Data Security in Wireless Local Area Network

2 downloads 0 Views 4MB Size Report
Oct 31, 2005 - Step 3: R0 is expanded from 32 bits to 48 bits. This is done by using a ..... form of the key schedules for encryption and decryption is the same. This has the ...... 36.6269 36.8936 32.4595 32.043 43.7352. Figure (5.14): ...
Menoufia University Faculty of Electronic Engineering Department of Electronics and Electrical Communications Engineering

Data Security in Wireless Local Area Network A Thesis submitted for the partial fulfillment of the Degree of M.Sc. of Communications Engineering

By

Eng. Amr Muhammed Abdel Wahed Kishk Demonstrator, Department of Reactors, Atomic Energy Authority, Egypt

Supervisors Prof. Nagy W. Messiha Department of Electronics and Electrical Communications Engineering Faculty of Electronic Engineering, Menoufia University

Prof. Nabil M. A. Ayad Vice Chairman, Reactors Division, Atomic Energy Authority, Egypt

Prof. Nawal A. Elfeshawy Head of Computer Science and Engineering Department Faculty of Electronic Engineering, Menoufia University

2010

Menoufia University Faculty of Electronic Engineering Department of Electronics and Electrical Communications Engineering

Data Security in Wireless Local Area Network A Thesis submitted for the partial fulfillment of the Degree of M.Sc. of Communications Engineering

By

Eng. Amr Muhammed Abdel Wahed Kishk Demonstrator, Department of Reactors, Atomic Energy Authority, Egypt

Approved by Prof. Salah El-din Yousuf Sayed

(

)

Head of Communications Engineering Department Faculty of Engineering, Misr University for Science and Technology

Prof. Hosam El-din Hesseen Ahmed

(

)

Department of Electronics and Electrical Communications Engineering Faculty of Electronic Engineering, Menoufia University

Prof. Nagy W. Messiha

(

)

Department of Electronics and Electrical Communications Engineering Faculty of Electronic Engineering, Menoufia University

Prof. Nawal A. Elfeshawy

(

Head of Computer Science and Engineering Department Faculty of Electronic Engineering, Menoufia University

2010

)

ACKNOWLEDGEMENTS First and foremost all praises and thanks to Allah who gave me the ability and bestowed me with perseverance to complete this thesis. After that, I wish to express my sincere appreciation to my advisors Prof. Nagy W. Messiha, Prof. Nabil M. A. Ayad, and Prof. Nawal A. Elfeshawy for their guidance, encouragement, and support. In addition, I want to thank Dr. Fathi E. Abd ElSamie for his help and support during all the time of my work.

Last, but not least, my deepest love and gratitude is devoted to my whole family. I would like to thank my father, my mother, and my future wife. More words cannot express how much I love and appreciate them. This thesis is a simple dedication for their support love.

I

LIST OF PUBLICATIONS 1. Amr M. Kishk, Nagy W. Messiha, Nabil M. A. Ayad , Nawal A. Elfeshawy, and Fathi E. Abdel-Samie, “Enhancement in the Identities-Exchange Process during the Authentication Process”, International Journal of Computer and Network Security (IJCNS), Vol. 1, NoM. 3, pp. 34-37, December 2009. 2. Amr M. Kishk, Nagy W. Messiha, Nabil M. A. Ayad , Nawal A. Elfeshawy, and Fathi E. Abdel-Samie, “Fast and Flexible Symmetrical Encryption Algorithm based on Key-Updating”, National Radio Science Conference (NRSC), pp. (C24-1)–(C24-12) , March 2010.

II

ABSTRACT The ever increasing demand for performance and data security improvement in Wireless Local Area Network (WLAN) has motivated increasing the difficulties to crack the system by man-in-the middle attacks. There are two primary and main objectives of this thesis to enhance data security in WLAN. The first objective is the enhancement of identities-exchange and key-exchange during authentication process. The second objective is the investigation of a proposed symmetrical encryption algorithm based on key-updating to enhance the performance of data-security in WLAN. The current asymmetrical encryption algorithms are used to authenticate the devices in WLAN to each other. They are used to exchange the identities and the keys in a secret channel during the authentication process. This thesis investigates the problems of identities-exchange. The enhancement of the identities-exchange and key-exchange stages during the authentication process has been suggested and studied in the thesis to solve the drawbacks of the traditional asymmetrical encryption algorithms.

