DOCSLIB.ORG

The MAGENTA Block Cipher Algorithm Contents

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The MAGENTA Block Cipher Algorithm Contents The MAGENTA Blo ck Cipher Algorithm y M.J. Jacobson, Jr. and K. Hub er Deutsche Telekom AG Am Kavalleriesand 3 64295 Darmstadt GERMANY June 8, 1998 Contents 1 Intro duction 2 2 The MAGENTA Algorithm 2 3 Computational Eciency 3 4 Algebraic Prop erties 5 4.1 The Function f x . 5 4.2 The Function PEx; y . 6 4.3 Two Successive Combinations of . 6 4.4 The Function T . 7 3 4.5 The Function E . 7 4.6 The MAGENTA Algorithm . 8 5 Avalanche Prop erties 8 5.1 The Function f x . 8 5.2 The Function PEx; y . 8 3 5.3 The Function E . 9 5.4 The MAGENTA Algorithm . 10 6 Statistical Tests 10 7 Di erential Cryptanalysis 12 8 Linear Cryptanalysis 13 9 Palindrome Prop erties 14 10 Conclusions 14 A Assembler Co de 16 [email protected] y hub [email protected] 1 1 Intro duction The developmentofMAGENTAMultifunctional Algorithm for General-purp ose Encryption and Network Telecommunication b egan in 1990, with the basic design principles explained in the unpublished pap er [7]. The idea was to apply simple and transparent techniques no magic tables or constants which can b e eciently implemented in b oth software and hardware. Originally, this was realized by using a butter y structure to accomplish di usion and discrete exp onentiation in a nite eld for confusion. In the following years, the idea of hardware realizations was investigated more closely. In co op eration with hardware sp ecialist S. Wolter the butter y structure of the original prop osal was switched to the FHT shue structure, which has the advantage of giving identical structures at each stage. Further slightchanges to the algorithm o ccurred when an analysis of the algorithm done by sp ecialists of the company SIT [5] was carried out in 1994. Plans were to develop a chip which would be capable of op erating up to the gigabit/sec range see [8]. It was envisioned to use suchchips for encryption of ATM connections. Unfortunately the hardware realization did not pro ceed as planned since the need for such encryption is not yet widely appreciated, although investigations have shown that it should b e p ossible to achieve [8]. Currently, the MAGENTA algorithm is used within Deutsche Telekom for securing sensitive management data. In addition, a VHDL design and a FPGA Field Programmable Gate Array realization are in progress. There are two schemes to mention which essentially used structures of the fast Fourier Transform for cryptographic purp oses prior to the MAGENTA algorithm. The rst is an invention of Jean Pierre Vaseur [19] whichwas led on 2nd June 1959. The second is the so-called Comp-128 algorithm which is used by some GSM providers. The Comp-128 algorithm was designed at the end of the eighties, and was recently disclosed through the Internet. In the next section, we describ e the MAGENTA algorithm in detail. As mentioned ab ove, the security of MAGENTA has b een analyzed in great detail on b ehalf of Deutsche Telekom by SIT GmbH for use with 128-bit keys. In Sections 4 to 9, we highlight the details of the internal rep ort based on this analysis [5] and extend the analysis to 192 and 256 bit keys where appropriate. 2 The MAGENTA Algorithm 8 Let B = f0; 1g b e the set of all 8-bit binary vectors bytes. For x 2 B; we will write x =x ;x ;:::;x ; 7 6 0 7 6 and we asso ciate eachbyte with an integer in f0; 1;:::;255g via the formula x ;x ;:::;x 7! 2 x +2 x + 7 6 0 7 6 ::: + x : The op erator will denote bitwise addition mo dulo 2; i.e., the usual bitwise XOR op eration. 