Scribd
Upload
20 views40 pages

Week 5- Cryptography -- Block Ciphers

Uploaded by

Sajawal Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
20 views40 pages

Week 5- Cryptography -- Block Ciphers

Uploaded by

Sajawal Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 40

Cryptography -- Block Ciphers

DES
Week 5
Overview
• terms and principles
• Claude Shannon
• Feistel cipher
• DES
A few terms
• block cipher
• block of plaintext is treated as a whole & used to
produce a ciphertext block of equal length
• typical size: 64 bits
• most modern ciphers are block ciphers
• stream cipher
• digital data is encrypted one bit (or one unit) at a time

In both cases, plaintext is transformed incrementally


 Block vs Stream Ciphers

 Q: What is a block cipher we have already


seen?
 A: Playfair cipher. What is its block size?
 A: 2 characters
 Q: What are some stream ciphers we have
already seen?
 A: Autokey cipher, Vigenere cipher, Vernam
cipher, OneTime Pad (OTP)
Block vs Stream Ciphers
Symmetric implies ONE key
Symmetric ciphers

Secret key shared by sender &


receiver
Block Ciphers Features
• Block size: in general larger block
sizes mean greater security.
• Key size: larger key size means
greater security (larger key space).
• Number of rounds: multiple rounds
offer increasing security.
• Encryption modes: define how
messages larger than the block size
are encrypted, very important for the
security of the encrypted message.
Basis of modern Block ciphers
• Claude Shannon- information theory
• product cipher
• perform two or more ciphers in sequence so that
result (product) is cryptographically stronger than any
component cipher
• alternate confusion & diffusion
• virtually all significant symmetric block ciphers currently
in use are of this type
Shannon’s strategy
• thwart cryptanalysis that is based on statistical analysis
• hacker has some knowledge of statistical characteristic of
plaintext
• if statistics are reflected in ciphertext, then analyst may be
able to deduce encryption key, or part of it
• in Shannon’s ideal cipher, statistics of ciphertext are
independent of plaintext
Shannon’s building blocks
• confusion
• make relation between statistics of ciphertext and the
value of the encryption key as complex as possible,
to thwart attempts to discover the key.
• diffusion
• diffuse statistical property of plaintext digit across a
range of ciphertext digits
• i.e. each plaintext digits affects value of many
ciphertext digits
Shannon’s building blocks
• Shannon proposed product ciphers with two
components
• S-Boxes -- substitution
• providing confusion of input bits
• P-Boxes -- permutation
• providing diffusion across S-box inputs
• n rounds of S-P boxes
Types of P-boxes
Types of P-boxes
S-Box
S-Box
S-Box
S-Box
Feistel cipher
• input plaintext of 2w bits
• key K = n sub-keys: K1, K2, …, Kn
• sequence of n “rounds” each using Ki
• substitution followed by a permutation
• apply function F(Ki) to right half of data, then exclusive-
OR it to left half of data
• permutation: interchange two result halves of data

DES is essentially a Feistel cipher


Feistel cipher
• Multiple rounds
• round i input is Li-1, Ri-1

Li = Ri-1
Ri = (Li-1 XOR F(Ri-1 , Ki))

L – left portion of intermediate data


R – right …..
Feistel
Cipher
Structure
History of DES
• DES – Data Encryption Standard
• The Data Encryption Standard (DES) is a symmetric-key
block cipher published by the National Institute of Standards
and Technology (NIST).
• n 1973, NIST published a request for proposals for a national
symmetric-key cryptosystem. A proposal from IBM, a
modification of a project called Lucifer, was accepted as DES.
DES was published in the Federal Register in March 1975 as
a draft of the Federal Information Processing Standard
(FIPS).
DES Characteristics
• Plaintext is 64 bits long
• 16 rounds
• Key length is 56 bits
• 16 sub-keys generated, one used in each round
• DES algorithm is a variant of the Feistel algorithm
General Structure of DES
Initial Permutation IP
 firststep of the DES
 IP reorders the input data bits
 even bits to LH half, odd bits to RH half
 quite regular in structure (easy in h/w)
 no cryptographic value

DES cipher
• round i input is Li-1, Ri-1

Li = Ri-1
Ri = (Li-1 XOR F(Ri-1 ,Ki))
One DES Round
<----32 bits------> <----32 bits------>
Li-1 Ri-1

exp/perm to 48
--- 48 bits
Ki
xor
--- 48 bits

S-box
--- 32 bits
permutation
--- 32 bits

xor
Li Ri
Encryption (Round) (cont.)

32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 45 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
Encryption (Round) (cont.)
F

S-box

[1
]
S-box(values in binary)
Key length in DES
DES Key generation
Key Generation (cont.)
• Original Key: Key0
• Permuted Choice One: PC_1( )
• Permuted Choice Two: PC_2( )
• Schedule of Left Shift: SLS( )



( C 0 , D0 )  PC _ 1( Key 0 )
( Ci , Di )  SLS ( Ci  1 , Di  1 )
Keyi  PC _ 2( SLS ( Ci  1 , Di  1 ))
Decryption
• The same algorithm as
encryption.
• Reversed the order of key
(Key16, Key15, … Key1).
• For example:
• IP undoes IP-1 step of
encryption.
• 1st round with SK16
undoes 16th encrypt round.

[1
]
Key property
• avalanche
• small change in plaintext or in key produces
significant change in ciphertext
• test for avalanche
• encrypt two plaintext blocks that differ only in one bit
• about half the (ciphertext) bits will differ
DES controversy
• DES choice was intensely criticized:
• original LUCIFER key length was 128 bits, and DES
used 56 bit key (to fit on chip, they said)
• critics feared brute force attacks
• design criteria for the S-boxes was classified, so users
not sure that internal structure was free of hidden weak
points that might let NSA break cipher
DES status
• no weak points have surfaced
• DES is widely used
• 1994, NIST reaffirmed DES for federal use
• NIST recommends DES use for all except classified
information
• generally considered a sound standard
• Need more security: use Triple DES
• Future: Adv. Encryption Standard (AES)
Cryptanalysis of DES
• increased computing speed has made a 56 bit key
susceptible to exhaustive key search
• demonstrated breaks:
• 1997 – taking a few months, a large network of
computers broke DES
• 1998 – Electronic Frontier Foundation broke DES in a
few days on dedicated hardware
• 1999 – break accomplished in 22 hours
• in practice DES is used, and works
1997 break
• RSA Laboratories issued reward of $10,000 for finding a
DES key, given cipher text for known and unknown plaintext
• solution found in 96 days – involved 70,000 computers on
the Internet
• an embarrassingly parallel problem – just divide the key
space being searched (brute force) each time a new
computer joins in
• found the key after searching 1/4 key space
References & Detailed readings

• Book: Cryptography and Network Security


by william stalling chapter 3

• Book: Cryptography and Network Security


Behrouz A. Forouzan, chapter 6

• Data Encryption Standard (DES):


Encryption by Christof Paar

You might also like