Information and Computer Security CPIS 312 Lab 6 & 7 1 TRIGUI Mohamed Salim Symmetric key cryptography
1. To discuss how feistel cipher works 2. Using the permutation table to draw the internal connections of the corresponding IP- box and inverse IP- box (IP -1 box). 3. Using IP box to find the permutation of input bits specified by a hexadecimal number. 4. Use DES algorithm to find the corresponding n- bits output and representing it in hexadecimal number. 5. Understanding how DES works 2 Lab Objectives
1. Students will encrypt and decrypt using feistel cipher. 2. Students will able to use the permutation table to draw the internal connections of the corresponding IP- box and inverse IP- box (IP -1 box) and find the permutation of input bits specified by a hexadecimal number. 3. Students will be able to work with DES algorithm. 3 Lab Outcomes
The input is a 64-bit data element x. Key k1, k2, … k16 for round R1, R2, … R16 respectively. Output: Cipher text Divide x into two 32-bit halves: L & R For i=1 to 16 4 Feistel Cipher
M= K 1 = L 0 R i=1 R 1 =L 0 F k1 (R 0 ) R 1 =0100 F k1 (1100) R 1 = =0111 R 0 =L 1 L 1 =1100 i=2 K 2 = R 2 =L 1 F k2 (R 1 ) R 2 =1100 F k2 (0111) R 2 = =0010 R 1 =L 2 L 2 =0111 C= L 2 R 2 5 Feistel Cipher
6 Data Encryption Standard (DES) The text is encrypted using DES method by repeating the permutation operations, expansion, and deletion, in sixteen similar steps,. At each step, a different encryption key is used, taken from the used key in the first step, this algorithm consists of sixteen cycles as described in the next slide.
7
The following figure illustrates the processes that take place within each cycle, note that these processes are repeated in the same way in each sixteen cycles. 8 Data Encryption Standard (DES)
1. Initial Permutation (IP): To encode the text is divided into blocks, each block consists of 64-bit, the block entry to primary permutation, permutation is the process - through which to change the location of each bit of the block - according to the relationship described in the following figure: 9 Data Encryption Standard (DES)
The table represents the order of each bit in the block after the primary permutation. This arrangement is fixed in this algorithm, which is proposed by those who have designed, and must follow this arrangement so that decryption is possible. Note that the bit No. 58 became No.1 after permutation, the bit No. 50 became the bit No. 2 and so on. 10 Data Encryption Standard (DES)
2. Block Division: After the completion of primary permutation block is divided into two halves (the right half R0 and the left half L0) every half consists of 32 bits, then the group is entered to the first cycle. The division is conducted as follows: 11 Data Encryption Standard (DES)
3. Expansion and Permutation: In this step the right half which consists of 32-bits is expanded, to become a 48-bits and permutation process is conducted at the same time, according to the relationship described in the following figure: 12 Data Encryption Standard (DES)
The following table represents the order of each bit after the expansion and permutation and shows the source of each added bit. bit No. 32 before the expansion and permutation became the bit No. 1. The bit No. 1 before permutation and expansion became the bit No. 2, and so we note that the bit No. 1 was repeated at the second and last (No. 48) and that the bit No. 32 was repeated in the first site and site No. 47 in this way the right half has been expanded to become 48-bit. 13 Data Encryption Standard (DES)
4. Key Shifted: The key is reduced from the 64-bit to 56 bit by deleting the eighth bit of every eight bits where the bits No. 8,16, 24,.... are deleted. At this point the location of each bit is changed The following figure shows the relationship through which the process of permutation and reducing is conducted. 14 Data Encryption Standard (DES)
The table represents the order of each bit after the process of permutation and reducing. 15 Data Encryption Standard (DES)
5. Key Permutation: In this step two halves of the left and right key are merged the key is reduced and permuted to turn from the 56-bit to 48-bit as the relationship described in the following figure: 16 Data Encryption Standard (DES)
The table represents the order of each bit after the reducing and permutation. After the completion of the fifth and third steps their results are entered at the logical gate (XOR) and the sixth step is implemented on the output, consisting of 48-bit.. 17 Data Encryption Standard (DES)
