block ciphers and des
play

Block Ciphers and DES S-DES DES Details DES Design Other Ciphers - PowerPoint PPT Presentation

Oct 01, 2023 •274 likes •788 views

CSS441 Block Ciphers Principles DES Block Ciphers and DES S-DES DES Details DES Design Other Ciphers CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20

  1. CSS441 Block Ciphers Principles DES Block Ciphers and DES S-DES DES Details DES Design Other Ciphers CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l03, Steve/Courses/2015/s2/css441/lectures/block-ciphers-and-des.tex, r4295 1/50

  2. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 2/50

  3. CSS441 Stream Ciphers Block Ciphers ◮ Encrypts a digital data stream one bit or one byte at a Principles time DES ◮ One time pad is example; but practical limitations S-DES ◮ Typical approach for stream cipher: DES Details ◮ Key ( K ) used as input to bit-stream generator algorithm DES Design ◮ Algorithm generates cryptographic bit stream ( k i ) used Other Ciphers to encrypt plaintext ◮ Users share a key; use it to generate keystream 3/50

  4. CSS441 Block Ciphers Block Ciphers ◮ Encrypt a block of plaintext as a whole to produce Principles same sized ciphertext DES ◮ Typical block sizes are 64 or 128 bits S-DES ◮ Modes of operation used to apply block ciphers to DES Details DES Design larger plaintexts Other Ciphers 4/50

  5. CSS441 Reversible and Irreversible Mappings Block Ciphers ◮ n -bit block cipher takes n bit plaintext and produces n Principles bit ciphertext DES ◮ 2 n possible different plaintext blocks S-DES ◮ Encryption must be reversible (decryption possible) DES Details DES Design ◮ Each plaintext block must produce unique ciphertext Other Ciphers block ◮ Total transformations is 2 n ! Reversible Mapping Irreversible Mapping Plaintext Ciphertext Plaintext Ciphertext 00 11 00 11 01 10 01 10 10 00 10 01 11 01 11 01 5/50

  6. CSS441 Ideal Block Cipher Block Ciphers ◮ n -bit input maps to 2 n possible input states Principles ◮ Substitution used to produce 2 n output states DES ◮ Output states map to n -bit output S-DES DES Details ◮ Ideal block cipher allows maximum number of possible DES Design encryption mappings from plaintext block Other Ciphers ◮ Problems with ideal block cipher: ◮ Small block size: equivalent to classical substitution cipher; cryptanalysis based on statistical characteristics feasible ◮ Large block size: key must be very large; performance/implementation problems 6/50

  7. CSS441 General Block Substitution Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 7/50

  8. CSS441 Encryption/Decryption Tables Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 8/50

  9. CSS441 Feistel Structure for Block Ciphers Block Ciphers ◮ Feistel proposed applying two or more simple ciphers in Principles sequence so final result is cryptographically stronger DES than component ciphers S-DES ◮ n -bit block length; k -bit key length; 2 k transformations DES Details ◮ Feistel cipher alternates: substitutions, transpositions DES Design Other Ciphers (permutations) ◮ Applies concepts of diffusion and confusion ◮ Applied in many ciphers today ◮ Approach: ◮ Plaintext split into halves ◮ Subkeys (or round keys) generated from key ◮ Round function, F , applied to right half ◮ Apply substitution on left half using XOR ◮ Apply permutation: interchange to halves 9/50

  10. CSS441 Diffusion and Confusion Block Ciphers Diffusion Principles DES ◮ Statistical nature of plaintext is reduced in ciphertext S-DES ◮ E.g. A plaintext letter affects the value of many DES Details ciphertext letters DES Design ◮ How: repeatedly apply permutation (transposition) to Other Ciphers data, and then apply function Confusion ◮ Make relationship between ciphertext and key as complex as possible ◮ Even if attacker can find some statistical characteristics of ciphertext, still hard to find key ◮ How: apply complex (non-linear) substitution algorithm 10/50

  11. CSS441 Feistel Encryption and Decryption Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 11/50

  12. CSS441 Using the Feistel Structure Block Ciphers ◮ Exact implementation depends on various design Principles features DES ◮ Block size, e.g. 64, 128 bits: larger values leads to more S-DES diffusion DES Details ◮ Key size, e.g. 128 bits: larger values leads to more DES Design confusion, resistance against brute force Other Ciphers ◮ Number of rounds, e.g. 16 rounds ◮ Subkey generation algorithm: should be complex ◮ Round function F : should be complex ◮ Other factors include fast encryption in software and ease of analysis ◮ Trade-off: security vs performance 12/50

