This document provides an introduction to symmetric block ciphers. It discusses how symmetric block ciphers use the same secret key for encryption and decryption. The key must be securely distributed and kept secret. Examples of symmetric block ciphers include the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES). The document also covers cryptanalysis techniques, the principles of confusion and diffusion, block cipher structure, encryption modes like ECB and CBC, and compares block ciphers to stream ciphers.

1. Introduction to Symmetric
Block Cipher
Jing Deng
Based on
Prof. Rick Han’s Lecture Slides
Dr. Andreas Steffen’s Security
Tutorial

2. Cryptography
• Encryption algorithm also called a cipher
• Cryptography has evolved so that modern
encryption and decryption use secret keys
• Cryptographic algorithms can be openly published
• Only have to protect the keys
Encryption Decryption
plaintext ciphertext plaintext
Encryption Decryption
plaintext ciphertext plaintext
Key KA Key KB

3. Symmetric-Key Cryptography
• Both sender and receiver keys are the same: KA=KB
• The keys must be kept secret and securely
distributed
• Thus, also called “Secret Key Cryptography”
• Data Encryption Standard (DES)
Encryption Decryption
plaintext ciphertext plaintext
Key KA Key KB=KA
Secure Key Distribution

4. Cryptanalysis
• Brute force: try every key
• Ciphertext-only attack:
• Attacker knows ciphertext of several messages encrypted
with same key (but doesn’t know plaintext).
• Possible to recover plaintext (also possible to deduce key) by
looking at frequency of ciphertext letters
• Known-plaintext attack:
• Attackers observes pairs of plaintext/ciphertext encrypted
with same key.
• Possible to deduce key and/or devise algorithm to decrypt
ciphertext.

5. Cryptanalysis (2)
• Chosen-plaintext attack:
• Attacker can choose the plaintext and look at the paired
ciphertext
• Attacker has more control than known-plaintext attack and
may be able to gain more info about key
• Adaptive Chosen-Plaintext attack:
• Attacker chooses a series of plaintexts, basing the next
plaintext on the result of previous encryption
• Examples
• Differential cryptanalysis – DES is resistant it
• Linear cryptanalysis
• Cryptanalysis attacks often exploit the
redundancy of natural language
• Lossless compression before encryption removes
redundancy

6. Examples
• Simple and non-secure ciphers
– Shift Cipher – Caesar Cipher
– Affine Cipher
– Vigenere Cipher
– Hill Cipher
• Information-secure cipher
– One-Time Pad

7. Confusion and Diffusion
• Terms courtesy of Claude Shannon, father of
Information Theory
• “Confusion” = Substitution
• a -> b
• Caesar cipher
• “Diffusion” = Transposition or Permutation
• abcd -> dacb
• DES
Encryption Decryption
plaintext ciphertext plaintext
Key KA Key KB

8. Confusion and Diffusion (2)
• Modern substitution ciphers take in N bits and
substitute N bits using lookup table: called S-
Boxes
• “Confusion” : a classical Substitution Cipher
Courtesy:
Andreas
Steffen

9. Confusion and Diffusion (3)
• “Diffusion” : a classical Transposition cipher
• modern Transposition ciphers take in N bits and
permute using lookup table : called P-Boxes
Courtesy:
Andreas
Steffen

10. Block Cipher
• Divide input bit stream into n-bit sections, encrypt
only that section, no dependency/history between
sections
• In a good block cipher, each output bit is a function
of all n input bits and all k key bits
Courtesy:
Andreas
Steffen

11. Example: DES
• Data Encryption Standard (DES)
• Encodes plaintext in 64-bit chunks using a 64-bit
key (56 bits + 8 bits parity)
• Uses a combination of diffusion and confusion to
achieve security
• Was cracked in 1997
• Parallel attack – exhaustively search key space
• Decryption in DES – it’s symmetric! Use KA again as
input and then the same keys except in reverse
order

12. Example: DES (2)
• DES
• 64-bit input is permuted
• 16 stages of identical
operation
• differ in the 48-bit
key extracted from
56-bit key - complex
• R2= R1 is encrypted
with K1 and XOR’d
with L1
• L2=R1, …
• Final inverse permutation
stage

13. Example: DES (3)

14. Beyond DES
• Triple-DES: put the output of DES back as
input into DES again with a different key,
loop again: 3*56 = 168 bit key
• Advanced Encryption Standard (AES)
– Requirements:
• shall be designed so that the key length may be
increased as needed.
• block size n = 128 bits, key size k = 128, 192, 256 bits
– Candidates: MARS, twofish, RC6, Serpent,
Rijndael
– successor (Rijndael)

15. Encryption Mode (ECB)
• Electronic Code Book (ECB) mode for block
ciphers of a long digital sequence
• Vulnerable to replay attacks: if an attacker thinks block
C2 corresponds to $ amount, then substitute another Ck
• Attacker can also build a codebook of <Ck, guessed Pk>
pairs

16. Encryption Mode (CBC)
• Cipher Block Chaining (CBC) mode for block
ciphers
• Inhibits replay attacks and codebook building: identical
input plaintext Pi =Pk won’t result in same output code due
to memory-based chaining
• IV = Initialization Vector – use only once

17. Stream Cipher
• Stream ciphers
• Rather than divide bit stream into discrete blocks, as
block ciphers do, XOR each bit of your plaintext
continuous stream with a bit from a pseudo-random
sequence
• At receiver, use same symmetric key, XOR again to
extract plaintext

18. Encryption Mode (OFB)