SlideShare a Scribd company logo

13528 l8

Download as PPT, PDF
R
ridhika_gulati
EducationTechnology
1 of 74
Block Ciphers and Data Encryption Standard (Class-L8) Lecture Slides By: Monalisa Panigrahi Asst. Professor LPU
Algorithm Types • It defines what size of plain text should be encrypted in each step of algorithm – Stream Cipher – Block Cipher
Stream Cipher • Plaintext is encrypted one bit at a time • Suppose message is “Pay 101” in ASCII • In binary it can be a series of 1 and 0; • Every bit will be applied with a encryption algorithms • Let Say binary data is 10010101 – Apply XOR with a key operation will get a cipher text
Block Ciphers • A block of bits is encrypted at one go • Suppose a plaint text is FOUR_AND_FOUR • It can be encrypted in blocks of “FOUR”, “_AND_”, and “FOUR”
How to use a block cipher? • Block ciphers encrypt fixed size blocks – E.g. DES encrypts 64-bit blocks • We need some way to encrypt a message of arbitrary length – E.g. a message of 1000 bytes • NIST defines five ways to do it – Called modes of operations 5
Algorithm Modes • It is a combination of a series of the basic algorithm steps on block cipher and kind of feedback from the previous steps
Five Modes of Operation – Electronic codebook mode (ECB) – Cipher block chaining mode (CBC) – most popular – Output feedback mode (OFB) – Cipher feedback mode (CFB) – Counter mode (CTR) 7
Electronic Code Book (ECB) • The plaintext is broken into blocks, P1, P2, P3, ... • Each block contains 64 bits each • Each block is encrypted independently of the other blocks • For all blocks in a message, the same key is used for encryption • At the Receiver end, the incoming data is divided into 64-bit blocks and used the same key for decryption 8
Remarks on ECB • Strength: it’s simple. • Weakness: – Repetitive information contained in the plaintext may show in the ciphertext, if aligned with blocks. – If the same message (e.g., an SSN) is encrypted (with the same key) and sent twice, their cipher texts are the same. • Typical application: secure transmission of short pieces of information 9
Cipher Block Chaining (CBC) • The plaintext is broken into blocks: P , P2 , P3 , ... 1 • Each plaintext block is XORed ( chained ) with the previous ciphertext block before encryption (hence the name): Ci = E K ( Ci −1 ⊕ Pi ) C0 = IV • Use an Initial Vector ( IV ) to start the process. • Decryption : Pi = Ci −1 ⊕ D K (Ci ) • Application : general block-oriented transmission. 10
Cipher Block Chaining (CBC) 11
Remarks on CBC • The encryption of a block depends on the current and all blocks before it. • So, repeated plaintext blocks are encrypted differently. • Initialization Vector (IV) – Must be known to both the sender & receiver – Typically, IV is either a fixed value or is sent encrypted in ECB mode before the rest of ciphertext. 12
Cipher feedback mode (basic version) • Plaintext blocks: p1, p2, … • Key: k • Basic idea: construct key stream k1, k2, k3, … • Encryption: c0 = IV   ki = Ek (ci −1 ), for i ≥ 1  ci = pi ⊕ ki , for i ≥ 1  13
Cipher Feedback (CFB) Mode • The plaintext is a sequence of segments of s bits (where s ≤ block-size): P , P2 , P3 , P4 , … 1 • Encryption is used to generate a sequence of keys, each of s bits: K1 , K 2 , K 3 , K 4 , … • The ciphertext is C1 , C2 , C3 , C4 , …, where Ci = Pi ⊕ Ki • How to generate the key stream? 14
Generating Key Stream for CFB • The input to the block cipher is a shift register x; its value at stage i is denoted as xi . • Initially, x1 = an initial vector (IV). For i > 1, xi = shift-left-s -bits(xi −1 ) PCi −1. • Then, K i = s -most-significant-bits(E K ( xi )). 15
Encryption in CFB Mode 16
Decryption in CFB Mode • Generate key stream K1 , K 2 , K 3 , K 4 , … the same way as for encryption. • Then decrypt each ciphertext segment as: Pi = Ci ⊕ K i 17
Remark on CFB • The block cipher is used as a stream cipher. • Appropriate when data arrives in bits/bytes. • s can be any value; a common value is s = 8. • A ciphertext segment depends on the current and all preceding plaintext segments. • A corrupted ciphertext segment during transmission will affect the current and next several plaintext segments. 18
Output feedback mode (basic version) • Plaintext blocks: p1, p2, … • Key: k • Basic idea: construct key stream k1, k2, k3, … • Encryption:  k0 = IV    ki = Ek ( ki −1 ), for i ≥ 1   ci = pi ⊕ ki , for i ≥ 1  19
Output Feedback (OFB) Mode • Very similar to Cipher Feedback in structure. • But K i −1 rather than Ci −1 is fed back to the next stage. • As in CFB, the input to the block cipher is a shift register x; its value at stage i is denoted as xi . • Initially, x1 = an initial vector (IV). For i > 1, xi = shift-left-s -bits(xi −1 ) PK i −1. • Then, K i = s -most-significant-bits(E K ( xi )). 20
Cipher Feedback Output Feedback 21
Remark on OFB • The block cipher is used as a stream cipher. • Appropriate when data arrives in bits/bytes. • Advantage: – more resistant to transmission errors; a bit error in a ciphertext segment affects only the decryption of that segment. • Disadvantage: – Cannot recover from lost ciphertext segments; if a ciphertext segment is lost, all following segments will be decrypted incorrectly (if the receiver is not aware of the segment loss). • IV should be generated randomly each time and sent with the ciphertext. 22
Counter Mode (CTR) • Plaintext blocks: p1, p2, p3, … • Key: k • Basic idea: construct key stream k1, k2, k3, … • Encryption: T1 = IV Ti = Ti-1 + 1 Ci = Pi ♁ EK(Ti) C = (IV, C1, C2, C3, ...) 23
Remark on CTR • Strengthes: – Needs only the encryption algorithm – Fast encryption/decryption; blocks can be processed (encrypted or decrypted) in parallel; good for high speed links – Random access to encrypted data blocks • IV should not be reused. 24
Data Encryption Standard (DES) • most widely used block cipher in world • adopted in 1977 by NBS (now NIST) • encrypts 64-bit data using 56-bit key • has widespread use • has been considerable controversy over its security
DES History • IBM developed Lucifer cipher – by team led by Feistel in late 60’s – used 64-bit data blocks with 128-bit key • then redeveloped as a commercial cipher with input from NSA and others • in 1973 NBS issued request for proposals for a national cipher standard • IBM submitted their revised Lucifer which was eventually accepted as the DES
DES Design Controversy • although DES standard is public • was considerable controversy over design – in choice of 56-bit key (vs Lucifer 128-bit) – and because design criteria were classified • subsequent events and public analysis show in fact design was appropriate • use of DES has flourished – especially in financial applications – still standardised for legacy application use