Next, the investigation of a proposed symmetrical encryption to encrypt the data during the data-exchange process gives a new approach to increase the difficulties to the man-in-the middle attacks to crack the system. The keyupdating with each packet is the new approach to solve the problem of the fixedkey used to encrypt/decrypt the data with all packets in WLAN. A Comparative study between the proposed symmetrical encryption algorithms and the other algorithms is presented in the thesis. Proposed symmetrical encryption algorithm is applied on a text, voice, and image messages as practical applications of the proposed symmetrical encryption algorithm. Finally, the man-in-the middle attacks can broadcast noise signals in WLAN channels to prevent the data to reach correctly to the end-user. The quality of the received image is measured for the proposed and the traditional symmetrical III

encryption algorithms to represent the ability to resist the noise. A comparative study of these algorithms with respect to noise-resistance is done by using the image message.

IV

TABLE OF CONTENTS Acknowledgements

I

List of Publications

II

Abstract

III

Table of Contents

V VIII

List of Abbreviations List of Figures

X

List of Tables

XIII

Chapter 1 Introduction

1

1.1 Introduction

1

1.2 Modes of Operation

4

1.2.1 Electronic Codebook (ECB)

4

1.2.2 Cipher Block Chaining (CBC)

5

1.2.3 Propagating Cipher Block Chaining (PCBC)

7

1.2.4 Cipher Feedback (CFB)

8

1.2.5 Output Feedback (OFB)

8

1.3 Hash Functions

10

1.4 Network Management Architecture

12

1.5 Thesis Objectives

13

1.6 Thesis Organization

15

Chapter 2 WLAN Infrastructure

16

2.1 Service Sets

16

2.1.1 Basic Service Set (BSS)

16

2.1.2 Extended Service Set (ESS)

17

2.1.3 Independent Basic Service Set (IBSS)

17

2.2 WLAN Standards

18

2.3 IEEE 802.11 Layers

21

2.4 Frequency Hopping Spread Spectrum (FHSS)

23

V

2.5 Direct Sequence Spread Spectrum (DSSS)

24

2.6 Infrared (IR)

25

2.7 Orthogonal Frequency Division Multiplexing (OFDM)

26

2.8 Message Authentication

28

2.9 Security Attacks

32

Chapter 3 Cryptography Algorithms

35

3.1 Asymmetrical Encryption Algorithms

35

3.1.1 Diffie-Hellman Algorithm

35

3.1.2 Rivest, Shamir and Adleman (RSA) Algorithm

36

3.2 Symmetrical Encryption Algorithms

37

3.2.1 Data Encryption Standard (DES)

38

3.2.2 Triple Data Encryption Standard (TDES)

47

3.2.3 Advanced Encryption Standard (AES)

48

3.2.4 Rivest Cipher (RC6)

57

CHAPTER 4 Data Security Defense in WLAN

62

4.1 Identities-Exchange Enhancement

62

4.1.1 Key-Distribution Stage

63

4.1.2 Key-Generation Stage

64

4.1.3 Identities-Exchange Stage

65

4.1.4 Key-Exchange stage

67

4.2 Proposed Symmetrical Encryption Algorithm

69

4.2.1 Key Generation

72

4.2.2 Encryption

75

4.2.3 Decryption

77

4.3 Data Security Enhancement

78

Chapter 5 Results

81

5.1 Results of Identities-Exchange Enhancement

81

5.2 Results of Proposed Symmetrical Encryption Algorithm

82

5.2.1 Text Message as an Application

83

5.2.2 Voice Message as an Application

86

VI

5.2.3 Image Message as an Application

CHAPTER 6 Benefits of Data Security in Nuclear Premises

94

103

6.1 Current Computer Network

103

6.2 Current Computer Network Troubleshooting

105