6. Substitution Permuted Choice s-box: The output of the previous operations which is consisted of 48-bit, is converted to, 32-bit and permuted. The 48-bits are divided into blocks, each of which consisting of 6-bits, the first block passed through the first s- box (S1) and the second block passed through the second s-box (S2) and so on. The output of each box is 4-bits and the total output of all boxes is 32-bits 18 Data Encryption Standard (DES)
To determine the output of each box: 1. Select the block consisting of 6-bit and the corresponding s-box (suppose that the block is and the s-box is the first one(S1) ). 2. Take the first bit and the sixth one of the block (in our example the first bit equals 1 and the sixth equals 0), the result is the binary number 10, which equals 2 in the decimal. This number represents the number of row in the table of (S1). 19 Data Encryption Standard (DES)
3. Take the second, third, fourth and fifth bits (in our example 0110) which represents the column number in s-box table (S1) which equals The result is the intersection of row 2 with column 6 in the table of (S1), a number 2 decimal system is equal to 0010 in binary system, i.e. the entered value of the (S1) became Repeat the previous steps for each block with the corresponding s-box 20 Data Encryption Standard (DES)
The following table in the next slide contains the values of each s-box, note that the numbers of rows and columns starting from zero, i.e. the first row to be selected when the output of the concatenation of the first bit and the second equals zero. 21 Data Encryption Standard (DES)
22 Data Encryption Standard (DES)
7. Permutation: The output of the previous step is permuted, according to the relationship described below 23 Data Encryption Standard (DES)
For further clarification of the previous relationship the following table represents the output of the permutation process. 24 Data Encryption Standard (DES)
8. New Right Data half: This step contains the new right half, which is resulted through entering the output of the seventh step and the left half on logic gate (XOR). The output is the new right half that will be used in the next cycle. 25 Data Encryption Standard (DES)
9. New Left Data half: The new left half is the right half of the previous step, this step can be shown in the following equations: This cycle is repeated 16 times, output of each cycle is the inputs of the next. Each time a different key is used, called a sub-key which is extracted from the key used in the first cycle. 26 Data Encryption Standard (DES)
10. Final Permutation: After the end of the sixteen cycles, the output that is the right half of the last cycle is taken and concatenated with the left half of the last cycle, to form the final output. The final output consists of 64-bits, final permutation is conducted to the final output as the relationship described in the following figure: 27 Data Encryption Standard (DES)
For further clarification of the previous relationship the following table represents the output of the process of final permutation which represents the encoded text. 28 Data Encryption Standard (DES)
29 Example 1 The following permutation table is used to permute an 8-bit input: IP = [ ] A. Draw the internal connections of both the corresponding IP-box and the inverse IP-box (IP-1 -box). B. Find the inverse permutation table IP-1.
30 Example 1
31 Example 1
32 Example 2 The following input is applied to the eight S-boxes (S1: S8) of the DES algorithm. The input is specified as eight 6 bits hexadecimal numbers. Find the corresponding 32 bits output and specify it as a hexadecimal number. 3E 19 0F 24 1D 2A 39 2B 3 E = Row : 10 Column: 1111 intersection using S0 box in the following table: 13 =D
33 Example 2 The following input is applied to the eight S-boxes (S1: S8) of the DES algorithm. The input is specified as eight 6 bits hexadecimal numbers. Find the corresponding 32 bits output and specify it as a hexadecimal number. 3E 19 0F 24 1D 2A 39 2B 3 E = Row : 10 Column: 1111 intersection using S0 box in the following table: 13 =D
34 Example 2 Table 1: Definition of DES S-boxes
35 Homework The following permutation table is used to permute an 8-bit input: IP = [ ] A. Draw the internal connections of both the corresponding IP-box and the inverse IP-box (IP-1 -box). B. Find the inverse permutation table IP-1.