Block Ciphering
Confusion and Diffusion Theory
Understand the algebra of AES e.g. finding inverse etc.
AES and its importance in security
Efficient implementation of AES.
Implementation of AES
2. Session 2 objective
CS-5 Revision Previous Session revision
CS -5 Block Ciphering
CS -5 Revision of DES,Feistel Cipher Structure
CS -5 Confusion and Diffusion Theory
CS -5 AES and its importance in security
CS-5 Efficient implementation of AES using C and C# demo.
SUMMARY
3. CS -5 Block Ciphering
This functionality is similar to block cipher
Only difference is key
4. CS -5 Block Ciphering
This functionality is similar to
block cipher Only difference is key
5. CS -5 Block Ciphering
This functionality is
similar to block
cipher Only
difference
is key And must
be reversible
7. CS -5 Block Ciphering
Can any function be used as a block cipher ???
8. CS -5 Block Ciphering
Block Cipher Algorithms:
DES (Explanation done in session two ,refer video lecture Module 7)
AES
RC6
9. 9
CS -5 Feistel Cipher Structure
1. PT=2 halves
2. Apply function to right
3. Function can be anything a logical model
4. For function a separate key will be used
5. O/p from 5 is XORed with left
6. O/P of left and right is swapped
7. Process 1 to 7 is a round
8. Number of rounds
Block Cipher Design Principles
1.Block Size (10B PT=10B CT)
2.Key size
3.Sub Keys Count
4.Round Function
5.Plain Text in Two equal Halves
12. 12
CS -5 AES and its importance in security
AES(Applications in commercial market)
Intel and AMD processors include the AES instruction set.
Signal Protocol
Google Allo (optional)
Facebook Messenger (optional)
Signal
TextSecure
WhatsApp
Linux kernel's Crypto API, now exposed to userspace
DataLocker Uses AES 256-bit CBC and XTS mode hardware encryption
BitLocker (part of certain editions of Windows operating systems)
7z ,Amanda Backup,PeaZip,PKZIP,RAR,WinZip,UltraISO
Hadoop
13. 13
CS -5 AES and its importance in security
AES(Advance Encryption Standard):
Symmetric Key Block cipher (Same key ???)
128 bit data
128 bit key size
56 bit size key was used in DES vulnerable for the brut
force attack
Stronger and faster than DES
14. 14
CS -5 AES and its importance in security
Rounds Key
10 128
12 192
14 256
15. 15
CS -5 AES and its importance in security
AES Structure: AES Encryption process:
16. 16
CS -5 AES and its importance in security
AES(Advance Encryption Standard):
Considering 10 rounds
S1:Input PT=128 bits
S2:Pre round transformation ( a key goes here k0) like
DES here also we have key expansion block
S3:Now starts number of rounds (key is added to each
round)
It runs up to round n depending upon key size
17. 17
CS -5 AES and its importance in security
AES(Advance Encryption Standard):
designed by Rijmen-Daemen in Belgium
has 128/192/256 bit keys, 128 bit data
an iterative rather than Feistel cipher
processes data as block of 4 columns of 4 bytes
operates on entire data block in every round
designed to have:
resistance against known attacks
speed and code compactness on many CPUs
design simplicity
19. CS -5 AES encryption process
S1:Input PT=128 bits
S2:Pre round transformation ( a key goes
here k0) like DES here also we have key
expansion block
S3:Now starts number of rounds (key is
added to each round)
Sub bytes : its matrix of 4x4 (s-boxes)
Shift rows (Left shift only) & create
new matrix for net step
Mix columns : Columns are mixed with
some mathematical function
Add round key : Bit streams are now
XORed with round key
This process is repeated till last round
Row number Shift left
1 0
2 1
3 2
4 3
Decryption process
is exact reverse of this
22. CS -5 AES encryption process
Substitute Bytes
Example
23. CS -5 AES encryption process
Shift Rows
A circular byte shift in each each
1st row is unchanged
2nd row does 1 byte circular shift to left
3rd row does 2 byte circular shift to left
4th row does 3 byte circular shift to left
Decrypt inverts using shifts to right
Since state is processed by columns, this step
permutes bytes between the columns
25. CS -5 AES encryption process
Mix Columns
each column is processed separately
each byte is replaced by a value dependent on all 4 bytes in the
column
effectively a matrix multiplication in GF(28) using prime poly m(x)
=x8+x4+x3+x+1
27. CS -5 AES encryption process
AES Arithmetic
uses arithmetic in the finite field GF(28)
with irreducible polynomial
m(x) = x8 + x4 + x3 + x + 1
which is (100011011) or {11b}
e.g.
{02} • {87} mod {11b} = (1 0000 1110) mod {11b}
= (1 0000 1110) xor (1 0001 1011) = (0001 0101)
28. CS -5 AES encryption process
Add Round Key
XOR state with 128-bits of the round key
again processed by column (though effectively a series of
byte operations)
inverse for decryption identical
since XOR own inverse, with reversed keys
designed to be as simple as possible
a form of Vernam cipher on expanded key
requires other stages for complexity / security
30. CS -5 AES encryption process
Key Expansion
takes 128-bit (16-byte) key and
expands into array of 44/52/60
32-bit words
start by copying key into first 4
words
then loop creating words that
depend on values in previous &
4 places back
in 3 of 4 cases just XOR these
together
1st word in 4 has rotate + S-box
+ XOR round constant on
previous, before XOR 4th back
32. 32
CS -5 AES and its importance in security
Summary
an iterative rather than Feistel cipher
key expanded into array of 32-bit words
four words form round key in each round
4 different stages are used as shown
has a simple structure
only AddRoundKey uses key
AddRoundKey a form of Vernam cipher
each stage is easily reversible
decryption uses keys in reverse order
decryption does recover plaintext
final round has only 3 stages