Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 4 Overview. Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion.

Published byMervyn Underwood Modified over 8 years ago

Similar presentations

Presentation on theme: "Lecture 4 Overview. Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion."— Presentation transcript:

1 Lecture 4 Overview

2 Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion Product cipher – Two weak but complementary ciphers can be made more secure by being applied together CS 450/650 – Lecture 4: DES 2

3 Types of Permutations CS 450/650 Fundamentals of Integrated Computer Security 3 Pattern of Expansion Permutation

4 A High Level Description of DES CS 450/650 – Lecture 4: DES 4 Input - P 16 Cycles Output - C Key IP Inverse IP

5 A Cycle in DES CS 450/650 – Lecture 4: DES 5 Right halfLeft half Key shifted And Permuted New R-halfNew L-half f

6 K 64 bits PC-1 K+ 56 bits C0 28 bitsD0 28 bits C1 28 bits D1 28 bits C2 28 bits D2 28 bits C16 28 bits D16 28 bits PC-2 K1 48 bitsK2 48 bitsK16 48 bits Shift Key Summary CS 450/650 – Lecture 4: DES 6

7 32 bits Kn 48 bits E E(Rn-1) 48 bits E(Rn-1)+Kn 48 bits S Boxes P f CS 450/650 – Lecture 4: DES 7

8 The Calculation of the function f 1 - Expand R n-1  E(R n-1 ) 2- XOR  K n + E(R n-1 ) = B 1 B 2 B 3 B 4 B 5 B 6 B 7 B 8 3- Substitution S-Boxes  S 1 (B 1 )S 2 (B 2 )S 3 (B 3 )S 4 (B 4 )S 5 (B 5 )S 6 (B 6 )S 7 (B 7 )S 8 (B 8 ) 4- P permutation  f = P(S 1 (B 1 )S 2 (B 2 )...S 8 (B 8 )) 8 CS 450/650 – Lecture 4: DES

9 M 64 bits I-P L0 32 bitsR0 32 bits IP 64 bits f L1 32 bitsR1 32 bits K1 48 bits Cycle 1 CS 450/650 – Lecture 4: DES 9

10 L15 32 bitsR15 32 bits f L16 32 bitsR16 32 bits K16 48 bits IP -1 C 64 bits L16 32 bitsR16 32 bits Cycle 16 CS 450/650 – Lecture 4: DES 10

11 DES CS 450/650 – Lecture 4: DES 11

12 Design of the Algorithm key elements of the algorithm design were "sensitive" and would not be made public – the rationale behind transformations by the S- boxes, the P-boxes, and the key changes trapdoors? – Congressional inquiry design flaw would be discovered by a cryptanalyst – to date, no serious flaws have been published CS 450/650 – Lecture 4: DES 12

13 Does DES Work? Differential Cryptanalysis Idea – Use two plaintext that barely differ – Study the difference in the corresponding cipher text – Collect the keys that could accomplish the change – Repeat Diffie and Hellman then outlined a "brute force" attack on DES – try as many of the 2 56 possible keys CS 450/650 – Lecture 4: DES 13

14 Triple DES Triple-DES is just DES with two 56-bit keys applied. Given a plaintext message, the first key is used to DES- encrypt the message. The second key is used to DES-decrypt the encrypted message. – Since the second key is not the right key, this decryption just scrambles the data further. The twice-scrambled message is then encrypted again with the first key to yield the final ciphertext. This three-step procedure is called triple-DES. CS 450/650 – Lecture 4: DES 14

15 Lecture 6 Advanced Encryption Standard (AES) CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini

16 The Birth of AES By mid 1990s, virtually all cryptologists agreed that DES needed to be replaced NIST abandoned the official endorsement of DES in 1997 and began work on a replacement – to be called the Advanced Encryption Standard Despite concerns about its vulnerability – DES is still widely used by worldwide to protect sensitive on-line applications CS 450/650 Lecture 6: AES 16

17 The minimum requirements A symmetric-key cryptosystem A block cipher Capable of supporting a block size of 128 bits Capable of supporting key length of 128, 192, and 256 bits Available on a worldwide, non-exclusive, royalty-free basis CS 450/650 Lecture 6: AES 17

18 Criteria for Evaluation Security – Soundness of the mathematical basis for an algorithm’s claimed strength – Research community search for flaws Computational Efficiency Memory Requirements Flexibility Simplicity CS 450/650 Lecture 6: AES 18

19 Advanced Encryption Standard NIST chose 15 algorithms for evaluation in the first round – 9 of them were descendants of DES 5 made it to the second round Rijndael (Rine dahl) – by Vincent Rijmen & Joam Daemen – selected based on efficiency and implementation – In 2001, it was formally adopted by US CS 450/650 Lecture 6: AES 19

20 AES (cont) 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different (10 th, 12 th, 14 th ) Each regular round consists of 4 steps – Byte substitution (BSB) – Shift row (SR) – Mix column (MC) – Add Round key (ARK) CS 450/650 Lecture 6: AES 20

