Professional Documents
Culture Documents
5TH SEM
INFORMATION SECURITY(1030106503)
THEORY NOTES
Simplified DES :
Simplified Data Encryption Standard (S-DES) is equivalent to the DES algorithm. The
SDES encryption algorithm produces an 8-bit block of plaintext (example: 10111101) and a 10-
bit key as input and makes an 8-bit block of ciphertext as output. The S-DES decryption
algorithm takes an 8-bit block of ciphertext and the same 10-bit key can develop that ciphertext
as input and makes the initial 8-bit block of plain text.
Blo
ck
Cip
he
r
Pri
nci
ple
s:
Bloc
k
ciph
er
has
a
spe
cific
nu
mb
er of rounds and keys for generating ciphertext. For defining the complexity level of an
algorithm few design principles are to be considered.
These are explained as following below :
1.Number of Rounds –
The number of Rounds is regularly considered in design criteria, it just reflects the number
of rounds to be suitable for an algorithm to make it more complex, in DES we have 16
rounds ensuring it to be more secure while in AES we have 10 rounds which makes it more
secure.
2.Design of function F –
The core part of the Feistel Block cipher structure is the Round Function. The complexity of
cryptanalysis can be derived from the Round function i.e. the increasing level of complexity
for the round function would be greatly contributing to an increase in complexity.
To increase the complexity of the round function, the avalanche effect is also included in
the round function, as the change of a single bit in plain text would produce a mischievous
output due to the presence of avalanche effect.
3.Next, the initial permutation (IP) creates two halves of the permuted block, referred to as
Left Plain Text (LPT) and Right Plain Text (RPT).
4.Each LPT and RPT goes through 16 rounds of the encryption process.
5.Finally, the LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the
newly combined block.
The encryption process step (step 4, above) is further broken down into five stages:
1.Key transformation(Generation)
2.Expansion permutation
3.S-Box permutation
4.P-Box permutation
5.XOR and swap
Theoverallprocessingateachroundcanbesummarizedas:
𝐿i=𝐿i−1
𝐿i=𝐿i−1⊕𝐿(𝐿i−1,𝐿i)
There are multiple steps involved in the steps for data encryption. They are:
1.Permutate the 64-bits in the plain text and divide them into two equal halves.
3.Apply XOR operation in between expanded right plain text and the compressed key of 48-
bit size.
4.The resultant output is sent to the further step known as S-box substitution.
5.Now apply the XOR function to the output and the left plain text and store it in the right
plain text.
6.Store the initial right plain text in the left plain text.
7.Both the LPT and RPT halves are forwarded to the next rounds for further operations.
8.At the end of the last round, swap the data in the LPT and RPT.
9.In the last step, apply the inverse permutation step to get the cipher text.
KeyGeneration
A64-
bitkeyisusedasinputtothealgorithmwhileonly56bitsareactuallyused.Everyeighthbitisignored.
Sub-keysat eachroundare generatedasgivenbelow:
o ThekeyisfirstpermutedusingatablenamedPermutedChoiceOne.
o Theresulting56-bitkeyisdividedintotwo28-bitquantities,C0andD0.Ateachround,Ci-1andDi-
1are separately subjectedtoa circularleftshiftof1or2bits,as governedbyatable.
oTheseshiftedvaluesareforwardedtothenextround.Theyarealsoinputtoapermutationtable-
PermutedChoiceTwo.
o Thetableproducesa48-bitoutputthatservesastheroundkeyki.
Expansion(E)
The32-bitinputisfirstexpandedto48bits.
Bitsofinputaresplitinto groupsof4 bits.
Eachgroupiswrittenasgroupsof6bitsbytakingtheouterbitsfromthe adjacent group.
For example:
... efghijklmnop... isexpandedto
...defghihijklmlnopq…
Theresulting48bitsareXORedwithKi.
Substitution(S-Box)
This48-bitresultisinputto S-Boxesthatperformasubstitutiononinputandproducesa32-bit output.
DESconsistsofasetofeightS-boxes.
Decryption:
For decryption, we use the same algorithm, and we reverse the order of the 16 round keys.
The steps involved in the steps for data decryption are:
1. The order of the 16 48-bit keys is reversed such that key 16 becomes key 1, and so on.
2. The steps for encryption are applied to the cipher text.
56 bit key can be frequently used in encryption. There are 256 possible keys. A
brute force attack on such number of keys is impossible.
A machine implementing one DES encryption per microsecond would take more
than thousands of years to divide the cipher.
2. The nature of algorithm:
Crypt analyst can perform cryptanalysis by exploiting the characteristic of DES
algorithm but no one has succeeded in finding out the weakness.
3. Timing Attacks:
1. ElectronicCode bookmode(ECB)
Electronic code book is the easiest block cipher mode of functioning. It is easier
because of direct encryption of each block of input plaintext and output is in
form of blocks of encrypted ciphertext. Generally, if a message is larger than
bbits in size, it can be broken down into a bunch of blocks and the procedure is
repeated.
Procedure of ECB is illustrated below:
Cipher block chaining or CBC is an advancement made on ECB since ECB compromises
some security requirements. In CBC, the previous cipher block is given as input to the next
encryption algorithm after XOR with the original plaintext block. In a nutshell here, a cipher
block is produced by encrypting an XOR output of the previous cipher block and present
plaintext block.
The process is illustrated here:
Advantages of CBC –
Disadvantages of CBC –
cipher.
Advantages of CFB –
Since, there is some data loss due to the use of shift register, thus it is difficult for
applying cryptanalysis.
The output feedback mode follows nearly the same process as the Cipher Feedback
mode except that it sends the encrypted output as feedback instead of the actual cipher
which is XOR output. In this output feedback mode, all bits of the block are sent instead of
sending selected sbits. The Output Feedback mode of block cipher holds great resistance
towards bit transmission errors. It also decreases the dependency or relationship of the
cipher on the plaintext.
Advantages of OFB –
In the case of CFB, a single bit error in a block is propagated to all subsequent
blocks. This problem is solved by OFB as it is free from bit errors in the plaintext
block.
5. Counter Mode –
Advantages of Counter –
Since there is a different counter value for each block, the direct plaintext and
ciphertext relationship is avoided. This means that the same plain text can map to
different ciphertext.
Parallel execution of encryption is possible as outputs from previous stages are not