0 The heart of the MAGENTA algorithm is based on the Fast Hadamard Transform FHT [10]. However, we replace the addition and subtraction at each no de in the shue structure by the following non-linear 8 6 op eration. Let b e a primitive element of the eld GF 256 with generating p olynomial px=X + X + 5 2 X + X + 1 and p =0: For all x 2 B; de ne x x 6= 255 f x= 1 0 x = 255 : 2 Then, for all x; y 2 B we de ne Ax; y =f x f y 2 and PEx; y =Ax; y ;Ay; x = f x f y ;fy f x : 3 16 For all x ;:::;x 2 B ; our mo di cation of the FHT is given by 0 15 T x ;:::;x = x ;:::;x ; 4 0 15 0 15 where x ;:::;x is de ned as 0 15 x ;:::;x =PEx ;x ;PEx ;x ;:::;PEx ;x : 5 0 15 0 8 1 9 7 15 2 The function T x ;:::;x op erates on a single 128-bit parameter and returns a 128-bit output. Clearly, 0 15 this op eration is very quick, since it can b e implemented entirely with bit op erations. 16 For all X =x ;:::;x 2 B ; de ne 0 15 X =x ;x ;:::;x e 0 2 14 and X =x ;x ;:::;x ; o 1 3 15 i.e., X consists of the bytes of X with even index and X consists of the bytes of X with o dd index. The e o function C consists of rep eated applications of our FHT variant, and is recursively de ned for j 1 and all x ;:::;x by 0 15 j +1 j j 6 C x ;:::;x =T x ;:::;x C ; x ;:::;x C 0 15 0 7 8 15 e o 1 where the initial value C = T x ;:::;x : For a xed numb er of rounds r; we de ne 0 15 r r E x ;:::;x =C : 7 0 15 e Originally,MAGENTAwas designed with r =7: However, during analysis by SIT GmbH [5, App endix] it was discovered that using r = 7 made a chosen plaintext attack p ossible. It was recommended that the numb er of rounds b e reduced to 3; and the analysis in the following chapters shows that to the b est of our knowledge this choice do es not result in any signi cant cryptographic weaknesses of the overall blo ck cipher. Therefore, we xr =3: The complete MAGENTA blo ck cipher makes use of the well-known Feistel construction [3] using the 3 16 8 function E as the basic cyryptomo dule. For x = x ;:::;x 2 B and y = y ;:::;y 2 B ; one 0 15 0 7 \Feistel-round" is de ned as 3 F x= x ;:::;x ; x ;:::;x E x ;:::;x ;y ;:::;y : 8 y 8 15 0 7 8 15 0 7 16 Let M =x ;:::;x 2 B b e one plaintext blo ck 128 bits. The MAGENTA algorithm supp orts the 0 15 following three key sizes: 128 bit: K =K ;K ; 1 2 192 bit: K =K ;K ;K ; 1 2 3 256 bit: K =K ;K ;K ;K ; 1 2 3 4 where K =y ;:::;y ;K =y ;:::;y ;K =y ;:::;y ; and K =y ;:::;y : The MAGENTA 1 0 7 2 8 15 3 16 23 4 24 31 algorithm makes use of six or eightFeistel rounds, where each round uses a di erent part of the key. The algorithm is given by 8 16 F F F F F F M if K =K K 2 B < K K K K K K 1 2 1 1 2 2 1 1 24 F F F F F F M if K =K K K 2 B Enc M = : 9 K K K K K K 1 2 3 K 1 2 3 3 2 1 : 32 F F F F F F F F M if K =K K K K 2 B K K K K K K K K 1 2 3 4 1 2 3 4 4 3 2 1 Due to a palindromic prop erty of Equation 9 given in Section 9, the decryption function can easily be expressed in terms of the encryption function by Dec M =V Enc V M ; 10 K K where V x ;:::;x =x ;x ;:::;x ;x ;x ;:::;x : 0 15 8 9 15 0 1 7 3 Computational Eciency In this section, we give estimates of the numb er of clo ck cycles required to p erform ve basic op erations of the MAGENTA algorithm on two architectures, an Intel Pentium Pro pro cessor running at 200 MHz and the Z80 micropro cessor, a typical 8-bit pro cessor. In particular, we consider the following op erations: 3 set up a key, change a key, initialize the algorithm, encrypt one 128-bit blo ck in ECB mo de, decrypt one 128-bit blo ck in ECB mo de. We analyze all three key sizes supp orted byMAGENTA, namely 128; 192; and 256 bits. In order to obtain eciency estimates on a Pentium Pro pro cessor, we computed the run times in seconds 6 required to p erform eachof the ve op erations 10 times on a given random key-plaintext pair using our optimized C implementation. These run times were then normalized to obtain an approximation of the 6 number of clo ck cycles required for one iteration by dividing by 10 the total number of iterations and 8 multiplying by the numb er of cycles p er second 2 10 . The results of these calculations are in Table 1.
