DOCSLIB.ORG

Computer Science 418 1 Product Ciphers Product Ciphers, Block Ciphers, DES

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Computer Science 418 1 Product Ciphers Product Ciphers, Block Ciphers, DES Outline Computer Science 418 1 Product Ciphers Product Ciphers, Block Ciphers, DES 2 Block Ciphers Mike Jacobson Department of Computer Science 3 The Data Encryption Standard University of Calgary History of DES Description of DES Week 4 Multiple DES Encryption Mike Jacobson (University of Calgary) Computer Science 418 Week 4 1 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 2 / 32 Product Ciphers Product Ciphers Product Ciphers Properties of Product Ciphers If different ciphers are used in a product cipher, ciphertexts of one cipher Shannon also introduced the idea of product ciphers (multiple encryption): need to have the correct format to be plaintexts for the next cipher to be applied. This is composition of encryption maps. Definition 1 (Product cipher) The product of two ciphers is the result of applying one cipher followed by Applying a product cipher potentially increases security. E.g. n-fold the other. encryption with one cipher and n keys potentially corresponds to a cipher that has n times longer keys. AKA superencipherment and various other names. Of course it also results in a loss of speed by a factor of n, but this might be worth it for added security. Mike Jacobson (University of Calgary) Computer Science 418 Week 4 3 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 4 / 32 Product Ciphers Product Ciphers Caveat Confusion and Diffusion Shannon suggested applying two simple ciphers with a fixed mixing transformation (transposition) in between to: Be careful with this reasoning! diffuse language redundancy into long term statistics, and to Note 1 confuse the cryptanalyst by making relation between redundancy of The product of two substitution ciphers is a substitution cipher. The the ciphertext C and the description of the key K very complex. product of two transposition ciphers is a transposition cipher. Definition 2 (Confusion) Make the relationship between the key and ciphertext as complex as Such ciphers are closed under encryption, so multiple encryption under possible (accomplished by applying substitutions or S-boxes). different keys provides no extra security: Definition 3 (Diffusion) E.g. double encryption C = EK1 (EK2 (M)) = EK3 (M) for a third key K3 Dissipate the statistical properties of the plaintext across the ciphertext (accomplished by applying applying transpositions or P-boxes). Mike Jacobson (University of Calgary) Computer Science 418 Week 4 5 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 6 / 32 Product Ciphers Product Ciphers Examples of Product Ciphers Lucifer: P-boxes and S-boxes Since Lucifer was set up in hardware, they called the chips which did the • ADFGX/ADFGVX Ciphers (employed by the Germans in WW I). permutation \P-boxes" and those that did the substitution \S-boxes." • Hayhanen Cipher | Hayanan was a Russian spy caught in New York in the 1950's. The FBI couldn't break it! P−box S−box 1 0 n n 0 0 2 =8 2 =8 Example 4 0 0 0 0 n=3 0 0 n=3 0 0 1 1 IBM's Lucifer system, uses permutations (transpositions) on large blocks 0 1 0 0 2 2 for the mixing transformation, and substitution on small blocks for 0 0 3 3 0 LOW BASE 1 HIGH BASE − confusion. 0 1 − 4 4 TO TO − 0 0 − 5 5 1 1 0 0 6 6 TRANSFORMER LOW HIGH TRANSFORMER Feistel originally wanted to call the product cipher \Dataseal". IBM 0 0 7 7 instead shortened the term demonstration cipher to \Demon." Later, it 0 0 0 0 was changed to Lucifer, because it retained the \evil atmosphere" of 0 0 Demon, and contained the word cipher. 0 0 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 7 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 8 / 32 Product Ciphers Product Ciphers Lucifer: Complete Cipher Error Propagation The Lucifer system simply consisted of a number of P and S boxes in alternation. Lucifer demonstrates graphically not only the difffusion properties of PPPPPP Lucifer, but also the idea of error propagation. 1 1 0 S S S S S 1 0 0 Definition 5 (Error Propagation) 0 1 0 S S S S S 1 The degree to which a change in the input leads to changes in the output. 0 1 0 0 0 S S S S S 1 0 1 Good error propagation is a desirable property of a cryptosystem (a user 0 0 can easily tell if a message has been modified). 0 S S S S S 1 0 1 Not good for decryption though (one error in the process should still 0 1 mostly decrypt correctly). 