1. Provides Confidentiality
DES Algorithm
Provides Confidentiality

2. Conventional Encryption Algorithms
Data Encryption Standard (DES)
The most widely used encryption scheme
The algorithm is reffered to the Data Encryption Algorithm (DEA)
DES is a block cipher
The plaintext is processed in 64-bit blocks
The key is 56-bits in length

3. Data Encryption Standard (DES)
The algorithm has 16 rounds. Each round has the following architecture:
Li and Ri are each 32-bit long strings

4. DES Concerns about: The overall processing at each iteration:
Li = Ri-1
Ri = Li F(Ri-1, Ki)
Concerns about:
The algorithm and the key length (56-bits)

7. X=IP(M)
Upper
Lower 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64

8. DES
Before any rounds, the plaintext bits are permuted using an initial permutation.
Hence, at the end of the 16 rounds the inverse permutation is applied.
The initial permutation is public knowledge

9. DES The key (J) length is 48 bits.
The 32-bit text argument (A) needs to be expanded to 48 bits.

10. DES: Expansion Function
Added
The 32-bits of R_i are permuted and 16 of them are repeated twice to obtain a 48 bit string.

11. DES Round Structure
column
Stallings Fig 3.9

12. DES: S Blocks.
S blocks takes in as input 6-bit arguments and outputs four bits.
This is the substitution part of the cipher.
Each S block has a different functionality as defined by the corresponding tables.

15. DES
After substitution, the function output is now 32 bits and it goes through a fixed permutation.
Thus we perform “confusion” and “diffusion” steps in each round.

16. DES: Key generation for each round
The parity bits are stripped away.
The bits are permuted by PC-1
LS_i represents cyclic shift by one position if i=1, 2, 9, or 16; otherwise shift by 2

17. Key Generation (Discard each 8th bit)
Discard these 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64

18. DES PC-2 converts 56 bits into 48 bits Permuted Choice Two (PC-21)
Permuted Choice One (PC-1)

19. DES
The overall effect is to pick at each round 48 of the 56 bits and permute the selected bits. Thus for each round one can perform a table look up to calculate K_i.

20. DES Decryption decrypt must unwind steps of data computation
with Feistel design, do encryption steps again
using subkeys in reverse order (SK16 … SK1)
note that IP undoes final FP step of encryption
1st round with SK16 undoes 16th encrypt round ….
16th round with SK1 undoes 1st encrypt round
then final FP undoes initial encryption IP
thus recovering original data value

21. Time to break a code (106 decryptions/µs)

22. Triple DEA
Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt)
C = ciphertext
P = Plaintext
EK[X] = encryption of X using key K
DK[Y] = decryption of Y using key K
Effective key length of 168 bits
C = EK3[DK2[EK1[P]]]

23. Triple DEA

24. Other Symmetric Block Ciphers
International Data Encryption Algorithm (IDEA)
128-bit key
Used in PGP
Blowfish
Easy to implement
High execution speed
Run in less than 5K of memory

25. Other Symmetric Block Ciphers
RC5
Suitable for hardware and software
Fast, simple
Adaptable to processors of different word lengths
Variable number of rounds
Variable-length key
Low memory requirement
High security
Data-dependent rotations
Cast-128
Key size from 40 to 128 bits
The round function differs from round to round

26. Cipher Block Modes of Operation
Cipher Block Chaining Mode (CBC)
The input to the encryption algorithm is the XOR of the current plaintext block and the preceding ciphertext block.
Repeating pattern of 64-bits are not exposed