Scribd Logo
Upload

Welcome to Scribd!

  • Is CH4

    Uploaded by

    Dhruv Sojitra
    11 views13 pages
    The document discusses block ciphers and the Data Encryption Standard (DES). It provides details on the simplified DES (S-DES) algorithm and its encryption and decryption process. The key steps in DES encryption are initial permutation of the plaintext, division into left and right blocks, 16 rounds of encryption involving expansion, substitution and permutation, and final permutation to generate the ciphertext. DES decryption uses the same algorithm with the round keys applied in reverse order. The strength of DES comes from its 56-bit key size and resistance to cryptanalysis of its algorithm characteristics despite advances in computing power over time.

    Original Description:

    Original Title

    IS CH4

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses block ciphers and the Data Encryption Standard (DES). It provides details on the simplified DES (S-DES) algorithm and its encryption and decryption process. The key steps in DES encryption are initial permutation of the plaintext, division into left and right blocks, 16 rounds of encryption involving expansion, substitution and permutation, and final permutation to generate the ciphertext. DES decryption uses the same algorithm with the round keys applied in reverse order. The strength of DES comes from its 56-bit key size and resistance to cryptanalysis of its algorithm characteristics despite advances in computing power over time.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views13 pages

    Is CH4

    Uploaded by

    Dhruv Sojitra
    The document discusses block ciphers and the Data Encryption Standard (DES). It provides details on the simplified DES (S-DES) algorithm and its encryption and decryption process. The key steps in DES encryption are initial permutation of the plaintext, division into left and right blocks, 16 rounds of encryption involving expansion, substitution and permutation, and final permutation to generate the ciphertext. DES decryption uses the same algorithm with the round keys applied in reverse order. The strength of DES comes from its 56-bit key size and resistance to cryptanalysis of its algorithm characteristics despite advances in computing power over time.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 13

    INFORMATION SECURITY 1030106503

    5TH SEM
    INFORMATION SECURITY(1030106503)
    THEORY NOTES

    UNIT – 4 Block Ciphers and Data Encryption Standard

    Simplified DES :
    Simplified Data Encryption Standard (S-DES) is equivalent to the DES algorithm. The
    SDES encryption algorithm produces an 8-bit block of plaintext (example: 10111101) and a 10-
    bit key as input and makes an 8-bit block of ciphertext as output. The S-DES decryption
    algorithm takes an 8-bit block of ciphertext and the same 10-bit key can develop that ciphertext
    as input and makes the initial 8-bit block of plain text.

    Blo
    ck
    Cip
    he
    r
    Pri
    nci
    ple
    s:

    Bloc
    k
    ciph
    er
    has
    a
    spe
    cific
    nu
    mb

    NOTES BY: HETA DESAI Page 1


    INFORMATION SECURITY 1030106503

    er of rounds and keys for generating ciphertext. For defining the complexity level of an
    algorithm few design principles are to be considered.
    These are explained as following below :

    1.Number of Rounds –
    The number of Rounds is regularly considered in design criteria, it just reflects the number
    of rounds to be suitable for an algorithm to make it more complex, in DES we have 16
    rounds ensuring it to be more secure while in AES we have 10 rounds which makes it more
    secure.
    2.Design of function F –
    The core part of the Feistel Block cipher structure is the Round Function. The complexity of
    cryptanalysis can be derived from the Round function i.e. the increasing level of complexity
    for the round function would be greatly contributing to an increase in complexity.
    To increase the complexity of the round function, the avalanche effect is also included in
    the round function, as the change of a single bit in plain text would produce a mischievous
    output due to the presence of avalanche effect.

    3.Key schedule algorithm –


    In Feistel Block cipher structure, each round would generate a sub-key for increasing the
    complexity of cryptanalysis. The Avalanche effect makes it more complex in deriving sub-
    key. Decryption must be done very carefully to get the actual output as the avalanche effect
    is present in it.

    NOTES BY: HETA DESAI Page 2


    INFORMATION SECURITY 1030106503

    The Data Encryption Standard :


     SDESencrypts64-bitblocksusinga56-bitkey andproducesa64-bitciphertext.
     Samesteps,withthesamekey,areusedtoreversetheencryptionwith
    theorderofthekeysreversed.
     TheDESiswidelyused.
    Encryption:
    TheDESencryptionis showninthefigurebelow:

    The algorithm process breaks down into the following steps:


    1.The process begins with the 64-bit plain text block getting handed over to an initial
    permutation (IP) function.

