SYMMETRIC KEY ALGORITHMS

Comparison of Symmetric and Asymmetric Encryption Decryption Ciphertext Original Plaintext Plaintext Secret Key Symmetric (Single Key) Cryptography Encryption Decryption Ciphertext Original Plaintext Private Key Public Key Plaintext Asymmetric (Two Key) Cryptography

BLOCK CIPHER DESIGN PRINCIPLES Two properties of operation of secure cipher: Confusion – make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible. Confusion is achieved through a complex substitution. Diffusion – dissipates the redundancies of the plaintext by distributing over the ciphertext. Diffusion is achieved through permutations. Claude Shannon’s Papers of 1948/1949: A Mathematical Theory of Communication Communication Theory of Secrecy Systems To thwart cryptanalysis based on statistical analysis

SIMPLIFIED DES Developed 1996 as a teaching tool Santa Clara University Prof. Edward Schaefer Takes an 8-bit block plaintext, a 10 –bit key and produces an 8-bit block of ciphertext Decryption takes the 8-bit block of ciphertext, the same 10-bit key and produces the original 8-bit block of plaintext

Simplified DES scheme Five Functions to Encrypt: IP – an initial permutation fk - a complex, 2-input function SW – a simple permutation that swaps the two halves of data fk - a complex, 2-input function; again IP – inverse permutation of the initial permutation

S-DES KEY GENERATION

S-DES KEY GENERATION 10-bit key be designated as (k1, k2,k3, k4, k5, k6, k7, k8, k9, k10) Then the permutation P10 is defined as: P10(k1, k2, k3, k4, k5, k6, k7, k8, k9, k10) = (k3, k5, k2, k7, k4, k10, k1, k9, k8, k6)

S-DES KEY GENERATION Perform a circular shift (LS-1), or rotation, separately on the 1st 5 bits and the 2nd 5 bits. Next, we apply P8,permute 8 of the 10 bits as Result is subkey 1, K1 , of 8 bits

S-DES KEY GENERATION Go back to the pair of 5-bit strings produced by the two LS-1 functions, and perform a circular left shift of 2 bit positions, LS-2 ,on each string Finally, P8 is applied again to produce K2 ,the subkey 2

S-DES ENCRYPTION

S-DES Encryption 8-bit block of plaintext (eg. 10111101) First permute using the IP(Initial Permutation) function as At the end, apply inverse permutation IP-1

Encryption Detail

S-DES Encryption The Function F and fk Divide the value after IP into two parts: L, R fk(L,R) = (L F(R,SK),R) where SK is a subkey and is the bit-by-bit XOR operation

S-DES Encryption- F(R,SK) Rightmost 4 bits(n1,n2,n3,n4) as input to E/P Expand the 4-bit value and concatenate it twice into an 8-bit value . Then permute it. Create a matrix based on the result Row 1 Row 2

S-DES Encryption- F(R,SK) 8-bit subkey K1 = (k11, k12, k13, k14, k15, k16, k17,k18) and perform an exclusive-OR function on the matrix in prev. step

Rename the resultant matrix as The first 4 bits (first row of the preceding matrix) are fed into the S-box S0 to produce a 2-bit output, and the remaining 4 bits (second row) are fed into S1 to produce another 2-bit output

The S-boxes are The first and fourth input bits are treated as a 2-bit number that specify a row of the S-box and the second and third input bits specify a column of the S-box (P0,0 P0,3) = (11) = 3 (P0,1 P0,2) = (10) = 2 (P1,0 P1,3) = (11) = 3 (P1,1 P1,2) = (00) = 0

Concatenate S0 (e. g. 3=11) and S1 (e. g. 2=10) into a 4-bit value (e Concatenate S0 (e.g. 3=11) and S1 (e.g. 2=10) into a 4-bit value (e.g. 1110) Permute 4 bit value as P4 Output of Function F fk(L,R) = (L F(R,SK),R) 4 bits of L F(R,SK) and R are given to SW SW interchanges the L and R bits to next function fk(L,R)

Encryption Detail 8 Bit Plaintext I P E/P K 1 S0 S1 P4 SW 4 8 8 4 4 4 2 2 P4 4 SW 4

8 bits passes through next function fk Key used is K2 Finally , apply inverse permutation IP-1

S-DES Decryption Reverse process of encryption Input is the ciphertext Key K2 is applied before K1 Output is the plaintext.