  13. CSS441 Feistel Example Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 13/50

  14. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 14/50

  15. CSS441 Data Encryption Standard Block Ciphers ◮ Symmetric block cipher Principles ◮ 56-bit key, 64-bit input block, 64-bit output block DES ◮ One of most used encryption systems in world S-DES ◮ Developed in 1977 by NBS/NIST DES Details ◮ Designed by IBM (Lucifer) with input from NSA DES Design ◮ Principles used in other ciphers, e.g. 3DES, IDEA Other Ciphers ◮ Simplified DES (S-DES) ◮ Cipher using principles of DES ◮ Developed for education (not real world use) 15/50

  16. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 16/50

  17. CSS441 Simplified DES Block Ciphers ◮ Input (plaintext) block: 8-bits Principles ◮ Output (ciphertext) block: 8-bits DES ◮ Key: 10-bits S-DES DES Details ◮ Rounds: 2 DES Design ◮ Round keys generated using permutations and left shifts Other Ciphers ◮ Encryption: initial permutation, round function, switch halves ◮ Decryption: Same as encryption, except round keys used in opposite order 17/50

  18. CSS441 S-DES Algorithm Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 18/50

  19. CSS441 S-DES Operations Block Ciphers ◮ P10 (permutate) Principles Input : 1 2 3 4 5 6 7 8 9 10 DES Output: 3 5 2 7 4 10 1 9 8 6 S-DES DES Details ◮ P8 (select and permutate) DES Design Input : 1 2 3 4 5 6 7 8 9 10 Other Ciphers Output: 6 3 7 4 8 5 10 9 ◮ P4 (permutate) Input : 1 2 3 4 Output: 2 4 3 1 19/50

  20. CSS441 S-DES Operations Block Ciphers ◮ EP (expand and permutate) Principles Input : 1 2 3 4 DES Output: 4 1 2 3 2 3 4 1 S-DES DES Details ◮ IP (initial permutation) DES Design Input : 1 2 3 4 5 6 7 8 Other Ciphers Output: 2 6 3 1 4 8 5 7 ◮ IP − 1 (inverse of IP) ◮ LS-1 (left shift 1 position) ◮ LS-2 (left shift 2 positions) 20/50

  21. CSS441 S-DES Key Generation Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 21/50

  22. CSS441 S-DES Encryption Details Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 22/50

  23. CSS441 S-DES S-Boxes Block Ciphers ◮ S-DES (and DES) perform substitutions using S-Boxes Principles ◮ S-Box considered as a matrix: input used to select DES row/column; selected element is output S-DES ◮ 4-bit input: bit 1 , bit 2 , bit 3 , bit 4 DES Details DES Design ◮ bit 1 bit 4 specifies row (0, 1, 2 or 3 in decimal) Other Ciphers ◮ bit 2 bit 3 specifies column ◮ 2-bit output  01 00 11 10   00 01 10 11  11 10 01 00 10 00 01 11     S 0 = S 1 =     00 10 01 11 11 00 01 00     11 01 11 10 10 01 00 11 23/50

  24. CSS441 S-DES Example Block Ciphers ◮ Plaintext: 01110010 Principles ◮ Key: 1010000010 DES ◮ Ciphertext: 01110111 S-DES DES Details DES Design Other Ciphers 24/50

  25. CSS441 S-DES Summary Block Ciphers ◮ Educational encryption algorithm Principles ◮ S-DES expressed as functions: DES S-DES ciphertext = IP − 1 ( f K 2 ( SW ( f K 1 ( IP ( plaintext ))))) DES Details DES Design plaintext = IP − 1 ( f K 1 ( SW ( f K 2 ( IP ( ciphertext ))))) Other Ciphers ◮ Security of S-DES: ◮ 10-bit key, 1024 keys: brute force easy ◮ If know plaintext and corresponding ciphertext, can we determine key? Very hard 25/50

  26. CSS441 Comparing DES and S-DES Block Ciphers Principles S-DES DES DES ◮ 8-bit blocks S-DES ◮ 64-bit blocks DES Details ◮ 10-bit key: 2 x 8-bit ◮ 56-bit key: 16 x 48-bit DES Design round keys round keys Other Ciphers ◮ IP: 8-bits ◮ IP: 64 bits ◮ F operates on 4 bits ◮ F operates on 32 bits ◮ 2 S-Boxes ◮ 8 S-Boxes ◮ 2 rounds ◮ 16 rounds S-DES encryption: ciphertext = IP − 1 ( f K 2 ( SW ( f K 1 ( IP ( plaintext ))))) DES encryption: ciphertext = IP − 1 ( f K 16 ( SW ( f K 15 ( SW ( . . . ( f K 1 ( IP ( plaintext )))))))) 26/50

  27. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 27/50

Recommend

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2 . . . M N . Then, each block M i is encrypted to the

1.11k views • 63 slides
Players Will discuss how to distribute key to all parties later Symmetric ciphers unusable for

Players Will discuss how to distribute key to all parties later Symmetric ciphers unusable for