Load more

Recommended publications
  • The Data Encryption Standard (DES) – History
    Chair for Network Architectures and Services Department of Informatics TU München – Prof. Carle Network Security Chapter 2 Basics 2.1 Symmetric Cryptography • Overview of Cryptographic Algorithms • Attacking Cryptographic Algorithms • Historical Approaches • Foundations of Modern Cryptography • Modes of Encryption • Data Encryption Standard (DES) • Advanced Encryption Standard (AES) Cryptographic algorithms: outline Cryptographic Algorithms Symmetric Asymmetric Cryptographic Overview En- / Decryption En- / Decryption Hash Functions Modes of Cryptanalysis Background MDC’s / MACs Operation Properties DES RSA MD-5 AES Diffie-Hellman SHA-1 RC4 ElGamal CBC-MAC Network Security, WS 2010/11, Chapter 2.1 2 Basic Terms: Plaintext and Ciphertext Plaintext P The original readable content of a message (or data). P_netsec = „This is network security“ Ciphertext C The encrypted version of the plaintext. C_netsec = „Ff iThtIiDjlyHLPRFxvowf“ encrypt key k1 C P key k2 decrypt In case of symmetric cryptography, k1 = k2. Network Security, WS 2010/11, Chapter 2.1 3 Basic Terms: Block cipher and Stream cipher Block cipher A cipher that encrypts / decrypts inputs of length n to outputs of length n given the corresponding key k. • n is block length Most modern symmetric ciphers are block ciphers, e.g. AES, DES, Twofish, … Stream cipher A symmetric cipher that generats a random bitstream, called key stream, from the symmetric key k. Ciphertext = key stream XOR plaintext Network Security, WS 2010/11, Chapter 2.1 4 Cryptographic algorithms: overview
    [Show full text]
  • Seed Maturity in White Fir and Red Fir. Pacific Southwest Forest and Range Exp
    PACIFIC SOUTHWEST Forest and Range FOREST SERVICE U. S. DEPARTMENT OF AGRICULTURE P.O. BOX 245, BERKELEY, CALIFORNIA 94701 Experiment Station USDA FOREST SERVICE RESEARCH PAPER PSW-99 /1974 CONTENTS Page Summary ................................................... 1 Introduction ................................................. 3 Methods .................................................... 3 Testing Fresh Seeds ....................................... 3 Testing Stratified Seeds .................................... 3 Seedling Vigor Tests ...................................... 4 Artificial Ripening Trial ................................... 4 Other Observations ........................................ 4 Results and Discussion ....................................... 5 Cone Specific Gravity ..................................... 5 Seed Germination, byCollection Date ....................... 5 Seed GerminationandCone Specific Gravity ................ 7 Red Fir Seedling Vigor .................................... 9 ArtificialRipening of White Fir Seeds ....................... 9 OtherMaturity Indices ..................................... 9 Application ................................................. 10 Literature Cited.............................................. 12 THE AUTHOR WILLIAM W. OLIVER is doing silvicultural research on Sierra Nevada conifer types with headquarters at Redding, California. He earned a B.S. degree (1956) in forestry from the University of New Hampshire, and an M.F. degree (1960) from the University of Michigan. A native of
    [Show full text]
  • Block Ciphers and the Data Encryption Standard
    Lecture 3: Block Ciphers and the Data Encryption Standard Lecture Notes on “Computer and Network Security” by Avi Kak ([email protected]) January 26, 2021 3:43pm ©2021 Avinash Kak, Purdue University Goals: To introduce the notion of a block cipher in the modern context. To talk about the infeasibility of ideal block ciphers To introduce the notion of the Feistel Cipher Structure To go over DES, the Data Encryption Standard To illustrate important DES steps with Python and Perl code CONTENTS Section Title Page 3.1 Ideal Block Cipher 3 3.1.1 Size of the Encryption Key for the Ideal Block Cipher 6 3.2 The Feistel Structure for Block Ciphers 7 3.2.1 Mathematical Description of Each Round in the 10 Feistel Structure 3.2.2 Decryption in Ciphers Based on the Feistel Structure 12 3.3 DES: The Data Encryption Standard 16 3.3.1 One Round of Processing in DES 18 3.3.2 The S-Box for the Substitution Step in Each Round 22 3.3.3 The Substitution Tables 26 3.3.4 The P-Box Permutation in the Feistel Function 33 3.3.5 The DES Key Schedule: Generating the Round Keys 35 3.3.6 Initial Permutation of the Encryption Key 38 3.3.7 Contraction-Permutation that Generates the 48-Bit 42 Round Key from the 56-Bit Key 3.4 What Makes DES a Strong Cipher (to the 46 Extent It is a Strong Cipher) 3.5 Homework Problems 48 2 Computer and Network Security by Avi Kak Lecture 3 Back to TOC 3.1 IDEAL BLOCK CIPHER In a modern block cipher (but still using a classical encryption method), we replace a block of N bits from the plaintext with a block of N bits from the ciphertext.
