SlideShare a Scribd company logo

cryptography2 WHICH IS VERY IMPOTRANT.pdf

G
gadisagemechu1

REALLY GOOD CHAPTER OF CRYPTOGRAPHY

Education
1 of 63
Download to read offline
Chapter 6 Data Encryption Standard (DES) 6.1
Objectives Chapter 6 ❏ To review a short history of DES y ❏ To define the basic structure of DES ❏ To describe the details of building elements of DES ❏ To describe the round keys generation process ❏ To analyze DES 6.2
6 6- -1 INTRODUCTION 1 INTRODUCTION The The Data Data Encryption Encryption Standard Standard (DES) (DES) is is a a symmetric symmetric- - k k bl k bl k i h i h bli h d bli h d b b h h N i l N i l I i I i f f key key block block cipher cipher published published by by the the National National Institute Institute of of Standards Standards and and Technology Technology (NIST) (NIST). . Topics discussed in this section: Topics discussed in this section: 6.1.1 History 6.1.2 Overview 6.3
6.1.1 History In 1973, NIST published a request for proposals for a national symmetric-key cryptosystem. A proposal from y y yp y p p f IBM, a modification of a project called Lucifer, was accepted as DES. DES was published in the Federal Register in March 1975 as a draft of the Federal Information Processing Standard (FIPS). 6.4
6.1.2 Overview DES is a block cipher, as shown in Figure 6.1. Figure 6.1 Encryption and decryption with DES 6.5
6 6- -2 DES STRUCTURE 2 DES STRUCTURE The The encryption encryption process process is is made made of of two two permutations permutations (P (P- -boxes), boxes), which which we we call call initial initial and and final final (P (P boxes), boxes), which which we we call call initial initial and and final final permutations, permutations, and and sixteen sixteen Feistel Feistel rounds rounds. . Topics discussed in this section: Topics discussed in this section: 6.2.1 Initial and Final Permutations 6.2.2 Rounds 6.2.3 Cipher and Reverse Cipher 6.6 p p 6.2.4 Examples
6 6- -2 Continue 2 Continue Figure 6.2 General structure of DES 6.7
6.2.1 Initial and Final Permutations Figure 6.3 Initial and final permutation steps in DES 6.8
6.2.1 Continue Table 6 1 Initial and final permutation tables Table 6.1 Initial and final permutation tables 6.9
6.2.1 Continued Example 6.1 Find Find the the output output of of the the initial initial permutation permutation box box when when the the input input is is given given in in hexadecimal hexadecimal as as: : Solution Solution Only Only bit bit 25 25 and and bit bit 64 64 are are 1 1s s; ; the the other other bits bits are are 0 0s s. . In In the the final final permutation, permutation, bit bit 25 25 becomes becomes bit bit 64 64 and and bit bit 63 63 becomes becomes bit bit 15 15. . The The result result is is The The result result is is 6.10
6.2.1 Continued Example 6.2 Prove Prove that that the the initial initial and and final final permutations permutations are are the the inverse inverse p p of of each each other other by by finding finding the the output output of of the the final final permutation permutation if if the the input input is is Solution Solution The The input input has has only only two two 1 1s s; ; the the output output must must also also have have only only two two 1 1s s. . Using Using Table Table 6 6. .1 1, , we we can can find find the the output output related related to to these these two two bits bits Bit Bit 15 15 in in the the input input becomes becomes bit bit 63 63 in in the the output output Bit Bit two two bits bits. . Bit Bit 15 15 in in the the input input becomes becomes bit bit 63 63 in in the the output output. . Bit Bit 64 64 in in the the input input becomes becomes bit bit 25 25 in in the the output output. . So So the the output output has has only only two two 1 1s, s, bit bit 25 25 and and bit bit 63 63. . The The result result in in hexadecimal hexadecimal is is 6.11
6.2.1 Continued Note The initial and final permutations are straight P-boxes that are inverses of each other. They have no cryptography significance in DES. 6.12
6.2.2 Rounds DES uses 16 rounds. Each round of DES is a Feistel cipher. Fi 6 4 Figure 6.4 A round in DES (encryption site) 6.13
6.2.2 Continued DES Function The heart of DES is the DES function. The DES function applies a 48-bit key to the rightmost 32 bits to produce a 32-bit output. Figure 6.5 DES function 6.14
6.2.2 Continue Expansion P-box Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand RI−1 to 48 bits. Figure 6.6 Expansion permutation 6.15
6.2.2 Continue Although the relationship between the input and output can be defined mathematically, DES uses Table 6.2 to define this P-box. Table 6 6 Expansion P box table Table 6.6 Expansion P-box table 6.16
6.2.2 Continue Whitener (XOR) After the expansion permutation, DES uses the XOR operation on the expanded right section and the round key. Note that both the right section and the key are 48- bits in length. Also note that the round key is used only in this operation. 6.17
6.2.2 Continue S-Boxes The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output. See Figure 6.7. Figure 6.7 S-boxes 6.18
6.2.2 Continue Figure 6.8 S-box rule 6.19
Table 6 3 shows the permutation for S box 1 For the rest 6.2.2 Continue Table 6.3 shows the permutation for S-box 1. For the rest of the boxes see the textbook. Table 6.3 S-box 1 6.20
Example 6.3 6.2.2 Continued The The input input to to S S- -box box 1 1 is is 1 10001 00011 1. . What What is is the the output? output? If If we we write write the the first first and and the the sixth sixth bits bits together, together, we we get get 11 11 in in bi bi hi h hi h i i 3 3 i i d i l d i l Th Th i i i i bit bit 0001 0001 i i Solution Solution binary, binary, which which is is 3 3 in in decimal decimal. . The The remaining remaining bits bits are are 0001 0001 in in binary, binary, which which is is 1 1 in in decimal decimal. . We We look look for for the the value value in in row row 3 3, , column column 1 1, , in in Table Table 6 6. .3 3 (S (S- -box box 1 1) ). . The The result result is is 12 12 in in decimal, decimal, which which in in binary binary is is 1100 1100. . So So the the input input 100011 100011 yields yields the the output output 1100 1100. . 6.21