Organisation Organisation Overview Block Ciphers Overview Block Ciphers Historic Ciphers Security of Block ciphers Historic Ciphers Security of Block ciphers Symmetric Ciphers Symmetric Ciphers Assume encryption and decryption use the

425 views • 5 slides
One Time Pad, Block Ciphers, One Time Pad, Block Ciphers, Basic Ciphers Basic Ciphers

One Time Pad, Block Ciphers, One Time Pad, Block Ciphers, Basic Ciphers Basic Ciphers

One Time Pad, Block Ciphers, One Time Pad, Block Ciphers, Basic Ciphers Basic Ciphers Encryption Modes Encryption Modes Shift Cipher Brute%force attack can easily break Ahmet Burak Can Substitution Cipher Hacettepe University

191 views • 6 slides
Iterative Block Ciphers from Tweakable Block Ciphers with Long Tweaks Ryota Nakamichi and Tetsu

Iterative Block Ciphers from Tweakable Block Ciphers with Long Tweaks Ryota Nakamichi and Tetsu

Iterative Block Ciphers from Tweakable Block Ciphers with Long Tweaks Ryota Nakamichi and Tetsu Iwata Nagoya University, Japan FSE 2020 November 913, 2020, Virtual 1 / 19 Block Ciphers block cipher (BC) E : K { 0 , 1 } n { 0

530 views • 24 slides
Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length

Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length

Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2 . . . M N . Then, each block M i is encrypted to the ciphertext block C i = E K ( M i ), and the results are concatenated to the

334 views • 8 slides
Handout 2 Summary of this handout: Symmetric Ciphers Overview Block Ciphers Feistel Ciphers

Handout 2 Summary of this handout: Symmetric Ciphers Overview Block Ciphers Feistel Ciphers

06-20008 Cryptography The University of Birmingham Autumn Semester 2012 School of Computer Science Eike Ritter 2 October, 2012 Handout 2 Summary of this handout: Symmetric Ciphers Overview Block Ciphers Feistel Ciphers DES II.

588 views • 10 slides
B) Symmetric Ciphers B.a) Fundamentals B.b) Block Ciphers B.c) Stream Ciphers 2 B.a)

B) Symmetric Ciphers B.a) Fundamentals B.b) Block Ciphers B.c) Stream Ciphers 2 B.a)

1 B) Symmetric Ciphers B.a) Fundamentals B.b) Block Ciphers B.c) Stream Ciphers 2 B.a) Fundamentals 3 B.1 Definition A mapping Enc: P K C for which k := Enc( ,k): P C is bijective for each k K is called an

1.1k views • 32 slides
B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n

B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n

1 B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n is called a block cipher . The positive integer n denotes the block size ( block length ). 3 B.25 Remark and Convention The encryption

709 views • 67 slides
Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof. Raluca Ada Popa Jan 31, 2018 Announcements Project 1 is out, due Feb 14 midnight Recall: Block cipher A function E : {0, 1} k {0, 1} n

553 views • 32 slides
T-79.159 Cryptography and Data Security Lecture 3: 3.1 Introduction to block ciphers 3.2 DES

T-79.159 Cryptography and Data Security Lecture 3: 3.1 Introduction to block ciphers 3.2 DES

T-79.159 Cryptography and Data Security Lecture 3: 3.1 Introduction to block ciphers 3.2 DES 3.3 IDEA 3.4 AES Kaufman et al: Chapter 3 Stallings: Chapters 3, 5 1 Block ciphers Confidentiality primitive Threat: recover the plaintext

774 views • 15 slides
Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 15, 2016 Announcements Project due Sept 20 Recall: Block cipher A function E : {0, 1} k {0, 1} n {0, 1} n . Once

417 views • 30 slides
T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher

T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher

T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher confidentiality modes of operation Kaufman et al: Ch 4 Stallings: Ch 6, Ch 3 1 Stream ciphers Stream ciphers are generally faster than block

535 views • 12 slides
Perfect Block Ciphers With Small Blocks Louis Granboulan 1 , 2 Thomas Pornin 3 1 cole Normale

Perfect Block Ciphers With Small Blocks Louis Granboulan 1 , 2 Thomas Pornin 3 1 cole Normale

Block ciphers with non-standard sizes Choosing uniformly a random permutation P ERMUTATOR Sampling following the Hypergeometric Distribution Security Analysis Perfect Block Ciphers With Small Blocks Louis Granboulan 1 , 2 Thomas Pornin 3 1

550 views • 23 slides
Design Issues of Block Ciphers The objectives of this part is to show certain design issues of

Design Issues of Block Ciphers The objectives of this part is to show certain design issues of

Design Issues of Block Ciphers The objectives of this part is to show certain design issues of block ciphers. 1 Block Ciphers and Stream Ciphers A one-key cipher is a 5-tuple ( M , C , K , E k , D k ) , where M , C , K are respectively the