6.3 WLAN as A Solution

105

6.4 Security of Nuclear Data

106

Chapter 7 Conclusions and Future Work

108

7.1 Conclusions

108

7.2 Future Work

109

Appendix A

A

Appendix B

D

References

E

VII

LIST OF ABBREVATIONS

ADC AES AP BPSK BSS CA CBC CC CFB CSMA DAC DBPSK DCF DES DIFS DQPSK DSSS ECB ESS FCC FDM FFT FHSS GFSK IBM IBSS IEEE IFFT IP IPSec IR ISI ISM IV LAN LED LLC LLR LPC

Analogue-to-Digital Converter Advanced Encryption Standard Access Point Binary Phase Shift Keying Basic Service Set Collision Avoidance Cipher Block Chaining Correlation Coefficient Cipher Feedback Carrier Sense Multiple Access Digital-to-Analogue Converter Differential Binary Phase Shift Keying Distributed Coordination Function Data Encryption Standard Distributed Interframe Space Differential Quadrature Phase Shift Keying Direct Sequence Spread Spectrum Electronic Codebook Extended Service Set Federal Communications Commission Frequency Division Multiplexing Fast Fourier Transform Frequency Hopping Spread Spectrum Gaussian Frequency Shift Keying International Business Module Independent Basic Service Set Institute of Electrical and Electronic Engineers Inverse Fast Fourier Transform Internet Protocol Internet Protocol Security Infrared Intersymbol Interference Industrial, Scientific, and Medical Initialization Vector Local Area Network Light Emitting Diode Logical Link Control Likelihood Ratio Linear Predictive Coding VIII

LPF MAC MD5 MSE NIC NRC OFB OFDM OSI PC PCBC PCF PGP PHY PLCP PMD PPDU PPM PRF PSK PSNR QAM QPSK RC RF RSA SD SHA SNR SNRseg SSL TDES UNII WAN WLAN

Low Pass Filter Media Access Control Message Digest Algorithm Mean Square Error Network Interface Card Nuclear Research Center Output Feedback Orthogonal Frequency Division Multiplexing Open Systems Interconnections Personal Computer Propagating Cipher Block Chaining Point Coordination Function Pretty Good Privacy Physical Layer Physical Layer Convergence Procedure Physical Medium Dependent PLCP Protocol Data Unit Pulse Position Modulation Pseudorandom Function Phase Shift Keying Peak Signal-to-Noise Ratio Quadrature Amplitude Modulation Quadrature Phase Shift Keying Rivest Cipher Radio Frequency Rivest, Shamir and Adleman Spectral Distortion Secure Hash Algorithm Signal-to-Noise Ratio Segmental Signal-to-Noise Ratio Secure Socket Layer Triple Data Encryption Standard Unlicensed National Information Infrastructure Wide Area Network Wireless Local Area Network

IX

LIST OF FIGURES Figure (1.1)

Security Threats

Figure (1.2)

Encryption and Decryption Process

Figure (1.3)

ECB mode a. Encryption b. Decryption

Figure (1.4)

CBC Encryption

Figure (1.5)

CBC Decryption

Figure (1.6)

PCBC Encryption

Figure (1.7)

PCBC Decryption

Figure (1.8)

CFB Encryption

Figure (1.9)

CFB Decryption

Figure (1.10)

OFB Encryption

Figure (1.11)

OFB Decryption

Figure (1.12)

Pseudorandom Function (PRF)

Figure (1.13)

Example Distributed Network Management Configuration

Figure (1.14)

Packet-Filtering Router

Figure (2.1)

Basic Service Set (Infrastructure mode)

Figure (2.2)

Extended Service Set (Infrastructure mode)

Figure (2.3)

Independent Basic Service Set (Infrastructure mode)

Figure (2.4)

IEEE 802.11 Standard Layers for WLAN

Figure (2.5)

Frequency Hopping Spread Spectrum

Figure (2.6)

