Presentation is loading. Please wait.

Presentation is loading. Please wait.

Classical &ontemporyryptology 1 Block Cipher Today’s most widely used ciphers are in the class of Block Ciphers Today’s most widely used ciphers are in.

Published byRosaline Patterson Modified over 8 years ago

Similar presentations

Presentation on theme: "Classical &ontemporyryptology 1 Block Cipher Today’s most widely used ciphers are in the class of Block Ciphers Today’s most widely used ciphers are in."— Presentation transcript:

1 Classical &ontemporyryptology 1 Block Cipher Today’s most widely used ciphers are in the class of Block Ciphers Today’s most widely used ciphers are in the class of Block Ciphers – Define a block of computer bits which represent several characters – Encipher the complete block at one time Algorithm Block of Bits KEY

2 Classical &ontemporyryptology 2 Modes of Operation Before examining the details of any specific block cipher algorithm, it is useful to consider how such algorithms are used Before examining the details of any specific block cipher algorithm, it is useful to consider how such algorithms are used There are 3 operational modes: There are 3 operational modes: – Electronic Code Book (ECB) – Cipher Block Chaining (CBC) – Output Feedback Mode (OFM) These modes have become international standards for implementing any block cipher These modes have become international standards for implementing any block cipher

3 Classical &ontemporyryptology 3 Electronic Code Book Simplest mode of operation Simplest mode of operation – each block is enciphered into a ciphertext block using one key EkEk M1M1 C1C1 Key EkEk M2M2 C2C2 EkEk MmMm CmCm Problem: if Mi Mi = Mj Mj then Ci Ci = CjCj

4 Classical &ontemporyryptology 4 Cipher Block Chaining The input to each block stage is the current block XORed with the previous stage cipher block The input to each block stage is the current block XORed with the previous stage cipher block Key EkEk M1M1 C1C1 EkEk M2M2 C2C2 EkEk MmMm CmCm

5 Classical &ontemporyryptology 5 Output Feedback Mode The block cipher is used as a stream cipher The block cipher is used as a stream cipher – it produces the random key stream RiRi EkEk R i+1 KEY MiMi CiCi

6 Classical &ontemporyryptology 6 General Structure In 1973, Feistel suggest a form of product cipher that has become the architecture of choice for almost all symmetric block ciphers in use today. In 1973, Feistel suggest a form of product cipher that has become the architecture of choice for almost all symmetric block ciphers in use today. – The overall process involves several stages of a substitution followed by a transposition. – The master key is subdivided into a set of subkeys – one for each stage. – At each stage the data block is divided into a left and a right segment, the segments are swapped, and one segment is mixed with subkey for that stage. – Another name for this type of cipher is a substitution- permutation (SP) cipher.

7 Classical &ontemporyryptology 7 Data Encryption Standard In the mid-70’s the US government decided that a powerful standard cipher system was necessary. In the mid-70’s the US government decided that a powerful standard cipher system was necessary. – The National Bureau of Standards put out a request for the development of such a cipher. – Several companies went to work and submitted proposals. The winner was IBM with their cipher system called Lucifer. – With some modifications suggested by the National Security Agency, in 1977, Lucifer became known as the Data Encryption Standard or DES. – It has since been replaced by the Advanced Encryption Standard (AES)

8 Classical &ontemporyryptology 8 Basic Structure DES works on 64 bit blocks of plaintext using a 56 bit key to produce 64 bit blocks of ciphertext. DES works on 64 bit blocks of plaintext using a 56 bit key to produce 64 bit blocks of ciphertext. – It is a substitution-permutation cipher with 16 SP stages. The key for DES is an arbitrary 56 bit string of 0’s and 1’s The key for DES is an arbitrary 56 bit string of 0’s and 1’s – there are 2 56 possible strings (greater than 10 16 ) – often it is given as a 7 letter word DES expands this key to 64 bits by adding 8 additional 0’s and 1’s DES expands this key to 64 bits by adding 8 additional 0’s and 1’s – bits 8, 16, 24, 32, 40, 48, 56, and 64 are added so that each 8 bit block has odd parity (odd number of 1’s) – the key is divided, shifted, and shuffled 16 times to form 16 different (but related) subkeys each of which is 48 bits long