0 S S S S S 0 0 1 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 9 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 10 / 32 Product Ciphers Block Ciphers Error Propagation in Lucifer Block Ciphers All modern ciphers in use are block ciphers (although not necessarily used as such | we'll talk about modes of operation of block ciphers later). Example 6 Lucifer has good diffusion and error propagation. The thicker lines in the graphic indicate `1' bits. The `1' input bit dissipates over the entire Definition 7 (Block cipher) ciphertext. Encrypts plaintext blocks of some fixed length to ciphertext blocks of some fixed (possibly different) length. Aso, if the first `1' bit is changed to a `0', then half the bits in the output are affected. Usually, a message M will be larger than the plaintext block length, and must hence be divided into a series of sequential message blocks Note: All modern symmetric key ciphers in use are product ciphers. M1; M2;:::; Mn of the desired length. A block cipher operates on these blocks one at a time. Mike Jacobson (University of Calgary) Computer Science 418 Week 4 11 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 12 / 32 Block Ciphers The Data Encryption Standard History of DES Examples of Block Ciphers NIST Publications • NIST: National Institute of Standards and Technology (formerly Example 8 National Bureau of Standards (NBS)) The shift cipher is a block cipher where the blocks consists of one • FIPS: Federal Information Processing Register character (i.e. 8 bits on 32-bit architecture, 16 bits on 64-bit architecture). Everything about NIST's cryptographic standards, recommendations, and guidance can be found at the NIST Cryptographic Toolkit website Two main block ciphers in use today: http://csrc.nist.gov/CryptoToolkit. 1 DES (obsolete, so now used in triple encipherment as 3DES) Extremely useful website for the practicing cryptographer. 2 AES There is a link on the \external links" page on the course website. Mike Jacobson (University of Calgary) Computer Science 418 Week 4 13 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 14 / 32 The Data Encryption Standard History of DES The Data Encryption Standard History of DES DES Documents History of DES • DES was developed by IBM around 1972. • NBS made solicitations to IBM in 1973/1974 concerning the use of this as a public standard, in response to corporate needs for securing • Original DES publication: FIPS 46 (January 15, 1977) information. • Second DES publication: FIPS 46-2 (December 30, 1993) • IBM and the National Security Agency (NSA) secretly evaluated DES for security. • Current DES publication: FIPS 46-3 (October 25, 1999) • DES was approved in 1978, and it is still in use, although no longer endorsed. • The Advanced Encryption Standard (AES), approved in October 2000, has now replaced it. Mike Jacobson (University of Calgary) Computer Science 418 Week 4 15 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 16 / 32 The Data Encryption Standard Description of DES The Data Encryption Standard Description of DES Specifications Overview −1 DESkey (M) = IP (S16(S15(::: (S2(S1(IP(M)))) ::: ))) • DES is a block cipher that encrypts 64-bit plaintext blocks to 64-bit 1 The 64 plaintext bits are permuted in a fixed order (transposition ciphertext blocks using using 64-bit keys. cipher). 2 The block is divided into two 32-bit words L and R : • Note that 8 of the key bits are parity bits, resulting in 56 actual bits of 0 0 the key. 3 The block undergoes 16 substitution \rounds." In each round, one word is transformed using XOR and a substitution function, after • So M = C = f0; 1g64 and K = f0; 1; g56. which the two words are swapped. 4 In the last round, the two words are not swapped. 5 The original permutation is reversed. Mike Jacobson (University of Calgary) Computer Science 418 Week 4 17 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 18 / 32 The Data Encryption Standard Description of DES The Data Encryption Standard Description of DES Diagram of DES Initial Permutation IP INPUT INITIAL PERMUTATION L0 R 0 K 1 + f L10 = R R 10 = L + f(R01 , K ) See FIPS publication for precise specification. K 2 + f Notation: first bit of the output is the 58th bit of the input. L21 = R R 21 = L + f(R12 , K ) K n + f L15 = R 14 R 15 = L 14 + f(R 14 , K 15 ) K 16 + f R 16 = L 15 + f(R15 , K 16 ) L16 = R 15 INVERSE INITIAL PERMUTATION OUTPUT Mike Jacobson (University of Calgary) Computer Science 418 Week 4 19 / 32 Mike Jacobson (University of Calgary) Computer Science 418 Week 4 20 / 32 The Data Encryption Standard Description of DES The Data Encryption Standard Description of DES Substitution Rounds The Function f f accepts as input Ri (32 bits) and the ith round subkey Ki (48 bits).
