Question

Using a technique called randomized encryption, convert textbook AES and RSA to a secured version with an initialization vector (IV). Assume we have a message (m) with 128 bits, show how to encrypt (m) with secured AES. Explain why IEEE 802.11 (i.e., WEP) is not secure due to the inappropriate usage of an IV.

Answer 1

AES( Advanced Encryption System), works on bytes rather than on bits, so rather than working on 128 bits it works on 16 bytes. It works on substitution and permutation. Substitution means replacing bits in output and permutation is shuffling of bits. It works on 10 rounds and in each round and in each round a new 128-bit key is calculated using the original AES Key. This is done by randomized encryption. In encryption, each round consists of four processes:

ByteSubstitution:

16 bytes are substituted by looking up in fixed table which results in 4*4 matrix.

ShiftRows:

Now the rows of the matrix are substituted in following ways: first row is not shifted, second is shifted by 2 bits, third by three and so on.The shift is left shift. If any bits falls off it is re-inserted.

AddColumns:

The matrix is now transformed using a special mathematical function. It works as follows:

It takes the input as 4-bits(col) at a time and then converts it into a new 4 bits and replaces the original resulting in a new matrix of 16 new bytes.

AddRoundKey:

The new 16 bytes are now considered as 128 bits and a XOR operation between this 128 bits and 128 bits of round key is performed. This is the last step, in case if it is not then the 128 bits are again considered as 16 bytes and all 4 processes are repeated.

IEEE 802.11 uses Wireless Encryption Privacy for encryption but it is not at all considered same. This is because of the fact that the base for encryption is stream cipher, which is a part of Data Encryption Standard. In stream cipher, no traffic key can be repeated not even once. Initialization Vector is send as a plain text and purpose of using Initialization Vector is to ensure that no key is repeated twice. Stream Cipher uses 24-bit IV, it fails to prevent repetition whenever there is a high traffic network. Hence, in such cases the use opened gates for key attack in WEP. A fact is that after 5000 packets there is almost half possibility, i.e. 50% chances that the key might repeat. So, we can see that IV is not that trustworthy in WEP case.