DES : Basic Principles • DES is a Block Cipher. • It Encrypts data in blocks of size 64 bits each • 64 bits of plain text goes as the input to DES, which produces 64 bits of Cipher Text. • The key length is 56 Bits.
How Does DES Works ???
Key Size (56 Bits) How ??? • The Initial Key Consists of 64 bits. • • Before the DES process starts, every 8th bit of the key is discarded to produce a 56 bit key. • Bit positions (8, 16, 24, 32, 40,48,56,64) are discarded. • These bits can be used for parity checking to ensure that the key does not contain any error
56 Bit key 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
Key Discarding Process
DES - Basics • DES uses the two basic techniques of cryptography – Substitution Technique (confusion) and Transposition Technique (diffusion). • DES consists of 16 Steps, each of which is known as round • Each round performs the steps of Substitution and Transposition
Level of steps in DES 1. The 64 bit plain text block is handed over to an Initial Permutation (IP) function 2. The IP is performed on plain text 3. The IP produces two halves of the permuted block: – LPT (Left Plain Text) – RPT (Right Plain Text)
Level of steps in DES 4. Each of LPT and RPT go through 16 rounds of encryption process 5. In the End, LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the combined block 6. The result produces 64-bit cipher text.
Broad Level steps in DES
DES Encryption Overview
Initial Permutation (IP) • IP happens only once and it happens before the first round • It suggests how the transposition in IP should proceed • It says that the IP replaces the first bit of the original plain text block with the 58th bit of the original plain text block • 2nd bit with 50th bit and so on.
Idea of IP
IP TABLE 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
Initial Permutation IP • The resulting 64 bits text block is divided into two half blocks (each 32 bits) • 16 rounds are performed on these two blocks
Permutation on 56 Bit Key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
Details Of one Round in DES
Step 1 : Key Transformation • For each round, 56 bit key is available • From this 56 bit key, a different 48-bit sub key is generated during each round using a process called as Key Transformation • In this method, a 56 bit key is divided into two halves, each of 28 bits • These halves are circularly shifted by 1 or 2 positions, depending on the round
Number of Key bits shifted per round 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Round 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1 Shift
56 Bit key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
56 Bit key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
After Round-1 • 56 Bit Key: 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 57 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4 63
How to Select 48 bit Key from 56 Bit key • Since the Key Transformation process involves permutation as well as selection of a 48 bit sub- set of the original 56-bit key, It is called as Compression Permutation 14 17 11 24 1 5 3 28 15 6 21 10 23 19 12 4 26 8 16 7 27 20 13 2 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 18 bit number is discarded
Step 2 : Expansion Permutation • The RPT is expanded from 32 bits to 48 bits • The RPT is divided into 8 blocks, with each block consists of 4 bits • For per 4-bit block, 2 more bits are added.
Division of 32 bit RPT into Eight 4-bit block
RPT Expansion Process
Expansion Permutation Table 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 15 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1
Expansion Permutation Table 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 15 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1
S-Box Substitution • It is a Process that accepts the 48- bit input from the XOR operation involving the compressed key and Expanded RPT and Produces a 32 bit output using Substitution Technique
Way to S-Box Substitution
S-Box Substitution
Selecting an Entry in a S- Box based on the 6-bit input
Example
P-Box Permutation • The output of S-box Contains 32 bits • These 32 bits are permuted using P- Box
P-Box Permutation 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 19 13 30 6 22 11 4 25
XOR and SWAP
Final Permutation (IP inverse) 40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
DES Example - Key K = 581FBC94D3A452EA X = 3570E2F1BA4682C7 K = ( 0101 1000 0001 1111 1011 1100 1001 0100 1101 0011 1010 0100 0101 0010 1110 1010 ) C0 = ( 10111100110100 01101001000101 ) D0 = ( 11010010001011 10100001111111 )
DES Example - Key C1 = ( 0111 1001 1010 0011 0100 1000 1011 ) D1 = ( 1010 0100 0101 1101 0000 1111 1111 ) K1 = ( 001001 111010 000101 101001 111001 011000 110111 011010 ) C2 = ( 1111 0011 0100 0110 1001 0001 0110 ) D2 = ( 0100 1000 1011 1010 0001 1111 1111 ) K2 = ( 110110 101001 000111 011101 110101 111011 011101 001000 )
DES Example - Data K=581FBC94D3A452EA X=3570E2F1BA4682C7 X = (x1, x2, x3, …, x64) =( 0011 0101 0111 0000 1110 0010 1111 0001 1011 1010 0100 0110 1000 0010 1100 0111) This plaintext X is first subjected to an Initial Permutation – IP which gives L0 = ( 1010 1110 0001 1011 1010 0001 1000 1001) A E 1 B A 1 8 9 R0 =( 1101 1100 0001 111 0001 0000 1111 0100) D C 1 F 1 0 F 4
DES Example - Data E(R0) = ( 011011 111000 000011 111110 100010 100001 01110 101001) Γ1 = E(R0) ⊕ K1 = ( 010010 000010 000110 010111 011011 111001 101001 110011) S501(1101) = S51(13) = 9 = 1001 S611(1100) = S63(12) = 6 = 0110 S711(0100) = S73(4) = 1 = 0001 S811(1001) = S83(9) = 12 = 1100
DES Example - Data B1 = (1010 0001 1110 1100 1001 0110 0001 1100) P(B1) = (0010 1011 1010 0001 0101 0011 0110 1100) R1 = P(B1) ⊕ L0 = (1000 0101 1011 1010 1111 0010 1110 0101) 8 5 B A F 2 E 5
DES Example - Data L1 = (1101 1100 0001 1111 0001 0000 1111 0100) D C 1 F 1 0 F 4 E(R1) = ( 110000 001011 110111 110101 011110 100101 011100 001011) Γ2 = E(R1) ⊕ K2 = ( 000110 100010 110000 101000 101011 011110 000001 000011)
DES Example - Data S100(0011) = S11(3) = 1 = 0001 S210(0001) = S23(1) = 14 = 1110 S310(1000) = S33(8) = 11 = 1011 S410(0100) = S43(4) = 12 = 1100 S511(0101) = S51(5) = 14 = 1110 S600(1111) = S63(15) = 11 = 1011 S701(0000) = S73(0) = 13 = 1101 S801(0001) = S83(1) = 15 = 1111
DES Example - Data B2 = (0001 1110 1011 1100 1110 1011 1101 1111) P(B2) = (0101 1111 0011 1110 0011 1001 1111 0111) R2 = P(B2) ⊕ L1 = (1000 0011 0010 0001 0010 1001 0000 0011) 8 3 2 1 2 9 0 3 L2 = R1 = (1000 0101 1011 1010 1111 0010 1110 0101) 8 5 B A F 2 E 5
DES Example - Data - Done ! Y = (y1, y2,y3, …, y64) =( 1101 0111 0110 1001 1000 0010 0010 0100 0010 1000 0011 1110 0000 1010 1110 1010) =( D 7 6 9 8 2 2 4 2 8 3 E 0 A E A)
13528 l8

