1. Data Encryption Standard (DES)

2. Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the knowledge of K  Any attempt to attack the cipher should be  comparable in complexity to brute-force method  use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext.  The keys may be identical or there may be a simple transformation to go between the two keys.  This requirement that both parties have access to the secret key is one of the main drawbacks of symmetric key encryption

3. Desired Characteristics  Confusion – How does changing a bit of the key affect the ciphertext?  Diffusion – How does changing one bit of the plaintext affect the ciphertext?  S-Boxes provide confusion of input bits  P-Boxes provide diffusion across S-box inputs

4. Desired Characteristics (Cont…) Confusion – Change key values each round – Performed through substitution – Complicates plaintext/key relationship Diffusion – Change location of plaintext in ciphertext – Done through transposition

5. Two Basic Types Block Ciphers Typically 64, 128 bit blocks A k-bit plaintext block maps to a k-bit ciphertext block Usually employ Fiestel structure. The inverse mapping is the decryption function. Stream Ciphers A key is used to generate a stream of pseudo-random bits key stream Just XOR plaintext bits with the key stream for encryption For decryption generate the key stream and XOR with the ciphertext!

6. Block Ciphers Features Block size: in general larger block sizes mean greater security. Key size: larger key size means greater security (larger key space). Number of rounds: multiple rounds offer increasing security. Encryption modes: define how messages larger than the block size are encrypted, very important for the security of the encrypted message.

7. DES History 1967: Feistel at IBM Lucifer: block size 128; key size 128 bit 1972: NBS asks for an encryption standard 1975: IBM developed DES (modification of Lucifer) block size 64 bits; key size 56 bits 1975: NSA suggests modifications 1977: NBS adopts DES as encryption standard in (FIPS 46-1, 46- 2). 2001: NIST adopts Rijndael as replacement to DES.

12. Picture of Inverse Function

13. DES ENCRYPTION

14. INITIAL PERMUTATION AND ITS INVERSE It affects on 64-bit input

15. INITIAL PERMUTATION AND ITS INVERSE

16. DETAILS OF SINGLE ROUND

17. Expansion/Permutation

18. DETAILS OF SINGLE ROUND (CONT 1) The resulting 48 bits are XORed with Ki. This 48 bit result passes through a substitution function that produces 32-bit output, which is permuted by Permutation function (P):

19. The role of S-boxes The substitution consists of a set of 8 S-boxes, each of which accepts 6 bits input and produces 4 bits as output.

20. DETAILS OF SINGLE ROUND (CONT 2) Each row of an S-box defines a general reversible substitution: middle 4 bits of each group of 6-bit input are substituted by S-box output, 1st and last 6th bits define what particular substitution out of to use.

22. KEY GENERATION Input key has 64 bits. But each 8 th bit is not used: bits 8,16,24,32,40,48,56,64 are not further used. The 56-bit key is first subjected to permutation Permuted Choice 1:

23. KEY GENERATION (Cont…) The resulting 56-bit key is then treated as 2 28-bit quantities, labeled C0 and D0. At each round, C i-1 and D i-1 are separately subjected to a circular left shift, or rotation, of 1 or 2 bits as governed by the following:

24. KEY GENERATION (Cont…) These shifted values serve as input to the next round. They also serve as input to Permuted Choice 2, which produces a 48-bit output that serves as input to the function.

25. DES DECRYPTION As with any Feistel cipher, decryption uses the same algorithm as encryption, except that the application of subkeys is reversed.

26. Decryption Circuit

27. DES Applications Served most commerce applications for more than 30 years All ATM transactions Bank transfers Credit card applications