    2.The initial permutation (IP) is then performed on the plain text.

    NOTES BY: HETA DESAI Page 3


    INFORMATION SECURITY 1030106503

    3.Next, the initial permutation (IP) creates two halves of the permuted block, referred to as
    Left Plain Text (LPT) and Right Plain Text (RPT).

    4.Each LPT and RPT goes through 16 rounds of the encryption process.

    5.Finally, the LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the
    newly combined block.

    6.The result of this process produces the desired 64-bit ciphertext.

    The encryption process step (step 4, above) is further broken down into five stages:
    1.Key transformation(Generation)
    2.Expansion permutation
    3.S-Box permutation
    4.P-Box permutation
    5.XOR and swap

    Theoverallprocessingateachroundcanbesummarizedas:
    𝐿i=𝐿i−1
    𝐿i=𝐿i−1⊕𝐿(𝐿i−1,𝐿i)
    There are multiple steps involved in the steps for data encryption. They are:
    1.Permutate the 64-bits in the plain text and divide them into two equal halves.

    NOTES BY: HETA DESAI Page 4


    INFORMATION SECURITY 1030106503

    2.These 32-bit chunks of data will undergo multiple rounds of operations.

    3.Apply XOR operation in between expanded right plain text and the compressed key of 48-
    bit size.

    4.The resultant output is sent to the further step known as S-box substitution.

    5.Now apply the XOR function to the output and the left plain text and store it in the right
    plain text.

    6.Store the initial right plain text in the left plain text.

    7.Both the LPT and RPT halves are forwarded to the next rounds for further operations.

    8.At the end of the last round, swap the data in the LPT and RPT.

    9.In the last step, apply the inverse permutation step to get the cipher text.

    KeyGeneration
    A64-
    bitkeyisusedasinputtothealgorithmwhileonly56bitsareactuallyused.Everyeighthbitisignored.
    Sub-keysat eachroundare generatedasgivenbelow:
    o ThekeyisfirstpermutedusingatablenamedPermutedChoiceOne.
    o Theresulting56-bitkeyisdividedintotwo28-bitquantities,C0andD0.Ateachround,Ci-1andDi-
    1are separately subjectedtoa circularleftshiftof1or2bits,as governedbyatable.

    oTheseshiftedvaluesareforwardedtothenextround.Theyarealsoinputtoapermutationtable-
    PermutedChoiceTwo.
    o Thetableproducesa48-bitoutputthatservesastheroundkeyki.

    Expansion(E)
    The32-bitinputisfirstexpandedto48bits.
     Bitsofinputaresplitinto groupsof4 bits.
     Eachgroupiswrittenasgroupsof6bitsbytakingtheouterbitsfromthe adjacent group.
     For example:
    ... efghijklmnop... isexpandedto
    ...defghihijklmlnopq…
    Theresulting48bitsareXORedwithKi.

    Substitution(S-Box)
    This48-bitresultisinputto S-Boxesthatperformasubstitutiononinputandproducesa32-bit output.
     DESconsistsofasetofeightS-boxes.

    NOTES BY: HETA DESAI Page 5


    INFORMATION SECURITY 1030106503

     EachS-Boxtakes6 bitsasinput andproduces4 bitsasoutput.


     Thefirstandlastbitsoftheinputtoboxforma2-
    bitbinarynumberwhichgivesthebinaryvalueofrownumber.
     Themiddlefourbitsselectoneofthesixteencolumns.
     Thedecimalvalueinthecellselectedbytherowandcolumnisthenconvertedtoits4-
    bitbinarynumbertoproduce theoutput.
     Forexample,inS1,forinput101110,therowis10(row2)andthecolumnis0111(column7).Theval
    ueinrow2,column7is11, sotheoutput is1011.

    Decryption:
    For decryption, we use the same algorithm, and we reverse the order of the 16 round keys.
    The steps involved in the steps for data decryption are:

    1. The order of the 16 48-bit keys is reversed such that key 16 becomes key 1, and so on.
    2. The steps for encryption are applied to the cipher text.