    [Show full text]
  • Report on the AES Candidates
    Rep ort on the AES Candidates 1 2 1 3 Olivier Baudron , Henri Gilb ert , Louis Granb oulan , Helena Handschuh , 4 1 5 1 Antoine Joux , Phong Nguyen ,Fabrice Noilhan ,David Pointcheval , 1 1 1 1 Thomas Pornin , Guillaume Poupard , Jacques Stern , and Serge Vaudenay 1 Ecole Normale Sup erieure { CNRS 2 France Telecom 3 Gemplus { ENST 4 SCSSI 5 Universit e d'Orsay { LRI Contact e-mail: [email protected] Abstract This do cument rep orts the activities of the AES working group organized at the Ecole Normale Sup erieure. Several candidates are evaluated. In particular we outline some weaknesses in the designs of some candidates. We mainly discuss selection criteria b etween the can- didates, and make case-by-case comments. We nally recommend the selection of Mars, RC6, Serp ent, ... and DFC. As the rep ort is b eing nalized, we also added some new preliminary cryptanalysis on RC6 and Crypton in the App endix which are not considered in the main b o dy of the rep ort. Designing the encryption standard of the rst twentyyears of the twenty rst century is a challenging task: we need to predict p ossible future technologies, and wehavetotake unknown future attacks in account. Following the AES pro cess initiated by NIST, we organized an op en working group at the Ecole Normale Sup erieure. This group met two hours a week to review the AES candidates. The present do cument rep orts its results. Another task of this group was to up date the DFC candidate submitted by CNRS [16, 17] and to answer questions which had b een omitted in previous 1 rep orts on DFC.
    [Show full text]
  • Development of the Advanced Encryption Standard
    Volume 126, Article No. 126024 (2021) https://doi.org/10.6028/jres.126.024 Journal of Research of the National Institute of Standards and Technology Development of the Advanced Encryption Standard Miles E. Smid Formerly: Computer Security Division, National Institute of Standards and Technology, Gaithersburg, MD 20899, USA [email protected] Strong cryptographic algorithms are essential for the protection of stored and transmitted data throughout the world. This publication discusses the development of Federal Information Processing Standards Publication (FIPS) 197, which specifies a cryptographic algorithm known as the Advanced Encryption Standard (AES). The AES was the result of a cooperative multiyear effort involving the U.S. government, industry, and the academic community. Several difficult problems that had to be resolved during the standard’s development are discussed, and the eventual solutions are presented. The author writes from his viewpoint as former leader of the Security Technology Group and later as acting director of the Computer Security Division at the National Institute of Standards and Technology, where he was responsible for the AES development. Key words: Advanced Encryption Standard (AES); consensus process; cryptography; Data Encryption Standard (DES); security requirements, SKIPJACK. Accepted: June 18, 2021 Published: August 16, 2021; Current Version: August 23, 2021 This article was sponsored by James Foti, Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology (NIST). The views expressed represent those of the author and not necessarily those of NIST. https://doi.org/10.6028/jres.126.024 1. Introduction In the late 1990s, the National Institute of Standards and Technology (NIST) was about to decide if it was going to specify a new cryptographic algorithm standard for the protection of U.S.