Direct Sequence Spread Spectrum

Figure (2.7)

Frequency Division Multiplexing

Figure (2.8)

Orthogonal Frequency Division Multiplexing a.Tranmitter b.Receiver

Figure (2.9)

Message Authentication by using Conventional Encryption

Figure (2.10)

Message Authentication by Public Key Encryption

Figure (2.11)

Message Authentication by using Secret Value

Figure (2.12)

Security Attacks

Figure (3.1)

Diffie-Hellman Algorithm

X

Figure (3.2.a)

DES Encryption

Figure (3.2.b)

DES Encryption Procedures in One Round

Figure (3.3)

DES Decryption

Figure (3.4)

TDES Encryption and Decryption

Figure (3.5)

AES-128 Keys Generation

Figure (3.6)

AES-192 Keys Generation

Figure (3.7)

AES-256 Keys Generation

Figure (3.8)

RC6 Encryption Process

Figure (4.1)

Ks Generation

Figure (4.2)

The Encryption/Decryption of the Identities

Figure (4.2.2)

Identities-Exchange Enhancement

Figure (4.3)

Example of the transmitted message

Figure (4.4)

Flowchart of the S-Box Generation

Figure (4.5)

Key-Generation Procedures in One Round

Figure (4.6)

Encryption Process in Each Round

Figure (4.7)

Decryption Process in Each Round

Figure (4.8)

Data Security Enhancement in WLAN

Figure (5.1)

WLAN (Infrastructure mode)

Figure (5.2)

The Plain Text

Figure (5.3)

The Cipher Text

Figure (5.4)

Decrypted Text

Figure (5.5)

Other Cipher Text for the Same Plain Text

Figure (5.6)

Encryption Delay-time for the Proposed, DES, TDES, AES-256, and RC6 Algorithms.

Figure (5.7)

Original and Decrypted Voice (Wireless Connection)

Figure (5.8)

The Spectrogram of the Original and Decrypted Voice

(Wireless Connection) Figure (5.9)

The Encrypted Voice and its Spectrogram (Wireless

Connection) Figure (5.10)

Wired LAN (Point-to-Point Connection)

Figure (5.11)

Original and Decrypted Voice (Wired Connection) XI

Figure (5.12)

The Spectrogram of Original/Decrypted Voice (Wired Connection)

Figure (5.13)

The Encrypted Voice and its

Spectrogram

(Wired

Connection)

Figure (5.14)

Original-Image

Figure (5.15)

Generation Noisy decrypted-Image from the Original-Image

Figure (5.16)

Noisy Decrypted-Image at SNR=0.5dB

Figure (5.17)

Noisy Decrypted-Image at SNR=4.5dB

Figure (5.18)

Noisy Decrypted-Image at SNR=7.5dB

Figure (5.19)

Noisy Decrypted-Image at SNR=10dB

Figure (5.20)

Noise Resistance Comparison

Figure (6.1)

Current Computer Network Architecture in Nuclear Research Center

Figure (6.2)

Proposed Computer Network Architecture in Nuclear Research Center

Figure (6.3)

Example of the Transmitted-Message in NRC

XII

LIST OF TABLES Table (1.1)

Hash Functions Comparison

Table (2.1)

Modulation Types for 802.11 and 802.11b

Table (2.2)

Modulation Types and Data rates for 802.11a

Table (2.3)

WLAN Standards Comparison

Table (3.1)

Permuted Choice-1 PC-1 Table

Table (3.2)

Number of Left Shifts according to Iteration Number

Table (3.3)

Permuted Choice-2 PC-2 Table

Table (3.4)

IP Table

Table (3.5)

E-Bit Selection Table

Table (3.6)

P-Table

Table (3.7)

IP-1 Table

Table (3.8)

Number of Round determination used in Data Encryption and Decryption Processes

Table (3.9)

S-BOX

Table (3.10)

R-value according to Round Number for AES-128 Algorithm

Table (3.11)

SP-BOX Table

Table (4.1)

Proposed S-Box Contents

Table (4.2)

