Lecture 3 Overview. Ciphers The intent of cryptography is to provide secrecy to messages and data Substitutions – ‘hide’ letters of plaintext Transposition.

Slides:



Advertisements
Similar presentations
6.1.2 Overview DES is a block cipher, as shown in Figure 6.1.
Advertisements

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Making “Good” Encryption Algorithms
Cryptography and Network Security Chapter 3
The Advanced Encryption Standard (AES) Simplified.
Block Ciphers and the Data Encryption Standard
Data Encryption Standard (DES)
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
Chapter 3 – Block Ciphers and the Data Encryption Standard
CSE 651: Introduction to Network Security
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
The Digital Encryption Standard CSCI 5857: Encoding and Encryption.
IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September.
Lecture 5 Overview Does DES Work? Differential Cryptanalysis Idea – Use two plaintext that barely differ – Study the difference in the corresponding.
A Cryptography Education Tool Anna Yu Department of Computer Science College of Engineering North Carolina A&T State University June 18, 2009.
Lecture 2 Overview.
The Data Encryption Standard - see Susan Landau’s paper: “Standing the test of time: the data encryption standard.” DES - adopted in 1977 as a standard.
CSCI 5857: Encoding and Encryption
Security in Computing Chapter 12, Cryptography Explained Part 6
Network Security Lecture 14 Presented by: Dr. Munam Ali Shah.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Feistel Cipher Structure
Cracking DES Cryptosystem A cryptosystem is made of these parts: Two parties who want to communicate over an insecure channel An encryption algorithm that.
Classical &ontemporyryptology 1 Block Cipher Today’s most widely used ciphers are in the class of Block Ciphers Today’s most widely used ciphers are in.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Data Encryption Standard CS-471/971. Category of Standard: Computer Security. Explanation: The Data Encryption Standard (DES) specifies a FIPS approved.
Introduction to Modern Symmetric-key Ciphers
TE/CS 536 Network Security Spring 2005 – Lecture 8 Security of symmetric algorithms.
Chapter 3 Encryption Algorithms & Systems (Part D)
Lecture 23 Symmetric Encryption
Computer and Network Security Rabie A. Ramadan Lecture 3.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Data Encryption Standard (DES)
DES Analysis and Attacks CSCI 5857: Encoding and Encryption.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
5.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 5 Introduction to Modern Symmetric-key Ciphers.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 8 September 14, 2004.
Lecture 4 Overview. Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion.
DES: Data Encryption Standard
Lecture 3 Overview. Ciphers The intent of cryptography is to provide secrecy to messages and data Substitutions – ‘hide’ letters of plaintext Transposition.
Lecture 4 Overview. Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 7 September 9, 2004.
Module :MA3036NI Symmetric Encryption -3 Lecture Week 4.
Block Ciphers and the Data Encryption Standard. Modern Block Ciphers  One of the most widely used types of cryptographic algorithms  Used in symmetric.
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 2 Overview. Cryptography Secret writing – Disguised data cannot be read, modified, or fabricated easily – Feasibility of complexity for communicating.
Information and Network Security Lecture 2 Dr. Hadi AL Saadi.
Information and Computer Security CPIS 312 Lab 6 & 7 1 TRIGUI Mohamed Salim Symmetric key cryptography.
1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.
Lecture 4 Data Encryption Standard (DES) Dr. Nermin Hamza
CS480 Cryptography and Information Security
6b. Practical Constructions of Symmetric-Key Primitives.
Lecture 3: Symmetric Key Encryption
Networks and Communication Systems Department
NET 311 Information Security
NET 311 Information Security
Cryptography II Jagdish S. Gangolly School of Business
NET 311 Information Security
International Data Encryption Algorithm
Florida State University
Presentation transcript:

Lecture 3 Overview

Ciphers The intent of cryptography is to provide secrecy to messages and data Substitutions – ‘hide’ letters of plaintext Transposition – scramble adjacent characters CS 450/650 – Lecture 3: Entropy 2

