DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block size is 64 bits and the ciphertext block size is 64 bits. The key size is 56 bits.
The key is used to generate 16 subkeys Ki each of length 48 bits. The following is then performed 16 times: 1. The block is split into two halves Li and Ri 2. The left half of the output at the next round is the right half of the previous round but the right half is the left half XORed by a function with the right half and the corresponding key Ki.
We have Li+1 = Ri Ri+1 = Li F(Ki,Ri) Where F is a function specified in the DES protocol. Decryption is the reverse of encryption since Ri = Li+1 Li = Ri+1 F(Ki,Ri)
Strengths of DES Even if you have the plaintext and ciphertext, it seems difficult to get the key. Altering 1 bit of the plaintext block alters about half of the bits of the ciphertext block. The functions are a mixture of different mathematical structures with no apparent shortcut. DES is tried and tested.
Weaknesses of DES Although secure when it was designed in 1977, the key size of 56 bits is now too small. It is feasible these days to exhaustively search a key space of size 256. Linear and differential cryptanalysis can be used to improve the search time. Nobody can prove that DES is secure.
Triple DES One way to improve the security of DES is to increase the key size. This is done by using a variation called triple DES. We have 3 DES keys K1,K2 and K3. First Alice encrypts the message M with key K1 to get C, she then decrypts C with key K2 to get M’, finally she encrypts M’ with key K3 to get C’ which she sends to Bob.
Bob also has the 3 keys K1,K2 and K3 Bob also has the 3 keys K1,K2 and K3. and he receives ciphertext C’ from Alice. Bob decrypts C’ using key K3 to get M’, he then encrypts M’ using key K2 to get C and finally Bob decrypts C using key K1 to get the original message M. The key size is now 3*56 = 168 bits which is long enough to defeat exhaustive key search attacks with current technology. The block size remains unchanged.
AES In 1997, NIST (National Institute of Standards and Technologies) issued a call for a new Advanced Encryption Standard (AES). NIST were looking for a block cipher algorithm to replace DES. Proposed algorithms were evaluated for security, computational efficiency, memory requirements, software suitability and flexibility.
Rijndael The winner of the AES, announced in 2000 was an algorithm called Rijndael which was designed Vincent Rijmen and Joan Daemen. A European project called NESSIE (New European Standards for Security, Integrity and Encryption) also recommends Rijndael in the block cipher category.
Rijndael The length of the key is either 128, 192 or 256 bits depending on the security required. The number of rounds is either 10, 12 or 14 depending respectively on the key length. A subkey is generated for each round. A round consists of substitutions, permutations and multiplications.
Where Rijndael is different from DES is that it considers the data as polynomials with co-efficients being either 0 or 1. This means that it is possible to write a Rijndael encryption as a algebraic formula.
Strengths and Weaknesses Flexibility - different key lengths and different block sizes can be used. Efficient Requires little memory Can be implemented in hardware as well as software Because it is relatively new, it has not been studied in as much detail as other older block ciphers. The mathematical structure might prove to be a weakness (or maybe not!?)
Modes of Operation a) Electronic codebook (ECB) b) Cipher Block Chaining (CBC) c) Output Feedback (OFB) A block cipher used in a mode other than ECB can be used as the keystream generator for a stream cipher.