Encrypted Letters Known to the Attackers Due to the Fixed Head of the Message of Figure (4.3)

Table (5.1)

Average Data Rates Comparison

Table (5.2)

Measured Parameters between the Plain and the Decrypted Voice

Table (5.3)

The Correlation Factor

Table (5.4)

PSNR Comparison

XIII

Chapter 1

Introduction

CHAPTER 1 INTRODUCTION 1.1 Introduction Wireless Local Area Network (WLAN) has experienced a tremendous growth, and becoming an integral part of enterprises, homes and other businesses [1]. Hacking is one of the greatest problems in the WLAN [2]. Data transmission in WLAN gives freedom of attacks to crack the system. The attackers prevent the data to be transferred to the end-user safely and correctly. The growth of the technologies reduces the time taken to crack WLAN. In the last years, many symmetrical encryption algorithms have been used to encrypt/decrypt the data in WLAN [3]. The authentication process is used to authenticate the devices to each other in WLAN before the data-exchange process [4]. It depends on the asymmetrical encryption algorithms to exchange the identities and the keys for authentication purpose [3].

Key technology is the ability to create and protect unique identifiers that serve to prove the identity to connect entities to each other. PCI bus identifiers strings and Ethernet MAC are insecure identifiers good for configuration a device system it operates in reprogramming of MAC address of gateway routers that capable of hiding a whole network behind them.

Providing the network security is an important objective in the design and implementation of WLAN. The main security services in any communication system can be summarized as Confidentiality, Integrity, Access Control, Nonrepudiation, and Authentication [5]. Confidentiality ensures that the data/information transmitted over the network is not disclosed to unauthorized users. The function of the integrity is to assure that the data received are exactly as sent by an authorized party. Access Control limits and controls the access of a resource such as a host system or an application. Nonrepudiation function is 1

Chapter 1

Introduction

defined as the ability to prevent individuals or entities from denying. The function of the authentication service is used to verify a user’s identity and to assure that the received message is from the source that it claims to be from.

The attacks on the security of communication system are characterized into four attacks functions [6]. These four general categories of attacks functions are Interruption, Interception, Modification, and Fabrication as shown in figure (1.1). If the function of the attackers appears as interruption, then the attackers will prevent the data to reach correctly or completely. When the attacker eavesdrops to the data in WLAN, then this function is called interception. Modification function gives the possibility to the attackers to change the contents of the transmitted data. The fabrication function occurs when the unauthorized user steels the identities of some authorized user to exchange the data with another authorized user.

Authorized User

Authorized User

Authorized User

Authorized User

Attacker a. Interruption

Authorized User

b. Interception

Authorized User

Authorized User

Authorized User

Attacker

Attacker

d. Fabrication

c. Modification

Figure (1.1): Security Threats

2

Chapter 1

Introduction

Open Systems Interconnections (OSI) model is a layered framework for the design of network systems that allows communication between all types of computer systems [7]. It is composed of seven ordered layers: Physical (layer 1), Data link (layer 2), Network (layer 3), Transport ((layer 4), Session (layer 5), Presentation (layer 6), and Application (layer 7) layers. Each layer has a certain security protocol used to secure the data in it. These protocols take the form: (Protocol

name)_(Type

of

used

Asymmetrical

Encryption

Algorithm)_WITH_(Type of used Symmetrical Encryption Algorithm)_(One of the Modes of Operation)_(Type of used Hash Function) [8]. For example, SSL_RSA_WITH_DES_CBC_SHA. Where:  Protocol name: Secure Socket Layer (SSL) is designed to provide security to the data generated from the application layer.  Type of used asymmetrical encryption algorithm: Rivest, Shamir and Adleman (RSA).  Type of used symmetrical encryption algorithm: Data Encryption Standard (DES).  Mode of operation: Cipher Block Chaining (CBC).  Hash Function: Secure Hash Algorithm (SHA).

There are many protocols used to provide the security to the data in the seven layers such as: Pretty Good Privacy (PGP) designed to provide security at the application layer [9], and Internet Protocol Security (IPSec) designed to provide security at the network layer [10].