9 Classical &ontemporyryptology 9 Key Generation Each of the 16 stages uses a 48 bit subkey which is derived from the initial 64 bit key. Each of the 16 stages uses a 48 bit subkey which is derived from the initial 64 bit key. – The key passes through a PC-1 block (Permuted Choice 1) which extracts the original 56 bits supplied by the user. – The 56 bits are divided into left and right halves. Each half is shifted left by 1 or 2 bit positions (it varies depending on the stage). – The new 56 bits are compressed using PC-2 (Permuted Choice 2) by throwing out 8 bits to create the 48 bit key for the given stage. 64 bit key PC-1 28 bit C 0 28 bit D 0 Left Shift 28 bit C 1 28 bit D 1 Left Shift PC-2 K1K1

10 Classical &ontemporyryptology 10 DES Stages Each stage of DES is performs the same set of operations using a different subkey acting on the output of the previous stage. Each stage of DES is performs the same set of operations using a different subkey acting on the output of the previous stage. – Those operations are defined in three “boxes” called the expansion box (Ebox), the substitution box (Sbox), and the permutation box (Pbox).

11 Classical &ontemporyryptology 11 Example Stage E Box Left 32 bits Right 32 bits Key Box XOR 48 bits 56 bits Key S Boxes 48 bits P Box 32 bits XOR 32 bits The E-Box expands (from 32 to 48 bits) and permutates The E-Box output is XORed with part of the key There are 8 S-Boxes and each one accepts 6 bits of input and produces 4 bits of output The P-Box is a simple permutation Finally, the left side is XORed with the result and both sides are passed on to the next round

12 Classical &ontemporyryptology 12 E-BoxE-Box The EBox expands its 32-bit input into 48-bits by duplicating some of the input bits. The EBox expands its 32-bit input into 48-bits by duplicating some of the input bits. 28293031321 242526272829 202122232425 161718192021 121314151617 8910111213 456789 3212345 EBox 1234567891011121314151617181920212223242526272829303132 Right 32 bits Note the duplication

13 Classical &ontemporyryptology 13 S-BoxesS-Boxes The SBoxes are the real source of the power of DES. The SBoxes are the real source of the power of DES. – There are 8 different Sboxes – Each Sbox accepts 6-bits of input and produces 4-bits of output. – An Sbox has 16 columns and 4 rows where each element in the box is a 4-bit block usually given in its decimal representation. 15128249175113141006 13 411481362111512973105 0 015741421311061211953 8 144131215118310612590 7 Column 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Row 0 1 2 3

14 Classical &ontemporyryptology 14 Working with the S-Boxes Each 6-bit input to an S-Box is divided into a row and a column index. Each 6-bit input to an S-Box is divided into a row and a column index. – The row index is given by bits 1 and 6 and the bits 2 to 5 supply the column index. – The output of the S-Box is the value stored at the addressed row/column S2 138101315421167120514 9 0 71110413158126932 5 313471528141201106911 5 15181461134972131205 10 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 1 2 3 Input: 0 1 1 1 1 0 Column 15 Row 0 10 Output: 1 0 1 0

15 Classical &ontemporyryptology 15 P-BoxP-Box After the S-Box operation there are just 32-bits remaining which are rearranged according to the permutation table: After the S-Box operation there are just 32-bits remaining which are rearranged according to the permutation table: 2211425 1913306 322739 282414 5183110 1152326 29122817 1672021 PBox 1234567891011121314151617181920212223242526272829303132 SBox Outputs

16 Classical &ontemporyryptology 16 Final Step The final operation places the original RHS 32- bits on the LHS and XORs the original LHS with the 32-bit output of the Pbox The final operation places the original RHS 32- bits on the LHS and XORs the original LHS with the 32-bit output of the Pbox This process is repeated 16 times using a different subkey each time This process is repeated 16 times using a different subkey each time

