University of Palestine: Information Security and Risk Management Chapter 3 P1

UNIVERSITY OF PALESTINE
INFORMATION SECURITY
AND RISK MANAGEMENT
CHAPTER 3 p1
A. JAMIL ALAGHA
SYMMETRIC ENCRYPTION
Data Encryption Standard

DES
IT Security and risk management, Jamil Alagha, Univ. of

Palestine, 2020
Symmetric-key cryptography

Palestine, 2020
SYMMETRIC ENCRYPTION
Advantages:
• Simple
• Faster
Disadvantages:
• Key must exchanges in secure way
• Easy for hacker to get a key as it is passed in unsecure way.

Palestine, 2020
DATA ENCRYPTION
STANDARD (DES)
• most widely used block cipher in world
• adopted in 1977 by NBS (now NIST : National Institute of
Standards and Technology)
• as FIPS PUB 46 (FEDERAL INFORMATION PROCESSING
STANDARDS PUBLICATION DATA ENCRYPTION)
• encrypts 64-bit data using 56-bit key
• has widespread use

Palestine, 2020
DES HISTORY
IBM developed Lucifer cipher
• by team led by Feistel
• used 64-bit data blocks with extend key to 128-bit key
then redeveloped as a commercial cipher with input from

NSA and others
in 1973 NBS issued request for proposals for a national

cipher standard
IBM submitted their revised Lucifer which was eventually

accepted as the DES
Palestine, 2020
BLOCK VS. STREAM
CIPHERS
block ciphers process messages into blocks, each of which
is then en/decrypted
like a substitution on very big characters
• 64-bits or more
stream ciphers process messages a bit or byte at a time

when en/decrypting
many current ciphers are block ciphers

Palestine, 2020
DATA ENCRYPTION STANDARD (DES)
Block Ciphers

Palestine, 2020
CONFUSION AND
DIFFUSION
by Claude Shannon
more practically Shannon suggested combining elements to

obtain:
Confusion – makes relationship between ciphertext and key

as complex as possible
Diffusion – dissipates statistical structure of plaintext over

bulk of ciphertext

Palestine, 2020
DIFFUSION AND
CONFUSION
Why CONFUSION and DIFFUSION ? to thwart cryptanalysis
based on statistical analysis
• Assume the attacker has some knowledge of the statistical

characteristics of the plaintext
cipher needs to completely obscure statistical properties of

original message

Palestine, 2020
DES ENCRYPTION

Palestine, 2020
DES DECRYPTION
1. decrypt must unwind steps of data computation
2. so with Feistel design, do encryption steps again
3. using subkeys in reverse order (SK16 … to … SK1)
4. note that IP undoes final FP step of encryption
5. 1st round with SK16 undoes 16th encrypt round
6. 16th round with SK1 undoes 1st encrypt round
7. then final FP undoes initial encryption IP
8. thus recovering original data value

Palestine, 2020
DES DECRYPTION
(REVERSE ENCRYPTION)

Palestine, 2020
AVALANCHE EFFECT
key desirable property of encryption algorithm
where a change of one input or key bit results in changing

approx. half output bits
so DES exhibits strong avalanche of privacy and protection

of data

Palestine, 2020
STRENGTH OF DES –
KEY SIZE
56-bit keys have 256 = 7.2 x 1016 values of key
brute force search looks hard
recent advances have shown is possible
• in 1997 on Internet in a few months
• in 1998 on dedicated hardware (EFF) in a few days
• in 1999 above combined in 22hrs!

Palestine, 2020
STRENGTH OF DES –
KEY SIZE
Time required if PC works at 109 decryptions/s,
then 256 ns = 1.125 years.
Time required if PC works at 1013 decryptions/s,
then 1 hour.
still must be able to recognize plaintext
now considering alternatives to DES

Palestine, 2020
STRENGTH OF DES
– TIMING ATTACKS
attacks actual implementation of cipher
use knowledge of consequences of implementation to derive

knowledge of some/all subkey bits
specifically use fact that calculations can take varying times

depending on the value of the inputs to it

Palestine, 2020
STRENGTH OF DES –
ANALYTIC ATTACKS
now have several analytic attacks on DES
these utilise some deep structure of the

cipher
• by gathering information about encryptions
• can eventually recover some/all of the sub-key bits
• if necessary then exhaustively search for the rest

Palestine, 2020
STRENGTH OF DES –
ANALYTIC ATTACKS
generally these are statistical attacks
include
• differential cryptanalysis
• linear cryptanalysis
• related key attacks

Palestine, 2020

University of Palestine: Information Security and Risk Management Chapter 3 P1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

University of Palestine: Information Security and Risk Management Chapter 3 P1

Uploaded by

Copyright:

Available Formats

UNIVERSITY OF PALESTINE

Data Encryption Standard

IT Security and risk management, Jamil Alagha, Univ. of

IT Security and risk management, Jamil Alagha, Univ. of

IT Security and risk management, Jamil Alagha, Univ. of

• adopted in 1977 by NBS (now NIST : National Institute of

Standards and Technology)

• as FIPS PUB 46 (FEDERAL INFORMATION PROCESSING

STANDARDS PUBLICATION DATA ENCRYPTION)

• encrypts 64-bit data using 56-bit key

• has widespread use

• by team led by Feistel

• used 64-bit data blocks with extend key to 128-bit key

then redeveloped as a commercial cipher with input from

in 1973 NBS issued request for proposals for a national

IBM submitted their revised Lucifer which was eventually

like a substitution on very big characters

stream ciphers process messages a bit or byte at a time

many current ciphers are block ciphers

IT Security and risk management, Jamil Alagha, Univ. of

IT Security and risk management, Jamil Alagha, Univ. of

more practically Shannon suggested combining elements to

Confusion – makes relationship between ciphertext and key

Diffusion – dissipates statistical structure of plaintext over

IT Security and risk management, Jamil Alagha, Univ. of

• Assume the attacker has some knowledge of the statistical

cipher needs to completely obscure statistical properties of

IT Security and risk management, Jamil Alagha, Univ. of

IT Security and risk management, Jamil Alagha, Univ. of

2. so with Feistel design, do encryption steps again

3. using subkeys in reverse order (SK16 … to … SK1)

4. note that IP undoes final FP step of encryption

5. 1st round with SK16 undoes 16th encrypt round

6. 16th round with SK1 undoes 1st encrypt round

7. then final FP undoes initial encryption IP

8. thus recovering original data value

IT Security and risk management, Jamil Alagha, Univ. of

IT Security and risk management, Jamil Alagha, Univ. of

key desirable property of encryption algorithm

where a change of one input or key bit results in changing

so DES exhibits strong avalanche of privacy and protection

IT Security and risk management, Jamil Alagha, Univ. of

brute force search looks hard

recent advances have shown is possible

• in 1997 on Internet in a few months

• in 1998 on dedicated hardware (EFF) in a few days

• in 1999 above combined in 22hrs!

IT Security and risk management, Jamil Alagha, Univ. of

then 256 ns = 1.125 years.

Time required if PC works at 1013 decryptions/s,

still must be able to recognize plaintext

now considering alternatives to DES

IT Security and risk management, Jamil Alagha, Univ. of

use knowledge of consequences of implementation to derive

specifically use fact that calculations can take varying times

IT Security and risk management, Jamil Alagha, Univ. of

now have several analytic attacks on DES

these utilise some deep structure of the

• by gathering information about encryptions

• can eventually recover some/all of the sub-key bits

• if necessary then exhaustively search for the rest

IT Security and risk management, Jamil Alagha, Univ. of

generally these are statistical attacks