Example 6.4 6.2.2 Continued The The input input to to S S- -box box 8 8 is is 000000 000000. . What What is is the the output? output? If If we we write write the the first first and and the the sixth sixth bits bits together, together, we we get get 00 00 in in bi bi hi h hi h i i 0 0 i i d i l d i l Th Th i i i i bit bit 0000 0000 i i Solution Solution binary, binary, which which is is 0 0 in in decimal decimal. . The The remaining remaining bits bits are are 0000 0000 in in binary, binary, which which is is 0 0 in in decimal decimal. . We We look look for for the the value value in in row row 0 0, , column column 0 0, , in in Table Table 6 6. .10 10 (S (S- -box box 8 8) ). . The The result result is is 13 13 in in decimal, decimal, which which is is 1101 1101 in in binary binary. . So So the the input input 000000 000000 yields yields the the output output 1101 1101. . 6.22
6.2.2 Continue Straight Permutation T bl 6 11 Table 6.11 Straight permutation table 6.23
6.2.3 Cipher and Reverse Cipher Using mixers and swappers, we can create the cipher and reverse cipher, each having 16 rounds. First Approach T hi thi l h i t k th l t To achieve this goal, one approach is to make the last round (round 16) different from the others; it has only a mixer and no swapper mixer and no swapper. Note In the first approach, there is no swapper in Note 6.24 the last round.
6.2.3 Continued Figure 6.9 DES cipher and reverse cipher for the first approach g p p f f pp 6.25
6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher 6.26
6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher (Continued) 6.27
6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher (Continued) 6.28
6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher (Continued) 6.29
6.2.3 Continued Alternative Approach We can make all 16 rounds the same by including one We can make all 16 rounds the same by including one swapper to the 16th round and add an extra swapper after that (two swappers cancel the effect of each other). ( pp ff f ) Key Generation Key Generation The round-key generator creates sixteen 48-bit keys out of a 56 bit cipher key of a 56-bit cipher key. 6.30
6.2.3 Continued Figure 6.10 Key generation Key generation 6.31
6.2.3 Continued Table 6.12 Parity-bit drop table Table 6.13 Number of bits shifts 6.32
6.2.3 Continued Table 6.14 Key-compression table 6.33
6.2.3 Continued Algorithm 6.2 Algorithm for round-key generation 6.34
6.2.3 Continued Algorithm 6.2 Algorithm for round-key generation (Continue) 6.35
Example 6.5 6.2.4 Examples We We choose choose a a random random plaintext plaintext block block and and a a random random key, key, and and determine determine what what the the ciphertext ciphertext block block would would be be (all (all in in hexadecimal) hexadecimal): : Table 6.15 Trace of data for Example 6.5 6.36
Example 6.5 6.2.4 Continued Continued Table 6.15 Trace of data for Example 6.5 (Conintued 6.37
Example 6.6 6.2.4 Continued Let Let us us see see how how Bob, Bob, at at the the destination, destination, can can decipher decipher the the ciphertext ciphertext received received from from Alice Alice using using the the same same key key. . Table Table 6 6. .16 16 shows shows some some interesting interesting points points. . 6.38
6 6- -3 DES ANALYSIS 3 DES ANALYSIS Critics Critics have have used used a a strong strong magnifier magnifier to to analyze analyze DES DES. . Tests Tests have have been been done done to to measure measure the the strength strength of of some some Tests Tests have have been been done done to to measure measure the the strength strength of of some some desired desired properties properties in in a a block block cipher cipher. . Topics discussed in this section: Topics discussed in this section: 6.3.1 Properties 6.3.2 Design Criteria 6.3.3 DES Weaknesses 6.39
6.3.1 Properties Two desired properties of a block cipher are the avalanche effect and the completeness. Example 6.7 To To check check the the avalanche avalanche effect effect in in DES, DES, let let us us encrypt encrypt two two plaintext plaintext blocks blocks (with (with the the same same key) key) that that differ differ only only in in one one bit bit d d b b h h diff diff i i h h b b f f bi bi i i h h and and observe observe the the differences differences in in the the number number of of bits bits in in each each round round. . 6.40
Example 6.7 6.3.1 Continued Continued Although Although the the two two plaintext plaintext blocks blocks differ differ only only in in the the rightmost rightmost bit, bit, the the ciphertext ciphertext blocks blocks differ differ in in 29 29 bits bits. . This This means means that that bit, bit, the the ciphertext ciphertext blocks blocks differ differ in in 29 29 bits bits. . This This means means that that changing changing approximately approximately 1 1. .5 5 percent percent of of the the plaintext plaintext creates creates a a change change of of approximately approximately 45 45 percent percent in in the the ciphertext ciphertext. . Table 6.17 Number of bit differences for Example 6.7 6.41
6.3.1 Continued Completeness effect Completeness effect means that each bit of the ciphertext Completeness effect means that each bit of the ciphertext needs to depend on many bits on the plaintext. 6.42
6.3.2 Design Criteria S-Boxe The design provides confusion and diffusion of bits from h d t th t each round to the next. P-Boxes h id diff i f bi They provide diffusion of bits. Number of Rounds DES uses sixteen rounds of Feistel ciphers. the ciphertext i th hl d f ti f l i t t d is thoroughly a random function of plaintext and ciphertext. 6.43
6.3.3 DES Weaknesses During the last few years critics have found some weaknesses in DES. Weaknesses in Cipher Design 1. Weaknesses in S-boxes 2 Weaknesses in P boxes 2. Weaknesses in P-boxes 3. Weaknesses in Key 6.44
Example 6.8 6.3.3 Continued Let Let us us try try the the first first weak weak key key in in Table Table 6 6. .18 18 to to encrypt encrypt a a block block two two times times. . After After two two encryptions encryptions with with the the same same key key the the original original plaintext plaintext block block is is created created. . Note Note that that we we have have used used the the encryption encryption algorithm algorithm two two times, times, not not one one encryption encryption followed followed by by another another decryption decryption. . yp yp y y yp yp 6.45
6.3.3 Continued Figure 6.11 Double encryption and decryption with a weak key 6.46
6.3.3 Continued 6.47
6.3.3 Continued 6.48
6.3.3 Continued Figure 6.12 A pair of semi-weak keys in encryption and decryption 6.49
Example 6.9 6.3.3 Continued What What is is the the probability probability of of randomly randomly selecting selecting a a weak, weak, a a semi semi- - weak, weak, or or a a possible possible weak weak key? key? , , p p y y Solution Solution 56 56 DES DES has has a a key key domain domain of of 2 256 56. . The The total total number number of of the the above above keys keys are are 64 64 ( (4 4 + + 12 12 + + 48 48) ). . The The probability probability of of choosing choosing one one of of these these keys keys is is 8 8. .8 8 × × 10 10− −16 16, , almost almost impossible impossible. . y y , , p p 6.50
6.3.3 Continued 6.51
Example 6.10 6.3.3 Continued Let Let us us test test the the claim claim about about the the complement complement keys keys. . We We have have used used an an arbitrary arbitrary key key and and plaintext plaintext to to find find the the corresponding corresponding y y y y p p p g p g ciphertext ciphertext. . If If we we have have the the key key complement complement and and the the plaintext, plaintext, we we can can obtain obtain the the complement complement of of the the previous previous ciphertext ciphertext (Table (Table 6 6 20 20) ) (Table (Table 6 6. .20 20) ). . 6.52
6 6- -4 Multiple DES 4 Multiple DES The The major major criticism criticism of of DES DES regards regards its its key key length length. . Fortunately Fortunately DES DES is is not not a a group group. . This This means means that that we we Fortunately Fortunately DES DES is is not not a a group group. . This This means means that that we we can can use use double double or or triple triple DES DES to to increase increase the the key key size size. . 6.4.1 Double DES 6 4 4 T i l DES Topics discussed in this section: Topics discussed in this section: 6.53 6.4.4 Triple DES
6 6- -4 Continued 4 Continued A A substitution substitution that that maps maps every every possible possible input input to to every every possible possible output output is is a a group group. . Figure 6.13 Composition of mapping 6.54
6.4.1 Double DES The first approach is to use double DES (2DES). Meet-in-the-Middle Attack Meet in the Middle Attack However, using a known-plaintext attack called meet-in- the-middle attack proves that double DES improves this vulnerability slightly (to 257 tests), but not tremendously (to 2112). 6.55
6.4.1 Continued Figure 6 14 Meet-in-the-middle attack for double DES Figure 6.14 Meet-in-the-middle attack for double DES 6.56
6.4.1 Continued Figure 6.15 Tables for meet-in-the-middle attack 6.57
6.4.2 Triple DES Fi 6 16 Figure 6.16 Triple DES with two keys 6.58
6.4.2 Continuous Triple DES with Three Keys The possibility of known-plaintext attacks on triple DES with two keys has enticed some applications to use triple DES with three keys. Triple DES with three keys is used by many applications such as PGP (See Chapter 16) by many applications such as PGP (See Chapter 16). 6.59
6 6- -5 Security of DES 5 Security of DES DES, DES, as as the the first first important important block block cipher, cipher, has has gone gone through through much much scrutiny scrutiny Among Among the the attempted attempted attacks attacks through through much much scrutiny scrutiny. . Among Among the the attempted attempted attacks, attacks, three three are are of of interest interest: : brute brute- -force, force, differential differential cryptanalysis, cryptanalysis, and and linear linear cryptanalysis cryptanalysis. . yp y yp y yp y yp y Topics discussed in this section: Topics discussed in this section: 6.5.1 Brute-Force Attack 6.5.2 Differential Cryptanalysis 6.5.3 Linear Cryptanalysis 6.60 yp y
6.5.1 Brute-Force Attack We have discussed the weakness of short cipher key in DES. Combining this weakness with the key complement k it i l th t DES b b k i 255 weakness, it is clear that DES can be broken using 255 encryptions. 6.61
6.5.2 Differential Cryptanalysis It has been revealed that the designers of DES already knew about this type of attack and designed S-boxes and h 16 th b f d t k DES chose 16 as the number of rounds to make DES specifically resistant to this type of attack. Note We show an example of DES differential cryptanalysis in Appendix N cryptanalysis in Appendix N. 6.62
6.5.3 Linear Cryptanalysis Linear cryptanalysis is newer than differential cryptanalysis. DES is more vulnerable to linear cryptanalysis than to differential cryptanalysis S boxes cryptanalysis than to differential cryptanalysis. S-boxes are not very resistant to linear cryptanalysis. It has been shown that DES can be broken using 243 pairs of known s ow t at S ca be b o e usi g pai s of ow plaintexts. However, from the practical point of view, finding so many pairs is very unlikely. Note We show an example of DES linear cryptanalysis in Appendix N 6.63 cryptanalysis in Appendix N.

Recommended

DES Cipher
DES CipherDES Cipher
DES CipherHardik Sondagar
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardVasuki Ramasamy
 
DES.pptx
DES.pptxDES.pptx
DES.pptxmalamgowda9942
 
2 DES.pdf
2 DES.pdf2 DES.pdf
2 DES.pdfnitin571047
 
Aes128 bit project_report
Aes128 bit project_reportAes128 bit project_report
Aes128 bit project_reportNikhil Gupta
 
Representation of Positive Numbers
Representation of Positive NumbersRepresentation of Positive Numbers
Representation of Positive NumbersForrester High School
 
SD & D Representing Positive Numbers
SD & D Representing Positive NumbersSD & D Representing Positive Numbers
SD & D Representing Positive NumbersForrester High School
 
Data Encryption Standards (1).pptx
Data Encryption Standards (1).pptxData Encryption Standards (1).pptx
Data Encryption Standards (1).pptxSanthosh Prabhu
 

Recommended

DES Cipher
DES CipherDES Cipher
DES CipherHardik Sondagar
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardVasuki Ramasamy
 
DES.pptx
DES.pptxDES.pptx
DES.pptxmalamgowda9942
 
2 DES.pdf
2 DES.pdf2 DES.pdf
2 DES.pdfnitin571047
 
Aes128 bit project_report
Aes128 bit project_reportAes128 bit project_report
Aes128 bit project_reportNikhil Gupta
 
Representation of Positive Numbers
Representation of Positive NumbersRepresentation of Positive Numbers
Representation of Positive NumbersForrester High School
 
SD & D Representing Positive Numbers
SD & D Representing Positive NumbersSD & D Representing Positive Numbers
SD & D Representing Positive NumbersForrester High School
 
Data Encryption Standards (1).pptx
Data Encryption Standards (1).pptxData Encryption Standards (1).pptx
Data Encryption Standards (1).pptxSanthosh Prabhu
 
Information and network security 20 data encryption standard des
Information and network security 20 data encryption standard desInformation and network security 20 data encryption standard des
Information and network security 20 data encryption standard desVaibhav Khanna
 
W 9 numbering system
W 9 numbering systemW 9 numbering system
W 9 numbering systemInstitute of Management Studies UOP
 
W 9 numbering system
W 9 numbering systemW 9 numbering system
W 9 numbering systemInstitute of Management Studies UOP
 
chap3.pdf
chap3.pdfchap3.pdf
chap3.pdfNickySanthosh1
 
Renas Rajab Asaad
Renas Rajab AsaadRenas Rajab Asaad
Renas Rajab AsaadRenas Rekany
 
Modern Block Cipher- Modern Symmetric-Key Cipher
Modern Block Cipher- Modern Symmetric-Key CipherModern Block Cipher- Modern Symmetric-Key Cipher
Modern Block Cipher- Modern Symmetric-Key CipherMahbubur Rahman
 
Ceng232 Decoder Multiplexer Adder
Ceng232 Decoder Multiplexer AdderCeng232 Decoder Multiplexer Adder
Ceng232 Decoder Multiplexer Addergueste731a4
 
Cit 1101 lec 02
Cit 1101 lec 02Cit 1101 lec 02
Cit 1101 lec 02sohag sikder
 
Computer Systems Data Representation
Computer Systems Data RepresentationComputer Systems Data Representation
Computer Systems Data Representationiarthur
 
Network Slides
Network SlidesNetwork Slides
Network Slidesiarthur
 
Bits and the organization of memory
Bits and the organization of memoryBits and the organization of memory
Bits and the organization of memorydmendonsa
 
dtei-180910104911-converted.pptx
dtei-180910104911-converted.pptxdtei-180910104911-converted.pptx
dtei-180910104911-converted.pptxdeepaMS4
 
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersCRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersJyothishmathi Institute of Technology and Science Karimnagar
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptographyNithyasriA2
 
Block Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxBlock Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxUsamaAliLone3
 
Ch03 des
Ch03 desCh03 des
Ch03 desmogtabamoutasem
 
Proyecto final curso – Electrónica Digital I
Proyecto final curso – Electrónica Digital IProyecto final curso – Electrónica Digital I
Proyecto final curso – Electrónica Digital IDaniel A. Lopez Ch.
 
Cryptography Symmetric Key Algorithm (CSE)
Cryptography Symmetric Key Algorithm (CSE)Cryptography Symmetric Key Algorithm (CSE)
Cryptography Symmetric Key Algorithm (CSE)SoumyaBhattacharyya14
 
DES Simplified
DES SimplifiedDES Simplified
DES SimplifiedShiraz316
 
COMMON SCRAMBLING ALGORITHM
COMMON SCRAMBLING ALGORITHMCOMMON SCRAMBLING ALGORITHM
COMMON SCRAMBLING ALGORITHManiruddh Tyagi
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 

More Related Content

Similar to cryptography2 WHICH IS VERY IMPOTRANT.pdf

Information and network security 20 data encryption standard des
Information and network security 20 data encryption standard desInformation and network security 20 data encryption standard des
Information and network security 20 data encryption standard desVaibhav Khanna
 
Modern Block Cipher- Modern Symmetric-Key Cipher
Modern Block Cipher- Modern Symmetric-Key CipherModern Block Cipher- Modern Symmetric-Key Cipher
Modern Block Cipher- Modern Symmetric-Key CipherMahbubur Rahman
 
Ceng232 Decoder Multiplexer Adder
Ceng232 Decoder Multiplexer AdderCeng232 Decoder Multiplexer Adder
Ceng232 Decoder Multiplexer Addergueste731a4
 
Computer Systems Data Representation
Computer Systems Data RepresentationComputer Systems Data Representation
Computer Systems Data Representationiarthur
 
Network Slides
Network SlidesNetwork Slides
Network Slidesiarthur
 
Bits and the organization of memory
Bits and the organization of memoryBits and the organization of memory
Bits and the organization of memorydmendonsa
 
dtei-180910104911-converted.pptx
dtei-180910104911-converted.pptxdtei-180910104911-converted.pptx
dtei-180910104911-converted.pptxdeepaMS4
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptographyNithyasriA2
 
Block Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxBlock Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxUsamaAliLone3
 
Proyecto final curso – Electrónica Digital I
Proyecto final curso – Electrónica Digital IProyecto final curso – Electrónica Digital I
Proyecto final curso – Electrónica Digital IDaniel A. Lopez Ch.
 
Cryptography Symmetric Key Algorithm (CSE)
Cryptography Symmetric Key Algorithm (CSE)Cryptography Symmetric Key Algorithm (CSE)
Cryptography Symmetric Key Algorithm (CSE)SoumyaBhattacharyya14
 
DES Simplified
DES SimplifiedDES Simplified
DES SimplifiedShiraz316
 
COMMON SCRAMBLING ALGORITHM
COMMON SCRAMBLING ALGORITHMCOMMON SCRAMBLING ALGORITHM
COMMON SCRAMBLING ALGORITHManiruddh Tyagi
 

Similar to cryptography2 WHICH IS VERY IMPOTRANT.pdf (20)

Information and network security 20 data encryption standard des
Information and network security 20 data encryption standard desInformation and network security 20 data encryption standard des
Information and network security 20 data encryption standard des
 
W 9 numbering system
W 9 numbering systemW 9 numbering system
W 9 numbering system
 
W 9 numbering system
W 9 numbering systemW 9 numbering system
W 9 numbering system
 
chap3.pdf
chap3.pdfchap3.pdf
chap3.pdf
 
Renas Rajab Asaad
Renas Rajab AsaadRenas Rajab Asaad
Renas Rajab Asaad
 
Modern Block Cipher- Modern Symmetric-Key Cipher
Modern Block Cipher- Modern Symmetric-Key CipherModern Block Cipher- Modern Symmetric-Key Cipher
Modern Block Cipher- Modern Symmetric-Key Cipher
 
Ceng232 Decoder Multiplexer Adder
Ceng232 Decoder Multiplexer AdderCeng232 Decoder Multiplexer Adder
Ceng232 Decoder Multiplexer Adder
 
Cit 1101 lec 02
Cit 1101 lec 02Cit 1101 lec 02
Cit 1101 lec 02
 
Computer Systems Data Representation
Computer Systems Data RepresentationComputer Systems Data Representation
Computer Systems Data Representation
 
Network Slides
Network SlidesNetwork Slides
Network Slides
 
Bits and the organization of memory
Bits and the organization of memoryBits and the organization of memory
Bits and the organization of memory
 
dtei-180910104911-converted.pptx
dtei-180910104911-converted.pptxdtei-180910104911-converted.pptx
dtei-180910104911-converted.pptx
 
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersCRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptography
 
Block Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxBlock Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docx
 
Ch03 des
Ch03 desCh03 des
Ch03 des
 
Proyecto final curso – Electrónica Digital I
Proyecto final curso – Electrónica Digital IProyecto final curso – Electrónica Digital I
Proyecto final curso – Electrónica Digital I
 
Cryptography Symmetric Key Algorithm (CSE)
Cryptography Symmetric Key Algorithm (CSE)Cryptography Symmetric Key Algorithm (CSE)
Cryptography Symmetric Key Algorithm (CSE)
 
DES Simplified
DES SimplifiedDES Simplified
DES Simplified
 
COMMON SCRAMBLING ALGORITHM
COMMON SCRAMBLING ALGORITHMCOMMON SCRAMBLING ALGORITHM
COMMON SCRAMBLING ALGORITHM
 

Recently uploaded

Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxabhijeetpadhi001
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 

Recently uploaded (20)

Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptx
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 

cryptography2 WHICH IS VERY IMPOTRANT.pdf

  • 1. Chapter 6 Data Encryption Standard (DES) 6.1
  • 2. Objectives Chapter 6 ❏ To review a short history of DES y ❏ To define the basic structure of DES ❏ To describe the details of building elements of DES ❏ To describe the round keys generation process ❏ To analyze DES 6.2
  • 3. 6 6- -1 INTRODUCTION 1 INTRODUCTION The The Data Data Encryption Encryption Standard Standard (DES) (DES) is is a a symmetric symmetric- - k k bl k bl k i h i h bli h d bli h d b b h h N i l N i l I i I i f f key key block block cipher cipher published published by by the the National National Institute Institute of of Standards Standards and and Technology Technology (NIST) (NIST). . Topics discussed in this section: Topics discussed in this section: 6.1.1 History 6.1.2 Overview 6.3
  • 4. 6.1.1 History In 1973, NIST published a request for proposals for a national symmetric-key cryptosystem. A proposal from y y yp y p p f IBM, a modification of a project called Lucifer, was accepted as DES. DES was published in the Federal Register in March 1975 as a draft of the Federal Information Processing Standard (FIPS). 6.4
  • 5. 6.1.2 Overview DES is a block cipher, as shown in Figure 6.1. Figure 6.1 Encryption and decryption with DES 6.5
  • 6. 6 6- -2 DES STRUCTURE 2 DES STRUCTURE The The encryption encryption process process is is made made of of two two permutations permutations (P (P- -boxes), boxes), which which we we call call initial initial and and final final (P (P boxes), boxes), which which we we call call initial initial and and final final permutations, permutations, and and sixteen sixteen Feistel Feistel rounds rounds. . Topics discussed in this section: Topics discussed in this section: 6.2.1 Initial and Final Permutations 6.2.2 Rounds 6.2.3 Cipher and Reverse Cipher 6.6 p p 6.2.4 Examples
  • 7. 6 6- -2 Continue 2 Continue Figure 6.2 General structure of DES 6.7
  • 8. 6.2.1 Initial and Final Permutations Figure 6.3 Initial and final permutation steps in DES 6.8
  • 9. 6.2.1 Continue Table 6 1 Initial and final permutation tables Table 6.1 Initial and final permutation tables 6.9
  • 10. 6.2.1 Continued Example 6.1 Find Find the the output output of of the the initial initial permutation permutation box box when when the the input input is is given given in in hexadecimal hexadecimal as as: : Solution Solution Only Only bit bit 25 25 and and bit bit 64 64 are are 1 1s s; ; the the other other bits bits are are 0 0s s. . In In the the final final permutation, permutation, bit bit 25 25 becomes becomes bit bit 64 64 and and bit bit 63 63 becomes becomes bit bit 15 15. . The The result result is is The The result result is is 6.10
  • 11. 6.2.1 Continued Example 6.2 Prove Prove that that the the initial initial and and final final permutations permutations are are the the inverse inverse p p of of each each other other by by finding finding the the output output of of the the final final permutation permutation if if the the input input is is Solution Solution The The input input has has only only two two 1 1s s; ; the the output output must must also also have have only only two two 1 1s s. . Using Using Table Table 6 6. .1 1, , we we can can find find the the output output related related to to these these two two bits bits Bit Bit 15 15 in in the the input input becomes becomes bit bit 63 63 in in the the output output Bit Bit two two bits bits. . Bit Bit 15 15 in in the the input input becomes becomes bit bit 63 63 in in the the output output. . Bit Bit 64 64 in in the the input input becomes becomes bit bit 25 25 in in the the output output. . So So the the output output has has only only two two 1 1s, s, bit bit 25 25 and and bit bit 63 63. . The The result result in in hexadecimal hexadecimal is is 6.11
  • 12. 6.2.1 Continued Note The initial and final permutations are straight P-boxes that are inverses of each other. They have no cryptography significance in DES. 6.12
  • 13. 6.2.2 Rounds DES uses 16 rounds. Each round of DES is a Feistel cipher. Fi 6 4 Figure 6.4 A round in DES (encryption site) 6.13
  • 14. 6.2.2 Continued DES Function The heart of DES is the DES function. The DES function applies a 48-bit key to the rightmost 32 bits to produce a 32-bit output. Figure 6.5 DES function 6.14
  • 15. 6.2.2 Continue Expansion P-box Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand RI−1 to 48 bits. Figure 6.6 Expansion permutation 6.15
  • 16. 6.2.2 Continue Although the relationship between the input and output can be defined mathematically, DES uses Table 6.2 to define this P-box. Table 6 6 Expansion P box table Table 6.6 Expansion P-box table 6.16
  • 17. 6.2.2 Continue Whitener (XOR) After the expansion permutation, DES uses the XOR operation on the expanded right section and the round key. Note that both the right section and the key are 48- bits in length. Also note that the round key is used only in this operation. 6.17
  • 18. 6.2.2 Continue S-Boxes The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output. See Figure 6.7. Figure 6.7 S-boxes 6.18
  • 19. 6.2.2 Continue Figure 6.8 S-box rule 6.19
  • 20. Table 6 3 shows the permutation for S box 1 For the rest 6.2.2 Continue Table 6.3 shows the permutation for S-box 1. For the rest of the boxes see the textbook. Table 6.3 S-box 1 6.20
  • 21. Example 6.3 6.2.2 Continued The The input input to to S S- -box box 1 1 is is 1 10001 00011 1. . What What is is the the output? output? If If we we write write the the first first and and the the sixth sixth bits bits together, together, we we get get 11 11 in in bi bi hi h hi h i i 3 3 i i d i l d i l Th Th i i i i bit bit 0001 0001 i i Solution Solution binary, binary, which which is is 3 3 in in decimal decimal. . The The remaining remaining bits bits are are 0001 0001 in in binary, binary, which which is is 1 1 in in decimal decimal. . We We look look for for the the value value in in row row 3 3, , column column 1 1, , in in Table Table 6 6. .3 3 (S (S- -box box 1 1) ). . The The result result is is 12 12 in in decimal, decimal, which which in in binary binary is is 1100 1100. . So So the the input input 100011 100011 yields yields the the output output 1100 1100. . 6.21
