SlideShare a Scribd company logo

CNS2 unit 2.pdf

P
Padamata Rameshbabu

b.tech cns unit2

Engineering
1 of 14
Download to read offline
Feistel Block Cipher Feistel Cipher is not a specific scheme of block cipher. It is a design model from which many different block ciphers are derived. DES is just one example of a Feistel Cipher. A cryptographic system based on Feistel cipher structure uses the same algorithm for both encryption and decryption. Encryption Process The encryption process uses the Feistel structure consisting multiple rounds of processing of the plaintext, each round consisting of a “substitution” step followed by a permutation step. Feistel Structure is shown in the following illustration −  The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half.
 In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes through an operation that depends on R and the encryption key. First, we apply an encrypting function ‘f’ that takes two input − the key K and R. The function produces the output f(R,K). Then, we XOR the output of the mathematical function with L.  In real implementation of the Feistel Cipher, such as DES, instead of using the whole encryption key during each round, a round-dependent key (a subkey) is derived from the encryption key. This means that each round uses a different key, although all these subkeys are related to the original key.  The permutation step at the end of each round swaps the modified L and unmodified R. Therefore, the L for the next round would be R of the current round. And R for the next round be the output L of the current round.  Above substitution and permutation steps form a ‘round’. The number of rounds are specified by the algorithm design.  Once the last round is completed then the two sub blocks, ‘R’ and ‘L’ are concatenated in this order to form the ciphertext block. The difficult part of designing a Feistel Cipher is selection of round function ‘f’. In order to be unbreakable scheme, this function needs to have several important properties that are beyond the scope of our discussion. Decryption Process The process of decryption in Feistel cipher is almost similar. Instead of starting with a block of plaintext, the ciphertext block is fed into the start of the Feistel structure and then the process thereafter is exactly the same as described in the given illustration. The process is said to be almost similar and not exactly same. In the case of decryption, the only difference is that the subkeys used in encryption are used in the reverse order. The final swapping of ‘L’ and ‘R’ in last step of the Feistel Cipher is essential. If these are not swapped then the resulting ciphertext could not be decrypted using the same algorithm. Number of Rounds The number of rounds used in a Feistel Cipher depends on desired security from the system. More number of rounds provide more secure system. But at the same time, more rounds mean the inefficient slow encryption and decryption processes. Number of rounds in the systems thus depend upon efficiency–security tradeoff. Block Cipher Design Principles Block ciphers are built in the Feistel cipher structure. Block cipher has a specific number of rounds and keys for generating ciphertext. For defining the complexity level of an algorithm few design principles are to be considered. These are explained as following below :
Number of Rounds – The number of Rounds is regularly considered in design criteria, it just reflects the number of rounds to be suitable for an algorithm to make it more complex, in DES we have 16 rounds ensuring it to be more secure while in AES we have 10 rounds which makes it more secure. Design of function F – The core part of the Feistel Block cipher structure is the Round Function. The complexity of cryptanalysis can be derived from the Round function i.e. the increasing level of complexity for the round function would be greatly contributing to an increase in complexity. To increase the complexity of the round function, the avalanche effect is also included in the round function, as the change of a single bit in plain text would produce a mischievous output due to the presence of avalanche effect. Key schedule algorithm – In Feistel Block cipher structure, each round would generate a sub-key for increasing the complexity of cryptanalysis. The Avalanche effect makes it more complex in deriving sub-key. Decryption must be done very carefully to get the actual output as the avalanche effect is present in it. Triple DES The speed of exhaustive key searches against DES after 1990 began to cause discomfort amongst users of DES. However, users did not want to replace DES as it takes an enormous amount of time and money to change encryption algorithms that are widely adopted and embedded in large security architectures. The pragmatic approach was not to abandon the DES completely, but to change the manner in which DES is used. This led to the modified schemes of Triple DES (sometimes known as 3DES). Incidentally, there are two variants of Triple DES known as 3-key Triple DES (3TDES) and 2-key Triple DES (2TDES). 3-KEY Triple DES Before using 3TDES, user first generate and distribute a 3TDES key K, which consists of three different DES keys K1, K2 and K3. This means that the actual 3TDES key has length 3×56 = 168 bits. The encryption scheme is illustrated as follows −