Entropy Shannon demonstrated mathematical methods of treating communication channels, bandwidth, and the effects of random noise on signals – p i is the probability of a given message (or piece of information) – n is the number of possible messages (or pieces of information) CS 450/650 – Lecture 3: Entropy 3

Entropy Entropy gives an indication of the complexity, or randomness, of a message or a data set. Generally, signals or data sets with high entropy, – Have a greater chance of a data transmission error – Require greater bandwidth to transmit – Have smaller capacity for compression – Appear to have a greater degree of "disorder” CS 450/650 – Lecture 3: Entropy 4

Entropy and Cryptography Through cryptography, we increase the uncertainty in the message for those who do not know the key Plaintext has an entropy of zero as there is no uncertainty about it. – This class is CS 450 Encryption using one of x equally probable keys increases the entropy to x – KBXT LWER ACMF OSJU CS 450/650 – Lecture 3: Entropy 5

Entropy and Cryptography With a perfect cipher “all keys are essentially equivalent” A good cipher will make a message look like noise Encryption should "scramble" the original message to the maximum possible extent Algorithms should take a message through a sequence of substitutions and transpositions CS 450/650 – Lecture 3: Entropy 6

Shannon Characteristics of ‘Good’ Ciphers 1.“The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption” – Hold off the interceptor for required time duration 2.“The set of keys and enciphering algorithm should be free from complexity” – There should not be restriction on choice of keys or types of plaintext 3.“The implementation of the process should be as simple as possible” – Hand implementation, software bugs CS 450/650 – Lecture 3: Entropy 7

Shannon Characteristics of ‘Good’ Ciphers 4.“Errors in ciphering should not propagate and cause corruption of further information in the message” – An error early in the process should not throw off the entire remaining cipher text 5.“The size of the enciphered text should be no larger than the text of original message” – A ciphertext that expands in size cannot possibly carry more information than the plaintext CS 450/650 – Lecture 3: Entropy 8

Trustworthy Encryption Systems Commercial grade encryption 1.Based on sound mathematics 2.Analyzed by competent experts 3.Test of time DES: Data Encryption Standard RSA: River-Shamir-Adelman AES: Advanced Encryption Standard CS 450/650 – Lecture 3: Entropy 9

Confusion and Diffusion Confusion – Has complex relation between plaintext, key, and ciphertext – The interceptor should not be able to predict what will happen to ciphertext by changing one chatracter in plaintext Diffusion – Cipher should spread information from plaintext over entire ciphertext – The interceptor should require access to much of ciphertext to infer algorithm CS 450/650 – Lecture 3: Entropy 10

Lecture 4 Data Encryption Standard (DES) CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini and J. Orlin Grabbe

Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion Product cipher – Two weak but complementary ciphers can be made more secure by being applied together CS 450/650 – Lecture 4: DES 12

A High Level Description of DES CS 450/650 – Lecture 4: DES 13 Input - P 16 Cycles Output - C Key IP Inverse IP

A Cycle in DES CS 450/650 – Lecture 4: DES 14 Right halfLeft half Key shifted And Permuted New R-halfNew L-half f

K 64 bits PC-1 K+ 56 bits C0 28 bitsD0 28 bits C1 28 bits D1 28 bits C2 28 bits D2 28 bits C16 28 bits D16 28 bits PC-2 K1 48 bitsK2 48 bitsK16 48 bits Shift Key Summary CS 450/650 – Lecture 4: DES 15

32 bits Kn 48 bits E E(Rn-1) 48 bits E(Rn-1)+Kn 48 bits S Boxes P f CS 450/650 – Lecture 4: DES 16

M 64 bits I-P L0 32 bitsR0 32 bits IP 64 bits f L1 32 bitsR1 32 bits K1 48 bits Cycle 1 CS 450/650 – Lecture 4: DES 17

L1 32 bitsR1 32 bits f L2 32 bitsR2 32 bits K2 48 bits Cycle 2 CS 450/650 – Lecture 4: DES 18

L2 32 bitsR2 32 bits f L3 32 bitsR3 32 bits K3 48 bits Cycle 3 CS 450/650 – Lecture 4: DES 19

