Saturday, April 25, 2009

encryption

Most of then are concerpted from wikipedia.

and some from cisco

CSS:

Content Scramble System (CSS) is a Digital Rights Management (DRM) scheme used on almost all commercially produced DVD-Video discs. It utilizes a proprietary 40-bit stream cipher algorithm. The system was introduced around 1996 and has subsequently been compromised.

CSS key is a collective term for authentication key, disc keys, player keys, title keys, secured disk key set, and/or encrypted title keys.

Some of the keys are stored on the lead-in area of the disk, which is generally only read by compliant drives. Keys can be passed from a DVD drive to a descrambler over a PC bus using a secure handshake protocol

he purpose of CSS is twofold. First and foremost, it prevents byte-for-byte copies of an MPEG stream from being playable since such copies will not include the keys that are hidden on the lead-in area of the restricted DVD disk. Second, it provides a reason for manufacturers to make compliant devices, since CSS scrambled disks will not play on noncompliant devices. Anyone wishing to build compliant devices must obtain a license, which contains the requirement that the rest of the DRM system be implemented.

In October 1999 the algorithm and DeCSS was released.  Structural flaws in the algorithm reduced the effective key length to only around 16 bits, which could be brute-forced by a 450 MHz processor in less than a minute.

DES

Published as the U.S. Federal Information Processing Standard 46 in 1977, DES is still widely used, despite being proven inadequate for use in many applications. It is a symmetric block cipher (shared secret key), with its block size fixed at 64 bits. There are four defined modes of operation, with the Electronic Code Book (ECB) mode being the most widely used. Additionally, DES has been incorporated into numerous other standards, such as American Bankers Association's Protection of Personal Identification Numbers in Interchange Standard, Management and Use of Personal Identification Numbers Standard, Key Management Standard, and three ANSI standards, Data Encryption Algorithm (DEA), Standard for Personal Identification Number (PIN) Management and Security, and Standard for Financial Institution Message Authentication [3]. In particular, DES is also specified as an approved algorithm in the IP Security Architecture (IPSec) standard [9], which is used in the equipment from many different suppliers.

Key length is one of the two most important security factors of any encryption algorithm—the other one being the design of the algorithm itself. DES uses a 64-bit block for the key; however, 8 of these bits are used for odd parity and are, therefore, not counted in the key length. The effective key length is then calculated as 56 bits, giving 256 possible keys. A true 64-bit key has 256 times as many keys, whereas a 128-bit key is 272 times "better" than a 56-bit key. As if this was not enough, DES also has so-called weak and semi-weak keys. During the encryption process, the key is used to generate two values that are used for separate purposes during the process. These 16 weak and semi-weak keys will produce values that don't appear to be random. They will give outputs of all-ones, all-zeros, or distinguishable patterns of ones and zeros. It is generally recognized that these 16 key values should not be used. The key length was known to be a factor in trusting DES soon after DES was published. For this reason, people started exploring the use of multiple encryption passes and multiple keys. Triple DES (3DES) is a way of using DES encryption three times.

The most common method is to first encrypt the data block with one key. The output of this operation is run through the decryption process with a second key, and the output of that operation is run through the encryption process again with the first key. This process makes the effective key length 112 bits long. Again, the problem with weak and semi-weak keys remains. The disadvantage of Triple DES is that it is about one-third as fast as DES when processing data. This effort just slightly extended the life of DES while a suitable alternative could be found.

Because some internal structures used in DES are not designed to be strong against linear cryptanalysis, it is quite effective when used against DES. To show that the DES is inadequate and should not be used in important systems anymore.

When spoken, "DES" is either spelled out (IPA: /diː iː ɛs/) as an abbreviation or pronounced as a single syllable (IPA: /dɛs/) acronym

AES

Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. 

As of 2009, AES is one of the most popular algorithms used in symmetric key cryptography. AES is the first publicly accessible and open cipher approved by the NSA for top secret information.Unlike its predecessor DES, AES does not use a Feistel network.

AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits, whereas Rijndael can be specified with block and key sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits.
Assuming one byte equals 8 bits, the fixed block size of 128 bits is 128 ÷ 8 = 16 bytes. AES operates on a 4×4 array of bytes, termed the state. he AES cipher is specified as a number of repetitions of transformation rounds that convert the input plain-text into the final output of cipher-text. Each round consists of several processing steps, including one that depends on the encryption key. A set of reverse rounds are applied to transform cipher-text back into the original plain-text using the same encryption key.

High-level description of the algorithm

1. KeyExpansion using Rijndael's key schedule

2.Initial Round
AddRoundKey
Rounds
SubBytes—a non-linear substitution step where each byte is replaced with another according to a lookup table - an 8-bit substitution box, the Rijndael S-box
ShiftRows—a transposition step where each row of the state is shifted cyclically a certain number of steps.
MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in each column
AddRoundKey—each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule.
3.Final Round (no MixColumns)
SubBytes
ShiftRows
AddRoundKey

M6

M6 is a block cipher proposed by Hitachi in 1997 for use in the IEEE 1394 FireWire standard.

The algorithm operates on blocks of 64 bits using a 10-round Feistel network structure. The key size is 40 bits by default, but can be up to 64 bits. Because its round function is based on rotation and addition, M6 was one of the first ciphers attacked by mod n cryptanalysis. Mod 5, about 100 known plaintexts suffice to distinguish the output from a pseudorandom permutation. Due to its simple key schedule, M6 is also vulnerable to a slide attack, which requires more known plaintext but less computation.

C2

The Cryptomeria cipher, commonly referred to as C2, is a proprietary block cipher defined and licensed by the 4C Entity. It is the successor to CSS algorithm (used for DVD-Video) and was designed for the CPRM/CPPM Digital Rights Management scheme which are used by DRM-restricted Secure Digital cards and DVD-Audio discs.

Like DES, it has a key size of 56 bits and a block size of 64 bits. The encryption and decryption algorithms are available for peer review, but implementations require the so-called "secret constant", the values of the substitution boxes, which are only available under a license from the 4C Entity.

SHA

The SHA hash functions are a set of cryptographic hash functions designed by the National Security Agency (NSA).SHA stands for Secure Hash Algorithm. The three SHA algorithms are structured differently and are distinguished as SHA-0, SHA-1, and SHA-2. The SHA-2 family uses an identical algorithm with a variable digest size which is distinguished as SHA-224, SHA-256, SHA-384, and SHA-512.

SHA-1 is the best established of the existing SHA hash functions, and is employed in several widely used security applications and protocols.In 2005, security flaws were identified in SHA-1, namely that a possible mathematical weakness might exist, indicating that a stronger hash function would be desirable. Although no attacks have yet been reported on the SHA-2 variants, they are algorithmically similar to SHA-1 and so efforts are underway to develop improved alternatives.[2][3] A new hash standard, SHA-3, is currently under development.

SHA-1 (as well as SHA-0) produces a 160-bit digest from a message with a maximum length of (264 − 1) bits. SHA-1 is based on principles similar to those used by Ronald L. Rivest of MIT in the design of the MD4 and MD5 message digest algorithms, but has a more conservative design.

NIST published four additional hash functions in the SHA family, named after their digest lengths (in bits): SHA-224, SHA-256, SHA-384, and SHA-512. The algorithms are collectively known as SHA-2.

SHA-256 and SHA-512 are novel hash functions computed with 32- and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are simply truncated versions of the first two, computed with different initial values.

No comments: