The document covers network security concepts focusing on block ciphering, specifically AES (Advanced Encryption Standard) and its significance in security. It details AES structure, including its iterative process, key expansion, and encryption methods, while contrasting it with DES (Data Encryption Standard). The AES is highlighted for its resistance to attacks, speed, and applicability in various commercial platforms.

1. Network Security
CS-5
By: Prof. Ganesh Ingle

2. Session 2 objective
CS-5 Revision Previous Session revision
CS -5 Block Ciphering
CS -5 Revision of DES,Feistel Cipher Structure
CS -5 Confusion and Diffusion Theory
CS -5 AES and its importance in security
CS-5 Efficient implementation of AES using C and C# demo.
SUMMARY

3. CS -5 Block Ciphering
This functionality is similar to block cipher
Only difference is key

4. CS -5 Block Ciphering
This functionality is similar to
block cipher Only difference is key

5. CS -5 Block Ciphering
This functionality is
similar to block
cipher Only
difference
is key And must
be reversible

6. CS -5 Block Ciphering

7. CS -5 Block Ciphering
Can any function be used as a block cipher ???

8. CS -5 Block Ciphering
Block Cipher Algorithms:
DES (Explanation done in session two ,refer video lecture Module 7)
AES
RC6

9. 9
CS -5 Feistel Cipher Structure
1. PT=2 halves
2. Apply function to right
3. Function can be anything a logical model
4. For function a separate key will be used
5. O/p from 5 is XORed with left
6. O/P of left and right is swapped
7. Process 1 to 7 is a round
8. Number of rounds
Block Cipher Design Principles
1.Block Size (10B PT=10B CT)
2.Key size
3.Sub Keys Count
4.Round Function
5.Plain Text in Two equal Halves

10. 10
CS -5 Confusion and Diffusion Theory

11. 11
CS -5 Confusion and Diffusion Theory

12. 12
CS -5 AES and its importance in security
 AES(Applications in commercial market)
 Intel and AMD processors include the AES instruction set.
 Signal Protocol
 Google Allo (optional)
 Facebook Messenger (optional)
 Signal
 TextSecure
 WhatsApp
 Linux kernel's Crypto API, now exposed to userspace
 DataLocker Uses AES 256-bit CBC and XTS mode hardware encryption
 BitLocker (part of certain editions of Windows operating systems)
 7z ,Amanda Backup,PeaZip,PKZIP,RAR,WinZip,UltraISO
 Hadoop

13. 13
CS -5 AES and its importance in security
 AES(Advance Encryption Standard):
 Symmetric Key Block cipher (Same key ???)
 128 bit data
 128 bit key size
 56 bit size key was used in DES vulnerable for the brut
force attack
 Stronger and faster than DES

14. 14
CS -5 AES and its importance in security
Rounds Key
10 128
12 192
14 256

15. 15
CS -5 AES and its importance in security
AES Structure: AES Encryption process:

16. 16
CS -5 AES and its importance in security
 AES(Advance Encryption Standard):
 Considering 10 rounds
 S1:Input PT=128 bits
 S2:Pre round transformation ( a key goes here k0) like
DES here also we have key expansion block
 S3:Now starts number of rounds (key is added to each
round)
 It runs up to round n depending upon key size

17. 17
CS -5 AES and its importance in security
 AES(Advance Encryption Standard):
 designed by Rijmen-Daemen in Belgium
 has 128/192/256 bit keys, 128 bit data
 an iterative rather than Feistel cipher
 processes data as block of 4 columns of 4 bytes
 operates on entire data block in every round
 designed to have:
 resistance against known attacks
 speed and code compactness on many CPUs
 design simplicity

18. CS -5 AES key expansion block

19. CS -5 AES encryption process
 S1:Input PT=128 bits
 S2:Pre round transformation ( a key goes
here k0) like DES here also we have key
expansion block
 S3:Now starts number of rounds (key is
added to each round)
 Sub bytes : its matrix of 4x4 (s-boxes)
 Shift rows (Left shift only) & create
new matrix for net step
 Mix columns : Columns are mixed with
some mathematical function
 Add round key : Bit streams are now
XORed with round key
 This process is repeated till last round
Row number Shift left
1 0
2 1
3 2
4 3
Decryption process
is exact reverse of this

20. 20
CS-5 Efficient implementation of AES.
Sub bytes : Wikipedia reference

21. CS -5 AES encryption process S box

22. CS -5 AES encryption process
 Substitute Bytes
 Example

23. CS -5 AES encryption process
Shift Rows
 A circular byte shift in each each
 1st row is unchanged
 2nd row does 1 byte circular shift to left
 3rd row does 2 byte circular shift to left
 4th row does 3 byte circular shift to left
 Decrypt inverts using shifts to right
 Since state is processed by columns, this step
permutes bytes between the columns

24. CS -5 AES encryption process
Shift Rows

25. CS -5 AES encryption process
Mix Columns
 each column is processed separately
 each byte is replaced by a value dependent on all 4 bytes in the
column
 effectively a matrix multiplication in GF(28) using prime poly m(x)
=x8+x4+x3+x+1

26. CS -5 AES encryption process
Mix Columns

27. CS -5 AES encryption process
AES Arithmetic
 uses arithmetic in the finite field GF(28)
 with irreducible polynomial
 m(x) = x8 + x4 + x3 + x + 1
 which is (100011011) or {11b}
 e.g.
 {02} • {87} mod {11b} = (1 0000 1110) mod {11b}
 = (1 0000 1110) xor (1 0001 1011) = (0001 0101)

28. CS -5 AES encryption process
Add Round Key
 XOR state with 128-bits of the round key
 again processed by column (though effectively a series of
byte operations)
 inverse for decryption identical
 since XOR own inverse, with reversed keys
 designed to be as simple as possible
 a form of Vernam cipher on expanded key
 requires other stages for complexity / security

29. CS -5 AES encryption process
Add Round Key

30. CS -5 AES encryption process
Key Expansion
 takes 128-bit (16-byte) key and
expands into array of 44/52/60
32-bit words
 start by copying key into first 4
words
 then loop creating words that
depend on values in previous &
4 places back
 in 3 of 4 cases just XOR these
together
 1st word in 4 has rotate + S-box
+ XOR round constant on
previous, before XOR 4th back

31. 31
CS -5 AES and its importance in security

32. 32
CS -5 AES and its importance in security
 Summary
 an iterative rather than Feistel cipher
 key expanded into array of 32-bit words
 four words form round key in each round
 4 different stages are used as shown
 has a simple structure
 only AddRoundKey uses key
 AddRoundKey a form of Vernam cipher
 each stage is easily reversible
 decryption uses keys in reverse order
 decryption does recover plaintext
 final round has only 3 stages

33. 33
CS -5 AES and its importance in security

34. 34
CS-5 Efficient implementation of AES.

35. 35
CS-5 Efficient implementation of AES.

36. 36
CS-5 Efficient implementation of AES.

37. 37
CS-5 Efficient implementation of AES.

38. 38
CS-5 Efficient implementation of AES.

39. 39
CS-5 Efficient implementation of AES.

40. 40
CS-5 Efficient implementation of AES.

41. 41
CS-5 Efficient implementation of AES.

42. CS-5 AES vs DES

43. Thank you
Image Source
searchenterpriseai.techtarget.com
wikipedia