Download presentation

Presentation is loading. Please wait.

Published byRoderick Tacy Modified about 1 year ago

1
Chapter 3 Symmetric Key Cryptosystems 1 Overview Modern symmetric-key cryptosystems o Data Encryption Standard (DES) Adopted in 1976 Block size = 64 bits Key length = 56 bits o Advanced Encryption Standard (AES) Adopted in 2000 Block sizes = 128, 192, or 256 bits Key lengths = 128, 192, or 256 bits

2
Chapter 3 Symmetric Key Cryptosystems 2 DES - History 1973: NBS (now NIST) solicits proposals for crypto algorithm which: o Provides a high level of security o Completely specified and easy to understand o Is available royalty-free o Is efficient

3
Chapter 3 Symmetric Key Cryptosystems 3 DES – History (cont) 1974 o IBM submits variant of Lucifer algorithm o NBS asks NSA for comments on the algorithm o NSA likes the algorithm with modifications Key size reduced from 128 to 56 bits Minor changes in details of the algorithm 1976 o DES approved (unclassified communications) o To be reviewed every five years

4
Chapter 3 Symmetric Key Cryptosystems 4 DES – History (cont) 1983: NBS recertifies DES 1987: NBS recertifies DES 1988: NBS becomes NIST 1993: NIST recertifies DES 1998: NIST begins AES competition

5
Chapter 3 Symmetric Key Cryptosystems 5 DES - Overview Adopted as U.S. government standard in 1976 Block cipher, symmetric key o 64-bit block size, 56-bit key o Simple algorithm

6
Chapter 3 Symmetric Key Cryptosystems 6 DES - Keys Any 56-bit string can be a DES key There are 2 56 keys o 72,057,594,037,927,936 DES keys Test one trillion keys per second o 2 hours to find the key A very small number of “weak keys”

7
Chapter 3 Symmetric Key Cryptosystems 7 DES – The Algorithm To encrypt a 64-bit plaintext block An initial permutation o 16 rounds of substitution, transposition o 48-bit subkey added to each round, o Subkeys derived from 56-bit DES key o Final permutation

8
Chapter 3 Symmetric Key Cryptosystems 8 DES – Algorithm Overview

9
Chapter 3 Symmetric Key Cryptosystems 9 DES Initial Permutation Permutes 64 bits of the plaintext 58 th bit is moved to position 1 50 th bit is moved to position 2 …. 7 th bit is moved to position 64

10
Chapter 3 Symmetric Key Cryptosystems 10 DES Initial Perm Example

11
Chapter 3 Symmetric Key Cryptosystems 11 DES – Subkey Generation DES key: 64-bits (eight parity bits) A 56-bit DES key o 11010001101010101000101011101010101000100011010101010101 The 64-bit representation o 1101000111010100101000110101110010101010000100011101010010101010 Sixteen 48-bit subkeys generated from 64- bit DES key (one for each round)

12
Chapter 3 Symmetric Key Cryptosystems 12 DES – Subkey (cont) 64-bit DES key o 1101000111010100101000110101110010101010000100011101010010101010 A key permutation removes eight parity bits and The 57th bit is moved to position 1 The 49th bit is moved to position 2 … The 4th bit is moved to position 56

13
Chapter 3 Symmetric Key Cryptosystems 13 DES Key Perm Example 64-bit “key” to 56-bit DES key

14
Chapter 3 Symmetric Key Cryptosystems 14 DES – Subkey Gen (cont) 56 key bits (after permutation) divided into two 28-bit halves Each half circularly shifted left by one bit (rounds 1,2,9 and 16) or 2 bits (all other rounds) Halves recombined into 56 bit string

15
Chapter 3 Symmetric Key Cryptosystems 15 DES – Compression Perm Compression permutation selects 48 bits 14th bit goes to output 1 17th bit goes to output 2 …. 32nd bit goes to output 48

16
Chapter 3 Symmetric Key Cryptosystems 16 DES Compression Perm Example

17
Chapter 3 Symmetric Key Cryptosystems 17 DES Round 1 Subkey

18
Chapter 3 Symmetric Key Cryptosystems 18 DES - Subkey Overview

19
Chapter 3 Symmetric Key Cryptosystems 19 DES – Rounds Each of 16 rounds takes 64-bit block of input to 64-bit block of output The output from initial perm is input to round one Round one output is input to round two Round two output is input to round three Round 16 output is ciphertext

20
Chapter 3 Symmetric Key Cryptosystems 20 DES – Round 1 Subkey 1 Input block (64) L 1 (32)R 1 (32) EP XOR S-box P-box XOR L 2 (32)R 2 (32) Output block (64)

21
Chapter 3 Symmetric Key Cryptosystems 21 DES Rounds 64-bit input divided into two 32-bit halves Right half sent through expansion perm which produces 48 bits by o Rearranging the input bits o Repeating some input bits more than once

22
Chapter 3 Symmetric Key Cryptosystems 22 DES – Expansion Permutation

23
Chapter 3 Symmetric Key Cryptosystems 23 DES – XOR Operation XOR is applied to the 48-bit output of expansion perm and subkey The resulting 48-bits go to S-boxes

24
Chapter 3 Symmetric Key Cryptosystems 24 DES – S-boxes S-boxes perform substitution 8 different S-boxes Each S-box maps 6 bits to 4 bits Bits 1-6 are input to S-box 1 Bits 7-12 are input to S-box 2, etc.

