixing des3 := TrippleEDEOuterCBC first: DES new second: DES new third: DES new. des3 := DES new3EDE_CBC. des3 setKey: ’24bytes for 3 keys’ asByteArray. des3 setIV: ‘nonce 8B’ asByteArray.
  • 23. AES (2001)  NIST FIPS PUB 197 (2001) - Rijndael  15 submissions (1998)  5 finalists: MARS, Serpent, Twofish, RC6  modes: ECB, CBC, CFB, OFB, CTR  block size 128 bits  key sizes 128, 192, 256 bits  10, 12, 14 rounds
  • 24. Blowfish (1993)  http://www.counterpane.com/blowfish.html  block size 64-bits  variable key size 32-448 bits  not patented, royalty-free  2 parts: key expansion & data encryption  16 rounds, key dependent S-Boxes
  • 25. Books  Anderson: Security Engineering  Ferguson, Schneier: Practical Cryptography  Kahn: The Codebreakers, …  Menezes, van Oorschot, Vanstone: Handbook of Applied Cryptography  Schneier, B: Applied Cryptography