Recommended

Network Security Lec4
Network Security Lec4Network Security Lec4
Network Security Lec4Federal Urdu University
 
Des lecture
Des lectureDes lecture
Des lectureANIKET UTTAM
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Block Cipher
Block CipherBlock Cipher
Block CipherBrandon Byungyong Jo
 
Modes of Operation
Modes of Operation Modes of Operation
Modes of Operation Showkot Usman
 
Modern symmetric cipher
Modern symmetric cipherModern symmetric cipher
Modern symmetric cipherRupesh Mishra
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 

Recommended

Network Security Lec4
Network Security Lec4Network Security Lec4
Network Security Lec4Federal Urdu University
 
Des lecture
Des lectureDes lecture
Des lectureANIKET UTTAM
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Block Cipher
Block CipherBlock Cipher
Block CipherBrandon Byungyong Jo
 
Modes of Operation
Modes of Operation Modes of Operation
Modes of Operation Showkot Usman
 
Modern symmetric cipher
Modern symmetric cipherModern symmetric cipher
Modern symmetric cipherRupesh Mishra
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of OperationShafaan Khaliq Bhatti
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationVittorio Giovara
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption StandardAdri Jovin
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Data encryption techniques and standard
Data encryption techniques and standardData encryption techniques and standard
Data encryption techniques and standardSarika Jadhav
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardDr.Florence Dayana
 
Class3
Class3Class3
Class3ankitasinghbsc
 
Information and data security advanced encryption standard (aes)
Information and data security advanced encryption standard (aes)Information and data security advanced encryption standard (aes)
Information and data security advanced encryption standard (aes)Mazin Alwaaly
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSAaritraranjan
 
Chap06 block cipher operation
Chap06 block cipher operationChap06 block cipher operation
Chap06 block cipher operationNam Yong Kim
 
Unit 2
Unit 2Unit 2
Unit 2KRAMANJANEYULU1
 
Symmetric encryption
Symmetric encryptionSymmetric encryption
Symmetric encryptionDR RICHMOND ADEBIAYE
 
Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of OperationRoman Oliynykov
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmVittorio Giovara
 
Block cipher modes of operations
Block cipher modes of operationsBlock cipher modes of operations
Block cipher modes of operationsAkashRanjandas1
 
Information and data security block cipher operation
Information and data security block cipher operationInformation and data security block cipher operation
Information and data security block cipher operationMazin Alwaaly
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
DEC algorithm
DEC algorithmDEC algorithm
DEC algorithmvss gowtham
 
Advanced encryption standard (aes)
Advanced encryption standard (aes)Advanced encryption standard (aes)
Advanced encryption standard (aes)farazvirk554
 
DES-lecture (1).ppt
DES-lecture (1).pptDES-lecture (1).ppt
DES-lecture (1).pptMrsPrabhaBV
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 

More Related Content

What's hot

Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationVittorio Giovara
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption StandardAdri Jovin
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Data encryption techniques and standard
Data encryption techniques and standardData encryption techniques and standard
Data encryption techniques and standardSarika Jadhav
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardDr.Florence Dayana
 
Information and data security advanced encryption standard (aes)
Information and data security advanced encryption standard (aes)Information and data security advanced encryption standard (aes)
Information and data security advanced encryption standard (aes)Mazin Alwaaly
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSAaritraranjan
 
Chap06 block cipher operation
Chap06 block cipher operationChap06 block cipher operation
Chap06 block cipher operationNam Yong Kim
 
Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of OperationRoman Oliynykov
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmVittorio Giovara
 
Block cipher modes of operations
Block cipher modes of operationsBlock cipher modes of operations
Block cipher modes of operationsAkashRanjandas1
 
Information and data security block cipher operation
Information and data security block cipher operationInformation and data security block cipher operation
Information and data security block cipher operationMazin Alwaaly
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Advanced encryption standard (aes)
Advanced encryption standard (aes)Advanced encryption standard (aes)
Advanced encryption standard (aes)farazvirk554
 

What's hot (20)

Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of Operation
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption Standard
 
block ciphers
block ciphersblock ciphers
block ciphers
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
 
Data encryption techniques and standard
Data encryption techniques and standardData encryption techniques and standard
Data encryption techniques and standard
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
 
Class3
Class3Class3
Class3
 
Information and data security advanced encryption standard (aes)
Information and data security advanced encryption standard (aes)Information and data security advanced encryption standard (aes)
Information and data security advanced encryption standard (aes)
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSA
 
Chap06 block cipher operation
Chap06 block cipher operationChap06 block cipher operation
Chap06 block cipher operation
 
Unit 2
Unit 2Unit 2
Unit 2
 
Symmetric encryption
Symmetric encryptionSymmetric encryption
Symmetric encryption
 
Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of Operation
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
 
Block cipher modes of operations
Block cipher modes of operationsBlock cipher modes of operations
Block cipher modes of operations
 
Information and data security block cipher operation
Information and data security block cipher operationInformation and data security block cipher operation
Information and data security block cipher operation
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
 
DEC algorithm
DEC algorithmDEC algorithm
DEC algorithm
 
Advanced encryption standard (aes)
Advanced encryption standard (aes)Advanced encryption standard (aes)
Advanced encryption standard (aes)
 

Similar to 13528 l8

DES-lecture (1).ppt
DES-lecture (1).pptDES-lecture (1).ppt
DES-lecture (1).pptMrsPrabhaBV
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin Jani
 
SymmetricCryptography-Part3 - Tagged.pdf
SymmetricCryptography-Part3 - Tagged.pdfSymmetricCryptography-Part3 - Tagged.pdf
SymmetricCryptography-Part3 - Tagged.pdfMohammedMorhafJaely
 
Ciphers modes
Ciphers modesCiphers modes
Ciphers modesAsad Ali
 
3 Basics of Cryptography Basics of Cryptography
3 Basics of Cryptography Basics of Cryptography3 Basics of Cryptography Basics of Cryptography
3 Basics of Cryptography Basics of CryptographyMohammedMorhafJaely
 