    [Show full text]
  • Chapter 3 – Block Ciphers and the Data Encryption Standard
    Symmetric Cryptography Chapter 6 Block vs Stream Ciphers • Block ciphers process messages into blocks, each of which is then en/decrypted – Like a substitution on very big characters • 64-bits or more • Stream ciphers process messages a bit or byte at a time when en/decrypting – Many current ciphers are block ciphers • Better analyzed. • Broader range of applications. Block vs Stream Ciphers Block Cipher Principles • Block ciphers look like an extremely large substitution • Would need table of 264 entries for a 64-bit block • Arbitrary reversible substitution cipher for a large block size is not practical – 64-bit general substitution block cipher, key size 264! • Most symmetric block ciphers are based on a Feistel Cipher Structure • Needed since must be able to decrypt ciphertext to recover messages efficiently Ideal Block Cipher Substitution-Permutation Ciphers • in 1949 Shannon introduced idea of substitution- permutation (S-P) networks – modern substitution-transposition product cipher • These form the basis of modern block ciphers • S-P networks are based on the two primitive cryptographic operations we have seen before: – substitution (S-box) – permutation (P-box) (transposition) • Provide confusion and diffusion of message Diffusion and Confusion • Introduced by Claude Shannon to thwart cryptanalysis based on statistical analysis – Assume the attacker has some knowledge of the statistical characteristics of the plaintext • Cipher needs to completely obscure statistical properties of original message • A one-time pad does this Diffusion
    [Show full text]
  • Symmetric Encryption: AES
    Symmetric Encryption: AES Yan Huang Credits: David Evans (UVA) Advanced Encryption Standard ▪ 1997: NIST initiates program to choose Advanced Encryption Standard to replace DES ▪ Why not just use 3DES? 2 AES Process ▪ Open Design • DES: design criteria for S-boxes kept secret ▪ Many good choices • DES: only one acceptable algorithm ▪ Public cryptanalysis efforts before choice • Heavy involvements of academic community, leading public cryptographers ▪ Conservative (but “quick”): 4 year process 3 AES Requirements ▪ Secure for next 50-100 years ▪ Royalty free ▪ Performance: faster than 3DES ▪ Support 128, 192 and 256 bit keys • Brute force search of 2128 keys at 1 Trillion keys/ second would take 1019 years (109 * age of universe) 4 AES Round 1 ▪ 15 submissions accepted ▪ Weak ciphers quickly eliminated • Magenta broken at conference! ▪ 5 finalists selected: • MARS (IBM) • RC6 (Rivest, et. al.) • Rijndael (Belgian cryptographers) • Serpent (Anderson, Biham, Knudsen) • Twofish (Schneier, et. al.) 5 AES Evaluation Criteria 1. Security Most important, but hardest to measure Resistance to cryptanalysis, randomness of output 2. Cost and Implementation Characteristics Licensing, Computational, Memory Flexibility (different key/block sizes), hardware implementation 6 AES Criteria Tradeoffs ▪ Security v. Performance • How do you measure security? ▪ Simplicity v. Complexity • Need complexity for confusion • Need simplicity to be able to analyze and implement efficiently 7 Breaking a Cipher ▪ Intuitive Impression • Attacker can decrypt secret messages • Reasonable amount of work, actual amount of ciphertext ▪ “Academic” Ideology • Attacker can determine something about the message • Given unlimited number of chosen plaintext-ciphertext pairs • Can perform a very large number of computations, up to, but not including, 2n, where n is the key size in bits (i.e.
