Triple DES
Algorithm Uses a block of size 64 bits. Triple DES comprises of three DES keys, K1, K2 and K3, each of 56 bits. The encryption algorithm follows a EDE sequence: C = E(K3, D(K2, E(K1, P))) i.e., DES encrypt with K1, DES decrypt with K2, then DES encrypt with K3.
Triple DES
Applications The electronic payment industry uses Triple DES and continues to develop and promulgate standards based upon it . Microsoft OneNote and Microsoft Outlook 2007 use Triple DES to password protect user content.
Benefits of using 3DES With 168-bit key length, it overcomes the vulnerability to brute-force attack of DEA. Since it is based on the DES algorithm, it is very easy to modify existing software to use Triple DES.
Drawbacks It has three times as many rounds as DES, is correspondingly slower. Uses 64-bit block size. For reasons of both efficiency and security, a larger block size is desirable. The National Institute of Standards and Technology (NIST) issued a call for proposals to develop the Advanced Encryption Standard (AES) as a replacement for DES
Advanced Encryption Standard
Proposed by Dr. Joan Daemen and Dr. Vincet Rijmen. About AES Symmetric block cipher, published in 2001 with a block length of 128-bits and a key length that can be 128, 192, 256 bits. NIST selected Rijndael as the proposed AES algorithm after imposing an evaluation criteria which included security, computational efficiency, memory requirements, hardware and software suitability , and flexibility. Proposed by Dr. Joan Daemen and Dr. Vincet Rijmen.
The AES Cipher The input is a single 128 bit block, depicted as a square matrix of bytes. This is copied into the State array which is modified at each stage of encryption and decryption. After the final stage, the State is copied to an output matrix. Input State array Output in0 in4 in8 in12 S00 S01 S02 S03 o0 o4 o8 o12 in1 in5 in9 in13 S10 S11 S12 S13 o1 o5 o9 o13 in2 in6 in10 in14 S20 S21 S22 S23 o2 o6 o10 o14 in3 in7 in11 in15 S30 S31 S32 S33 o3 o7 o11 o15
The AES Cipher Key received as input array of 4 rows and Nk columns Nk = 4,6, or 8, parameter which depends key size Input key is expanded into an array of 44/52/60 words of 32 bits (4 bytes) each. 4 different words serve as a key for each round k0 k4 k8 k12 …… k1 k5 k9 k13 w0 w1 w2 w42 w43 k2 k6 k10 k14 k3 k7 k11 k15
The AES Cipher Number of rounds, Nr, depends on key size and each round is a repetition of functions that perform a transformation over State array. Consists of 4 main functions: one permutation and three substitutions Substitute bytes, Shift rows, Mix columns, Add round key There are 11 rounds and the key is expanded into an array of forty-four 32-bit words w[i]. Four distinct words are used for each round.
The AES Cipher AddRoundKey() – A simple bitwise XOR of the current block with a portion of the expanded key. MixColumns() – A substitution that alters each byte in a column as a function of all of the bytes in the column. ShiftRows() –A simple permutation that is performed row by row. SubBytes() – uses a table referred to as an S-box to perform a byte-by-byte substitution of State.
The AES Cipher plaintext key Add round key Substitute bytes W[0,3] Substitute bytes Substitute bytes Substitute bytes Shift rows Shift rows Shift rows Round 1 Round 9 Mix columns Mix columns Add round key Add Round key Add round key Cipher text W[4,7] W[36,39] W[40,43] key
The AES Cipher Only Add round key makes use of the key. Other three functions are reversible without knowledge of the key, hence add no security. We can view the cipher as an alternating operations of XOR encryption followed by scrambling of the block, followed by XOR and so on. This scheme is both efficient and highly secure.
The AES Inverse Cipher ciphertext Add round key Inv. Shift rows Inv. Sub bytes Inv. Sub bytes Inv. Sub bytes Round 1 Round 9 Add round key Add round key Add round key Inv. Mix Columns Inv. Mix columns plaintext W[36,39] W[4,7] W[0,3] key
The AES Inverse Cipher Decryption algorithm uses the expanded key in reverse order. All functions are easily reversible and their inverse form is used in decryption Decryption algorithm is not identical to the encryption algorithm. This is a consequence of the particular structure of AES. Again, final round consists of only three stages. It is required to make the cipher reversible.
Applications Encrypting File System in Windows XP SP1 and later Windows versions. Disk encryption, File encryption. IEEE 802.11i, an amendment to the original IEEE 802.11 standard specifying security mechanisms for wireless networks, uses AES-128.
Thank you…