Authentication

Alice sends a message to Bob. How can Bob verify that the message originated from Alice and not from Eve pretending to be Alice? Authentication is critical if Bob is to believe the message—for example, if the bank is trying to verify your Social Security or account number.

Confidentiality

Alice sends a message to Bob. How can Bob be sure that the message was not read by Eve? For example, personal communications need to be maintained as confidential.

Integrity

Alice sends a message to Bob. How does Bob verify that Eve did not intercept the message and change its contents?

Nonrepudiation

Alice could send a message to Bob and later deny that she ever sent a message to Bob. In such a case, how could Bob ever determine who actually sent him the message?

Mapping or Function

The encryption of the message can be defined as mapping the message from the domain to its range such that the inverse mapping should recover the original message. This mapping is a mathematical construct known as the function.

So we have a domain, and the range of the function is defined such that the elements of the domain will always map to the range of the function, never outside it. If f represents the function, and the message m ∈ the domain, then:

This function can represent, for example, swapping (shifting by k places) the characters positions in the message as defined by the function:

The inverse of this function f must recover the original message, in which case the function is invertible and one-to-one defined. If we were to apply two functions such as f followed by g, the composite function (g  f) must be defined and furthermore invertible and one-to-one to recover the original message:

We will later see that this function is an algorithm that tells the user in a finite number of ways to disguise (encrypt) the given message. The inverse function, if it does exist, would enable us to recover the original message, which is known as the decryption.

Probability

Information security is the goal of the secured data encryption; hence if the encrypted data is truly randomly distributed in the message space (range), to the hacker the encrypted message is equally likely to be in any one of the states (encrypted). This would amount to maximum entropy, so one could reasonably ask as to the likelihood of a hacker breaking the encrypted message, that is, what is the probability of an insecure event taking place? This is conceptually similar to a system being in statistical equilibrium, when it could be equally likely to be in any one of the states. This could lay the foundations of cryptoanalysis in terms of how secure the encryption algorithm is, and can it be broken in polynomial time?

Complexity

Computational complexity deals with problems that could be solved in polynomial time, for a given input. If a given encryption algorithm is known to be difficult to solve and may have a number of solutions, the hacker would have a surmountable task to solve it. Therefore, secured encryption can be examined within the scope of computational complexity to determine whether a solution exists in polynomial time. There is a class of problems that have solutions in polynomial time for a given input, designated as P. By contrast, NP is the set of all problems that have solutions in polynomial time but the correctness of the problem cannot be ascertained. Therefore, NP is a larger set containing the set P. This is useful, for it leads us to NP-completeness, which reduces the solvability of problems in class P to class NP.

Consider a simple example—a set S={4, 7, 12, 1, 10} of five numbers. We want any three numbers to add to 23. Each of the numbers is either selected once only or not selected. The target is 23. Is there an algorithm for the target 23? If there is one, do we have more than one solution? Let’s explore whether we can add three numbers to reach a target of 25. Is there a solution for a target of 25? Does a solution exist, and can we investigate in polynomial time? We could extend this concept of computational complexity to crack encryption algorithm that is public, but the key used to encrypt and decrypt the message is kept private. So, in essence the cryptoanalysis deals with discovering the key.

The Euclidean Algorithm

Given two positive integers, a and b, find the greatest common divisors of a and b. Let d be the greatest common divisors (gcd) of a and b, then,

Use the following example:

Hence:

The Extended Euclidean Algorithm

Let a and b be two positive integers, then

Use the following example:

Therefore:

Hence:

Modular Arithmetic

For a given integer a, positive integer m, and the remainder r,

Consider examples:

{divide −18 by 14 leaves −4 as a remainder, then add 14 to −4 so that (−4+14)=10 so the remainder is nonnegative}

A set of residues is a set consisting of remainders obtained by dividing positive integers by a chosen positive number m (modulus).

Take m=7, then

Congruence

In arithmetic we normally use the relational operator, equal (=), to express that the pair of numbers are equal to each other, which is a binary operation. In cryptography we use congruence to express that the residue is the same for a set of integers divided by a positive integer. This essentially groups the positive integers into equivalence classes. Let’s look at some examples:

Hence we say that the set {2, 12, 22} are congruent mod 10.

Residue Class

A residue class is a set of integers congruent mod m, where m is a positive integer.

Take m=7:

Some more useful operations defined in Z_m:

Inverses

In everyday arithmetic, it is quite simple to find the inverse of a given integer if the binary operation is either additive or multiplicative, but such is not the case with modular arithmetic.