L15 32 bitsR15 32 bits f L16 32 bitsR16 32 bits K16 48 bits IP -1 C 64 bits L16 32 bitsR16 32 bits Cycle 16 CS 450/650 – Lecture 4: DES 20

DES CS 450/650 Fundamentals of Integrated Computer Security 21

Design of the Algorithm key elements of the algorithm design were "sensitive" and would not be made public – the rationale behind transformations by the S- boxes, the P-boxes, and the key changes trapdoors? – Congressional inquiry design flaw would be discovered by a cryptanalyst – to date, no serious flaws have been published CS 450/650 Fundamentals of Integrated Computer Security 22

Does DES Work? Differential Cryptanalysis Idea – Use two plaintext that barely differ – Study the difference in the corresponding cipher text – Collect the keys that could accomplish the change – Repeat CS 450/650 – Lecture 4: DES 23

Cracking DES During the period NBS was soliciting comments on the proposed algorithm, the creators of public key cryptography registered some objections to the use of DES. – Hellman wrote: "Whit Diffie and I have become concerned that the proposed data encryption standard, while probably secure against commercial assault, may be extremely vulnerable to attack by an intelligence organization" letter to NBS, October 22, 1975 CS 450/650 – Lecture 4: DES 24

Cracking DES (cont.) Diffie and Hellman then outlined a "brute force" attack on DES – By "brute force" is meant that you try as many of the 2 56 possible keys as you have to before decrypting the ciphertext into a sensible plaintext message – They proposed a special purpose "parallel computer using one million chips to try one million keys each" per second CS 450/650 – Lecture 4: DES 25

Cracking DES (cont.) In 1998, Electronic Frontier Foundation spent $220K and built a machine that could go through the entire 56-bit DES key space in an average of 4.5 days – On July 17, 1998, they announced they had cracked a 56-bit key in 56 hours The computer, called Deep Crack – used 27 boards each containing 64 chips – was capable of testing 90 billion keys a second CS 450/650 – Lecture 4: DES 26

Cracking DES (cont.) In early 1999, Distributed.net used the DES Cracker and a worldwide network of nearly 100K PCs to break DES in 22 hours – combined they were testing 245 billion keys per second It has been shown that a dedicated hardware device with a cost of $1M (is much less in 2011) can search all possible DES keys in about 3.5 hours This just serves to illustrate that any organization with moderate resources can break through DES with very little effort these days CS 450/650 – Lecture 4: DES 27

Triple DES Triple-DES is just DES with two 56-bit keys applied. Given a plaintext message, the first key is used to DES- encrypt the message. The second key is used to DES-decrypt the encrypted message. – Since the second key is not the right key, this decryption just scrambles the data further. The twice-scrambled message is then encrypted again with the first key to yield the final ciphertext. This three-step procedure is called triple-DES. CS 450/650 – Lecture 4: DES 28

Detailed DES Example Plain text message M M = ABCDEF (hexadecimal format) M in binary format: M = Left Half (L) and Right Half (R) L = R = CS 450/650 – Lecture 4: DES 29

Key Key K K = K = BBCDFF1 (hexadecimal format) K in binary format: K = Note: DES operates on the 64-bit blocks using key sizes of 56- bits. The keys are actually stored as being 64 bits long, but every 8th bit in the key is not used (i.e. bits numbered 8, 16, 24, 32, 40, 48, 56, and 64). CS 450/650 – Lecture 4: DES 30

Step 1: Create 16 sub-keys (48-bits) 1.1 The 64-bit key is permuted according to table PC-1. CS 450/650 – Lecture 4: DES

Example (cont.) From the original 64-bit key K = Using PC-1, we get the 56-bit permutation K+ = CS 450/650 – Lecture 4: DES 32