    [Show full text]
  • Critical Assessment of Reaction Mechanisms Using the Lisbon Kinetics Tool Suit
    XXXIV ICPIG & ICRP-10, July 14-19, 2019, Sapporo, Hokkaido, Japan Critical assessment of reaction mechanisms using the LisbOn KInetics tool suit 1 1 1 2 P P P P P A. Tejero-del-Caz P , V.U Guerra UP , M. Lino da Silva P , L. Marques P , 1 1,3 1 1 P P P N. Pinhão P , C. D. Pintassilgo P , T. Silva P and L. L. Alves P 1 P P Instituto de Plasmas e Fusão Nuclear, Instituto Superior Técnico, Universidade de Lisboa, Av. Rovisco Pais, Lisboa, Portugal 2 P P Centro de Física da Universidade do Minho, Campus de Gualtar, Braga, Portugal 3 P P Faculdade de Engenharia da Universidade do Porto, Porto, Portugal This work uses the LisbOn KInetics (LoKI) tool suit to perform a critical assessment and correction of the collisional, radiative and transport mechanisms and data describing the kinetics of several gas/plasma systems. LoKI comprises two modules: a Boltzmann solver, LoKI-B (to become open- source), and a chemistry solver, LoKI-C. Both modules can run as standalone tools or coupled in a self-consistent manner. LoKI handles simulations in any atomic / molecular gas mixture, considering collisions with any target state (electronic, vibrational and rotational), specified in the reaction mechanism adopted. As output, the tool provides the electron energy distribution function and the corresponding electron macroscopic parameters, along with the densities of species and the corresponding creation / destruction rates. 1. Introduction for the heavy species (charged and neutral) present in Predictive tools for non-equilibrium low- the plasma, receiving as input data the KIT(s) for the temperature plasmas (LTPs) should properly describe gas/plasma system under study, and using several the kinetics of both the electrons and the heavy- modules to describe the mechanisms (collisional, species, the former responsible for inducing plasma radiative and transport) controlling the creation / reactivity and the latter providing the pathways for destruction of species.
    [Show full text]
  • The Long Road to the Advanced Encryption Standard
    The Long Road to the Advanced Encryption Standard Jean-Luc Cooke CertainKey Inc. [email protected], http://www.certainkey.com/˜jlcooke Abstract 1 Introduction This paper will start with a brief background of the Advanced Encryption Standard (AES) process, lessons learned from the Data Encryp- tion Standard (DES), other U.S. government Two decades ago the state-of-the-art in cryptographic publications and the fifteen first the private sector cryptography was—we round candidate algorithms. The focus of the know now—far behind the public sector. presentation will lie in presenting the general Don Coppersmith’s knowledge of the Data design of the five final candidate algorithms, Encryption Standard’s (DES) resilience to and the specifics of the AES and how it dif- the then unknown Differential Cryptanaly- fers from the Rijndael design. A presentation sis (DC), the design principles used in the on the AES modes of operation and Secure Secure Hash Algorithm (SHA) in Digital Hash Algorithm (SHA) family of algorithms Signature Standard (DSS) being case and will follow and will include discussion about point[NISTDSS][NISTDES][DC][NISTSHA1]. how it is directly implicated by AES develop- ments. The selection and design of the DES was shrouded in controversy and suspicion. This very controversy has lead to a fantastic acceler- Intended Audience ation in private sector cryptographic advance- ment. So intrigued by the NSA’s modifica- tions to the Lucifer algorithm, researchers— This paper was written as a supplement to a academic and industry alike—powerful tools presentation at the Ottawa International Linux in assessing block cipher strength were devel- Symposium.