21 AES Overview Plaintext (128)ARKSubkey 0 Ciphertext (128)ARKSubkey 10 SR BSB 9 rounds CS 450/650 Lecture 6: AES 21

22 Round i operations Subkey i CS 450/650 Lecture 6: AES 22 128-bit substitution boxes transposition step of circular shift Left shift and XOR of bits portion of key is XORed confusion diffusion and confusion confusion

23 State b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15 128-bit block  4 x 4 matrix 128 bits  16 bytes  b0, b1, b2,.., b15 CS 450/650 Lecture 6: AES 23 S 0,0 S 0,1

24 Key k0k4k8k12 k1k5k9k13 k2k6k10k14 k3k7k11k15 128-bit key  4 x 4 matrix 128 bits  16 bytes  k0, k1, k2,.., k15 CS 450/650 Lecture 6: AES 24

25 Four Operations 1.Byte Substitution – predefined substitution table s[i,j]  s’[i,j] 2.Shift Row – left circular shift 3.Mix Columns – 4 elements in each column are multiplied by a polynomial 4.Add Round Key – Key is derived and added to each column CS 450/650 Lecture 6: AES 25

26 Substitution table 26 CS 450/650 Lecture 6: AES

27 Exercise Using the table, find the substitution of 6b, ff, 6e, 09 7f, 16, 9f, 01 CS 450/650 Lecture 6: AES 27

28 Shift Row (128-bit) b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15 b0b4b8b12 b5b9b13b1 b10b14b2b6 b15b3b7b11 CS 450/650 Lecture 6: AES 28

29 Byte as a Polynomial One byte  8 bits  B7, B6, B5, B4, B3, B2, B1, B0 B7x7 + B6 x6 + B5 x5 + B4 x4 + B3 x3 + B2 x2 + B1 x1 + B0 Example: E5 (hex) = 1110 0101 (binary) = x7 + x6 + x5 + x2 + 1 (poly) CS 450/650 Lecture 6: AES 29

30 Mix Column 2311 1231 1123 3112 S 0,i S 1,i S 2,I S 3,i S’ 0,I S’ 1,I S’ 2,I S’ 3,i = * Multiplying by 1  no change Multiplying by 2  shift left one bit Multiplying by 3  shift left one bit and XOR with original value More than 8 bits  100011011 is subtracted CS 450/650 Lecture 6: AES 30

31 Exercise CS 450/650 Lecture 6: AES 31 2311 1231 1123 3112 e5 a8 6f 33 S’ 0,I S’ 1,I S’ 2,I S’ 3,i = * 6e 2c c6 95

32 Add Key b0b4b8b12 b1b5b9b13 b2b6b10b14 b3b7b11b15 k0k4k8k12 k1k5k9k13 k2k6k10k14 k3k7k11k15 b’ x bxbx kxkx = XOR CS 450/650 Lecture 6: AES 32

33 Example k = 1f 34 0c da 5a 29 bb 71 6e a3 90 f1 47 d6 8b 12 B = e5 a8 6f 33 0a 52 31 9c c2 75 f8 1e b0 46 de 3a B’ = fa 9c 63 9e 50 7b 8a ed ac d6 68 ef f7 90 55 28 CS 450/650 Lecture 6: AES 33

34 Key Generation 4 bytes Circular left shift 1byte S-box XOR Round constant CS 450/650 Lecture 6: AES 34

35 Round Constant Table RoundRound Constant (hex) 101 00 00 00 202 00 00 00 304 00 00 00 408 00 00 00 510 00 00 00 620 00 00 00 740 00 00 00 880 00 00 00 91b 00 00 00 Final36 00 00 00 CS 450/650 Lecture 6: AES 35

36 DES vs AES DESAES Date19761999 Block size64 bits128 bits Key length56 bits128, 192, 256, … bits Encryption primitivesSubstitution and permutationSubstitution, shift, bit mixing Cryptographic primitivesConfusion and diffusion DesignOpen Design rationaleClosedOpen Selection processSecretSecret (accepted public comment) SourceIBM, enhanced by NSABelgian cryptographers 36 CS 450/650 Lecture 6: AES

Download ppt "Lecture 4 Overview. Data Encryption Standard Combination of substitution and transposition – Repeated for 16 cycles – Provides confusion and diffusion."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.
Chapter 3  Symmetric Key Cryptosystems 1 Overview  Modern symmetric-key cryptosystems o Data Encryption Standard (DES)  Adopted in 1976  Block size.

Chapter 3  Symmetric Key Cryptosystems 1 Overview  Modern symmetric-key cryptosystems o Data Encryption Standard (DES)  Adopted in 1976  Block size.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5

Cryptography and Network Security Chapter 5
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
The Advanced Encryption Standard (AES) Simplified.

The Advanced Encryption Standard (AES) Simplified.
Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)

Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)
Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)

Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)
Data Encryption Standard (DES)

Data Encryption Standard (DES)
Cryptography and Network Security

Cryptography and Network Security
Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.

Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.
AES clear a replacement for DES was needed

AES clear a replacement for DES was needed
Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.

Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption

Similar presentations

Ads by Google