The encryption-decryption process is as follows −  Encrypt the plaintext blocks using single DES with key K1.  Now decrypt the output of step 1 using single DES with key K2.  Finally, encrypt the output of step 2 using single DES with key K3.  The output of step 3 is the ciphertext.  Decryption of a ciphertext is a reverse process. User first decrypt using K3, then encrypt with K2, and finally decrypt with K1. Due to this design of Triple DES as an encrypt–decrypt–encrypt process, it is possible to use a 3TDES (hardware) implementation for single DES by setting K1, K2, and K3 to be the same value. This provides backwards compatibility with DES. Second variant of Triple DES (2TDES) is identical to 3TDES except that K3is replaced by K1. In other words, user encrypt plaintext blocks with key K1, then decrypt with key K2, and finally encrypt with K1 again. Therefore, 2TDES has a key length of 112 bits. Triple DES systems are significantly more secure than single DES, but these are clearly a much slower process than encryption using single DES. International Data Encryption Algorithm (IDEA) In cryptography, block ciphers are very important in the designing of many cryptographic algorithms and are widely used to encrypt the bulk of data in chunks. By chunks, it means that the cipher takes a fixed size of the plaintext in the encryption process and generates a fixed size ciphertext using a fixed- length key. An algorithm’s strength is determined by its key length.
The Simplified International Data Encryption Algorithm (IDEA) is a symmetric key block cipher that:  uses a fixed-length plaintext of 16 bits and  encrypts them in 4 chunks of 4 bits each  to produce 16 bits ciphertext.  The length of the key used is 32 bits.  The key is also divided into 8 blocks of 4 bits each. This algorithm involves a series of 4 identical complete rounds and 1 half- round. Each complete round involves a series of 14 steps that includes operations like:  Bitwise XOR  Addition modulo  Multiplication modulo +1 After 4 complete rounds, the final “half-round” consists of only the first 4 out of the 14 steps previously used in the full rounds. To perform these rounds, each binary notation must be converted to its equivalent decimal notation, perform the operation and the result obtained should be converted back to the binary representation for the final result of that particular step. Key Schedule: 6 subkeys of 4 bits out of the 8 subkeys are used in each complete round, while 4 are used in the half-round. So, 4.5 rounds require 28 subkeys. The given key, ‘K’, directly gives the first 8 subkeys. By rotating the main key left by 6 bits between each group of 8, further groups of 8 subkeys are created, implying less than one rotation per round for the key (3 rotations).
Decryption Decryption works like encryption, but the order of the round keys is inverted, and the subkeys for the odd rounds are inversed. For instance, the values of subkeys K1–K4 are replaced by the inverse of K49–K52 for the respective group operation, K5 and K6 of each group should be replaced by K47 and K48 for decryption. Weak keys  The very simple key schedule makes IDEA subject to a class of weak keys; some keys containing a large number of 0 bits produce weak encryption.  These are of little concern in practice, being sufficiently rare that they are unnecessary to avoid explicitly when generating keys randomly. A simple fix was proposed: XORing each subkey with a 16-bit constant, such as 0x0DAE.  Larger classes of weak keys were found in 2002.  This is still of negligible probability to be a concern to a randomly chosen key, and some of the problems are fixed by the constant XOR proposed earlier, but the paper is not certain if all of them are. A more comprehensive redesign of the IDEA key schedule may be desirable. Advanced Encryption Standard The more popular and widely adopted symmetric encryption algorithm likely to be encountered nowadays is the Advanced Encryption Standard (AES). It is found at least six time faster than triple DES. A replacement for DES was needed as its key size was too small. With increasing computing power, it was considered vulnerable against exhaustive key search attack. Triple DES was designed to overcome this drawback but it was found slow. The features of AES are as follows −  Symmetric key symmetric block cipher  128-bit data, 128/192/256-bit keys  Stronger and faster than Triple-DES  Provide full specification and design details  Software implementable in C and Java Operation of AES AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix −
Unlike DES, the number of rounds in AES is variable and depends on the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key. The schematic of AES structure is given in the following illustration − Encryption Process Here, we restrict to description of a typical round of AES encryption. Each round comprise of four sub-processes. The first round process is depicted below −
Byte Substitution (SubBytes) The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The result is in a matrix of four rows and four columns. Shiftrows Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’ are re- inserted on the right side of row. Shift is carried out as follows −  First row is not shifted.  Second row is shifted one (byte) position to the left.  Third row is shifted two positions to the left.  Fourth row is shifted three positions to the left.  