Load more

Recommended publications
  • CS 105 Review Questions #2 in Addition to These Questions
    1 CS 105 Review Questions #2 In addition to these questions, remember to look over your labs, homework assignments, readings in the book and your notes. 1. Explain how writing functions inside a Python program can potentially make the program more concise (i.e. take up fewer total lines of code). 2. The following Python statement may cause a ZeroDivisionError. Rewrite the code so that the program will not automatically halt if this error occurs. c = a / b 3. Indicate whether each statement is true or false. a. In ASCII code, the values corresponding to letters in the alphabet are consecutive. b. ASCII code uses the same values for lowercase letters as it does for capital letters. c. In ASCII code, non-printing, invisible characters all have value 0 4. Properties of ASCII representation: a. Each character is stored as how much information? b. If the ASCII code for ‘A’ is 65, then the ASCII code for ‘M’ should be ______. c. Suppose that the hexadecimal ASCII code for the lowercase letter ‘a’ is 0x61. Which lowercase letter would have the hexadecimal ASCII code 0x71 ? d. If we represent the sentence “The cat slept.” in ASCII code (not including the quotation marks), how many bytes does this require? e. How does Unicode differ from ASCII? 5. Estimate the size of the following file. It contains a 500-page book, where a typical page has 2000 characters of ASCII text and one indexed-color image measuring 200x300 pixels. “Indexed color” means that each pixel of an image takes up one byte.
    [Show full text]
  • Chapter 3 – Block Ciphers and the Data Encryption Standard
    Chapter 3 –Block Ciphers and the Data Cryptography and Network Encryption Standard Security All the afternoon Mungo had been working on Stern's Chapter 3 code, principally with the aid of the latest messages which he had copied down at the Nevin Square drop. Stern was very confident. He must be well aware London Central knew about that drop. It was obvious Fifth Edition that they didn't care how often Mungo read their messages, so confident were they in the by William Stallings impenetrability of the code. —Talking to Strange Men, Ruth Rendell Lecture slides by Lawrie Brown Modern Block Ciphers Block vs Stream Ciphers now look at modern block ciphers • block ciphers process messages in blocks, each one of the most widely used types of of which is then en/decrypted cryptographic algorithms • like a substitution on very big characters provide secrecy /hii/authentication services – 64‐bits or more focus on DES (Data Encryption Standard) • stream ciphers process messages a bit or byte at a time when en/decrypting to illustrate block cipher design principles • many current ciphers are block ciphers – better analysed – broader range of applications Block vs Stream Ciphers Block Cipher Principles • most symmetric block ciphers are based on a Feistel Cipher Structure • needed since must be able to decrypt ciphertext to recover messages efficiently • bloc k cihiphers lklook like an extremely large substitution • would need table of 264 entries for a 64‐bit block • instead create from smaller building blocks • using idea of a product cipher 1 Claude
    [Show full text]
  • Feistel Like Construction of Involutory Binary Matrices with High Branch Number
    Feistel Like Construction of Involutory Binary Matrices With High Branch Number Adnan Baysal1,2, Mustafa C¸oban3, and Mehmet Ozen¨ 3 1TUB¨ ITAK_ - BILGEM,_ PK 74, 41470, Gebze, Kocaeli, Turkey, [email protected] 2Kocaeli University, Department of Computer Engineering, Faculty of Engineering, Institute of Science, 41380, Umuttepe, Kocaeli, Turkey 3Sakarya University, Faculty of Arts and Sciences, Department of Mathematics, Sakarya, Turkey, [email protected], [email protected] August 4, 2016 Abstract In this paper, we propose a generic method to construct involutory binary matrices from a three round Feistel scheme with a linear round function. We prove bounds on the maximum achievable branch number (BN) and the number of fixed points of our construction. We also define two families of efficiently implementable round functions to be used in our method. The usage of these families in the proposed method produces matrices achieving the proven bounds on branch numbers and fixed points. Moreover, we show that BN of the transpose matrix is the same with the original matrix for the function families we defined. Some of the generated matrices are Maximum Distance Binary Linear (MDBL), i.e. matrices with the highest achievable BN. The number of fixed points of the generated matrices are close to the expected value for a random involution. Generated matrices are especially suitable for utilising in bitslice block ciphers and hash functions. They can be implemented efficiently in many platforms, from low cost CPUs to dedicated hardware. Keywords: Diffusion layer, bitslice cipher, hash function, involution, MDBL matrices, Fixed points. 1 Introduction Modern block ciphers and hash functions use two basic layers iteratively to provide security: confusion and diffusion.