Split this key 1.2 Split this key into left and right halves, C 0 and D 0, where each half has 28 bits K+ = From the permuted key K+, we get C 0 = D 0 = CS 450/650 – Lecture 4: DES 33

shift Create 16 blocks 1.3 Create 16 blocks C n and D n, 1<=n<=16. C n and D n are obtained from C n-1 and D n-1 using the following schedule of "left shifts". CS 450/650 – Lecture 4: DES 34

Example (Cont.) C 0 = D 0 = C 1 = D 1 = C 2 = D 2 = C 3 = D 3 = CS 450/650 – Lecture 4: DES 35

Example (Cont.) C 4 = D 4 = C 5 = D 5 = C 6 = D 6 = C 7 = D 7 = CS 450/650 – Lecture 4: DES 36

Example (Cont.) C 8 = D 8 = C 9 = D 9 = C 10 = D 10 = C 11 = D 11 = CS 450/650 – Lecture 4: DES 37

Example (Cont.) C 12 = D 12 = C 13 = D 13 = C 14 = D 14 = C 15 = D 15 = CS 450/650 – Lecture 4: DES 38

Form the keys K n 1.4 Form the keys K n, for 1<=n<=16, by applying the following permutation table to each of the concatenated pairs C n D n. Each pair has 56 bits, but PC-2 only uses 48 of these. CS 450/650 – Lecture 4: DES 39

Example (Cont.) For the first key we have C 1 D 1 = which, after we apply the permutation PC-2, becomes K 1 = CS 450/650 – Lecture 4: DES 40

Example (Cont.) K 2 = K 3 = K 4 = K 5 = K 6 = K 7 = CS 450/650 – Lecture 4: DES 41

Example (Cont.) K 8 = K 9 = K 10 = K 11 = K 12 = CS 450/650 – Lecture 4: DES 42

Example (Cont.) K 13 = K 14 = K 15 = K 16 = CS 450/650 – Lecture 4: DES 43

Step 2: Encode each 64-bit block of data 2.1 Do initial permutation IP of M to the following IP table. CS 450/650 – Lecture 4: DES

Example (Cont.) Applying the initial permutation to the block of text M, we get M = IP = CS 450/650 – Lecture 4: DES 45

Divide the permuted block IP 2.2 Divide the permuted block IP into a left half L 0 of 32 bits, and a right half R 0 of 32 bits IP = From IP we get L 0 = R 0 = CS 450/650 – Lecture 4: DES 46

Proceed through 16 iterations of f 2.3 Proceed through 16 iterations, for 1<=n<=16, using a function f which operates on two blocks— a data block of 32 bits and a key K n of 48 bits to produce a block of 32 bits. L n = R n-1 R n = L n-1 + f(R n-1,K n ) -- + denote XOR K 1 = L 1 = R 0 = R 1 = L 0 + f(R 0,K 1 ) CS 450/650 – Lecture 4: DES 47

The Calculation of the function f 1 - Expand R n-1  E(R n-1 ) 2- XOR  K n + E(R n-1 ) = B 1 B 2 B 3 B 4 B 5 B 6 B 7 B 8 3- Substitution S-Boxes  S 1 (B 1 )S 2 (B 2 )S 3 (B 3 )S 4 (B 4 )S 5 (B 5 )S 6 (B 6 )S 7 (B 7 )S 8 (B 8 ) 4- P permutation  f = P(S 1 (B 1 )S 2 (B 2 )...S 8 (B 8 )) CS 450/650 – Lecture 4: DES 48

Expand each block R n Expand each block R n-1 from 32 bits to 48 bits using a selection table that repeats some of the bits in R n-1. CS 450/650 – Lecture 4: DES 49

E R n-1 E(R n-1 ) Example (Cont.) We'll call the use of this selection table the function E. Thus E(R n-1 ) has a 32 bit input block, and a 48 bit output block. CS 450/650 – Lecture 4: DES 50

Example (Cont.) We calculate E(R 0 ) from R 0 as follows: R 0 = E(R 0 ) = Note that each block of 4 original bits has been expanded to a block of 6 output bits. CS 450/650 – Lecture 4: DES 51