  • 22. Example 6.4 6.2.2 Continued The The input input to to S S- -box box 8 8 is is 000000 000000. . What What is is the the output? output? If If we we write write the the first first and and the the sixth sixth bits bits together, together, we we get get 00 00 in in bi bi hi h hi h i i 0 0 i i d i l d i l Th Th i i i i bit bit 0000 0000 i i Solution Solution binary, binary, which which is is 0 0 in in decimal decimal. . The The remaining remaining bits bits are are 0000 0000 in in binary, binary, which which is is 0 0 in in decimal decimal. . We We look look for for the the value value in in row row 0 0, , column column 0 0, , in in Table Table 6 6. .10 10 (S (S- -box box 8 8) ). . The The result result is is 13 13 in in decimal, decimal, which which is is 1101 1101 in in binary binary. . So So the the input input 000000 000000 yields yields the the output output 1101 1101. . 6.22
  • 23. 6.2.2 Continue Straight Permutation T bl 6 11 Table 6.11 Straight permutation table 6.23
  • 24. 6.2.3 Cipher and Reverse Cipher Using mixers and swappers, we can create the cipher and reverse cipher, each having 16 rounds. First Approach T hi thi l h i t k th l t To achieve this goal, one approach is to make the last round (round 16) different from the others; it has only a mixer and no swapper mixer and no swapper. Note In the first approach, there is no swapper in Note 6.24 the last round.
  • 25. 6.2.3 Continued Figure 6.9 DES cipher and reverse cipher for the first approach g p p f f pp 6.25
  • 26. 6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher 6.26
  • 27. 6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher (Continued) 6.27
  • 28. 6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher (Continued) 6.28
  • 29. 6.2.3 Continued Algorithm 6.1 Pseudocode for DES cipher (Continued) 6.29
  • 30. 6.2.3 Continued Alternative Approach We can make all 16 rounds the same by including one We can make all 16 rounds the same by including one swapper to the 16th round and add an extra swapper after that (two swappers cancel the effect of each other). ( pp ff f ) Key Generation Key Generation The round-key generator creates sixteen 48-bit keys out of a 56 bit cipher key of a 56-bit cipher key. 6.30
  • 31. 6.2.3 Continued Figure 6.10 Key generation Key generation 6.31
  • 32. 6.2.3 Continued Table 6.12 Parity-bit drop table Table 6.13 Number of bits shifts 6.32
  • 33. 6.2.3 Continued Table 6.14 Key-compression table 6.33
  • 34. 6.2.3 Continued Algorithm 6.2 Algorithm for round-key generation 6.34
  • 35. 6.2.3 Continued Algorithm 6.2 Algorithm for round-key generation (Continue) 6.35
  • 36. Example 6.5 6.2.4 Examples We We choose choose a a random random plaintext plaintext block block and and a a random random key, key, and and determine determine what what the the ciphertext ciphertext block block would would be be (all (all in in hexadecimal) hexadecimal): : Table 6.15 Trace of data for Example 6.5 6.36
  • 37. Example 6.5 6.2.4 Continued Continued Table 6.15 Trace of data for Example 6.5 (Conintued 6.37
  • 38. Example 6.6 6.2.4 Continued Let Let us us see see how how Bob, Bob, at at the the destination, destination, can can decipher decipher the the ciphertext ciphertext received received from from Alice Alice using using the the same same key key. . Table Table 6 6. .16 16 shows shows some some interesting interesting points points. . 6.38
  • 39. 6 6- -3 DES ANALYSIS 3 DES ANALYSIS Critics Critics have have used used a a strong strong magnifier magnifier to to analyze analyze DES DES. . Tests Tests have have been been done done to to measure measure the the strength strength of of some some Tests Tests have have been been done done to to measure measure the the strength strength of of some some desired desired properties properties in in a a block block cipher cipher. . Topics discussed in this section: Topics discussed in this section: 6.3.1 Properties 6.3.2 Design Criteria 6.3.3 DES Weaknesses 6.39
  • 40. 6.3.1 Properties Two desired properties of a block cipher are the avalanche effect and the completeness. Example 6.7 To To check check the the avalanche avalanche effect effect in in DES, DES, let let us us encrypt encrypt two two plaintext plaintext blocks blocks (with (with the the same same key) key) that that differ differ only only in in one one bit bit d d b b h h diff diff i i h h b b f f bi bi i i h h and and observe observe the the differences differences in in the the number number of of bits bits in in each each round round. . 6.40
  • 41. Example 6.7 6.3.1 Continued Continued Although Although the the two two plaintext plaintext blocks blocks differ differ only only in in the the rightmost rightmost bit, bit, the the ciphertext ciphertext blocks blocks differ differ in in 29 29 bits bits. . This This means means that that bit, bit, the the ciphertext ciphertext blocks blocks differ differ in in 29 29 bits bits. . This This means means that that changing changing approximately approximately 1 1. .5 5 percent percent of of the the plaintext plaintext creates creates a a change change of of approximately approximately 45 45 percent percent in in the the ciphertext ciphertext. . Table 6.17 Number of bit differences for Example 6.7 6.41
  • 42. 6.3.1 Continued Completeness effect Completeness effect means that each bit of the ciphertext Completeness effect means that each bit of the ciphertext needs to depend on many bits on the plaintext. 6.42
  • 43. 6.3.2 Design Criteria S-Boxe The design provides confusion and diffusion of bits from h d t th t each round to the next. P-Boxes h id diff i f bi They provide diffusion of bits. Number of Rounds DES uses sixteen rounds of Feistel ciphers. the ciphertext i th hl d f ti f l i t t d is thoroughly a random function of plaintext and ciphertext. 6.43