    [Show full text]
  • COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Cryptography Is Everywhere a Long & Rich History
    COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Cryptography Is Everywhere A Long & Rich History Examples: • ~50 B.C. – Caesar Cipher • 1587 – Babington Plot • WWI – Zimmermann Telegram • WWII – Enigma • 1976/77 – Public Key Cryptography • 1990’s – Widespread adoption on the Internet Increasingly Important COS 433 Practice Theory Inherent to the study of crypto • Working knowledge of fundamentals is crucial • Cannot discern security by experimentation • Proofs, reductions, probability are necessary COS 433 What you should expect to learn: • Foundations and principles of modern cryptography • Core building blocks • Applications Bonus: • Debunking some Hollywood crypto • Better understanding of crypto news COS 433 What you will not learn: • Hacking • Crypto implementations • How to design secure systems • Viruses, worms, buffer overflows, etc Administrivia Course Information Instructor: Mark Zhandry (mzhandry@p) TA: Fermi Ma (fermima1@g) Lectures: MW 1:30-2:50pm Webpage: cs.princeton.edu/~mzhandry/2017-Spring-COS433/ Office Hours: please fill out Doodle poll Piazza piaZZa.com/princeton/spring2017/cos433mat473_s2017 Main channel of communication • Course announcements • Discuss homework problems with other students • Find study groups • Ask content questions to instructors, other students Prerequisites • Ability to read and write mathematical proofs • Familiarity with algorithms, analyZing running time, proving correctness, O notation • Basic probability (random variables, expectation) Helpful: • Familiarity with NP-Completeness, reductions • Basic number theory (modular arithmetic, etc) Reading No required text Computer Science/Mathematics Chapman & Hall/CRC If you want a text to follow along with: Second CRYPTOGRAPHY AND NETWORK SECURITY Cryptography is ubiquitous and plays a key role in ensuring data secrecy and Edition integrity as well as in securing computer systems more broadly.
    [Show full text]
  • Block Ciphers
    Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher KE KD untrusted communication link Alice E D Bob #%AR3Xf34^$ “Attack at Dawn!!” message encryption (ciphertext) decryption “Attack at Dawn!!” Encryption key is the same as the decryption key (KE = K D) CR 2 Block Cipher : Encryption Key Length Secret Key Plaintext Ciphertext Block Cipher (Encryption) Block Length • A block cipher encryption algorithm encrypts n bits of plaintext at a time • May need to pad the plaintext if necessary • y = ek(x) CR 3 Block Cipher : Decryption Key Length Secret Key Ciphertext Plaintext Block Cipher (Decryption) Block Length • A block cipher decryption algorithm recovers the plaintext from the ciphertext. • x = dk(y) CR 4 Inside the Block Cipher PlaintextBlock (an iterative cipher) Key Whitening Round 1 key1 Round 2 key2 Round 3 key3 Round n keyn Ciphertext Block • Each round has the same endomorphic cryptosystem, which takes a key and produces an intermediate ouput • Size of the key is huge… much larger than the block size. CR 5 Inside the Block Cipher (the key schedule) PlaintextBlock Secret Key Key Whitening Round 1 Round Key 1 Round 2 Round Key 2 Round 3 Round Key 3 Key Expansion Expansion Key Key Round n Round Key n Ciphertext Block • A single secret key of fixed size used to generate ‘round keys’ for each round CR 6 Inside the Round Function Round Input • Add Round key : Add Round Key Mixing operation between the round input and the round key. typically, an ex-or operation Confusion Layer • Confusion layer : Makes the relationship between round Diffusion Layer input and output complex.
