1. Subject Name: Cryptography and Network Security
Subject Code:KCS074
UNIT No:1
Lecture No:5
Topic Name:Shannon’s theory of confusion and diffusion,
Fiestal structure
Ms. Manvi Mishra
Department of CSE
1
RIT701/ Unit-I
2. Content
Stream and block ciphers
Modern Block Cipher
Block Cipher Principle
Shannon’s theory of confusion and diffusion
fiestal structure
2
RIT701/ Unit-I
3. Stream and block ciphers
• An important distinction in symmetric cryptographic algorithms is
between stream and block ciphers.
• Stream ciphers convert one symbol of plaintext directly into a symbol
of ciphertext.
• Block ciphers encrypt a group of plaintext symbols as one block.
Simple substitution is an example of a stream cipher.
Columnar transposition is a block cipher.
Most modern symmetric encryption algorithms are block ciphers. Block
sizes vary (64 bits for DES, 128 bits for AES, etc.).
3
RIT 701/ Unit-I
4. Stream Encryption
Advantages:
• Speed of transformation: algorithms are linear in time and constant in
space.
• Low error propogation: an error in encrypting one symbol likely will
not affect subsequent symbols.
Disadvantages:
• Low diffusion: all information of a plaintext symbol is contained in a
single ciphertext symbol.
• Susceptibility to insertions/ modifications: an active interceptor who
breaks the algorithm might insert spurious text that looks authentic.
4
RIT 701/ Unit-I
5. Block cipher
Advantages:
• High diffusion: information from one plaintext symbol is diffused into
several ciphertext symbols.
• Immunity to tampering: difficult to insert symbols without detection.
Disadvantages:
• Slowness of encryption: an entire block must be accumulated before
encryption / decryption can begin.
• Error propogation: An error in one symbol may corrupt the entire
block.
5
RIT 701/ Unit-I
6. Shannon’s theory of confusion and diffusion
• In cryptography, confusion and diffusion are two properties of the operation of a
secure cipher which were identified by Claude Shannon in his
paper Communication Theory of Secrecy Systems, published in 1949.
• In Shannon's original definitions, confusion refers to making the relationship
between the key and the ciphertext as complex and involved as
possible; diffusion refers to the property that the redundancy in the statistics of
the plaintext is "dissipated" in the statistics of the ciphertext. In other words,
the non-uniformity in the distribution of the individual letters (and pairs of
neighbouring letters) in the plaintext should be redistributed into the non-
uniformity in the distribution of much larger structures of the ciphertext, which is
much harder to detect.
RIT 701/ Unit-I 6
7. CONTINUE..
• Diffusion means that the output bits should depend on the input bits
in a very complex way. In a cipher with good diffusion, if one bit of the
plaintext is changed, then the ciphertext should change completely, in
an unpredictable or pseudorandom manner. In particular, for a
randomly chosen input, if one flips the i-th bit, then the probability
that the j-th output bit will change should be one half, for
any i and j — this is termed the strict avalanche criterion. More
generally, one may require that flipping a fixed set of bits should
change each output bit with probability one half.
RIT 701/ Unit-I 7
8. • One aim of confusion is to make it very hard to find the key even if one has a large
number of plaintext-ciphertext pairs produced with the same key. Therefore, each
bit of the ciphertext should depend on the entire key, and in different ways on
different bits of the key. In particular, changing one bit of the key should change
the ciphertext completely.
• The simplest way to achieve both diffusion and confusion is a substitution-
permutation network. In these systems, the plaintext and the key often have a very
similar role in producing the output, hence it is the same mechanism that ensures
both diffusion and confusion.
RIT 701/ Unit-I 8
9. Block Cipher Principle
• most symmetric block ciphers are based on a Feistel Cipher Structure
• needed since must be able to decrypt ciphertext to recover messages
efficiently
• block ciphers look like an extremely large substitution
• would need table of 264 entries for a 64-bit block
• instead create from smaller building blocks
RIT 701/ Unit-I 9
10. Feistel Cipher
using idea of a product cipher in 1949 Claude Shannon introduced idea of substitution-
permutation (S-P) networks called modern substitution-transposition product cipher these
form the basis of modern block ciphers
S-P networks are based on the two primitive cryptographic operations we have seen before:
substitution (S-box)
permutation (P-box)
provide confusion and diffusion of message
•
RIT 701/ Unit-I 10
11. diffusion – dissipates statistical structure of plaintext over bulk of ciphertext
confusion – makes relationship between ciphertext and key as complex as possible
• The Feistel Cipher is a structure used to create block ciphers. It has
many rounds of encryption to increase security. In each round,
different techniques are applied to the plain text to encrypt it. Each
round has one substitution technique. The plain text after passing
through all these rounds gets converted into the Ciphertext. The
complete process of the encryption is explained as follows,
RIT 701/ Unit-I 11
12. The Feistel Cipher encryption process
• The process of encryption Feistel Cipher takes place as follows,
• n this Cipher, the plain text is divided into two equal parts. The left part
is denoted as L and the Right part is denoted as R.
• Every round has an encryption function that is applied to the plain text.
(It is applied only to one of the two divisions of the plain text, that is to
the left one.)
• The encryption function is applied on the left part of the plain text and
the right part goes unchanged in every round.
• The encryption function has two parameters: Encryption key and Right
part of the plain text.
• XOR operation is performed between the Left part and the encryption
function.
RIT 701/ Unit-I 12
13. continue
• The Right part becomes the Left part of the next round and the output of the XOR
operation becomes the Right part of the next round. It means that the substituted
right part and unchanged right part are swapped for the next round.
• Each round has a different encryption key or we can say that the key is round
dependent, i.e. the key for every round is generated in advance.
• The process shown above is of a single round. The number of rounds depends
upon the algorithm of the process.
• The difficult part of this algorithm is designing the round function because it must
be applied in every round until the final ciphertext is received. The more the
number of rounds, the more secure the data becomes.
RIT701/ Unit-I 13
15. Feistel Cipher
• The decryption process of Feistel Cipher is almost the same as the
encryption process. Just like we entered the plain text in the Feistel
block, we have to do the same with the ciphertext. The ciphertext will
be divided into two parts just like the plain text. The only difference is
that the keys will be used in reverse order.
• Number of rounds:
The number of rounds depends upon how much security you want.
Security is directly proportional to the number of rounds. But
simultaneously it slows down the speed of encryption and
decryption. The larger the number of rounds is, the creation of
ciphertext from plain text and plain text from ciphertext will be slow.
RIT701/ Unit-I 15
16. Questions:-
1.Draw the structure of Feistel cipher.
2.Differentiate between stream cipher and block cipher.
3.Short note on Shannon’s theory of confusion and diffusion
4. What is a block cipher?
2. What is cipher block chaining?
16
RIT701/ Unit-I
17. 17
References:-
Text books:
1. William Stallings, “Cryptography and Network Security: Principals and Practice”,
Pearson Education.
2. Behrouz A. Frouzan: Cryptography and Network Security, Tata McGraw Hill
3. C K Shyamala, N Harini, Dr. T.R.Padmnabhan Cryptography and Security ,Wiley
4. Bruce Schiener, “Applied Cryptography”. John Wiley & Sons
RIT701/ Unit-I