UNIT II Encryption Techniques and Key Management

2.1 Symmetric Encryption Principles

Symmetric encryption scheme has five ingredients
• Plaintext: This is the original message or data that is fed into the algorithm as input.
• Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the
plaintext.
• Secret key: The secret key is also input to the algorithm. The exact substitutions and transformations
performed by the algorithm depend on the key.
• Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret
key. For a given message, two different keys will produce two different ciphertexts.
• Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and
the same secret key and produces the original plaintext.
Cryptography
Cryptographic systems are generically classified along three independent dimensions:
1. The type of operations used for transforming plaintext to ciphertext. All encryption algorithms are
based on two general principles: substitution, in which each element in the plaintext (bit, letter, group of bits
or letters) is mapped into another element, and transposition, in which elements in the plaintext are
rearranged. The fundamental requirement is that noninformation lost (i.e., that all operations be reversible).
Most systems, referred to as product systems, involve multiple stages of substitutions and transpositions.
2. The number of keys used. If both sender and receiver use the same key, the system is referred to as
symmetric, single-key, secret-key, or conventional encryption. If the sender and receiver each use a different
key, the system is referred to as asymmetric, two-key, or public-key encryption.
3. The way in which the plaintext is processed. A block cipher processes the input one block of elements at
a time, producing an output block for each input block. A stream cipher processes the input elements
continuously, producing output one element at a time, as it goes along.
Cryptanalysis
The process of attempting to discover the plaintext or key is known as cryptanalysis. The strategy used by the
cryptanalyst depends on the nature of the encryption scheme and the information available to the cryptanalyst.
Table 2.1 summarizes the various types of cryptanalytic attacks, based on the amount of information known to
the cryptanalyst. The most difficult problem is presented when all that is available is the ciphertext only. In
some cases, not even the encryption algorithm is known, but in general we can assume that the opponent does
know the algorithm used for encryption. One possible attack under these circumstances is the brute-force
approach of trying all possible keys. If the key space is very large, this becomes impractical. Thus, the
opponent must rely on an analysis of the ciphertext itself, generally applying various statistical tests to it. To
use this approach, the opponent must have some general idea of the type of plaintext that is concealed, such as
English or French text, an EXE file, a Java source listing, an accounting file, and so on.

2.1 Types of Attacks on Encrypted Messages

Feistel Cipher Structure
Feistel Cipher is not a specific scheme of block cipher. It is a design model from which many different block
ciphers are derived. DES is just one example of a Feistel Cipher. A cryptographic system based on Feistel
cipher structure uses the same algorithm for both encryption and decryption.
2.2 Data Encryption Standard
The most widely used encryption scheme is based on the Data Encryption Standard (DES) adopted in 1977 by
the National Bureau of Standards, now the National Institute of Standards and Technology (NIST), as Federal
Information Processing Standard 46 (FIPS PUB 46). The algorithm itself is referred to as the Data Encryption
Algorithm (DEA).
The DES algorithm can be described as follows. The plaintext is 64 bits in length and the key is 56 bits in
length; longer plaintext amounts are processed in64-bit blocks. The DES structure is a minor variation of the
Feistel network shown in Figure 20.1. There are 16 rounds of processing. From the original 56-bit key,
16subkeys are generated, one of which is used for each round.
The process of decryption with DES is essentially the same as the encryption process. The rule is as follows:
Use the ciphertext as input to the DES algorithm, but use the subkeys Ki in reverse order. That is, use K16 on
the first iteration, K15 on the second iteration, and so on until K1 is used on the sixteenth and last iteration.
 Fig 2.1 DES
Triple DES Triple DES (3DES) was first standardized for use in financial applications in ANSI standard
X9.17 in 1985. 3DES was incorporated as part of the Data Encryption Standard in 1999, with the publication
of FIPS PUB 46-3.

Fig 2.2 Triple DES

2.3 Advanced Encryption Standard
AES uses a block length of 128 bits and a key length that can be 128, 192, or 256 bits. In the description of
this section, we assume a key length of 128 bits, which is likely to be the one most commonly implemented.
Figure 2.3 shows the overall structure of AES. The input to the encryption and decryption algorithms is a
single 128-bit block. In FIPS PUB 197, this block is depicted as a square matrix of bytes. This block is copied
into the State array, which is modified at each stage of encryption or decryption. After the final stage, State is
copied to an output matrix. Similarly, the 128-bit key is depicted as a square matrix of bytes. This key is then
expanded into an array of key schedule words; each word is 4 bytes and the total key schedule is 44 words for
the 128-bit key. The ordering of bytes within a matrix is by column. So, for example, the first 4 bytes of a
128-bitplaintext input to the encryption cipher occupy the first column of the in matrix, the second 4 bytes
occupy the second column, and so on. Similarly, the first 4 bytes of the expanded key, which form a word,
occupy the first column of the w matrix.