    [Show full text]
  • Battle Management Language: History, Employment and NATO Technical Activities
    Battle Management Language: History, Employment and NATO Technical Activities Mr. Kevin Galvin Quintec Mountbatten House, Basing View, Basingstoke Hampshire, RG21 4HJ UNITED KINGDOM [email protected] ABSTRACT This paper is one of a coordinated set prepared for a NATO Modelling and Simulation Group Lecture Series in Command and Control – Simulation Interoperability (C2SIM). This paper provides an introduction to the concept and historical use and employment of Battle Management Language as they have developed, and the technical activities that were started to achieve interoperability between digitised command and control and simulation systems. 1.0 INTRODUCTION This paper provides a background to the historical employment and implementation of Battle Management Languages (BML) and the challenges that face the military forces today as they deploy digitised C2 systems and have increasingly used simulation tools to both stimulate the training of commanders and their staffs at all echelons of command. The specific areas covered within this section include the following: • The current problem space. • Historical background to the development and employment of Battle Management Languages (BML) as technology evolved to communicate within military organisations. • The challenges that NATO and nations face in C2SIM interoperation. • Strategy and Policy Statements on interoperability between C2 and simulation systems. • NATO technical activities that have been instigated to examine C2Sim interoperation. 2.0 CURRENT PROBLEM SPACE “Linking sensors, decision makers and weapon systems so that information can be translated into synchronised and overwhelming military effect at optimum tempo” (Lt Gen Sir Robert Fulton, Deputy Chief of Defence Staff, 29th May 2002) Although General Fulton made that statement in 2002 at a time when the concept of network enabled operations was being formulated by the UK and within other nations, the requirement remains extant.
    [Show full text]
  • Chapter 3 – Block Ciphers and the Data Encryption Standard
    Symmetric Cryptography Chapter 6 Block vs Stream Ciphers • Block ciphers process messages into blocks, each of which is then en/decrypted – Like a substitution on very big characters • 64-bits or more • Stream ciphers process messages a bit or byte at a time when en/decrypting – Many current ciphers are block ciphers • Better analyzed. • Broader range of applications. Block vs Stream Ciphers Block Cipher Principles • Block ciphers look like an extremely large substitution • Would need table of 264 entries for a 64-bit block • Arbitrary reversible substitution cipher for a large block size is not practical – 64-bit general substitution block cipher, key size 264! • Most symmetric block ciphers are based on a Feistel Cipher Structure • Needed since must be able to decrypt ciphertext to recover messages efficiently Ideal Block Cipher Substitution-Permutation Ciphers • in 1949 Shannon introduced idea of substitution- permutation (S-P) networks – modern substitution-transposition product cipher • These form the basis of modern block ciphers • S-P networks are based on the two primitive cryptographic operations we have seen before: – substitution (S-box) – permutation (P-box) (transposition) • Provide confusion and diffusion of message Diffusion and Confusion • Introduced by Claude Shannon to thwart cryptanalysis based on statistical analysis – Assume the attacker has some knowledge of the statistical characteristics of the plaintext • Cipher needs to completely obscure statistical properties of original message • A one-time pad does this Diffusion
    [Show full text]
  • Cryptography: Decoding Student Learning
    ABSTRACT PATTERSON, BLAIN ANTHONY. Cryptography: Decoding Student Learning. (Under the direction of Karen Keene.) Cryptography is a content field of mathematics and computer science, developed to keep information safe both when being sent between parties and stored. In addition to this, cryptography can also be used as a powerful teaching tool, as it puts mathematics in a dramatic and realistic setting. It also allows for a natural way to introduce topics such as modular arithmetic, matrix operations, and elementary group theory. This thesis reports the results of an analysis of students' thinking and understanding of cryptog- raphy using both the SOLO taxonomy and open coding as they participated in task based interviews. Students interviewed were assessed on how they made connections to various areas of mathematics through solving cryptography problems. Analyzing these interviews showed that students have a strong foundation in number theoretic concepts such as divisibility and modular arithmetic. Also, students were able to use probabil- ity intuitively to make sense of and solve problems. Finally, participants' SOLO levels ranged from Uni-structural to Extended Abstract, with Multi-Structural level being the most common (three participants). This gives evidence to suggest that students should be given the opportunity to make mathematical connections early and often in their academic careers. Results indicate that although cryptography should not be a required course by mathematics majors, concepts from this field could be introduced
    [Show full text]
  • Lecture Four
    Lecture Four Today’s Topics . Historic Symmetric ciphers . Modern symmetric ciphers . DES, AES . Asymmetric ciphers . RSA . Next class: Protocols Example Ciphers . Shift cipher: each plaintext characters is replaced by a character k to the right. (When k=3, it’s a Caesar cipher). “Watch out for Brutus!” => “Jngpu bhg sbe Oehghf!” . Only 25 choices! Not hard to break by brute force. Substitution Cipher: each character in plaintext is replaced by a corresponding character of ciphertext. E.g., cryptograms in newspapers. plaintext code: a b c d e f g h i f k l m n o p q r s t u v w x y z ciphertext code: m n b v c x z a s d f g h j k l p o i u y t r e w q . 26! Possible pairs. Is is really that hard to break? Substitution ciphers . The Caesar cipher has a small key space, but doesn’t create a statistical independence between the plaintext and the ciphertext. The best ciphers allow no statistical attacks, thereby forcing a brute force, exhaustive search; all the security lies with the key space. As cryptographic algorithms matured, the statistical independence between the plaintext and cipher text increased. Ciphers . The caesar cipher, hill cipher, and playfair cipher all work with a single alphabet for doing substitutions . They are monoalphabetic substitutions. A more complex (and more robust) alternative is to use different substitution mappings on various portions of the plaintext. Polyalphabetic substitutions. More ciphers . Vigenère cipher: each character of plaintext is encrypted with a different a cipher key.