Block ciphers & public key cryptography
Block ciphers & public key cryptographyBlock ciphers & public key cryptography
Block ciphers & public key cryptographyRAMPRAKASHT1
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers Sam Bowne
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network SecurityDr. Rupa Ch
 

Similar to 13528 l8 (20)

DES-lecture (1).ppt
DES-lecture (1).pptDES-lecture (1).ppt
DES-lecture (1).ppt
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
ch06.ppt
ch06.pptch06.ppt
ch06.ppt
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
 
SymmetricCryptography-Part3 - Tagged.pdf
SymmetricCryptography-Part3 - Tagged.pdfSymmetricCryptography-Part3 - Tagged.pdf
SymmetricCryptography-Part3 - Tagged.pdf
 
Ciphers modes
Ciphers modesCiphers modes
Ciphers modes
 
1 DES.pdf
1 DES.pdf1 DES.pdf
1 DES.pdf
 
4.ppt
4.ppt4.ppt
4.ppt
 
3 Basics of Cryptography Basics of Cryptography
3 Basics of Cryptography Basics of Cryptography3 Basics of Cryptography Basics of Cryptography
3 Basics of Cryptography Basics of Cryptography
 
Block ciphers & public key cryptography
Block ciphers & public key cryptographyBlock ciphers & public key cryptography
Block ciphers & public key cryptography
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
03 UNIT-2.pdf
03 UNIT-2.pdf03 UNIT-2.pdf
03 UNIT-2.pdf
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
section-8.ppt
section-8.pptsection-8.ppt
section-8.ppt
 
4-DES.pdf
4-DES.pdf4-DES.pdf
4-DES.pdf
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Symmetric
SymmetricSymmetric
Symmetric
 
AES Presentation.pptx
AES Presentation.pptxAES Presentation.pptx
AES Presentation.pptx
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network Security
 

Recently uploaded

Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...DhatriParmar
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvRicaMaeCastro1
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseCeline George
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptxmary850239
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1GloryAnnCastre1
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Developmentchesterberbo7
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Association for Project Management
 
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptxDIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptxMichelleTuguinay1
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxSayali Powar
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxkarenfajardo43
 

Recently uploaded (20)

Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 Database
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of EngineeringFaculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Development
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research Discourse
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
 
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptxDIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
 