17 Classical &ontemporyryptology 17 DES Implementations DES could be used in any one of the three standard block cipher implementation modes: OFM, CBC, or ECB. DES could be used in any one of the three standard block cipher implementation modes: OFM, CBC, or ECB. – However DES is no longer a secure cipher. – Hence, alternative implementations of DES have been suggested in an effort to improve its overall security. The most common is called Triple-DES. – Triple-DES comes in two versions, one uses three keys and the other only uses two keys. The three key version first encrypts the message with Key1, decrypts the result with Key2, and finally encrypts that with K3 The three key version first encrypts the message with Key1, decrypts the result with Key2, and finally encrypts that with K3 The two key version uses the same steps where K3 = K1. The two key version uses the same steps where K3 = K1. E M Key1 D Key2 E Key3

18 Classical &ontemporyryptology 18 S-DESS-DES S-DES (Simplified-DES) was developed by Dr. Edward Schaefer at Santa Clara University in 1996. S-DES (Simplified-DES) was developed by Dr. Edward Schaefer at Santa Clara University in 1996. – It is simple enough so that you can explore the operation of DES and some of its weaknesses. – It operates on 8-bit data blocks (in other words, single characters) using a 10-bit key (only 2 10 = 1024 possibilities) and two stages

19 Classical &ontemporyryptology 19 S-DES Structure In spite of the simplifications, S-DES looks much like our basic DES. In spite of the simplifications, S-DES looks much like our basic DES. 8 bits Plaintext block IP L0L0 R0R0 XOR F L1L1 R1R1 F L2L2 R2R2 8 bits IP -1 Ciphertext block 10 bit key PC-1 C0C0 D0D0 Left Shift 1 bit C1C1 D1D1 Left Shift 2 bits C2C2 D2D2 PC-2 K1K1 K2K2 1 2 3 4 5 6 7 8 2 6 3 1 4 8 5 7 1 2 3 4 5 6 7 8 4 1 3 5 7 2 8 6

20 Classical &ontemporyryptology 20 S-DES S-Boxes The function F on the prior slide contains an EBox, PBox and 2 SBoxes (much like DES) The function F on the prior slide contains an EBox, PBox and 2 SBoxes (much like DES) The two S-Boxes are given by: The two S-Boxes are given by: The input is a 4 bit value The first and last bits define the row define the row The middle bits define the column the column The output is a 2 bit value

21 Classical &ontemporyryptology 21 S-DES Key Generation The key generation mechanism begins with a 10-bit key which is permuted by PC-1 into the order 3 5 2 7 4 10 1 9 8 6. The key generation mechanism begins with a 10-bit key which is permuted by PC-1 into the order 3 5 2 7 4 10 1 9 8 6. It is separated into 2 five bit segments and each segment is left shift by one bit. It is separated into 2 five bit segments and each segment is left shift by one bit. PC-2 selects and rearranges 8 bits from the two five bit segments – the bits in order are 6 3 7 4 8 5 10 9. The result is subkey 1. PC-2 selects and rearranges 8 bits from the two five bit segments – the bits in order are 6 3 7 4 8 5 10 9. The result is subkey 1. The two segments are now left shifted twice and PC-2 is applied again to produce subkey 2. The two segments are now left shifted twice and PC-2 is applied again to produce subkey 2.

22 Classical &ontemporyryptology 22 Status of DES When IBM first proposed DES it had a 128 bit key When IBM first proposed DES it had a 128 bit key – NSA required that the key be reduced to 56 bits There have been several successful attacks on DES There have been several successful attacks on DES – June 1997: Using the internet 14,000 to 78,000 computers broke DES in 90 days – Jan 1998: Using the internet again it only took 39 days – July 1998: a $210,000 machine called deep crack was built and it broke DES in 56 hours