We will begin with the additive inverse of two numbers a, b∈Z_m

That is, the additive inverse of a is b=(m−a).

Given

then:

Verify:

Similarly, the multiplicative inverse of two integers a, b∈Z_m if

a has a multiplicative inverse b∈Z_m if and only if

in which case (m, a) are relative prime.

We remind the reader that a prime number is any number greater than 1 that is divisible (with a remainder 0) only by itself and 1. For example, {2, 3, 5, 7, 11, 13,…} are prime numbers, and we quote the following theorem for the reader.

Fundamental Theorem of Arithmetic

Each positive number is either a prime number or a composite number, in which case it can be expressed as a product of prime numbers.

Let’s consider a set of integers mod 10 to find the multiplicative inverse of the numbers in the set:

then there are only three pairs (1,1); (3,7); and (9,9):

The numbers {0, 2, 4, 5, 6, 8} have no multiplicative inverse.

Consider a set:

Then,

You will note that Z_n* is a subset of Z_n with unique multiplicative inverse.

Each member of Z_n has a unique additive inverse, whereas each member of Z_n* has a unique multiplicative inverse.

Congruence Relation Defined

The a is congruent to b (mod m) if m divides (a−b), that is, the remainder is zero.

Examples: 87 ≡ 27 mod 4, 67 ≡ 1 mod 6.

Next we quote three theorems:

Theorem 1: Suppose that a ≡ c mod m and b ≡=d mod m, then

Theorem 2: Suppose a*b≡a*c (mod m)

Theorem 3: Suppose a*b≡a*c (mod m)

Example to illustrate the use of the theorems just stated:

then

since

therefore,

also

therefore,

Given,

find x.

Since

therefore,

you will observe that,

therefore,

and the multiplicative inverse of 7⁻¹ is 4, therefore,

Substitution Cipher

Shift ciphers, also known as additive ciphers, are an example of a monoalphabetic character cipher in which each character is mapped to another character, and a repeated character maps to the same character irrespective of its position in the string. We give a simple example of an additive cipher, where the key is 3, and the algorithm is “add.” We restrict the mapping to {0, 1, ........., 7} (see Table 2.1)—that is, we use mod 8. This is an example of finite domain and the range for mapping, so the inverse of the function can be determined easily from the ciphertext.

Observations:

The affine cipher has two operations, addition and multiplication, with two keys. Once again the arithmetic is mod m, where m is a chosen positive integer.

where k and b are chosen from integers {0, 1, 2, 3,.........., (m−1)}, and x is the symbol to be encrypted.

The decryption is given as:

where

is the multiplicative inverse of k in Z_n*

(—b) is the additive inverse in Z_n

Consider,

Then,

In this case, the multiplicative inverse of 5 happens to be 5.

Monoalphabetic substitution ciphers are easily broken, since the key size is small (see Table 2.2).

Transposition Cipher

A transposition cipher changes the location of the character by a given set of rules known as permutation. A cyclic group defines the permutation with a single key to encrypt, and the same key is used to decrypt the ciphered message. Table 2.3 provides an illustration.

• Each bit of ciphertext should depend on all bits of the key and all bits of the plaintext.

• There should be no evidence of statistical relationship between the plaintext and the ciphertext.

S-Box

The reader should note that an S-box can have a 3-bit input binary string, and its output may be a 2-bit. The S-box may use a key or be keyless. Let S(x) be the linear function computed by the following function [1]:

Such a function is referred to as an S-box. For a given 4-bit block of plaintext x₁x₂x₃x₄ and the 3-bit key, k₁k₂k₃, let

where ⊕ represents exclusive OR

Given ciphertext, y₁y₂y₃y₄ computed with E and the key, k₁k₂k₃, compute

S-boxes are classified as linear if the number of output bits is the same as the number of input bits, and they’re nonlinear if the number of output bits is different from the number of input bits. Furthermore, S-boxes can be invertible or noninvertible.

P-Boxes

A P-box (permutation box) will permute the bits per specification. There are three different types of P-boxes, as shown in Tables 2.4, 2.5, and 2.6.

In the compression P-box, inputs 2 and 4 are blocked.

The expansion P-box maps elements 1, 2, and 3 only.

Let’s consider a permutation group with the mapping defined, as shown in Table 2.7.

This group is a cyclic group with elements:

The identity mapping is given by a⁷=e. The inverse element is a⁻¹.

Table 2.7 shows a permutation of an 8-bit string (11110010).

