Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer and Network Security Rabie A. Ramadan Lecture 3.

Published byKenneth Holland Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer and Network Security Rabie A. Ramadan Lecture 3."— Presentation transcript:

1 Computer and Network Security Rabie A. Ramadan Lecture 3

2 Table of Contents 2 Block Cipher and Data Encryption Standard (DES)

3 Modern Block Ciphers 3 Divide input bit stream into n-bit sections, encrypt only that section, no dependency/history between sections In a good block cipher, each output bit is a function of all n input bits and all k key bits

4 Diffusion and confusion (Claude Shannon) 4 Diffusion – dissipates statistical structure of plaintext over bulk of ciphertext Each plaintext digit affects the value of many ciphertext digits Confusion – makes relationship between ciphertext and key as complex as possible Use complex substitution algorithm

5 Claude Shannon and Substitution- Permutation Ciphers 5 In 1949 Claude Shannon introduced idea of substitution-permutation (S-P) networks modern substitution-transposition product cipher These form the basis of modern block ciphers S-P networks are based on the two primitive cryptographic operations we have seen before: substitution (S-box) permutation (P-box) provide confusion and diffusion of message

6 Feistel Cipher Structure 6 Horst Feistel devised the feistel cipher based on concept of invertible product cipher Partitions input block into two halves process through multiple rounds which perform a substitution on left data half based on round function of right half & subkey then have permutation swapping halves Implements Shannon’s substitution-permutation network concept

7 7

8 Feistel Cipher Design Principles 8 block size increasing size improves security, but slows cipher key size increasing size improves security, makes exhaustive key searching harder, but may slow cipher number of rounds increasing number improves security, but slows cipher subkey generation greater complexity can make analysis harder, but slows cipher round function (F) greater complexity can make analysis harder, but slows cipher fast software en/decryption & ease of analysis more recent concerns for practical use and testing

9 Feistel Cipher Decryption 9

10 Data Encryption Standard (DES) 10 Most widely used block cipher in world First use in 1977 Encrypts 64-bit data using 56-bit key Has widespread use Has been considerable controversy over its security

11 DES History 11 IBM developed Lucifer cipher by team led by Feistel used 64-bit data blocks with 128-bit key then redeveloped as a commercial cipher with input from NSA and others in 1973 National Bureau of Standards (NBS) issued request for proposals for a national cipher standard IBM submitted their revised Lucifer which was eventually accepted as the DES

12 DES Design Controversy 12 although DES standard is public was considerable controversy over design in choice of 56-bit key (vs Lucifer 128-bit) and because design criteria were classified subsequent events and public analysis show in fact design was appropriate DES has become widely used, esp in financial applications

13 DES Encryption 13 The input is 64 but 56 are used Each round include substitution and Permutation

14 Initial Permutation IP 14 IP reorders the input data bits even bits to Top half, odd bits to Bottom half quite regular in structure (easy in h/w) example: IP(675a6967 5e5a6b5a) = (ffb2194d 004df6fb

15 DES Round Structure 15 Uses two 32-bit L & R halves As for any Feistel cipher can describe as: L i = R i–1 R i = L i–1 xor F(R i–1, K i ) Takes 32-bit R half and 48-bit subkey and: expands R to 48-bits using perm E adds to subkey passes through 8 S-boxes to get 32-bit result finally permutes this using 32-bit perm P

16 DES Single Round 16

17 Expansion Permutation 17

18 DES and S-Boxes 18 6 bits input 4 bits output

19 19

20 S-Boxes Usage 20 Have eight S-boxes which map 6 to 4 bits Each S-box is actually 4 little 4 bit boxes outer bits 1 & 6 (row bits) select one rows inner bits 2-5 (col bits) are substituted result is 8 lots of 4 bits, or 32 bits Example: for Input 6-bit (011001) Bits 1 and 6 forms  01  decimal 1  row 1  starting from 0 Bits 2-5 forms  1100  decimal 12  col 12  start from 0 S1 output (row 1 col 12 is 9 )  decimal 1001

21 Round final Permutation 21 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 19 13 30 6 22 11 4 25

22 DES Keys Generation 22

23 Transforming from 64 to 56 bits Key 23 Every eighth bit is ignored

24 DES Encryption 24

25 Permutation Choice 1 25

26 Key Left Shift Operation 26 56 bits are divided into two 28 bits (C and D) Left shift is based on the following table

27 Permutation Choice 2 27

28 DES Decryption 28 decrypt must unwind steps of data computation with Feistel design, do encryption steps again using subkeys in reverse order (SK16 … SK1) note that IP undoes final FP step of encryption 1st round with SK16 undoes 16th encrypt round …. 16th round with SK1 undoes 1st encrypt round then final FP undoes initial encryption IP thus recovering original data value

29 Avalanche Effect 29 key desirable property of encryption algorithm where a change of one input or key bit results in changing approx half output bits making attempts to “home-in” by guessing keys impossible DES exhibits strong avalanche

30 Strength of DES – Key Size 30 56-bit keys have 2 56 = 7.2 x 10 16 values brute force search looks hard Timing Attacks attacks actual implementation of cipher use knowledge of consequences of implementation to derive knowledge of some/all subkey bits specifically use fact that calculations can take varying times depending on the value of the inputs to it particularly problematic on smartcards

31 Strength of DES – Analytic Attacks 31 utilise some deep structure of the cipher by gathering information about encryptions can eventually recover some/all of the sub-key bits if necessary then exhaustively search for the rest Generally these are statistical attacks include Differential cryptanalysis Compares two related pairs of encryptions linear cryptanalysis gives linear equation for key bits get one key bit using max likelihood algorithm

Download ppt "Computer and Network Security Rabie A. Ramadan Lecture 3."

Similar presentations

Secret Key Cryptography

Secret Key Cryptography
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
Data Encryption Standard (DES)

Data Encryption Standard (DES)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 3 Block Ciphers and the Data Encryption Standard

Chapter 3 Block Ciphers and the Data Encryption Standard
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Modified by Richard Newman.

Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Modified by Richard Newman.
Symmetric Encryption Algorithms CS-480b Dick Steflik Text – Network Security Essentials – Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik.

Symmetric Encryption Algorithms CS-480b Dick Steflik Text – Network Security Essentials – Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik.
Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.

Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.
DES 1 Data Encryption Standard DES 2 Data Encryption Standard  DES developed in 1970’s  Based on IBM Lucifer cipher  U.S. government standard  DES.

DES 1 Data Encryption Standard DES 2 Data Encryption Standard  DES developed in 1970’s  Based on IBM Lucifer cipher  U.S. government standard  DES.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
Cryptography and Network Security Chapter 3. Chapter 3 – Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's.

Cryptography and Network Security Chapter 3. Chapter 3 – Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's.
CSCE 790G: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790G: Computer Network Security Chin-Tser Huang University of South Carolina.
Chapter 3 – Block Ciphers and the Data Encryption Standard

Chapter 3 – Block Ciphers and the Data Encryption Standard
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 3 – Block Ciphers and the Data Encryption Standard

Chapter 3 – Block Ciphers and the Data Encryption Standard
CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Similar presentations

Ads by Google