13528 l8

  • 1. Block Ciphers and Data Encryption Standard (Class-L8) Lecture Slides By: Monalisa Panigrahi Asst. Professor LPU
  • 2. Algorithm Types • It defines what size of plain text should be encrypted in each step of algorithm – Stream Cipher – Block Cipher
  • 3. Stream Cipher • Plaintext is encrypted one bit at a time • Suppose message is “Pay 101” in ASCII • In binary it can be a series of 1 and 0; • Every bit will be applied with a encryption algorithms • Let Say binary data is 10010101 – Apply XOR with a key operation will get a cipher text
  • 4. Block Ciphers • A block of bits is encrypted at one go • Suppose a plaint text is FOUR_AND_FOUR • It can be encrypted in blocks of “FOUR”, “_AND_”, and “FOUR”
  • 5. How to use a block cipher? • Block ciphers encrypt fixed size blocks – E.g. DES encrypts 64-bit blocks • We need some way to encrypt a message of arbitrary length – E.g. a message of 1000 bytes • NIST defines five ways to do it – Called modes of operations 5
  • 6. Algorithm Modes • It is a combination of a series of the basic algorithm steps on block cipher and kind of feedback from the previous steps
  • 7. Five Modes of Operation – Electronic codebook mode (ECB) – Cipher block chaining mode (CBC) – most popular – Output feedback mode (OFB) – Cipher feedback mode (CFB) – Counter mode (CTR) 7
  • 8. Electronic Code Book (ECB) • The plaintext is broken into blocks, P1, P2, P3, ... • Each block contains 64 bits each • Each block is encrypted independently of the other blocks • For all blocks in a message, the same key is used for encryption • At the Receiver end, the incoming data is divided into 64-bit blocks and used the same key for decryption 8
  • 9. Remarks on ECB • Strength: it’s simple. • Weakness: – Repetitive information contained in the plaintext may show in the ciphertext, if aligned with blocks. – If the same message (e.g., an SSN) is encrypted (with the same key) and sent twice, their cipher texts are the same. • Typical application: secure transmission of short pieces of information 9
  • 10. Cipher Block Chaining (CBC) • The plaintext is broken into blocks: P , P2 , P3 , ... 1 • Each plaintext block is XORed ( chained ) with the previous ciphertext block before encryption (hence the name): Ci = E K ( Ci −1 ⊕ Pi ) C0 = IV • Use an Initial Vector ( IV ) to start the process. • Decryption : Pi = Ci −1 ⊕ D K (Ci ) • Application : general block-oriented transmission. 10
  • 12. Remarks on CBC • The encryption of a block depends on the current and all blocks before it. • So, repeated plaintext blocks are encrypted differently. • Initialization Vector (IV) – Must be known to both the sender & receiver – Typically, IV is either a fixed value or is sent encrypted in ECB mode before the rest of ciphertext. 12
  • 13. Cipher feedback mode (basic version) • Plaintext blocks: p1, p2, … • Key: k • Basic idea: construct key stream k1, k2, k3, … • Encryption: c0 = IV   ki = Ek (ci −1 ), for i ≥ 1  ci = pi ⊕ ki , for i ≥ 1  13
  • 14. Cipher Feedback (CFB) Mode • The plaintext is a sequence of segments of s bits (where s ≤ block-size): P , P2 , P3 , P4 , … 1 • Encryption is used to generate a sequence of keys, each of s bits: K1 , K 2 , K 3 , K 4 , … • The ciphertext is C1 , C2 , C3 , C4 , …, where Ci = Pi ⊕ Ki • How to generate the key stream? 14
  • 15. Generating Key Stream for CFB • The input to the block cipher is a shift register x; its value at stage i is denoted as xi . • Initially, x1 = an initial vector (IV). For i > 1, xi = shift-left-s -bits(xi −1 ) PCi −1. • Then, K i = s -most-significant-bits(E K ( xi )). 15
  • 16. Encryption in CFB Mode 16
  • 17. Decryption in CFB Mode • Generate key stream K1 , K 2 , K 3 , K 4 , … the same way as for encryption. • Then decrypt each ciphertext segment as: Pi = Ci ⊕ K i 17
  • 18. Remark on CFB • The block cipher is used as a stream cipher. • Appropriate when data arrives in bits/bytes. • s can be any value; a common value is s = 8. • A ciphertext segment depends on the current and all preceding plaintext segments. • A corrupted ciphertext segment during transmission will affect the current and next several plaintext segments. 18
  • 19. Output feedback mode (basic version) • Plaintext blocks: p1, p2, … • Key: k • Basic idea: construct key stream k1, k2, k3, … • Encryption:  k0 = IV    ki = Ek ( ki −1 ), for i ≥ 1   ci = pi ⊕ ki , for i ≥ 1  19