XOR Operation In the f calculation, we XOR the output E(R n-1 ) with the key K n : K n + E(R n-1 ) K 1 = E(R 0 ) = K 1 +E(R 0 ) = CS 450/650 – Lecture 4: DES 52

Substitution – S-Boxes We now have 48 bits, or eight groups of six bits. We use each group of 6 bits as addresses in tables called "S boxes". Each group of six bits will give us an address in a different S box. Located at that address will be a 4 bit number. This 4 bit number will replace the original 6 bits. The net result is that the eight groups of 6 bits are transformed into eight groups of 4 bits (the 4-bit outputs from the S boxes) for 32 bits total. CS 450/650 – Lecture 4: DES 53

Substitution – S-Boxes (Cont.) K n + E(R n-1 ) = B 1 B 2 B 3 B 4 B 5 B 6 B 7 B 8 where each B i is a group of six bits. We now calculate S 1 (B 1 )S 2 (B 2 )S 3 (B 3 )S 4 (B 4 )S 5 (B 5 )S 6 (B 6 )S 7 (B 7 )S 8 (B 8 ) where S i (B i ) referrers to the output of the i-th S box. CS 450/650 – Lecture 4: DES 54

Substitution – S-Boxes (Cont.) Box S1 CS 450/650 – Lecture 4: DES

Finding S1(B1) The first and last bits of B represent in base 2 a number in the decimal range 0 to 3. – Let that number be i. The middle 4 bits of B represent in base 2 a number in the decimal range 0 to 15. – Let that number be j. Look up in the table the number in the i-th row and j-th column. The tables defining the functions S 1,...,S 8 are given in page 740 CS 450/650 – Lecture 4: DES 56

Example (Cont.) For input block B = the first bit is "0" and the last bit "1" giving 01 as the row. – This is row 1. The middle four bits are "1101". – This is the binary equivalent of decimal 13, so the column is column number 13. In row 1, column 13 appears 5. This determines the output; – 5 is binary 0101, so that the output is Hence S1(011011) = CS 450/650 – Lecture 4: DES 57

Example (Cont.) For the first round, we obtain as the output of the eight S boxes: K 1 + E(R 0 ) = S 1 (B 1 )S 2 (B 2 )S 3 (B 3 )S 4 (B 4 )S 5 (B 5 )S 6 (B 6 )S 7 (B 7 )S 8 (B 8 ) = CS 450/650 – Lecture 4: DES 58

Permutation P of the S-box output f = P(S 1 (B 1 )S 2 (B 2 )...S 8 (B 8 )) CS 450/650 – Lecture 4: DES

Example (Cont.) From the output of the eight S boxes: S 1 (B 1 )S 2 (B 2 )S 3 (B 3 )S 4 (B 4 )S 5 (B 5 )S 6 (B 6 )S 7 (B 7 )S 8 (B 8 ) = we get f = CS 450/650 – Lecture 4: DES 60

Example (Cont.) R 1 = L 0 + f(R 0, K 1 ) = = CS 450/650 – Lecture 4: DES 61

Process Repeated 16 rounds In the next round, we will have L 2 = R 1, which is the block we just calculated, and then we must calculate R 2 =L 1 + f(R 1, K 2 ), and so on for 16 rounds. CS 450/650 – Lecture 4: DES 62

Final Phase At the end of the sixteenth round we have L 16 and R 16. We then reverse the order of the two blocks into R 16 L 16 and apply a final permutation IP -1 as defined by the following table CS 450/650 – Lecture 4: DES

Example (cont.) If we process all 16 blocks using the method defined previously, we get, on the 16th round, L 16 = R 16 = CS 450/650 – Lecture 4: DES 64

Example (cont.) We reverse the order of these two blocks and apply the final permutation to R 16 L 16 = IP -1 = which in hexadecimal format is 85E813540F0AB405 CS 450/650 – Lecture 4: DES 65

The End M = ABCDEF C = 85E813540F0AB405 Decryption is simply the inverse of encryption, following the same steps as above, but reversing the order in which the sub-keys are applied CS 450/650 – Lecture 4: DES 66

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.