Product Ciphers

Modern block ciphers are divided into two categories. The first category of the cipher uses both invertible and noninvertible components. A Feistel cipher belongs to the first category, and DES is a good example of a Feistel cipher. This cipher uses the combination of S-boxes and P-boxes with compression and expansion (noninvertible).

The second category of cipher only uses invertible components, and Advanced Encryption Standard (AES) is an example of a non-Feistel cipher. AES uses S-boxes with an equal number of inputs and outputs and a straight P-box that is invertible.

Alternation of substitutions and transpositions of appropriate forms when applied to a block of plaintext can have the effect of obscuring statistical relationships between the plaintext and the ciphertext and between the key and the ciphertext (diffusion and confusion).

Definition Group

A definition group (G, •) is a finite set G together with an operation • satisfying the following conditions [2]:

Definitions of Finite and Infinite Groups (Order of a Group)

A group G is said to be finite if the number of elements in the set G is finite; otherwise the group is infinite.

Definition Abelian Group

A group G is abelian if for all a, b∈G, a • b=b • a

The reader should note that in a group, the elements in the set do not have to be numbers or objects; they can be mappings, functions, or rules.

Examples of a Group

The set of integers Z is a group under addition (+), that is, (Z, +) is a group with identity e=0, and inverse of an element a is (−a). This is an additive abelian group, but infinite.

Nonzero elements of Q (rationale), R (reals), and C (complex) form a group under multiplication, with the identity element e=1, and a⁻¹ being the multiplicative inverse.

For any n≥1, the set of integers modulo n forms a finite additive group of n elements.

G=<Z_n,+> is an abelian group.

The set of Z_n* with multiplication operator, G=<Z_n*, x>is also an abelian group.

The set Z_n*, is a subset of Z_n and includes only integers in Z_n that have a unique multiplicative inverse.

Definition: Subgroup

A subgroup of a group G is a non empty subset H of G, which itself is a group under the same operations as that of G. We denote that H is a subgroup of G as H⊆G, and H⊂G is a proper subgroup of G if the set H≠G [2]:

Examples of subgroups:

Under addition, Z⊆Q⊆R⊆C.

H=<Z₁₀,+> is a proper subgroup of G=<Z_l2,+>

Definition: Cyclic Group

A group G is said to be cyclic if there exists an element a∈G such that for any b∈G, and i≥0, b=aⁱ. Element a is called a generator of G.

The group G=<Z_10*, x>is a cyclic group with generators g=3 and g=7.

The group G=<Z₆,+> is a cyclic group with generators g=1 and g=5.

Rings

Let R be a non-empty set with two binary operations addition (+) and multiplication (*). Then R is called a ring if the following axioms are met:

Definition: Field

If the nonzero elements of a ring form a group under multiplication, the ring is called a field.

Finite Fields GF(2ⁿ)

Construction of finite fields and computations in finite fields are based on polynomial computations. Finite fields play a significant role in cryptography and cryptographic protocols such as the Diffie and Hellman key exchange protocol, ElGamal cryptosystems, and AES.

For a prime number p, the quotient Z/p (or F_p) is a finite field with p number of elements. For any positive integer q, GF(q)=F_q. We define A to be algebraic structure such as a ring, group, or field.

Definition: A polynomial over A is an expression of the form

where n is a nonnegative integer, the coefficient a_i∈A, 0≤i≤n, and x ∉ A [2].

Definition: A polynomial f∈A[x] is said to be irreducible in A[x] if f has a positive degree and f=gh for some g, h∈A[x] implies that either g or h is a constant polynomial [2].

The reader should be aware that a given polynomial can be reducible over one structure but irreducible over another.

Definition: Let f, g, q, and r∈A[x] with g ≠ 0. Then we say that r is a remainder of f divided by g:

The set of remainders of all the polynomials in A[x](mod g) denoted as A[x]_g.

Theorem: Let F be a field and f be a nonzero polynomial in F[x]. Then F[x]_f is a ring and is a field if f is irreducible over F.

Theorem: Let F be a field of p elements, and f be an irreducible polynomial over F. Then the number of elements in the field F[x]f is pⁿ [2].

For every prime p and every positive integer n there exists a finite field of pⁿ number of elements.

For any prime number p, Z_p is a finite field under addition and multiplication modulo p with 0 and 1 as the identity under addition and multiplication.

Z_p is an additive ring and the nonzero elements of Z_p, denoted by Z_p*, forms a multiplicative group.