  • 20. Output Feedback (OFB) Mode • Very similar to Cipher Feedback in structure. • But K i −1 rather than Ci −1 is fed back to the next stage. • As in CFB, the input to the block cipher is a shift register x; its value at stage i is denoted as xi . • Initially, x1 = an initial vector (IV). For i > 1, xi = shift-left-s -bits(xi −1 ) PK i −1. • Then, K i = s -most-significant-bits(E K ( xi )). 20
  • 22. Remark on OFB • The block cipher is used as a stream cipher. • Appropriate when data arrives in bits/bytes. • Advantage: – more resistant to transmission errors; a bit error in a ciphertext segment affects only the decryption of that segment. • Disadvantage: – Cannot recover from lost ciphertext segments; if a ciphertext segment is lost, all following segments will be decrypted incorrectly (if the receiver is not aware of the segment loss). • IV should be generated randomly each time and sent with the ciphertext. 22
  • 23. Counter Mode (CTR) • Plaintext blocks: p1, p2, p3, … • Key: k • Basic idea: construct key stream k1, k2, k3, … • Encryption: T1 = IV Ti = Ti-1 + 1 Ci = Pi ♁ EK(Ti) C = (IV, C1, C2, C3, ...) 23
  • 24. Remark on CTR • Strengthes: – Needs only the encryption algorithm – Fast encryption/decryption; blocks can be processed (encrypted or decrypted) in parallel; good for high speed links – Random access to encrypted data blocks • IV should not be reused. 24
  • 25. Data Encryption Standard (DES) • most widely used block cipher in world • adopted in 1977 by NBS (now NIST) • encrypts 64-bit data using 56-bit key • has widespread use • has been considerable controversy over its security
  • 26. DES History • IBM developed Lucifer cipher – by team led by Feistel in late 60’s – used 64-bit data blocks with 128-bit key • then redeveloped as a commercial cipher with input from NSA and others • in 1973 NBS issued request for proposals for a national cipher standard • IBM submitted their revised Lucifer which was eventually accepted as the DES
  • 27. DES Design Controversy • although DES standard is public • was considerable controversy over design – in choice of 56-bit key (vs Lucifer 128-bit) – and because design criteria were classified • subsequent events and public analysis show in fact design was appropriate • use of DES has flourished – especially in financial applications – still standardised for legacy application use
  • 28. DES : Basic Principles • DES is a Block Cipher. • It Encrypts data in blocks of size 64 bits each • 64 bits of plain text goes as the input to DES, which produces 64 bits of Cipher Text. • The key length is 56 Bits.
  • 29. How Does DES Works ???
  • 30. Key Size (56 Bits) How ??? • The Initial Key Consists of 64 bits. • • Before the DES process starts, every 8th bit of the key is discarded to produce a 56 bit key. • Bit positions (8, 16, 24, 32, 40,48,56,64) are discarded. • These bits can be used for parity checking to ensure that the key does not contain any error
  • 31. 56 Bit key 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
  • 33. DES - Basics • DES uses the two basic techniques of cryptography – Substitution Technique (confusion) and Transposition Technique (diffusion). • DES consists of 16 Steps, each of which is known as round • Each round performs the steps of Substitution and Transposition
  • 34. Level of steps in DES 1. The 64 bit plain text block is handed over to an Initial Permutation (IP) function 2. The IP is performed on plain text 3. The IP produces two halves of the permuted block: – LPT (Left Plain Text) – RPT (Right Plain Text)
  • 35. Level of steps in DES 4. Each of LPT and RPT go through 16 rounds of encryption process 5. In the End, LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the combined block 6. The result produces 64-bit cipher text.
  • 38. Initial Permutation (IP) • IP happens only once and it happens before the first round • It suggests how the transposition in IP should proceed • It says that the IP replaces the first bit of the original plain text block with the 58th bit of the original plain text block • 2nd bit with 50th bit and so on.
  • 40. IP TABLE 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
  • 41. Initial Permutation IP • The resulting 64 bits text block is divided into two half blocks (each 32 bits) • 16 rounds are performed on these two blocks
  • 42. Permutation on 56 Bit Key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
  • 43. Details Of one Round in DES
  • 44. Step 1 : Key Transformation • For each round, 56 bit key is available • From this 56 bit key, a different 48-bit sub key is generated during each round using a process called as Key Transformation • In this method, a 56 bit key is divided into two halves, each of 28 bits • These halves are circularly shifted by 1 or 2 positions, depending on the round