25
Chapter 3 Symmetric Key Cryptosystems 25 DES – Inside an S-box Each S-box has 4 rows, 16 columns S-box 1 First and last input bits specify the row Middle four input bits specify the column

26
Chapter 3 Symmetric Key Cryptosystems 26 DES – Inside S-box (cont) S-box entry is the four-bit output Examples with S-box 1 011010 row 0, column 13 9 = 1001 (output) 110010 row 2, column 9 12 = 1100 (output) 000011 row 1, column 1 15 = 1111 (output)

27
Chapter 3 Symmetric Key Cryptosystems 27 DES – S-boxes

28
Chapter 3 Symmetric Key Cryptosystems 28 DES – S-boxes Example

29
Chapter 3 Symmetric Key Cryptosystems 29 DES – P-box 32-bit output of S-boxes goes to P-box P-box permutes the bits o The first bit is moved to position 16 o The second bit is moved to position 7 o The third bit is moved to position 20 : o The thirty-second bit is moved into position 25

30
Chapter 3 Symmetric Key Cryptosystems 30 DES – P-box Example

31
Chapter 3 Symmetric Key Cryptosystems 31 DES – Second XOR Operation Output of P-box is XORed with the left half of 64-bit input block 32-bit output of the XOR operation: o 01101111011011000110111010010010

32
Chapter 3 Symmetric Key Cryptosystems 32 DES – Rounds 64-bit output from round 1 is input for round 2 Output from round 2 is input for round 3 : Output from round 16 is passed through a final permutation

33
Chapter 3 Symmetric Key Cryptosystems 33 DES – Final Perm Final permutation is inverse of initial perm o 40th bit is moved into the 1st position o 8th bit is moved into the 2nd position : o 25th bit is moved into the 64th position Output of final permutation is ciphertext

34
Chapter 3 Symmetric Key Cryptosystems 34 DES – Encryption Overview

35
Chapter 3 Symmetric Key Cryptosystems 35 DES - Decryption Same algorithm and key as encryption Subkeys are applied in opposite order o Subkey 16 used in first round o Subkey 15 used in second round : o Subkey 1 used in 16th round

36
Chapter 3 Symmetric Key Cryptosystems 36 DES - Summary DES still widely used 56-bit key o 1998, EFF built $220,000 DES cracker, requires about 4 days/key DES also important historically Late 90’s AES competition produced several strong crypto algorithms

37
Chapter 3 Symmetric Key Cryptosystems 37 AES - History 1997: NIST requests proposals for a new Advanced Encryption Standard (AES) to replace DES NIST required that the algorithm be: o A symmetric-key cryptosystem o A block cipher o Capable of supporting a block size of 128 bits o Capable of supporting key lengths of 128, 192, and 256 bits o Available on a worldwide, non-exclusive, royalty-free basis Evaluation criteria: o Security - soundness of the mathematical basis and the results of analysis by the research community o Computational efficiency, memory requirements, flexibility, and simplicity

38
Chapter 3 Symmetric Key Cryptosystems 38 AES – Round 1 of the Competition NIST selects 15 submissions for evaluation: o CAST-256 (Entrust Technologies, Inc.) o Crypton (Future Systems, Inc.) o DEAL (Richard Outerbridge, Lars Knudsen) o DFC (Centre National pour la Recherche Scientifique—Ecole Normale Superieure) o E2 (Nippon Telegraph and Telephone Corporation) o Frog (TecApro Internacional S.A.) o HPC (Rich Schroeppel) o Loki97 (Lawrie Brown, Josef Pieprzyk, Jennifer Seberry) o Magenta (Deutsche Telekom AG) o MARS (IBM) o RC6 (RSA Laboratories) o Rijndael (Joan Daemen, Vincent Rijmen) o SAFER+ (Cylink Corporation) o Serpent (Ross Anderson, Eli Biham, Lars Knudsen) o Twofish (Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson)

39
Chapter 3 Symmetric Key Cryptosystems 39 AES – Round 1 Results After eight months of analysis and public comment, NIST: o Eliminated DEAL, Frog, HPC, Loki97, and Magenta Had what NIST considered major security flaws Were among the slowest algorithms submitted o Eliminated Crypton, DFC, E2, and SAFER+ Had what NIST considered minor security flaws Had unimpressive characteristics on the other evaluation criteria o Eliminated CAST-256 Had mediocre speed and large ROM requirements Five candidates, MARS, RC6, Rijndael, Serpent, and Twofish, advanced to the second round