Fig 2.3 AES

2.4 STREAM CIPHERS AND RC4
A block cipher processes the input one block of elements at a time, producing an output block for each input
block. A stream cipher processes the input elements continuously, producing output one element at a time, as
it goes along. Although block ciphers are far more common, there are certain applications in which a stream
cipher is more appropriate. Examples are given subsequently in this book. In this section, we look at perhaps
the most popular symmetric stream cipher, RC4. We begin with an overview of stream cipher structure and
then examine RC4
Stream Cipher Structure
A typical stream cipher encrypts plaintext 1 byte at a time, although a stream cipher may be designed to
operate on 1 bit at a time or on units larger than a byte at a time. It is a representative diagram of stream cipher
structure. In this structure a key is input to a pseudorandom bit generator that produces a stream of 8-bit
numbers that are apparently random. A pseudorandom stream is one that is unpredictable without knowledge
of the input key and that has an apparently random character. The output of the generator, called a keystream,
is combined 1 byte at a time with the plaintext stream using the bitwise exclusive-OR (XOR) operation. For
example, if the next byte generated by the generator is 01101100 and the next plaintext byte is 11001100, then
the resulting cipher text byte is:

The RC4 Algorithm

RC4 is a stream cipher designed in 1987 by Ron Rivets for RSA Security. It is a variable-key-size stream
cipher with byte-oriented operations. The algorithm is based on the use of a random permutation. Analysis
shows that the period of the cipher is overwhelmingly likely to be greater than 10100 [ROBS95]. Eight to
sixteen machine operations are required per output byte, and the cipher can be expected to run very quickly in
software. RC4 is used in the SSL/TLS (Secure Sockets Layer/Transport Layer Security) standards that have
been defined for communication between Web browsers and servers. It is also used in the WEP (Wired
Equivalent Privacy) protocol and the newer Wi-Fi Protected Access (WPA) protocol that are part of the IEEE
802.11 wireless LAN standard. RC4 was kept as a trade secret by RSA Security. In September 1994, the RC4
algorithm was anonymously posted on the Internet on the Cypherpunks anonymous remailers list.
2.5 CIPHER BLOCK MODES OF OPERATION
A symmetric block cipher processes one block of data at a time. In the case of DES and 3DES, the block
length is 64 bits. For longer amounts of plaintext, it is necessary to break the plaintext into 64-bit blocks
(padding the last block if necessary). To apply a block cipher in a variety of applications, five modes of
operation have been defined by NIST (Special Publication 800-38A). The five modes are intended to cover
virtually all the possible applications of encryption for which a block cipher could be used. These modes are
intended for use with any symmetric block cipher, including triple DES and AES. The modes are summarized
in Table 2.2, and the most important are described briefly in the remainder of this section
Table 2.2 Block Modes of Operation
2.6 DIGITAL SIGUNATURE
Digital signatures are the public-key primitives of message authentication. In the physical world, it is common
to use handwritten signatures on handwritten or typed messages. They are used to bind signatory to the
message. Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding
can be independently verified by receiver as well as any third party.
Digital signature is a cryptographic value that is calculated from the data and a secret key known only by the
signer.
In real world, the receiver of message needs assurance that the message belongs to the sender and he should
not be able to repudiate the origination of that message. This requirement is very crucial in business
applications, since likelihood of a dispute over exchanged data is very high.
Model of Digital Signature

Fig 2.5 Model of Digital Signature

2.7 KEY DISTRIBUTIONS
Key distribution can be achieved in a number of ways. For two parties A and B: 1. A key could be selected by
A and physically delivered to B. 2. A third party could select the key and physically deliver it to A and B. 3. If
A and B have previously and recently used a key, one party could transmit the new key to the other, encrypted
using the old key. 4. If A and B each have an encrypted connection to a third party C, C could deliver a key on
the encrypted links to A and B.

Figure 2.6 illustrates an implementation that satisfies option 4 for end-toend encryption. In the figure, link
encryption is ignored. This can be added, or not, as required. For this scheme, two kinds of keys are identified:

Fig 2.6 Automatic Key Distribution for Connection-Oriented Protect

2.8 Public Key Cryptography

■ Public key cryptography (PKC) is an encryption technique that uses a paired public and private key (or
asymmetric key) algorithm for secure data communication.

■ PKC is also known as public key encryption, asymmetric encryption, asymmetric cryptography, asymmetric
cipher, asymmetric key encryption and Diffie-Hellman encryption.

■ A message sender uses a recipient's public key to encrypt a message. To decrypt the sender's message, only
the recipient's private key may be used.

■ The two types of PKC algorithms are RSA, which is an acronym named after this algorithm's inventors:
Rivets, Shamir and Adelman, and Digital Signature Algorithm (DSA).

■ PKC encryption evolved to meet the growing secure communication demands of multiple sectors and
industries, such as the military.

■ Features:

■ Use two different keys, one for encryption another for decryption

■ Plain text ■ Encryption Algorithm

■ Keys (two types) ■ Public key ■ Private Key

■ Decryption Algorithm ■ Cipher Key

Requirements for public key cryptography:

■ The computation of the pair of keys i.e. private key and the public key must be easy.

■ Knowing the encryption algorithm and public key of the intended receiver, computation of cipher text must
be easy.

■ For a receiver of the message, it should be computationally easy to decrypt the obtained cipher text using
his private key.

■ It is also required that any opponent in the network knowing the public key should be unable to determine
its corresponding private key.

■ Having the cipher text and public key an opponent should be unable to determine the original message.

■ The two keys i.e. public and private key can be implemented in both orders D [PU, E (PR, M)] = D [PR, E
(PU, M)]

RSA CRYPTOSYSTEM
ELLIPTIC CURVE CRYPTOGRAPHY.
2.9 Key Exchange Algorithm

DIFFIE HELLMAN KEY EXCHANGE

Diffie-Hellman key agreement protocol is an exponential key agreement protocol that allows two users to
exchange a secret key
Algorithm

Applications:

 Diffie-Hellman is currently used in many protocols, namely:

 Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
 Secure Shell (SSH)
 Internet Protocol Security (IPsec)
 Public Key Infrastructure (PKI)

ELGAMAL CRYPTOSYSTEM

ElGamal is a public-key cryptosystem that is based on the discrete logarithm problem.