Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module :MA3036NI Symmetric Encryption -4 Lecture Week 5.

Published byOliver Atkinson Modified over 8 years ago

Similar presentations

Presentation on theme: "Module :MA3036NI Symmetric Encryption -4 Lecture Week 5."— Presentation transcript:

1 Module :MA3036NI Symmetric Encryption -4 Lecture Week 5

2 Question. Encrypt the Hexadecimal word “CA” using Key 1010011101 using the techniques of S-DES.

3 3 Overview Feistel Cipher Structure Data Encryption Standard(DES) – History – Encryption – Round Structure – Key Schedule – Decryption – Avalanche effect – Strengths AES (demo)

4 4 Feistel Cipher Structure Horst Feistel devised the feistel cipher – based on concept of invertible product cipher Partitions input block into two halves – process through multiple rounds which – perform a substitution on left data half – based on round function of right half & sub key – then have permutation swapping halves Implements Shannon ’ s substitution-permutation network concept

5 5 Feistel Cipher Structure

6 6 Feistel Cipher Design Principles Block size – increasing size improves security, but slows cipher Key size – increasing size improves security, makes exhaustive key searching harder, but may slow cipher Number of rounds – increasing number improves security, but slows cipher Sub key generation – greater complexity can make analysis harder, but slows cipher Round function – greater complexity can make analysis harder, but slows cipher Fast software en/decryption & ease of analysis – are more recent concerns for practical use and testing

7 7 Data Encryption Standard (DES) Most widely used block cipher in world Adopted in 1977 by NBS (National Bureau of Standards), now NIST (National Institute of Standard and Technology) – as FIPS PUB 46 Encrypts 64-bit data using 56-bit key Has widespread use Has been considerable controversy over its security

8 8 DES History IBM developed Lucifer cipher – by team led by Feistel – used 64-bit data blocks with 128-bit key Then redeveloped as a commercial cipher with input from NSA (National Security Agency) and others In 1973 NBS issued request for proposals for a national cipher standard IBM submitted their revised Lucifer which was eventually accepted as the DES

9 9 DES Design Controversy DES standard is public However, there was considerable controversy over design – in choice of 56-bit key (vs. Lucifer 128-bit) – and because S -boxes design criteria were classified (hidden) Subsequent events and public analysis show in fact design was appropriate DES has become widely used, especially in financial applications

10 10 DES Encryption

11 11 Initial Permutation IP First step of the data computation IP reorders the input data bits Even bits to LH half, odd bits to RH half Quite regular in structure

12 12 DES Round Structure Uses two 32-bit L & R halves As for any Feistel cipher can describe as: L i = R i – 1 R i = L i – 1 xor F(R i – 1, K i ) Takes 32-bit R half and 48-bit sub key and: – expands R to 48-bits using perm E – adds to sub key – passes through 8 S-boxes to get 32-bit result – finally permutes this using 32-bit perm P

13 13 DES Round Structure (cont)

14 14 Substitution Boxes S Have 8 S-boxes which map 6 to 4 bits Each S-box is actually 4 little 4 bit boxes – outer bits 1 & 6 (row bits) select one rows – inner bits 2-5 (column bits) are substituted – result is 8 lots of 4 bits, or 32 bits Row selection depends on both data & key – feature known as autoclaving (auto keying)

15 15 DES Key Schedule Forms sub keys used in each round Consists of: – initial permutation of the key (PC1) which selects 56-bits in two 28-bit halves – 16 stages consisting of: selecting 24-bits from each half permuting them by PC2 for use in function f, rotating each half separately either 1 or 2 places depending on the key rotation schedule K

16 16 DES Decryption Decrypt must unwind steps of data computation With Feistel design, do encryption steps again Using sub keys in reverse order (SK16 … SK1) Note that IP undoes final FP step of encryption 1st round with SK16 undoes 16th encrypt round …. 16th round with SK1 undoes 1st encrypt round Then final FP undoes initial encryption IP Thus recovering original data value

17 17 Avalanche Effect Where a change of one input or key bit results in changing approx half output bits DES exhibits strong avalanche

18 18 Strength of DES – Key Size 56-bit keys have 2 56 = 7.2 x 10 16 values Brute force search looks hard Recent advances have shown is possible – in 1997 on Internet in a few months – in 1998 on dedicated h/w in a few days – in 1999 above combined in 22hrs Still must be able to recognize plaintext Now considering alternatives to DES

19 19 Strength of DES – Timing Attacks A timing attack is one in which information about the key or plaintext is obtained by observing how long it takes a given implementation to perform decryptions on various cipher texts. Its so far unlikely that this technique will ever be successful against DES.