    NOTES BY: HETA DESAI Page 6


    INFORMATION SECURITY 1030106503

    The Strength of DES :

    The strength of DES is as follows −


    1. Use of 56 bit keys:

     56 bit key can be frequently used in encryption. There are 256 possible keys. A
    brute force attack on such number of keys is impossible.
     A machine implementing one DES encryption per microsecond would take more
    than thousands of years to divide the cipher.
    2. The nature of algorithm:
     Crypt analyst can perform cryptanalysis by exploiting the characteristic of DES
    algorithm but no one has succeeded in finding out the weakness.
    3. Timing Attacks:

     Timing attacks allows an attacker to extract secrets maintained in a security


    system by acquiring the time it takes the system to respond to several queries.

    NOTES BY: HETA DESAI Page 7


    INFORMATION SECURITY 1030106503

    Block Cipher Modes of Operation :


    There are5modesofoperationwhicharelistedbelow.

    1. ElectronicCode bookmode(ECB)

     Electronic code book is the easiest block cipher mode of functioning. It is easier
    because of direct encryption of each block of input plaintext and output is in
    form of blocks of encrypted ciphertext. Generally, if a message is larger than
    bbits in size, it can be broken down into a bunch of blocks and the procedure is
    repeated.
    Procedure of ECB is illustrated below:

    Advantages of using ECB –

     Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.

     Simple way of the block cipher.

    Disadvantages of using ECB –

    NOTES BY: HETA DESAI Page 8


    INFORMATION SECURITY 1030106503

     Prone to cryptanalysis since there is a direct relationship between plaintext and


    ciphertext.

    2. Cipher Block Chaining –

    Cipher block chaining or CBC is an advancement made on ECB since ECB compromises
    some security requirements. In CBC, the previous cipher block is given as input to the next
    encryption algorithm after XOR with the original plaintext block. In a nutshell here, a cipher
    block is produced by encrypting an XOR output of the previous cipher block and present
    plaintext block.
    The process is illustrated here:

    Advantages of CBC –

     CBC works well for input greater than b bits.

     CBC is a good authentication mechanism.

     Better resistive nature towards cryptanalysis than ECB.

    NOTES BY: HETA DESAI Page 9


    INFORMATION SECURITY 1030106503

    Disadvantages of CBC –

     Parallel encryption is not possible since every encryption requires a previous

    cipher.

    3. Cipher Feedback Mode (CFB) –


    In this mode the cipher is given as feedback to the next block of encryption with some
    new specifications: first, an initial vector IV is used for first encryption and output bits are
    divided as a set of s and b-sbits.The left-hand side s bits are selected along with plaintext bits
    to which an XOR operation is applied. The result is given as input to a shift register having b-s
    bits to lhs,s bits to rhs and the process continues. The encryption and decryption process for
    the same is shown below, both of them use encryption algorithms.

    Advantages of CFB –

    NOTES BY: HETA DESAI Page 10


    INFORMATION SECURITY 1030106503

     Since, there is some data loss due to the use of shift register, thus it is difficult for

    applying cryptanalysis.

    4. Output Feedback Mode –

    The output feedback mode follows nearly the same process as the Cipher Feedback
    mode except that it sends the encrypted output as feedback instead of the actual cipher
    which is XOR output. In this output feedback mode, all bits of the block are sent instead of
    sending selected sbits. The Output Feedback mode of block cipher holds great resistance
    towards bit transmission errors. It also decreases the dependency or relationship of the
    cipher on the plaintext.

    Advantages of OFB –

    NOTES BY: HETA DESAI Page 11


    INFORMATION SECURITY 1030106503

     In the case of CFB, a single bit error in a block is propagated to all subsequent

    blocks. This problem is solved by OFB as it is free from bit errors in the plaintext

    block.

    5. Counter Mode –

    The Counter Mode or CTR is a simple counter-based block cipher implementation.


    Every time a counter-initiated value is encrypted and given as input to XOR with plaintext
    which results in ciphertext block. The CTR mode is independent of feedback use and thus can
    be implemented in parallel.
    Its simple implementation is shown below:

    Advantages of Counter –

    NOTES BY: HETA DESAI Page 12


    INFORMATION SECURITY 1030106503

     Since there is a different counter value for each block, the direct plaintext and

    ciphertext relationship is avoided. This means that the same plain text can map to

    different ciphertext.

     Parallel execution of encryption is possible as outputs from previous stages are not

    chained as in the case of CBC.

    NOTES BY: HETA DESAI Page 13

    You might also like