Galois field, GF(pⁿ) is a finite field with number of elements pⁿ, where p is a prime number and n is a positive integer.

Example: Integer representation of a finite field (Rijndael) element.

Polynomial f(x)=x⁸+x⁴+x³+x+1 is irreducible over F_2.

The set of all polynomials(mod f) over F₂ forms a field of 2⁸ elements; they are all polynomials over F₂ of degree less than 8. So any element in the field F₂[x]_f

where b₇,b₆,b₅,b₄,b₃,b₂,b₁,b₀∈F₂ thus any element in this field can represent an 8-bit binary number.

We often use field with 256 elements because there exists an isomorphism between Rijndael and

Data inside a computer is organized in bytes (8 bits) and is processed using Boolean logic, that is, bits are manipulated using binary operations addition and multiplication. These binary operations are implemented using the logical operator XOR, or in the language of finite fields, GF(2). Since the extended ASCII defines 8 bits per byte, an 8-bit byte has a natural representation using a polynomial of degree 8. Polynomial addition would be mod 2, and multiplication would be mod polynomial degree 8. Of course this polynomial degree 8 would have to be irreducible. Hence the Galois field GF(2⁸) would be the most natural tool to implement the encryption algorithm. Furthermore, this would provide a close algebraic formulation.

Consider polynomials over GF(2) with p=2 and n=1.

For polynomials with negative coefficients, −1 is the same as +1 in GF(2). Obviously, the number of such polynomials is infinite. Algebraic operations of addition and multiplication in which the coefficients are added and multiplied according to the rules that apply to GF(2) are sets of polynomials that form a ring.

Modular Polynomial Arithmetic Over GF(2)

The Galois field GF(2³): Construct this field with eight elements that can be represented by polynomials of the form

Two choices for a, b, c give 2×2×2=8 polynomials of the form

What is our choice of the irreducible polynomials for this field?

These two polynomials have no factors: (x³+x²+1), (x³+x+1)

So we choose polynomial (x³+x+1). Hence all polynomial arithmetic multiplication and division is carried out with respect to (x³+x+1).

The eight polynomials that belong to GF(2³):

You will observe that GF(8)={0,1,2,3,4,5,6,7} is not a field, since every element (excluding zero) does not have a multiplicative inverse such as {2, 4, 6} (mod 8) [2].

Using a Generator to Represent the Elements of GF(2ⁿ)

It is particularly convenient to represent the elements of a Galois field with the help of a generator element. If α, is a generator element, then every element of GF(2ⁿ), except for the 0 element, can be written as some power of α. A generator is obtained from the irreducible polynomial that was used to construct the finite field. If f(α) is the irreducible polynomial used, then α, is that element that satisfies the equation f(α)=0. You do not actually solve this equation for its roots, since an irreducible polynomial cannot have actual roots in the field GF(2).

Consider the case of GF(2³), defined with the irreducible polynomial x³+x+1. The generator α, is that element that satisfies α³+α+1=0. Suppose α is a root in GF(2³) of the polynomial p(x)=1+x+x³, that is, p(α)=0, then

All powers of α generate nonzero elements of GF₈. The polynomials of GF(2³) represent bit strings, as shown in Table 2.8.

We now consider all polynomials defined over GF(2), modulo the irreducible polynomial x³+x+1. When an algebraic operation (polynomial multiplication) results in a polynomial whose degree equals or exceeds that of the irreducible polynomial, we will take for our result the remainder modulo the irreducible polynomial. For example,

Recall that 1+1=0 in GF(2). With multiplications modulo (x³+x+1), we have only the following eight polynomials in the set of polynomials over GF(2):

We refer to this set as GF(2³), where the power of 2 is the degree of the modulus polynomial. The eight elements of Z₈ are to be integers modulo 8. Similarly, GF(2³) maps all the polynomials over GF(2) to the eight polynomials shown. But you will note the crucial difference between GF(2³) and 2³: GF(2³) is a field, whereas Z₈ is not [2].

GF(2³) is a Finite Field

We know that GF(2³) is an abelian group because the operation of polynomial addition satisfies all the requirements of a group operator and because polynomial addition is commutative. GF(2³) is also a commutative ring because polynomial multiplication is a distributive over polynomial addition. GF(2³) is a finite field because it is a finite set and because it contains a unique multiplicative inverse for every nonzero element.