461 views • 12 slides
How to Operationally Detect the Misuse of Stream Ciphers (and even Block Ciphers Sometimes) and

How to Operationally Detect the Misuse of Stream Ciphers (and even Block Ciphers Sometimes) and

Introduction Cryptology Basics Detection Cryptanalysis The Word Case The Excel Case Conclusion How to Operationally Detect the Misuse of Stream Ciphers (and even Block Ciphers Sometimes) and Break them Eric Filiol, filiol@esiea.fr ESIEA -

808 views • 64 slides
Contents Introduction Classification of Symmetric Ciphers Types of Attacks

Contents Introduction Classification of Symmetric Ciphers Types of Attacks

Contents Introduction Classification of Symmetric Ciphers Types of Attacks Properties of Secure Ciphers Components of Block Ciphers Classes of Block Ciphers DES AES Secure Communication using

606 views • 27 slides
Structural attacks on block ciphers Sondre Rnjom NSM/UiB September 2, 2017 1 Preliminaries 2

Structural attacks on block ciphers Sondre Rnjom NSM/UiB September 2, 2017 1 Preliminaries 2

Structural attacks on block ciphers Sondre Rnjom NSM/UiB September 2, 2017 1 Preliminaries 2 Subspaces in block ciphers 3 From subspace trails to invariant subspaces in Simpira 4 Zero-di ff erence cryptanalysis of AES Preliminaries Block

2.18k views • 146 slides
Two ways of building round functions for block ciphers Joan Daemen Radboud University ibenik

Two ways of building round functions for block ciphers Joan Daemen Radboud University ibenik

Two ways of building round functions for block ciphers Joan Daemen Radboud University ibenik summer school 2016 1 / 44 Outline 1 Block ciphers and statistical attacks 2 Correlation basics 3 Wide trail strategy: strongly-aligned flavor

620 views • 59 slides
Outline Crypto basics, contd Stream ciphers CSci 5271 Block ciphers and modes of operation

Outline Crypto basics, contd Stream ciphers CSci 5271 Block ciphers and modes of operation

Outline Crypto basics, contd Stream ciphers CSci 5271 Block ciphers and modes of operation Introduction to Computer Security Announcements Cryptography, symmetric and public-key Hash functions and MACs Stephen McCamant Building a secure

440 views • 11 slides
Secret Key: stream ciphers & block ciphers Stream Ciphers Idea: try to simulate one-time pad

Secret Key: stream ciphers & block ciphers Stream Ciphers Idea: try to simulate one-time pad

Secret Key: stream ciphers & block ciphers Stream Ciphers Idea: try to simulate one-time pad define a secret key (seed) Using the seed generates a byte stream ( Keystream): i-th byte is function only of the key

822 views • 69 slides
Outline Analytic Attacks on Block Ciphers 1 CPSC 418/MATH 318 Introduction to Cryptography

Outline Analytic Attacks on Block Ciphers 1 CPSC 418/MATH 318 Introduction to Cryptography

Outline Analytic Attacks on Block Ciphers 1 CPSC 418/MATH 318 Introduction to Cryptography Linear Cryptanalysis Differential Cryptanalysis Analytic Cryptanalysis of Block Ciphers, Stream Ciphers, Modes of Other Advanced Attacks Operation,

933 views • 11 slides
Symmetric Key Crypto, Part 1 Prof. Tom Austin San Jos State University Stream Ciphers &

Symmetric Key Crypto, Part 1 Prof. Tom Austin San Jos State University Stream Ciphers &

CS 166: Information Security Symmetric Key Crypto, Part 1 Prof. Tom Austin San Jos State University Stream Ciphers & Block Ciphers Stream ciphers based on the one-time pad Block ciphers based on codebook ciphers Symmetric

650 views • 52 slides
Block Ciphers Chester Rebeiro IIT Madras CR CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR CR STINSON : chapters 3 Block Cipher K D K E untrusted communicaGon link Alice Bob E D #%AR3Xf34^$ A?ack at Dawn!! decrypGon encrypGon (ciphertext) message A?ack at Dawn!!

1.71k views • 143 slides
Block Ciphers - The Basics Lars R. Knudsen Spring 2011 L.R. Knudsen Block Ciphers - The Basics

Block Ciphers - The Basics Lars R. Knudsen Spring 2011 L.R. Knudsen Block Ciphers - The Basics

Intro Attack on iterated ciphers Differential cryptanalysis Linear cryptanalysis Block Ciphers - The Basics Lars R. Knudsen Spring 2011 L.R. Knudsen Block Ciphers - The Basics Intro Attack on iterated ciphers Differential cryptanalysis

1.27k views • 77 slides

More recommend