  • 45. Number of Key bits shifted per round 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Round 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1 Shift
  • 46. 56 Bit key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
  • 47. 56 Bit key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
  • 48. After Round-1 • 56 Bit Key: 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 57 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4 63
  • 49. How to Select 48 bit Key from 56 Bit key • Since the Key Transformation process involves permutation as well as selection of a 48 bit sub- set of the original 56-bit key, It is called as Compression Permutation 14 17 11 24 1 5 3 28 15 6 21 10 23 19 12 4 26 8 16 7 27 20 13 2 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 18 bit number is discarded
  • 50. Step 2 : Expansion Permutation • The RPT is expanded from 32 bits to 48 bits • The RPT is divided into 8 blocks, with each block consists of 4 bits • For per 4-bit block, 2 more bits are added.
  • 51. Division of 32 bit RPT into Eight 4-bit block
  • 53. Expansion Permutation Table 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 15 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1
  • 54. Expansion Permutation Table 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 15 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1
  • 55. S-Box Substitution • It is a Process that accepts the 48- bit input from the XOR operation involving the compressed key and Expanded RPT and Produces a 32 bit output using Substitution Technique
  • 58.
  • 59. Selecting an Entry in a S- Box based on the 6-bit input
  • 61. P-Box Permutation • The output of S-box Contains 32 bits • These 32 bits are permuted using P- Box
  • 62. P-Box Permutation 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 19 13 30 6 22 11 4 25
  • 64. Final Permutation (IP inverse) 40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
  • 65. DES Example - Key K = 581FBC94D3A452EA X = 3570E2F1BA4682C7 K = ( 0101 1000 0001 1111 1011 1100 1001 0100 1101 0011 1010 0100 0101 0010 1110 1010 ) C0 = ( 10111100110100 01101001000101 ) D0 = ( 11010010001011 10100001111111 )
  • 66. DES Example - Key C1 = ( 0111 1001 1010 0011 0100 1000 1011 ) D1 = ( 1010 0100 0101 1101 0000 1111 1111 ) K1 = ( 001001 111010 000101 101001 111001 011000 110111 011010 ) C2 = ( 1111 0011 0100 0110 1001 0001 0110 ) D2 = ( 0100 1000 1011 1010 0001 1111 1111 ) K2 = ( 110110 101001 000111 011101 110101 111011 011101 001000 )
  • 67. DES Example - Data K=581FBC94D3A452EA X=3570E2F1BA4682C7 X = (x1, x2, x3, …, x64) =( 0011 0101 0111 0000 1110 0010 1111 0001 1011 1010 0100 0110 1000 0010 1100 0111) This plaintext X is first subjected to an Initial Permutation – IP which gives L0 = ( 1010 1110 0001 1011 1010 0001 1000 1001) A E 1 B A 1 8 9 R0 =( 1101 1100 0001 111 0001 0000 1111 0100) D C 1 F 1 0 F 4
  • 68. DES Example - Data E(R0) = ( 011011 111000 000011 111110 100010 100001 01110 101001) Γ1 = E(R0) ⊕ K1 = ( 010010 000010 000110 010111 011011 111001 101001 110011) S501(1101) = S51(13) = 9 = 1001 S611(1100) = S63(12) = 6 = 0110 S711(0100) = S73(4) = 1 = 0001 S811(1001) = S83(9) = 12 = 1100
  • 69. DES Example - Data B1 = (1010 0001 1110 1100 1001 0110 0001 1100) P(B1) = (0010 1011 1010 0001 0101 0011 0110 1100) R1 = P(B1) ⊕ L0 = (1000 0101 1011 1010 1111 0010 1110 0101) 8 5 B A F 2 E 5
  • 70. DES Example - Data L1 = (1101 1100 0001 1111 0001 0000 1111 0100) D C 1 F 1 0 F 4 E(R1) = ( 110000 001011 110111 110101 011110 100101 011100 001011) Γ2 = E(R1) ⊕ K2 = ( 000110 100010 110000 101000 101011 011110 000001 000011)
  • 71. DES Example - Data S100(0011) = S11(3) = 1 = 0001 S210(0001) = S23(1) = 14 = 1110 S310(1000) = S33(8) = 11 = 1011 S410(0100) = S43(4) = 12 = 1100 S511(0101) = S51(5) = 14 = 1110 S600(1111) = S63(15) = 11 = 1011 S701(0000) = S73(0) = 13 = 1101 S801(0001) = S83(1) = 15 = 1111
  • 72. DES Example - Data B2 = (0001 1110 1011 1100 1110 1011 1101 1111) P(B2) = (0101 1111 0011 1110 0011 1001 1111 0111) R2 = P(B2) ⊕ L1 = (1000 0011 0010 0001 0010 1001 0000 0011) 8 3 2 1 2 9 0 3 L2 = R1 = (1000 0101 1011 1010 1111 0010 1110 0101) 8 5 B A F 2 E 5
  • 73. DES Example - Data - Done ! Y = (y1, y2,y3, …, y64) =( 1101 0111 0110 1001 1000 0010 0010 0100 0010 1000 0011 1110 0000 1010 1110 1010) =( D 7 6 9 8 2 2 4 2 8 3 E 0 A E A)