GF(2ⁿ) is a finite field for every n. To find all the polynomials in GF(2ⁿ), we need an irreducible polynomial of degree n. AES arithmetic is based on GF(2⁸). It uses the following irreducible polynomial:

The finite field GF(2⁸) used by AES obviously contains 256 distinct polynomials over GF(2). In general, GF(pⁿ) is a finite field for any prime p. The elements of GF(pⁿ) are polynomials over GF(p) (which is the same as the set of residues Z_p).

Next we show how the multiplicative inverse of a polynomial is calculated using the Extended Euclidean algorithm:

Mathematical Preliminaries

Within a block, the fundamental unit operated on is a byte, that is, 8 bits. Bytes can be interpreted in two different ways. A byte is given in terms of its bits as b₇b₆b₅b₄b₃b₂b₁b₀. We may think of each bit as an element in GF(2), the finite field of two elements (mod 2). First, we may think of a byte as a vector, b₇b₆b₅b₄b₃b₂b₁b₀ in GF(2⁸). Second, we may think of a byte as an element of GF(2⁸), in the following way: Consider the polynomial ring GF(2)[X]. We may mod out by any polynomial to produce a factor ring. If this polynomial is irreducible and of degree n, the resulting factor ring is isomorphic to GF(2ⁿ). In Rijndael, we mod out by the irreducible polynomial X8+X4+X3+X+1 and so obtain a representation for GF(2⁸). The Rijndael algorithm deals with five units of data in the encryption scheme:

State

For our discussion purposes, we will consider a data block of 128 bits with a ky size of 128 bits. The state is 128 bits long. We think of the state as divided into 16 bytes, a_ij where 0≤i, j≤3. We think of these 16 bytes as an array, or matrix, with 4 rows and 4 columns, such that a₀₀ is the first byte, b₀ and so on (see Figure 2.1).

AES uses several rounds (10, 12, or 14) of transformations, beginning with a 128-bit block. A round is made up of four parts: S-box, permutation, mixing, and subkey addition. We discuss each part here [2,3].

The Electronic Code Book (ECB)

In this mode, the message is split into blocks, and the blocks are sequentially encrypted. This mode is vulnerable to attack using the frequency analysis, the same sort used in simple substitution. Identical blocks would get encrypted to the same blocks, thus exposing the key [1].

Cipher-Block Chaining (CBC)

A logical operation is performed on the first block with what is known as an initial vector using the secret key so as to randomize the first block. The output of this step is logically combined with the second block and the key to generate encrypted text, which is then used with the third block and so on [1].

Review: Number Theory

Asymmetric-key encryption uses prime numbers, which are a subset of positive integers. Positive integers are all odd and even numbers, including the number 1, such that some of the numbers are composite, that is, products of numbers therein. This critical fact plays a significant role in generating keys. Next we will go through some statements of fact for the sake of completeness.

Factorization Attack

If the middleman, Eve, can factor n correctly, then she correctly guesses p, q, and ϕ(m). Reminding ourselves that the public key e is public, then Eve has to compute the multiplicative inverse of e:

So if the modulus m is chosen to be 1024 bits long, it would take considerable time to break the RSA system unless an efficient factorization algorithm could be found [2,3] (see sidebars “Chosen-Ciphertext Attack” and “The e^th Roots Problem”).

1. Alice picks a prime number p, with the base g, exponent a to generate a public key A

2. A=g^a mod p

3. (g, p, A) are made public, and a is kept private.

4. Bob picks a prime number p, base b, and an exponent b to generate a public key B.

5. B=g^b mod p

6. (g, p, B) are made public, and b is kept private,

7. Bob using A generates the shared secret key S.

8. S=A^b mod p

9. Alice using B generates the shared secret key S.

10. S=B^a mod p

Alice: p=53, g=18, a=10

A=18¹⁰ mod 53=24

Bob: p=53, g=18, b=11

B=18¹¹ mod 53=48

S=24¹¹ mod 53=48¹⁰ mod 53=15

An Example

Let p=23 and consider the elliptic curve E: y²=x³+x+1, defined over Z₂₃. (In the notation of Equation 24.1, we have a=1 and b=1.) Note that 4a³+27b²=4+4=8≠0, so E is indeed an elliptic curve. The points in E(Z₂₃) are O and the following are shown in Table 2.18.

Hence,

Example of Elliptic Curve Addition

Consider the elliptic curve defined in the previous example. (Also see sidebar, “EC Diffie-Hellman Algorithm.”) [4].

Hence 2P=(7, 12).

Consider the following elliptic curve with

Set p=11 and a=1 and b=2. Take a point P (4, 2) and multiply it by 3; the resulting point will be on the curve with (4, 9).