    [Show full text]
  • A Proposed SAFER Plus Security Algorithm Using Fast Walsh Hadamard Transform for Bluetooth Technology D.Sharmila 1, R.Neelaveni 2
    International Journal of Wireless & Mobile Networks (IJWMN), Vol 1, No 2, November 2009 A Proposed SAFER Plus Security algorithm using Fast Walsh Hadamard transform for Bluetooth Technology D.Sharmila 1, R.Neelaveni 2 1(Research Scholar), Associate Professor, Bannari Amman Institute of Technology, Sathyamangalam. Tamil Nadu-638401. [email protected] 2 Asst.Prof. PSG College of Technology, Coimbatore.Tamil Nadu -638401. [email protected] ABSTRACT realtime two-way voice transfer providing data rates up to 3 Mb/s. It operates at 2.4 GHz frequency in the free ISM-band (Industrial, Scientific, and Medical) using frequency hopping In this paper, a modified SAFER plus algorithm is [18]. Bluetooth can be used to connect almost any kind of presented. Additionally, a comparison with various device to another device. Typical range of Bluetooth communication varies from 10 to 100 meters indoors. security algorithms like pipelined AES, Triple DES, Bluetooth technology and associated devices are susceptible Elliptic curve Diffie Hellman and the existing SAFER plus to general wireless networking threats, such as denial of service attacks, eavesdropping, man-in-the-middle attacks, are done. Performance of the algorithms is evaluated message modification, and resource misappropriation. They based on the data throughput, frequency and security are also threatened by more specific Bluetooth-related attacks that target known vulnerabilities in Bluetooth level. The results show that the modified SAFER plus implementations and specifications. Attacks against algorithm has enhanced security compared to the existing improperly secured Bluetooth implementations can provide attackers with unauthorized access to sensitive information algorithms. and unauthorized usage of Bluetooth devices and other Key words : Secure And Fast Encryption Routine, Triple Data systems or networks to which the devices are connected.
    [Show full text]
  • Chapter 2 the Data Encryption Standard (DES)
    Chapter 2 The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmet- ric or secret key cryptography and asymmetric or public key cryptography. Symmet- ric key cryptography is the oldest type whereas asymmetric cryptography is only being used publicly since the late 1970’s1. Asymmetric cryptography was a major milestone in the search for a perfect encryption scheme. Secret key cryptography goes back to at least Egyptian times and is of concern here. It involves the use of only one key which is used for both encryption and decryption (hence the use of the term symmetric). Figure 2.1 depicts this idea. It is necessary for security purposes that the secret key never be revealed. Secret Key (K) Secret Key (K) ? ? - - - - Plaintext (P ) E{P,K} Ciphertext (C) D{C,K} Plaintext (P ) Figure 2.1: Secret key encryption. To accomplish encryption, most secret key algorithms use two main techniques known as substitution and permutation. Substitution is simply a mapping of one value to another whereas permutation is a reordering of the bit positions for each of the inputs. These techniques are used a number of times in iterations called rounds. Generally, the more rounds there are, the more secure the algorithm. A non-linearity is also introduced into the encryption so that decryption will be computationally infeasible2 without the secret key. This is achieved with the use of S-boxes which are basically non-linear substitution tables where either the output is smaller than the input or vice versa. 1It is claimed by some that government agencies knew about asymmetric cryptography before this.
    [Show full text]
  • The Aes Project Any Lessons For
    THE AES PROJECT: Any Lessons for NC3? THOMAS A. BERSON, ANAGRAM LABORATORIES Technology for Global Security | June 23, 2020 THE AES PROJECT: ANY LESSONS FOR NC3? THOMAS A. BERSON JUNE 23, 2020 I. INTRODUCTION In this report, Tom Berson details how lessons from the Advanced Encryption Standard Competition can aid the development of international NC3 components and even be mirrored in the creation of a CATALINK1 community. Tom Berson is a cryptologist and founder of Anagram Laboratories. Contact: [email protected] This paper was prepared for the Antidotes for Emerging NC3 Technical Vulnerabilities, A Scenarios-Based Workshop held October 21-22, 2019 and convened by The Nautilus Institute for Security and Sustainability, Technology for Global Security, The Stanley Center for Peace and Security, and hosted by The Center for International Security and Cooperation (CISAC) Stanford University. A podcast with Tom Berson and Philip Reiner can be found here. It is published simultaneously here by Technology for Global Security and here by Nautilus Institute and is published under a 4.0 International Creative Commons License the terms of which are found here. Acknowledgments: The workshop was funded by the John D. and Catherine T. MacArthur Foundation. Maureen Jerrett provided copy editing services. Banner image is by Lauren Hostetter of Heyhoss Design II. TECH4GS SPECIAL REPORT BY TOM BERSON THE AES PROJECT: ANY LESSONS FOR NC3? JUNE 23, 2020 1. THE AES PROJECT From 1997 through 2001, the National Institute for Standards and Technology (US) (NIST) ran an open, transparent, international competition to design and select a standard block cipher called the Advanced Encryption Standard (AES)2.
    [Show full text]