The result is a new matrix consisting of the same 16 bytes but shifted with respect to each other. MixColumns Each column of four bytes is now transformed using a special mathematical function. This function takes as input the four bytes of one column and outputs four completely new bytes, which replace the original column. The result is another new matrix consisting of 16 new bytes. It should be noted that this step is not performed in the last round. Addroundkey The 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128 bits of the round key. If this is the last round then the output is the ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes and we begin another similar round. Decryption Process The process of decryption of an AES ciphertext is similar to the encryption process in the reverse order. Each round consists of the four processes conducted in the reverse order −  Add round key  Mix columns  Shift rows  Byte substitution Since sub-processes in each round are in reverse manner, unlike for a Feistel Cipher, the encryption and decryption algorithms needs to be separately implemented, although they are very closely related. AES Analysis In present day cryptography, AES is widely adopted and supported in both hardware and software. Till date, no practical cryptanalytic attacks against AES has been discovered. Additionally, AES has built-in flexibility of key length, which allows a
degree of ‘future-proofing’ against progress in the ability to perform exhaustive key searches. However, just as for DES, the AES security is assured only if it is correctly implemented and good key management is employed. Block Cipher modes of Operation Encryption algorithms are divided into two categories based on the input type, as a block cipher and stream cipher. Block cipher is an encryption algorithm that takes a fixed size of input say b bits and produces a ciphertext of b bits again. If the input is larger than b bits it can be divided further. For different applications and uses, there are several modes of operations for a block cipher. Electronic Code Book (ECB) – Electronic code book is the easiest block cipher mode of functioning. It is easier because of direct encryption of each block of input plaintext and output is in form of blocks of encrypted ciphertext. Generally, if a message is larger than b bits in size, it can be broken down into a bunch of blocks and the procedure is repeated. Procedure of ECB is illustrated below: Advantages of using ECB –  Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.  Simple way of the block cipher.
Disadvantages of using ECB –  Prone to cryptanalysis since there is a direct relationship between plaintext and ciphertext. Cipher Block Chaining(CBC) – Cipher block chaining or CBC is an advancement made on ECB since ECB compromises some security requirements. In CBC, the previous cipher block is given as input to the next encryption algorithm after XOR with the original plaintext block. In a nutshell here, a cipher block is produced by encrypting an XOR output of the previous cipher block and present plaintext block. The process is illustrated here: Advantages of CBC –  CBC works well for input greater than b bits.  CBC is a good authentication mechanism.  Better resistive nature towards cryptanalysis than ECB. Disadvantages of CBC –  Parallel encryption is not possible since every encryption requires a previous cipher.
Cipher Feedback Mode (CFB) – In this mode the cipher is given as feedback to the next block of encryption with some new specifications: first, an initial vector IV is used for first encryption and output bits are divided as a set of s and b-s bits.The left-hand side s bits are selected along with plaintext bits to which an XOR operation is applied. The result is given as input to a shift register having b-s bits to lhs,s bits to rhs and the process continues. The encryption and decryption process for the same is shown below, both of them use encryption algorithms. Advantages of CFB –  Since, there is some data loss due to the use of shift register, thus it is difficult for applying cryptanalysis. Disadvantages of using ECB –  The drawbacks of CFB are the same as those of CBC mode. Both block losses and concurrent encryption of several blocks are not supported by the encryption. Decryption, however, is parallelizable and loss-tolerant.
Output Feedback Mode (OFB)– The output feedback mode follows nearly the same process as the Cipher Feedback mode except that it sends the encrypted output as feedback instead of the actual cipher which is XOR output. In this output feedback mode, all bits of the block are sent instead of sending selected s bits. The Output Feedback mode of block cipher holds great resistance towards bit transmission errors. It also decreases the dependency or relationship of the cipher on the plaintext. Advantages of OFB –  In the case of CFB, a single bit error in a block is propagated to all subsequent blocks. This problem is solved by OFB as it is free from bit errors in the plaintext block. Disadvantages of OFB-  The drawback of OFB is that, because to its operational modes, it is more susceptible to a message stream modification attack than CFB.
Counter Mode (CTR) – The Counter Mode or CTR is a simple counter-based block cipher implementation. Every time a counter-initiated value is encrypted and given as input to XOR with plaintext which results in ciphertext block. The CTR mode is independent of feedback use and thus can be implemented in parallel. Its simple implementation is shown below: Advantages of Counter –  Since there is a different counter value for each block, the direct plaintext and ciphertext relationship is avoided. This means that the same plain text can map to different ciphertext.  Parallel execution of encryption is possible as outputs from previous stages are not chained as in the case of CBC. Disadvantages of Counter-  The fact that CTR mode requires a synchronous counter at both the transmitter and the receiver is a severe drawback. The recovery of plaintext is erroneous when synchronisation is lost.
CNS2 unit 2.pdf

