Cryptography and Network Security

Unit 1 Introduction& symmetric Key Cryptography

A Computer Security Concepts- OSI security CO1

Architecture, Security attacks, Services, mechanism,
model of network security
B Classical encryption techniques- Substitution CO1
Cipher(Mono-alphabetic, Poly-alphabetic),
Transposition cipher, Stegnography
C Block Cipher- Encryption Principles, DES and its CO1
variants, strength of DES

Faculty Name : Dr. Amrita 1

 Symmetric Encryption Technique

Stream cipher: encrypts data one bit or one byte at a time

Block cipher: encrypts a block of plaintext at a time (typically 64 or 128 bits)

Faculty Name : Dr. Amrita 2
 DES (Data Encryption Standard)
● It is a symmetric-key block cipher published by the National
Institute of Standards and Technology (NIST).
● DES is an implementation of a Feistel Cipher.
● It uses 16 round Feistel structure.
● The block size : 64-bit.
● Key: 64 bit quantity=8-bit parity+56-bit key
– Every 8th bit is a parity bit. {8 of the 64 bits of the key are not used}

Faculty Name : Dr. Amrita 3

Structure of DES

Faculty Name : Dr. Amrita 4

 DES (Data Encryption Standard)
● Since DES is based on the Feistel Cipher, all that is
required to specify DES is −
● Round function
● Key schedule
● Initial and final permutation

Faculty Name : Dr. Amrita 5

 Initial and Final Permutation
● The initial and final permutations are straight Permutation boxes (P-boxes) that
are inverses of each other. They have no cryptography significance in DES.

Faculty Name : Dr. Amrita 6

 A Round of DES : One Round Encryption
● The heart of this cipher is the DES function, f. The DES function applies a 48-
bit key to the rightmost 32 bits to produce a 32-bit output.

XOR

Faculty Name : Dr. Amrita 7

 A Round of DES : One Round Encryption
Expansion Permutation Box (E) − Since right input is 32-bit and round key is a
48-bit, we first need to expand right input to 48 bits.

XOR − DES does XOR operation on the expanded right section and the round
key. The round key is used only in this operation.

Faculty Name : Dr. Amrita 8

 A Round of DES : One Round Encryption
Substitution Boxes. − The S-boxes carry out the real mixing. DES uses 8 S-
boxes, each with a 6-bit input and a 4-bit output.

• There are a total of eight S-box tables. The output of all eight s-boxes is then
combined into 32 bit section.
• Straight Permutation − The 32 bit output of S-boxes is then subjected to the
straight permutation
Faculty Name : Dr. Amrita 9
Key Generation

The round-key
generator creates
sixteen 48-bit keys
out of a 56-bit cipher
key.

Faculty Name : Dr. Amrita

 A Round of DES : One Round Encryption
A technique that is sometimes used to make DES stronger is called
whitening. It consists of XORing a random 64-bit key with each
plaintext block before feeding it into DES and then XORing a second 64-
bit key with the resulting ciphertext before transmitting it. Whitening can
easily be removed by running the reverse operations (if the receiver has
the two whitening keys). Since this technique effectively adds more bits
to the key length, it makes an exhaustive search of the key space much
more time consuming. Note that the same whitening key is used for each
block (i.e., there is only one whitening key).

Faculty Name : Dr. Amrita 11

 DES Decryption

● decrypt must unwind steps of data computation with Feistel

design, do encryption steps again using subkeys in reverse order
(K16 … K1)
● note that IP undoes final FP step of encryption
● 1st round with K16 undoes 16th encrypt round
● ….
● 16th round with K1 undoes 1st encrypt round
● then final FP undoes initial encryption IP
● thus recovering original data value

Faculty Name : Dr. Amrita 12

 Desired Properties of Block Cipher & DES Analysis

● The DES satisfies both the desired properties of block cipher. These
two properties make cipher very strong.
● Avalanche effect − A small change in plaintext results in the very
grate change in the ciphertext.
● Completeness − Each bit of ciphertext depends on many bits of
plaintext.

Faculty Name : Dr. Amrita 13

 Strength of DES – Key Size
● 56-bit keys have 256 = 7.2 x 1016 values
● brute force search looks hard
● recent advances have shown is possible
– in 1997 on Internet in a few months
– in 1998 on dedicated h/w (EFF) in a few days
– in 1999 above combined in 22hrs!
● still must be able to recognize plaintext
● must now consider alternatives to DES

Faculty Name : Dr. Amrita

 Strength of DES – Key Size
● Since its adoption as a federal standard, there have been lingering concerns about the level of security
provided by DES in two areas: key size and the nature of the algorithm.
● With a key length of 56 bits, there are 2^56 possible keys, which is approximately 7.2*10^16 keys. Thus a
brute-force attack appeared impractical.
● However DES was finally and definitively proved insecure in July 1998, when the Electronic Frontier
Foundation (EFF) announced that it had broken a DES encryption using a special-purpose "DES cracker"
machine that was built for less than $250,000. The attack took less than three days. The EFF has published a
detailed description of the machine, enabling others to build their own cracker [EFF98].
● There have been other demonstrated breaks of the DES using both large networks of computers & dedicated
h/w, including:
● - 1997 on a large network of computers in a few months
● - 1998 on dedicated h/w (EFF) in a few days
● - 1999 above combined in 22hrs!
● It is important to note that there is more to a key-search attack than simply running through all possible keys.
Unless known plaintext is provided, the analyst must be able to recognize plaintext as plaintext.
● Clearly must now consider alternatives to DES, the most important of which are AES and triple DES.

Faculty Name : Dr. Amrita

 Strength of DES – Analytic Attacks
● now have several analytic attacks on DES
● these utilise some deep structure of the cipher
– by gathering information about encryptions
– can eventually recover some/all of the sub-key bits
– if necessary then exhaustively search for the rest
● generally these are statistical attacks
● include
– differential cryptanalysis
– linear cryptanalysis
– related key attacks

Faculty Name : Dr. Amrita

 Multiple DES
The major criticism of DES regards its key length. This
means that we can use double or triple DES to increase
the key size.
Double DES
Triple DES

Faculty Name : Dr. Amrita

 Double DES

The first approach is to use double DES (2DES).

Meet-in-the-Middle Attack
However, using a known-plaintext attack called meet-in-
the-middle attack proves that double DES improves this
vulnerability slightly (to 257 tests), but not tremendously
(to 2112).

Faculty Name : Dr. Amrita 6.18

Double DES Continued
Meet-in-the-middle attack for double DES

Faculty Name : Dr. Amrita

 Triple DES
Triple DES with two keys

฀ hence must use 3 encryptions

฀ would seem to need 3 distinct keys
฀ but can use 2 keys with E-D-E sequence
฀ C = EK1(DK2(EK1(P)))
฀ standardized in ANSI X9.17 & ISO8732
฀ no current known practical attacks

Faculty Name : Dr. Amrita 6.20

 Triple DES
Triple DES with two keys

Faculty Name : Dr. Amrita 6.21

 Triple DES
Triple DES with three keys

฀ The possibility of known-plaintext attacks on triple DES with

two keys has enticed some applications to use triple DES with
three keys.
฀ C = EK3(DK2(EK1(P)))
฀ Triple DES with three keys is used by many applications such as
PGP , S/MIME.

Faculty Name : Dr. Amrita 6.22