  • 44. 6.3.3 DES Weaknesses During the last few years critics have found some weaknesses in DES. Weaknesses in Cipher Design 1. Weaknesses in S-boxes 2 Weaknesses in P boxes 2. Weaknesses in P-boxes 3. Weaknesses in Key 6.44
  • 45. Example 6.8 6.3.3 Continued Let Let us us try try the the first first weak weak key key in in Table Table 6 6. .18 18 to to encrypt encrypt a a block block two two times times. . After After two two encryptions encryptions with with the the same same key key the the original original plaintext plaintext block block is is created created. . Note Note that that we we have have used used the the encryption encryption algorithm algorithm two two times, times, not not one one encryption encryption followed followed by by another another decryption decryption. . yp yp y y yp yp 6.45
  • 46. 6.3.3 Continued Figure 6.11 Double encryption and decryption with a weak key 6.46
  • 49. 6.3.3 Continued Figure 6.12 A pair of semi-weak keys in encryption and decryption 6.49
  • 50. Example 6.9 6.3.3 Continued What What is is the the probability probability of of randomly randomly selecting selecting a a weak, weak, a a semi semi- - weak, weak, or or a a possible possible weak weak key? key? , , p p y y Solution Solution 56 56 DES DES has has a a key key domain domain of of 2 256 56. . The The total total number number of of the the above above keys keys are are 64 64 ( (4 4 + + 12 12 + + 48 48) ). . The The probability probability of of choosing choosing one one of of these these keys keys is is 8 8. .8 8 × × 10 10− −16 16, , almost almost impossible impossible. . y y , , p p 6.50
  • 52. Example 6.10 6.3.3 Continued Let Let us us test test the the claim claim about about the the complement complement keys keys. . We We have have used used an an arbitrary arbitrary key key and and plaintext plaintext to to find find the the corresponding corresponding y y y y p p p g p g ciphertext ciphertext. . If If we we have have the the key key complement complement and and the the plaintext, plaintext, we we can can obtain obtain the the complement complement of of the the previous previous ciphertext ciphertext (Table (Table 6 6 20 20) ) (Table (Table 6 6. .20 20) ). . 6.52
  • 53. 6 6- -4 Multiple DES 4 Multiple DES The The major major criticism criticism of of DES DES regards regards its its key key length length. . Fortunately Fortunately DES DES is is not not a a group group. . This This means means that that we we Fortunately Fortunately DES DES is is not not a a group group. . This This means means that that we we can can use use double double or or triple triple DES DES to to increase increase the the key key size size. . 6.4.1 Double DES 6 4 4 T i l DES Topics discussed in this section: Topics discussed in this section: 6.53 6.4.4 Triple DES
  • 54. 6 6- -4 Continued 4 Continued A A substitution substitution that that maps maps every every possible possible input input to to every every possible possible output output is is a a group group. . Figure 6.13 Composition of mapping 6.54
  • 55. 6.4.1 Double DES The first approach is to use double DES (2DES). Meet-in-the-Middle Attack Meet in the Middle Attack However, using a known-plaintext attack called meet-in- the-middle attack proves that double DES improves this vulnerability slightly (to 257 tests), but not tremendously (to 2112). 6.55
  • 56. 6.4.1 Continued Figure 6 14 Meet-in-the-middle attack for double DES Figure 6.14 Meet-in-the-middle attack for double DES 6.56
  • 57. 6.4.1 Continued Figure 6.15 Tables for meet-in-the-middle attack 6.57
  • 58. 6.4.2 Triple DES Fi 6 16 Figure 6.16 Triple DES with two keys 6.58
  • 59. 6.4.2 Continuous Triple DES with Three Keys The possibility of known-plaintext attacks on triple DES with two keys has enticed some applications to use triple DES with three keys. Triple DES with three keys is used by many applications such as PGP (See Chapter 16) by many applications such as PGP (See Chapter 16). 6.59
  • 60. 6 6- -5 Security of DES 5 Security of DES DES, DES, as as the the first first important important block block cipher, cipher, has has gone gone through through much much scrutiny scrutiny Among Among the the attempted attempted attacks attacks through through much much scrutiny scrutiny. . Among Among the the attempted attempted attacks, attacks, three three are are of of interest interest: : brute brute- -force, force, differential differential cryptanalysis, cryptanalysis, and and linear linear cryptanalysis cryptanalysis. . yp y yp y yp y yp y Topics discussed in this section: Topics discussed in this section: 6.5.1 Brute-Force Attack 6.5.2 Differential Cryptanalysis 6.5.3 Linear Cryptanalysis 6.60 yp y
  • 61. 6.5.1 Brute-Force Attack We have discussed the weakness of short cipher key in DES. Combining this weakness with the key complement k it i l th t DES b b k i 255 weakness, it is clear that DES can be broken using 255 encryptions. 6.61
  • 62. 6.5.2 Differential Cryptanalysis It has been revealed that the designers of DES already knew about this type of attack and designed S-boxes and h 16 th b f d t k DES chose 16 as the number of rounds to make DES specifically resistant to this type of attack. Note We show an example of DES differential cryptanalysis in Appendix N cryptanalysis in Appendix N. 6.62
  • 63. 6.5.3 Linear Cryptanalysis Linear cryptanalysis is newer than differential cryptanalysis. DES is more vulnerable to linear cryptanalysis than to differential cryptanalysis S boxes cryptanalysis than to differential cryptanalysis. S-boxes are not very resistant to linear cryptanalysis. It has been shown that DES can be broken using 243 pairs of known s ow t at S ca be b o e usi g pai s of ow plaintexts. However, from the practical point of view, finding so many pairs is very unlikely. Note We show an example of DES linear cryptanalysis in Appendix N 6.63 cryptanalysis in Appendix N.