Recommended

Unit 2
Unit 2Unit 2
Unit 2
KRAMANJANEYULU1
 
presentation based on data encryption standards
presentation based on data encryption standardspresentation based on data encryption standards
presentation based on data encryption standards
Swati Sharma
 
information security(Feistal Cipher)
information security(Feistal Cipher)information security(Feistal Cipher)
information security(Feistal Cipher)
Zara Nawaz
 
Aes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_reportAes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_report
sakhi rehman
 
Final report
Final reportFinal report
Final reportJagbir Kalirai
 
Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1
Shiraz316
 
Block Ciphers and DES.pptx
Block Ciphers and DES.pptxBlock Ciphers and DES.pptx
Block Ciphers and DES.pptx
DrAnilKannur1
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
Mazin Alwaaly
 

Recommended

Unit 2
Unit 2Unit 2
Unit 2
KRAMANJANEYULU1
 
presentation based on data encryption standards
presentation based on data encryption standardspresentation based on data encryption standards
presentation based on data encryption standards
Swati Sharma
 
information security(Feistal Cipher)
information security(Feistal Cipher)information security(Feistal Cipher)
information security(Feistal Cipher)
Zara Nawaz
 
Aes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_reportAes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_report
sakhi rehman
 
Final report
Final reportFinal report
Final reportJagbir Kalirai
 
Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1
Shiraz316
 
Block Ciphers and DES.pptx
Block Ciphers and DES.pptxBlock Ciphers and DES.pptx
Block Ciphers and DES.pptx
DrAnilKannur1
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
Mazin Alwaaly
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
Dr.Florence Dayana
 
Network Security UNIT-II
Network Security UNIT-IINetwork Security UNIT-II
Network Security UNIT-II
rathnadeepa2
 
icwet1097
icwet1097icwet1097
icwet1097Sapna Agarwal
 
4255596.ppt
4255596.ppt4255596.ppt
4255596.ppt
ShahidMehmood285010
 
Renas Rajab Asaad
Renas Rajab Asaad Renas Rajab Asaad
Renas Rajab Asaad
Renas Rekany
 
Strength of des & block cipher principle
Strength of des & block cipher principleStrength of des & block cipher principle
Strength of des & block cipher principle
Santosh Gupta
 
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceNetwork security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
RathnaDeepa1
 
DES.ppt
DES.pptDES.ppt
DES.ppt
RizwanBasha12
 
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Dhaval Kaneria
 
Ch06
Ch06Ch06
Ch06Joe Christensen
 
Iaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd an survey of efficient fpga implementation of advanced encryptionIaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd Iaetsd
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptography
NithyasriA2
 
Module 1-Block Ciphers and the Data Encryption Standard.pptx
Module 1-Block Ciphers and the Data Encryption Standard.pptxModule 1-Block Ciphers and the Data Encryption Standard.pptx
Module 1-Block Ciphers and the Data Encryption Standard.pptx
SridharCS7
 
Performance Analysis of Data Encryption Standard DES
Performance Analysis of Data Encryption Standard DESPerformance Analysis of Data Encryption Standard DES
Performance Analysis of Data Encryption Standard DES
ijtsrd
 
“Optimized AES Algorithm Core Using FeedBack Architecture”
“Optimized AES Algorithm Core Using FeedBack Architecture” “Optimized AES Algorithm Core Using FeedBack Architecture”
“Optimized AES Algorithm Core Using FeedBack Architecture” Nirav Desai
 
paper4.pdf
paper4.pdfpaper4.pdf
paper4.pdf
aminasouyah
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
aminasouyah
 
sheet4.pdf
sheet4.pdfsheet4.pdf
sheet4.pdf
aminasouyah
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
aminasouyah
 
lecture3.pdf
lecture3.pdflecture3.pdf
lecture3.pdf
aminasouyah
 
ethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.pptethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.ppt
Jayaprasanna4
 
Halogenation process of chemical process industries
Halogenation process of chemical process industriesHalogenation process of chemical process industries
Halogenation process of chemical process industries
MuhammadTufail242431
 

More Related Content

Similar to CNS2 unit 2.pdf

Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
Dr.Florence Dayana
 
Network Security UNIT-II
Network Security UNIT-IINetwork Security UNIT-II
Network Security UNIT-II
rathnadeepa2
 
4255596.ppt
4255596.ppt4255596.ppt
4255596.ppt
ShahidMehmood285010
 
Renas Rajab Asaad
Renas Rajab Asaad Renas Rajab Asaad
Renas Rajab Asaad
Renas Rekany
 
Strength of des & block cipher principle
Strength of des & block cipher principleStrength of des & block cipher principle
Strength of des & block cipher principle
Santosh Gupta
 
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceNetwork security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
RathnaDeepa1
 
DES.ppt
DES.pptDES.ppt
DES.ppt
RizwanBasha12
 
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Dhaval Kaneria
 
Iaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd an survey of efficient fpga implementation of advanced encryptionIaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd Iaetsd
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptography
NithyasriA2
 
Module 1-Block Ciphers and the Data Encryption Standard.pptx
Module 1-Block Ciphers and the Data Encryption Standard.pptxModule 1-Block Ciphers and the Data Encryption Standard.pptx
Module 1-Block Ciphers and the Data Encryption Standard.pptx
SridharCS7
 
Performance Analysis of Data Encryption Standard DES
Performance Analysis of Data Encryption Standard DESPerformance Analysis of Data Encryption Standard DES
Performance Analysis of Data Encryption Standard DES
ijtsrd
 
“Optimized AES Algorithm Core Using FeedBack Architecture”
“Optimized AES Algorithm Core Using FeedBack Architecture” “Optimized AES Algorithm Core Using FeedBack Architecture”
“Optimized AES Algorithm Core Using FeedBack Architecture” Nirav Desai
 
paper4.pdf
paper4.pdfpaper4.pdf
paper4.pdf
aminasouyah
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
aminasouyah
 
sheet4.pdf
sheet4.pdfsheet4.pdf
sheet4.pdf
aminasouyah
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
aminasouyah
 
lecture3.pdf
lecture3.pdflecture3.pdf
lecture3.pdf
aminasouyah
 

Similar to CNS2 unit 2.pdf (20)

Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
 
Network Security UNIT-II
Network Security UNIT-IINetwork Security UNIT-II
Network Security UNIT-II
 
icwet1097
icwet1097icwet1097
icwet1097
 
4255596.ppt
4255596.ppt4255596.ppt
4255596.ppt
 
Renas Rajab Asaad
Renas Rajab Asaad Renas Rajab Asaad
Renas Rajab Asaad
 
Strength of des & block cipher principle
Strength of des & block cipher principleStrength of des & block cipher principle
Strength of des & block cipher principle
 
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceNetwork security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
 
DES.ppt
DES.pptDES.ppt
DES.ppt
 
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
 
Ch06
Ch06Ch06
Ch06
 
Iaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd an survey of efficient fpga implementation of advanced encryptionIaetsd an survey of efficient fpga implementation of advanced encryption
Iaetsd an survey of efficient fpga implementation of advanced encryption
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptography
 
Module 1-Block Ciphers and the Data Encryption Standard.pptx
Module 1-Block Ciphers and the Data Encryption Standard.pptxModule 1-Block Ciphers and the Data Encryption Standard.pptx
Module 1-Block Ciphers and the Data Encryption Standard.pptx
 
Performance Analysis of Data Encryption Standard DES
Performance Analysis of Data Encryption Standard DESPerformance Analysis of Data Encryption Standard DES
Performance Analysis of Data Encryption Standard DES
 
“Optimized AES Algorithm Core Using FeedBack Architecture”
“Optimized AES Algorithm Core Using FeedBack Architecture” “Optimized AES Algorithm Core Using FeedBack Architecture”
“Optimized AES Algorithm Core Using FeedBack Architecture”
 
paper4.pdf
paper4.pdfpaper4.pdf
paper4.pdf
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
 
sheet4.pdf
sheet4.pdfsheet4.pdf
sheet4.pdf
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
 
lecture3.pdf
lecture3.pdflecture3.pdf
lecture3.pdf
 

Recently uploaded

ethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.pptethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.ppt
Jayaprasanna4
 
Halogenation process of chemical process industries
Halogenation process of chemical process industriesHalogenation process of chemical process industries
Halogenation process of chemical process industries
MuhammadTufail242431
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
Kamal Acharya
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.ppt
ssuser9bd3ba
 
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdf
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfCOLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdf
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdf
Kamal Acharya
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
ViniHema
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
obonagu
 
addressing modes in computer architecture
addressing modes in computer architectureaddressing modes in computer architecture
addressing modes in computer architecture
ShahidSultan24
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
Pipe Restoration Solutions
 
Vaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdfVaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdf
Kamal Acharya
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
Kamal Acharya
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdf
AhmedHussein950959
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
MLILAB
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
gdsczhcet
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
seandesed
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
Kamal Acharya
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.
PrashantGoswami42
 

Recently uploaded (20)

ethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.pptethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.ppt
 
Halogenation process of chemical process industries
Halogenation process of chemical process industriesHalogenation process of chemical process industries
Halogenation process of chemical process industries
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.ppt
 
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdf
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfCOLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdf
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdf
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
 
addressing modes in computer architecture
addressing modes in computer architectureaddressing modes in computer architecture
addressing modes in computer architecture
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
 
Vaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdfVaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdf
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdf
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.
 

CNS2 unit 2.pdf

  • 1. Feistel Block Cipher Feistel Cipher is not a specific scheme of block cipher. It is a design model from which many different block ciphers are derived. DES is just one example of a Feistel Cipher. A cryptographic system based on Feistel cipher structure uses the same algorithm for both encryption and decryption. Encryption Process The encryption process uses the Feistel structure consisting multiple rounds of processing of the plaintext, each round consisting of a “substitution” step followed by a permutation step. Feistel Structure is shown in the following illustration −  The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half.
  • 2.  In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes through an operation that depends on R and the encryption key. First, we apply an encrypting function ‘f’ that takes two input − the key K and R. The function produces the output f(R,K). Then, we XOR the output of the mathematical function with L.  In real implementation of the Feistel Cipher, such as DES, instead of using the whole encryption key during each round, a round-dependent key (a subkey) is derived from the encryption key. This means that each round uses a different key, although all these subkeys are related to the original key.  The permutation step at the end of each round swaps the modified L and unmodified R. Therefore, the L for the next round would be R of the current round. And R for the next round be the output L of the current round.  Above substitution and permutation steps form a ‘round’. The number of rounds are specified by the algorithm design.  Once the last round is completed then the two sub blocks, ‘R’ and ‘L’ are concatenated in this order to form the ciphertext block. The difficult part of designing a Feistel Cipher is selection of round function ‘f’. In order to be unbreakable scheme, this function needs to have several important properties that are beyond the scope of our discussion. Decryption Process The process of decryption in Feistel cipher is almost similar. Instead of starting with a block of plaintext, the ciphertext block is fed into the start of the Feistel structure and then the process thereafter is exactly the same as described in the given illustration. The process is said to be almost similar and not exactly same. In the case of decryption, the only difference is that the subkeys used in encryption are used in the reverse order. The final swapping of ‘L’ and ‘R’ in last step of the Feistel Cipher is essential. If these are not swapped then the resulting ciphertext could not be decrypted using the same algorithm. Number of Rounds The number of rounds used in a Feistel Cipher depends on desired security from the system. More number of rounds provide more secure system. But at the same time, more rounds mean the inefficient slow encryption and decryption processes. Number of rounds in the systems thus depend upon efficiency–security tradeoff. Block Cipher Design Principles Block ciphers are built in the Feistel cipher structure. Block cipher has a specific number of rounds and keys for generating ciphertext. For defining the complexity level of an algorithm few design principles are to be considered. These are explained as following below :
  • 3. Number of Rounds – The number of Rounds is regularly considered in design criteria, it just reflects the number of rounds to be suitable for an algorithm to make it more complex, in DES we have 16 rounds ensuring it to be more secure while in AES we have 10 rounds which makes it more secure. Design of function F – The core part of the Feistel Block cipher structure is the Round Function. The complexity of cryptanalysis can be derived from the Round function i.e. the increasing level of complexity for the round function would be greatly contributing to an increase in complexity. To increase the complexity of the round function, the avalanche effect is also included in the round function, as the change of a single bit in plain text would produce a mischievous output due to the presence of avalanche effect. Key schedule algorithm – In Feistel Block cipher structure, each round would generate a sub-key for increasing the complexity of cryptanalysis. The Avalanche effect makes it more complex in deriving sub-key. Decryption must be done very carefully to get the actual output as the avalanche effect is present in it. Triple DES The speed of exhaustive key searches against DES after 1990 began to cause discomfort amongst users of DES. However, users did not want to replace DES as it takes an enormous amount of time and money to change encryption algorithms that are widely adopted and embedded in large security architectures. The pragmatic approach was not to abandon the DES completely, but to change the manner in which DES is used. This led to the modified schemes of Triple DES (sometimes known as 3DES). Incidentally, there are two variants of Triple DES known as 3-key Triple DES (3TDES) and 2-key Triple DES (2TDES). 3-KEY Triple DES Before using 3TDES, user first generate and distribute a 3TDES key K, which consists of three different DES keys K1, K2 and K3. This means that the actual 3TDES key has length 3×56 = 168 bits. The encryption scheme is illustrated as follows −
  • 4. The encryption-decryption process is as follows −  Encrypt the plaintext blocks using single DES with key K1.  Now decrypt the output of step 1 using single DES with key K2.  Finally, encrypt the output of step 2 using single DES with key K3.  The output of step 3 is the ciphertext.  Decryption of a ciphertext is a reverse process. User first decrypt using K3, then encrypt with K2, and finally decrypt with K1. Due to this design of Triple DES as an encrypt–decrypt–encrypt process, it is possible to use a 3TDES (hardware) implementation for single DES by setting K1, K2, and K3 to be the same value. This provides backwards compatibility with DES. Second variant of Triple DES (2TDES) is identical to 3TDES except that K3is replaced by K1. In other words, user encrypt plaintext blocks with key K1, then decrypt with key K2, and finally encrypt with K1 again. Therefore, 2TDES has a key length of 112 bits. Triple DES systems are significantly more secure than single DES, but these are clearly a much slower process than encryption using single DES. International Data Encryption Algorithm (IDEA) In cryptography, block ciphers are very important in the designing of many cryptographic algorithms and are widely used to encrypt the bulk of data in chunks. By chunks, it means that the cipher takes a fixed size of the plaintext in the encryption process and generates a fixed size ciphertext using a fixed- length key. An algorithm’s strength is determined by its key length.
  • 5. The Simplified International Data Encryption Algorithm (IDEA) is a symmetric key block cipher that:  uses a fixed-length plaintext of 16 bits and  encrypts them in 4 chunks of 4 bits each  to produce 16 bits ciphertext.  The length of the key used is 32 bits.  The key is also divided into 8 blocks of 4 bits each. This algorithm involves a series of 4 identical complete rounds and 1 half- round. Each complete round involves a series of 14 steps that includes operations like:  Bitwise XOR  Addition modulo  Multiplication modulo +1 After 4 complete rounds, the final “half-round” consists of only the first 4 out of the 14 steps previously used in the full rounds. To perform these rounds, each binary notation must be converted to its equivalent decimal notation, perform the operation and the result obtained should be converted back to the binary representation for the final result of that particular step. Key Schedule: 6 subkeys of 4 bits out of the 8 subkeys are used in each complete round, while 4 are used in the half-round. So, 4.5 rounds require 28 subkeys. The given key, ‘K’, directly gives the first 8 subkeys. By rotating the main key left by 6 bits between each group of 8, further groups of 8 subkeys are created, implying less than one rotation per round for the key (3 rotations).
  • 6. Decryption Decryption works like encryption, but the order of the round keys is inverted, and the subkeys for the odd rounds are inversed. For instance, the values of subkeys K1–K4 are replaced by the inverse of K49–K52 for the respective group operation, K5 and K6 of each group should be replaced by K47 and K48 for decryption. Weak keys  The very simple key schedule makes IDEA subject to a class of weak keys; some keys containing a large number of 0 bits produce weak encryption.  These are of little concern in practice, being sufficiently rare that they are unnecessary to avoid explicitly when generating keys randomly. A simple fix was proposed: XORing each subkey with a 16-bit constant, such as 0x0DAE.  Larger classes of weak keys were found in 2002.  This is still of negligible probability to be a concern to a randomly chosen key, and some of the problems are fixed by the constant XOR proposed earlier, but the paper is not certain if all of them are. A more comprehensive redesign of the IDEA key schedule may be desirable. Advanced Encryption Standard The more popular and widely adopted symmetric encryption algorithm likely to be encountered nowadays is the Advanced Encryption Standard (AES). It is found at least six time faster than triple DES. A replacement for DES was needed as its key size was too small. With increasing computing power, it was considered vulnerable against exhaustive key search attack. Triple DES was designed to overcome this drawback but it was found slow. The features of AES are as follows −  Symmetric key symmetric block cipher  128-bit data, 128/192/256-bit keys  Stronger and faster than Triple-DES  Provide full specification and design details  Software implementable in C and Java Operation of AES AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix −
  • 7. Unlike DES, the number of rounds in AES is variable and depends on the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key. The schematic of AES structure is given in the following illustration − Encryption Process Here, we restrict to description of a typical round of AES encryption. Each round comprise of four sub-processes. The first round process is depicted below −
  • 8. Byte Substitution (SubBytes) The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The result is in a matrix of four rows and four columns. Shiftrows Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’ are re- inserted on the right side of row. Shift is carried out as follows −  First row is not shifted.  Second row is shifted one (byte) position to the left.  Third row is shifted two positions to the left.  Fourth row is shifted three positions to the left.  