The symmetrical encryption algorithms and asymmetrical encryption algorithms are the two types of the cryptography [1]. Cryptography, a word with Greek origins, means “secret writing”, and it is used to refer to the science and art of transforming messages to make them secure. Figure (1.2) shows the encryption and the decryption at the sender and at the receiver respectively. The asymmetrical encryption algorithms are used in the authentication process to

3

Chapter 1

Introduction

encrypt and decrypt the identities by two different keys, where K1≠K2. The symmetrical encryption algorithms are used to encrypt the data during the dataexchange process, where K1=K2=K. Modes of operation are techniques that employ the modern block cipher to ensure the message confidentiality or the message integrity [1]. Hash Functions are used to ensure the message integrity and message authentication [1].

K2

K1 P

Encryption

C

C

Sender

Decryption

P

Receiver

Figure (1.2): Encryption and Decryption Process

1.2 Modes of Operation Several modes of operations have been invented to provide message confidentiality or message integrity [1]. Some of these operation modes are:  Electronic Codebook (ECB)  Cipher Block Chaining (CBC)  Propagating Cipher Block Chaining (PCBC)  Cipher Feedback (CFB)  Output Feedback (OFB)

1.2.1 Electronic Codebook (ECB) Electronic Codebook (ECB) is the simplest operation mode. Each packet in the message is encrypted and decrypted separately as shown in figure (1.3). The disadvantage of ECB is that identical plaintexts are encrypted into identical ciphertexts. It does not provide serious message confidentiality and integrity,

4

Chapter 1

Introduction

and it is not recommended for use in cryptographic protocols at all.

ECB

encryption and decryption are shown in equations (1.1 and 1.2) respectively [1].

C=Ek(P)

(1.1)

P=Dk(C)

(1.2)

Where:  C means Ciphertext  P means the Plaintext  Ek means the encryption by the Key (K)  Dk means the decryption by the key (K)

P1 Key (K)

C1

Symmetrical Encryption Algorithm

Key (K)

C1

Symmetrical Decryption Algorithm P1

a. ECB Encryption

b. ECB Decryption

Figure (1.3): ECB mode a. Encryption b. Decryption

1.2.2 Cipher Block Chaining (CBC) Cipher Block Chaining (CBC) was invented in 1976. In CBC encryption, each packet of the message is XORed with the previous ciphertext before encryption process except the first packet; the first packet is XORed with Initialization Vector (IV) as shown in figure (1.4). In this way, each ciphertext is dependent on all plaintexts of the message processed up to that point. The CBC encryption and decryption processes are shown in the equations (1.3 and 1.4) respectively [1]. Its main drawbacks are that the encryption is sequential and that the message must be padded to multiple packets. Note that, the error in one bit 5

Chapter 1

Introduction

affects all the following ciphertexts. The plaintext is recovered from two adjacent ciphertexts as shown in figure (1.5). CBC is the most commonly used. Ci=Ek(Pi  Ci-1)

(1.3)

Pi=Dk(Ci)  Ci-1

(1.4)

Where:  i=1,2,………,N  N is number of packets in the message 

 denotes the XOR operation

 C1=IV P2

P1 Initialization Vector (IV)

Key (K)

XOR

XOR

Symmetrical Encryption Algorithm X C1

Key (K)

Symmetrical SSEncryption Algorithm XX C2

Figure (1.4): CBC Encryption C1 Key (K)

Initialization Vector (IV)

C2

Symmetrical Decryption Algorithm

Key (K)

XOR

Symmetrical Decryption Algorithm

XOR

P1

P2

Figure (1.5): CBC Decryption

6

Chapter 1

Introduction

1.2.3 Propagating Cipher Block Chaining (PCBC) Propagating Cipher Block Chaining (PCBC) was designed to cause small changes in the ciphertext to propagate indefinitely when decrypting as well as when encrypting. Figures (1.6 and 1.7) show the PCBC encryption and decryption respectively, and their equations are shown in equations (1.5 and 1.6) respectively [1]. Ci=Ek(Pi  Pi-1  Ci-1)