20 20 Strength of DES – Analytic Attacks Now have several analytic attacks on DES These utilise some deep structure of the cipher – by gathering information about encryptions – can eventually recover some/all of the sub-key bits – if necessary then exhaustively search for the rest Generally these are statistical attacks Include – differential cryptanalysis – linear cryptanalysis – related key attacks

21 21 Advanced Encryption Standard "It is very simple. But if you don't know what the key is it's virtually indecipherable." — Ruth Rendell

22 22 Origins Clear a replacement for DES was needed – have theoretical attacks that can break it – have demonstrated exhaustive key search attacks Can use Triple-DES – but slow with small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were shortlisted in Aug-99 Rijndael was selected as the AES in Oct-2000 Issued as standard in Nov-2001

23 23 AES Requirements Private key symmetric block cipher 128-bit data, 128/192/256-bit keys Stronger & faster than Triple-DES

24 24 The AES Cipher - Rijndael Designed by Rijmen-Daemen in Belgium Has 128/192/256 bit keys, 128 bit data An iterative rather than feistel cipher – treats data in 4 groups of 4 bytes – operates an entire block in every round Designed to be: – resistant against known attacks – speed and code compactness on many CPUs – design simplicity

25 25 Rijndael AES Cipher Processes data as 4 groups of 4 bytes (state) Has 9/11/13 rounds in which state undergoes: – byte substitution (1 S-box used on every byte) – shift rows (permute bytes between groups/columns) – mix columns (subs using matrix multiply of groups) – add round key (XOR state with key material) Initial XOR key material & incomplete last round All operations can be combined into XOR and table lookups - hence very fast & efficient

26 26 Demo http://www.cs.bc.edu/~straubin/cs381- 05/blockciphers/rijndael_ingles2004.swf http://www.cs.bc.edu/~straubin/cs381- 05/blockciphers/rijndael_ingles2004.swf

27 27 Relationship between S-DES and DES DES operates on 64-bit of input A 56-bit key is used, from which 16 48-bit sub keys are calculated There is IP of 56 bits, followed by a sequence of shifts and permutations of 48 bits

28 28 Relationship between S-DES and DES (cont) Encryption Algorithm – Mapping F acts on 32 bits (n 1 n 2 … n 32 ) – After the Expansion/Permutation, the output of 48 bits is

29 29 Relationship between S-DES and DES (cont) Encryption Algorithm (cont...) – This matrix is added (XOR) to a 48-bit sub key – There are 8 rows corresponding to 8 S-boxes – Each S-box has 4 rows and 16 columns – The 1 st and last bit of a row of the preceding matrix pick out a row of an S-box – The middle 4 bits pick out a column

Download ppt "Module :MA3036NI Symmetric Encryption -4 Lecture Week 5."

Similar presentations

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5

Cryptography and Network Security Chapter 5
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Chapter 3 Block Ciphers and the Data Encryption Standard

Chapter 3 Block Ciphers and the Data Encryption Standard
Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Modified by Richard Newman.

Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Modified by Richard Newman.
Cryptography and Network Security

Cryptography and Network Security
Symmetric Encryption Algorithms CS-480b Dick Steflik Text – Network Security Essentials – Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik.

Symmetric Encryption Algorithms CS-480b Dick Steflik Text – Network Security Essentials – Wm. Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik.
Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.

Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.
AES clear a replacement for DES was needed

AES clear a replacement for DES was needed
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.

Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.
Cryptography and Network Security Chapter 3. Chapter 3 – Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's.

Cryptography and Network Security Chapter 3. Chapter 3 – Block Ciphers and the Data Encryption Standard All the afternoon Mungo had been working on Stern's.
CSCE 790G: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790G: Computer Network Security Chin-Tser Huang University of South Carolina.
Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) - 2007 Jordan’s Campus.

Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
Chapter 3 – Block Ciphers and the Data Encryption Standard

Chapter 3 – Block Ciphers and the Data Encryption Standard

Similar presentations

Ads by Google