23 Classical &ontemporyryptology 23 Avalanche Condition One of the most important strength criteria is the avalanche condition: there should be no correlation between any input bits or key bits and the output bits. One of the most important strength criteria is the avalanche condition: there should be no correlation between any input bits or key bits and the output bits. – This is important because if someone started trying different keys, they should not be able to tell if they are close (within a few bits) to the actual key. – There are two versions of the avalanche condition: Strict plaintext avalanche criterion (SPAC): each bit of the ciphertext block should change with the probability of one half whenever any bit of the plaintext block is complemented. Strict plaintext avalanche criterion (SPAC): each bit of the ciphertext block should change with the probability of one half whenever any bit of the plaintext block is complemented. Strict key avalanche criterion (SKAC.) for a fixed plaintext block, each bit of the ciphertext block changes with a probability of one half when any bit of the key changes. Strict key avalanche criterion (SKAC.) for a fixed plaintext block, each bit of the ciphertext block changes with a probability of one half when any bit of the key changes.

24 Classical &ontemporyryptology 24 DES Example Input:...............................................................*1 Permuted:.......................................*........................ 1 Round 1:.......*........................................................ 1 Round 2:.*..*...*.....*........................*........................ 5 Round 3:.*..*.*.**..*.*.*.*....**.....**.*..*...*.....*................. 18 Round 4:..*.*****.*.*****.*.*......*.....*..*.*.**..*.*.*.*....**.....** 28 Round 5: *...**..*.*...*.*.*.*...*.***..*..*.*****.*.*****.*.*......*.... 29 Round 6:...*..**.....*.*..**.*.**...*..**...**..*.*...*.*.*.*...*.***..* 26 Round 7: *****...***....**...*..*.*..*......*..**.....*.*..**.*.**...*..* Round 8: *.*.*.*.**.....*.*.*...**.*...*******...***....**...*..*.*..*... Round 9: ***.*.***...**.*.****.....**.*..*.*.*.*.**.....*.*.*...**.*...** Round 10: *.*..*.*.**.*..*.**.***.**.*...****.*.***...**.*.****.....**.*.. Round 11:..******......*..******....*....*.*..*.*.**.*..*.**.***.**.*...* Round 12: *..***....*...*.*.*.***...****....******......*..******....*.... Round 13: **..*....*..******...*........*.*..***....*...*.*.*.***...****.. Round 14: *.**.*....*.*....**.*...*..**.****..*....*..******...*........*. Round 15: **.*....*.*.*...*.**.*..*.*.**.**.**.*....*.*....**.*...*..**.** Round 16:.*..*.*..*..*.**....**..*..*..****.*....*.*.*...*.**.*..*.*.**.* Output:..*..**.*.*...*....***..***.**.*...*..*..*.*.*.**.*....*.*.*.**.

Download ppt "Classical &ontemporyryptology 1 Block Cipher Today’s most widely used ciphers are in the class of Block Ciphers Today’s most widely used ciphers are in."

Similar presentations

6.1.2 Overview DES is a block cipher, as shown in Figure 6.1.

6.1.2 Overview DES is a block cipher, as shown in Figure 6.1.
DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)

Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)
Data Encryption Standard (DES)

Data Encryption Standard (DES)
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.

Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.

Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.
Simplified DES CS-480b Network Security Dick Steflik.

Simplified DES CS-480b Network Security Dick Steflik.
Classical &ontemporyryptology 1 CryptologyCryptology Dr. Richard Spillman Pacific Lutheran University Dr. Richard Spillman Pacific Lutheran University.

Classical &ontemporyryptology 1 CryptologyCryptology Dr. Richard Spillman Pacific Lutheran University Dr. Richard Spillman Pacific Lutheran University.
DES 1 Data Encryption Standard DES 2 Data Encryption Standard  DES developed in 1970’s  Based on IBM Lucifer cipher  U.S. government standard  DES.

DES 1 Data Encryption Standard DES 2 Data Encryption Standard  DES developed in 1970’s  Based on IBM Lucifer cipher  U.S. government standard  DES.
1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.

1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Cryptography Block Ciphers and Feistel Functions.

Cryptography Block Ciphers and Feistel Functions.

Similar presentations

Ads by Google