The result is a new matrix consisting of the same 16 bytes but shifted with respect to each other. MixColumns Each column of four bytes is now transformed using a special mathematical function. This function takes as input the four bytes of one column and outputs four completely new bytes, which replace the original column. The result is another new matrix consisting of 16 new bytes. It should be noted that this step is not performed in the last round. Addroundkey The 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128 bits of the round key. If this is the last round then the output is the ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes and we begin another similar round. Decryption Process The process of decryption of an AES ciphertext is similar to the encryption process in the reverse order. Each round consists of the four processes conducted in the reverse order −  Add round key  Mix columns  Shift rows  Byte substitution Since sub-processes in each round are in reverse manner, unlike for a Feistel Cipher, the encryption and decryption algorithms needs to be separately implemented, although they are very closely related. AES Analysis In present day cryptography, AES is widely adopted and supported in both hardware and software. Till date, no practical cryptanalytic attacks against AES has been discovered. Additionally, AES has built-in flexibility of key length, which allows a
  • 9. degree of ‘future-proofing’ against progress in the ability to perform exhaustive key searches. However, just as for DES, the AES security is assured only if it is correctly implemented and good key management is employed. Block Cipher modes of Operation Encryption algorithms are divided into two categories based on the input type, as a block cipher and stream cipher. Block cipher is an encryption algorithm that takes a fixed size of input say b bits and produces a ciphertext of b bits again. If the input is larger than b bits it can be divided further. For different applications and uses, there are several modes of operations for a block cipher. Electronic Code Book (ECB) – Electronic code book is the easiest block cipher mode of functioning. It is easier because of direct encryption of each block of input plaintext and output is in form of blocks of encrypted ciphertext. Generally, if a message is larger than b bits in size, it can be broken down into a bunch of blocks and the procedure is repeated. Procedure of ECB is illustrated below: Advantages of using ECB –  Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.  Simple way of the block cipher.
  • 10. Disadvantages of using ECB –  Prone to cryptanalysis since there is a direct relationship between plaintext and ciphertext. Cipher Block Chaining(CBC) – Cipher block chaining or CBC is an advancement made on ECB since ECB compromises some security requirements. In CBC, the previous cipher block is given as input to the next encryption algorithm after XOR with the original plaintext block. In a nutshell here, a cipher block is produced by encrypting an XOR output of the previous cipher block and present plaintext block. The process is illustrated here: Advantages of CBC –  CBC works well for input greater than b bits.  CBC is a good authentication mechanism.  Better resistive nature towards cryptanalysis than ECB. Disadvantages of CBC –  Parallel encryption is not possible since every encryption requires a previous cipher.
  • 11. Cipher Feedback Mode (CFB) – In this mode the cipher is given as feedback to the next block of encryption with some new specifications: first, an initial vector IV is used for first encryption and output bits are divided as a set of s and b-s bits.The left-hand side s bits are selected along with plaintext bits to which an XOR operation is applied. The result is given as input to a shift register having b-s bits to lhs,s bits to rhs and the process continues. The encryption and decryption process for the same is shown below, both of them use encryption algorithms. Advantages of CFB –  Since, there is some data loss due to the use of shift register, thus it is difficult for applying cryptanalysis. Disadvantages of using ECB –  The drawbacks of CFB are the same as those of CBC mode. Both block losses and concurrent encryption of several blocks are not supported by the encryption. Decryption, however, is parallelizable and loss-tolerant.
  • 12. Output Feedback Mode (OFB)– The output feedback mode follows nearly the same process as the Cipher Feedback mode except that it sends the encrypted output as feedback instead of the actual cipher which is XOR output. In this output feedback mode, all bits of the block are sent instead of sending selected s bits. The Output Feedback mode of block cipher holds great resistance towards bit transmission errors. It also decreases the dependency or relationship of the cipher on the plaintext. Advantages of OFB –  In the case of CFB, a single bit error in a block is propagated to all subsequent blocks. This problem is solved by OFB as it is free from bit errors in the plaintext block. Disadvantages of OFB-  The drawback of OFB is that, because to its operational modes, it is more susceptible to a message stream modification attack than CFB.
  • 13. Counter Mode (CTR) – The Counter Mode or CTR is a simple counter-based block cipher implementation. Every time a counter-initiated value is encrypted and given as input to XOR with plaintext which results in ciphertext block. The CTR mode is independent of feedback use and thus can be implemented in parallel. Its simple implementation is shown below: Advantages of Counter –  Since there is a different counter value for each block, the direct plaintext and ciphertext relationship is avoided. This means that the same plain text can map to different ciphertext.  Parallel execution of encryption is possible as outputs from previous stages are not chained as in the case of CBC. Disadvantages of Counter-  The fact that CTR mode requires a synchronous counter at both the transmitter and the receiver is a severe drawback. The recovery of plaintext is erroneous when synchronisation is lost.