40
Chapter 3 Symmetric Key Cryptosystems 40 AES – Results Analysis and public comment on the five finalists October 2000: NIST: o Eliminates MARS High security margin o Eliminates RC6 Adequate security margin, fast encryption and decryption on 32-bit platforms o Eliminates Serpent High security margin o Eliminates Twofish High security margin o Selects Rijndael Adequate security margin, fast encryption, decryption, and key setup speeds, low RAM and ROM requirements

41
Chapter 3 Symmetric Key Cryptosystems 41 AES – Rijndael Algorithm Symmetric-key block cipher o Block sizes are 128, 192, or 256 bits o Key lengths are 128, 192, or 256 bits Performs several rounds of operations to transform each block of plaintext into a block of ciphertext o The number of rounds depends on the block size and the length of the key: Nine regular rounds if both the block and key are 128 bits Eleven regular rounds if either the block or key are 192 bits Thirteen regular rounds if either the block or key is 256 bits o One, slightly different, final round is performed after the regular rounds

42
Chapter 3 Symmetric Key Cryptosystems 42 AES – Rijndael Algorithm (cont) For a 128-bit block of plaintext and a 128-bit key the algorithm performs: o An initial AddRoundKey (ARK) operation o Nine regular rounds composed of four operations: ByteSub (BSB) ShiftRow (SR) MixColumn (MC) AddRoundKey (ARK) o One final (reduced) round composed of three operations: ByteSub (BSB) ShiftRow (SR) AddRoundKey (ARK)

43
Chapter 3 Symmetric Key Cryptosystems 43 AES – Rijndael Overview

44
Chapter 3 Symmetric Key Cryptosystems 44 AES – Rijndael Keys Keys are expressed as 128-bit (or bigger) quantities Keyspace contains at least 2 128 elements: o 340,282,366,920,938,463,463,374,607,431,768,211,4 56 Exhaustive search at one trillion keys per second takes: o 1x10 19 years (the universe is thought to be about 1x10 10 years old)

45
Chapter 3 Symmetric Key Cryptosystems 45 AES – Rijndael Keys (cont) Blocks and keys are represented as a two- dimensional array of bytes with four rows and four columns: o Block = 128 bits = 16 bytes = b 0, b 1,..., b 15 o Key = 128 bits = 16 bytes = k 0, k 1,..., k 15

46
Chapter 3 Symmetric Key Cryptosystems 46 AES - The ByteSub Operation An S-box is applied to each of the 16 input bytes independently Each byte is replaced by the output of the S-box:

47
Chapter 3 Symmetric Key Cryptosystems 47 AES – The Rijndael S-box

48
Chapter 3 Symmetric Key Cryptosystems 48 AES – The Rijndael S-box (cont) The input to the S-box is one byte: Example 1: o b 0 = 01101011 (binary) = 6b (hex) o b’ 0 = row 6, column b = 7f (hex) = 01111111 (binary) Example 2: o b 1 = 00001000 (binary) = 08 (hex) o b’ 1 = row 0, column 8 = 30 (hex) = 00110000 (binary) Example 3: o b 2 = 11111001 (binary) = f9 (hex) o b’ 2 = row f, column 9 = 99 (hex) = 10011001 (binary)

49
Chapter 3 Symmetric Key Cryptosystems 49 AES - ShiftRow Operation Each row of the input is circularly left shifted: o First row by zero places o Second row by one place o Third row by two places o Fourth row by three places

50
Chapter 3 Symmetric Key Cryptosystems 50 AES - The MixColumn Operation The four bytes in each input column are replaced with four new bytes:

51
Chapter 3 Symmetric Key Cryptosystems 51 AES - The AddRoundKey Operation Each byte of the input block is XORed with the corresponding byte of the round subkey:

52
Chapter 3 Symmetric Key Cryptosystems 52 AES – Rijndael Overview

53
Chapter 3 Symmetric Key Cryptosystems 53 AES Summary The research community participated very actively and expertly in the design and evaluation of the candidate algorithms The AES selection process served to raise public awareness of cryptography and its importance The AES algorithm is starting to be widely used The AES should offer useful cryptographic protection for at least the next few decades

54
Chapter 3 Symmetric Key Cryptosystems 54 Summary DES (56-bit keys): Each 64-bit block of plaintext goes through: o Initial permutation o Sixteen rounds of substitution and transposition operations o Final permutation AES (128-bit keys): Each 128-bit block of plaintext goes through: o An initial AddRoundKey (ARK) operation o Nine rounds of operations (BSB, SR, MC, ARK) o One final (reduced) round

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google