Editor's Notes

  1. Lecture slides by Lawrie Brown for “Cryptography and Network Security”, 4/e, by William Stallings, Chapter 2 – “ Classical Encryption Techniques ”.
  2. The most widely used private key block cipher, is the Data Encryption Standard (DES). It was adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46 (FIPS PUB 46). DES encrypts data in 64-bit blocks using a 56-bit key. The DES enjoys widespread use. It has also been the subject of much controversy its security.
  3. In the late 1960s, IBM set up a research project in computer cryptography led by Horst Feistel. The project concluded in 1971 with the development of the LUCIFER algorithm. LUCIFER is a Feistel block cipher that operates on blocks of 64 bits, using a key size of 128 bits. Because of the promising results produced by the LUCIFER project, IBM embarked on an effort, headed by Walter Tuchman and Carl Meyer, to develop a marketable commercial encryption product that ideally could be implemented on a single chip. It involved not only IBM researchers but also outside consultants and technical advice from NSA. The outcome of this effort was a refined version of LUCIFER that was more resistant to cryptanalysis but that had a reduced key size of 56 bits, to fit on a single chip. In 1973, the National Bureau of Standards (NBS) issued a request for proposals for a national cipher standard. IBM submitted the modified LUCIFER. It was by far the best algorithm proposed and was adopted in 1977 as the Data Encryption Standard.
  4. Before its adoption as a standard, the proposed DES was subjected to intense & continuing criticism over the size of its key & the classified design criteria. Recent analysis has shown despite this controversy, that DES is well designed. DES is theoretically broken using Differential or Linear Cryptanalysis but in practise is unlikely to be a problem yet. Also rapid advances in computing speed though have rendered the 56 bit key susceptible to exhaustive key search, as predicted by Diffie & Hellman. DES has flourished and is widely used, especially in financial applications. It is still standardized for legacy systems, with either AES or triple DES for new applications.
  5. The overall scheme for DES encryption is illustrated in Stallings Figure3.4, which takes as input 64-bits of data and of key. The left side shows the basic process for enciphering a 64-bit data block which consists of: - an initial permutation (IP) which shuffles the 64-bit input block - 16 rounds of a complex key dependent round function involving substitutions & permutations - a final permutation, being the inverse of IP The right side shows the handling of the 56-bit key and consists of: - an initial permutation of the key (PC1) which selects 56-bits out of the 64-bits input, in two 28-bit halves - 16 stages to generate the 48-bit subkeys using a left circular shift and a permutation of the two 28-bit halves
  6. The initial permutation and its inverse are defined by tables, as shown in Stallings Tables 3.2a and 3.2b, respectively. The tables are to be interpreted as follows. The input to a table consists of 64 bits numbered left to right from 1 to 64. The 64 entries in the permutation table contain a permutation of the numbers from 1 to 64. Each entry in the permutation table indicates the position of a numbered input bit in the output, which also consists of 64 bits. Note that the bit numbering for DES reflects IBM mainframe practice, and is the opposite of what we now mostly use - so be careful! Numbers from Bit 1 (leftmost, most significant) to bit 32/48/64 etc (rightmost, least significant). Note that examples are specified using hexadecimal. Here a 64-bit plaintext value of “675a6967 5e5a6b5a” (written in left & right halves) after permuting with IP becomes “ffb2194d 004df6fb”.