EC Security

Suppose Eve the middleman captures (p, a, b, Q_A, Q_B). Can Eve figure out the shared secret key without knowing either (d_B, d_A)? Eve could use

to compute the unknown d_A, which is known as the Elliptic Curve Discrete Logarithm problem [4].

Cryptographic Hash Functions

A cryptographic hash function must satisfy three criteria:

Message Authentication

Alice sends a message to Bob. How can Bob be sure that the message originated from Alice and not someone else pretending to be Alice? If you are engaged in a transaction on the Internet using a Web client, you need to make sure that you are not engaged with a dummy Web site or else you could submit your sensitive information to an unauthorized party. Alice in this case needs to demonstrate that she is communicating and not an imposter.

Alice creates a message digest using the message (M), then using the shared secret key (known to Bob only) she combines the key with a message digest and creates a message authentication code (MAC). She then sends the MAC and the message (M) to Bob over an insecure channel. Bob uses the message (M) to create a hash value and then recreates a MAC using the secret shared key and the hash value. Next he compares the received MAC from Alice with his MAC. If the two match, Bob is assured that Alice was indeed the originator of the message [1].

Digital Signature

Message authentication is implemented using the sender’s private key and verified by the receiver using the sender’s public key. Hence if Alice uses her private key, Bob can verify that the message was sent by Alice, since Bob would have to use Alice’s public key to verify. Alice’s public key cannot verify the signature signed by Eve’s private key [1].

Message Integrity Uses a Hash Function in Signing the Message

Nonrepudiation is implemented using a third party that can be trusted by parties that want to exchange messages with one another. For example, Alice creates a signature from her message and sends the message, her identity, Bob’s identity, and the signature to the third party, who then verifies the message using Alice’s public key that the message came from Alice. Next the third party saves a copy of the message with the sender’s and the recipient’s identity and the time stamp of the message.

The third party then creates another signature using its private key from the message that Alice left behind. The third party then sends the message, the new signature, and Alice’s and Bob’s identity to Bob, who then uses the third party’s public key to ascertain that the message came from the third party [1].

RSA Digital Signature Scheme

Alice and Bob are the two parties that are going to exchange the messages. So, we begin with Alice, who will generate her public and private key using two distinct prime numbers—say, p and q. Next she calculates n=p×q. Using Φ(n)=(p−l)(q−1), picks e and computes d such that e×d=1 mod (Φ(n). Alice declares (e, n) public, keeping her private key d secret.

Signing: Alice takes the message and computes the signature as:

She then sends the message M and the signature S to Bob.

Bob receives the message M and the signature S, and then, using Alice’s public key e and the signature S, recreates the message M′=S^e (mod n). Next Bob compares M′ with M, and if the two values are congruent, Bob accepts the message [1].

RSA Digital Signature and the Message Digest

Alice and Bob agree on a hash function. Alice applies the hash function to the message M and generates the message digest, D=hash(M). She then signs the message digest using her private key,

Alice sends the signature S and the message M to Bob. He then uses Alice’s public key, and the signature S recreates the message digest D’=S^e (mod n) as well as computes the message digest D= hash(M) from the received message M. Bob then compares D with D’, and if they are congruent modulo n, he accepts the message [1].

Next, let’s take a very very brief look at the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). When implemented, TDEA may be used by organizations to protect sensitive unclassified data. Protection of data during transmission or while in storage may be necessary to maintain the confidentiality and integrity of the information represented by the data.

Applications

Cryptography is utilized in various applications and environments. The specific utilization of encryption and the implementation of TDEA is based on many factors particular to the computer system and its associated components. In general, cryptography is used to protect data while it is being communicated between two points or while it is stored in a medium vulnerable to physical theft or technical intrusion (hacker attacks). In the first case, the key must be available by the sender and receiver simultaneously during communication. In the second case, the key must be maintained and accessible for the duration of the storage period. The following checklist (see checklist: “An Agenda For Action Of Conformance Requirements For The Installation, Configuration And Use Of TDEA”) lays out an agenda for action for conformance to many of the requirements that are the responsibility of entities installing, configuring or using applications or protocols that incorporate the recommended use of TDEA.

True/False

Multiple Choice

Problem

How is the DEA cryptographic engine used by TDEA to cryptographically protect (encrypt) blocks of data consisting of 64 bits under the control of a 64-bit key?

Hands-On Projects

Case Projects

Optional Team Case Project