(1.5)

Pi=Dk(Ci)  Pi-1  Ci-1

(1.6)

Where:  Po  Co=IV

P1 Initialization Vector (IV)

Key (K)

XOR

P2 XOR

Symmetrical Encryption Algorithm X C1

XOR

Key (K) SS

Symmetrical Encryption Algorithm XX C2

Figure (1.6): PCBC Encryption

C2

C1 Key (K)

Initialization Vector (IV)

Key (K)

Symmetrical Decryption Algorithm

Symmetrical Decryption Algorithm

XOR

XOR

XOR

P2

P1

Figure (1.7): PCBC Decryption

7

Chapter 1

Introduction

1.2.4 Cipher Feedback (CFB) Like CBC mode, changes in the plaintext propagate in the ciphertext, and the error in one bit in the ciphertext affects all the following plaintexts during CFB decryption as shown in figures (1.8 and 1.9). CFB shares two advantages over CBC mode: the ciphertext is only ever used in the encryption direction, and the message does not padded to multiple ciphertexts. Equations (1.7 and 1.8) show the CFB mode in the encryption and decryption processes respectively [1]. Ci=Ek(Ci-1)  Pi

(1.7)

Pi=Ek(Ci-1)  Ci

(1.8)

Where:  Co=IV

1.2.5 Output Feedback (OFB) Output Feedback (OFB) generates key stream blocks which are then XORed with the plaintext blocks to get the ciphertext as shown in figure (1.10). The error in one bit in the ciphertext produces an error in one bit at the same location during the decryption process. This property allows many error correcting codes to do their function normally even when applied before encryption. Figure (1.11) shows the OFB decryption mode. The encryption and decryption operations of OFB mode are shown in equations (1.9 and 1.10) respectively [1]. Ci=Pi  Fi

(1.9)

Pi=Ci  Fi

(1.10)

Where:  Fi= Ek(Fi-1) and Fo=IV

8

Chapter 1

Introduction

Initialization Vector (IV) Key (K)

Symmetrical Encryption Algorithm

Symmetrical Encryption Algorithm

Key (K)

P1 XOR

P2

XOR

C1

C2 Figure (1.8): CFB Encryption

Initialization Vector (IV) Key (K)

Symmetrical Encryption Algorithm

Key (K)

Symmetrical Encryption Algorithm C2

XOR

XOR

P1

C1

P2

Figure (1.9): CFB Decryption

Initialization Vector (IV) Symmetrical Encryption Algorithm

Key (K)

Symmetrical Encryption Algorithm

Key (K)

P1

P2

XOR

XOR

C1

C2

Figure (1.10): OFB Encryption

9

Chapter 1

Introduction

Initialization Vector (IV) Symmetrical Encryption Algorithm

Key (K)

Symmetrical Encryption Algorithm

Key (K)

C1

C2

XOR

XOR

P1

P2

Figure (1.11): OFB Decryption

1.3 Hash Functions The purpose of the hash function is to produce a "fingerprint" of a message to be useful for message authentication. Secure Hash Algorithm (SHA) and Message Digest Algorithm (MD5) are two examples of the hash functions. The comparison between SHA and MD5 is shown in table (1.1) [1]. A hash function, H, must have the following properties [1]: 1. H can be applied to a block of data of any size. 2. H produces a fixed-length output. 3. H(x) is relatively easy to compute for any given x. 4. For any given value h, it is computationally infeasible to find x such that H(x) = h. This is sometimes referred to the one-way property. 5. H(y) = H(x) does not mean that y≠x, 6. It is computationally infeasible to find any pair (x, y) such that H(x) = H(y).

10

Chapter 1

Introduction

Table (1.1): Hash Functions Comparison SHA-1 SHA-256 SHA-384 SHA-512 MD5 Digest Length

160

256

384

512

128

Block Size

512

512

1024

1024

512

Message Length