NoteNextra-origin/content/CSE4303/CSE4303_L7.md

# CSE4303 Introduction to Computer Security (Lecture 7)

## Cyptography in Symmetric Systems

### Symmetric systems

Symmetric (shared-key) encryption

- Classical techniques
- Computer-aided techniques
- Formal reasoning
- Realizations:
  - Stream ciphers
  - Block ciphers

#### Stream ciphers

1. Operate on PT one bit at a time (usually), as a bit "stream"
2. Generate arbitrarily long keystream on demand

Security abstraction:

1. XOR transfers randomness of keystream to randomness of CT regardless of PT’s content
2. Security depends on G being “practically” indistinguishable from random string and “practically” unpredictable
3. Idea: shouldn’t be able to predict next bit of generator given all bits seen so far

Keystream $G(k)$

- Idea: shouldn’t be able to predict next bit of generator given all bits seen so far
- Strategies and challenges: many!
- Idea that doesn’t quite work: Linear Feedback Shift Register (LFSR)
  - Choice of feedback: by algebra
  - Pro: fast, statistically close to random
  - Problem: susceptible to cryptanalysis (b/c linear)
  - LFSR-based
- Modifications to basic LFSR:
  - Use non-linear combo of multiple LFSRs
  - Use controlled clocking (e.g. only cycle the LFSR when another LFSR outputs a 1)
  - Etc.
- Others: mod arithmetic-based, other algebraic constructions

#### Block ciphers

1. Operate on PT one block at a time
2. Use same key for multiple blocks (with caveats)
3. Chaining modes intertwine successive blocks of CT (or not)

View cipher as a Pseudo-Random Permutation (PRP)

- PRP defined over $(K, X)$:

$$
E: K \times X \to X
$$

such that:

1. There exists an “efficient” deterministic algorithm to evaluate $E(k,x)$.
2. The function $E( k, \cdot )$ is one-to-one.
3. There exists an “efficient” inversion algorithm $D(k,y)$.

- i.e. a PRF that is an invertible 1-to-1 mapping from message space to
message space