    [Show full text]
  • A Tutorial on the Implementation of Block Ciphers: Software and Hardware Applications
    A Tutorial on the Implementation of Block Ciphers: Software and Hardware Applications Howard M. Heys Memorial University of Newfoundland, St. John's, Canada email: [email protected] Dec. 10, 2020 2 Abstract In this article, we discuss basic strategies that can be used to implement block ciphers in both software and hardware environments. As models for discussion, we use substitution- permutation networks which form the basis for many practical block cipher structures. For software implementation, we discuss approaches such as table lookups and bit-slicing, while for hardware implementation, we examine a broad range of architectures from high speed structures like pipelining, to compact structures based on serialization. To illustrate different implementation concepts, we present example data associated with specific methods and discuss sample designs that can be employed to realize different implementation strategies. We expect that the article will be of particular interest to researchers, scientists, and engineers that are new to the field of cryptographic implementation. 3 4 Terminology and Notation Abbreviation Definition SPN substitution-permutation network IoT Internet of Things AES Advanced Encryption Standard ECB electronic codebook mode CBC cipher block chaining mode CTR counter mode CMOS complementary metal-oxide semiconductor ASIC application-specific integrated circuit FPGA field-programmable gate array Table 1: Abbreviations Used in Article 5 6 Variable Definition B plaintext/ciphertext block size (also, size of cipher state) κ number
    [Show full text]
  • Symmetric Key Ciphers Objectives
    Symmetric Key Ciphers Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives • Definition of Symmetric Types of Symmetric Key ciphers – Modern Block Ciphers • Full Size and Partial Size Key Ciphers • Components of a Modern Block Cipher – PBox (Permutation Box) – SBox (Substitution Box) –Swap – Properties of the Exclusive OR operation • Diffusion and Confusion • Types of Block Ciphers: Feistel and non-Feistel ciphers D. Mukhopadhyay Crypto & Network Security IIT Kharagpur 1 Symmetric Key Setting Communication Message Channel Message E D Ka Kb Bob Alice Assumptions Eve Ka is the encryption key, Kb is the decryption key. For symmetric key ciphers, Ka=Kb - Only Alice and Bob knows Ka (or Kb) - Eve has access to E, D and the Communication Channel but does not know the key Ka (or Kb) Types of symmetric key ciphers • Block Ciphers: Symmetric key ciphers, where a block of data is encrypted • Stream Ciphers: Symmetric key ciphers, where block size=1 D. Mukhopadhyay Crypto & Network Security IIT Kharagpur 2 Block Ciphers Block Cipher • A symmetric key modern cipher encrypts an n bit block of plaintext or decrypts an n bit block of ciphertext. •Padding: – If the message has fewer than n bits, padding must be done to make it n bits. – If the message size is not a multiple of n, then it should be divided into n bit blocks and the last block should be padded. D. Mukhopadhyay Crypto & Network Security IIT Kharagpur 3 Full Size Key Ciphers • Transposition Ciphers: – Involves rearrangement of bits, without changing value. – Consider an n bit cipher – How many such rearrangements are possible? •n! – How many key bits are necessary? • ceil[log2 (n!)] Full Size Key Ciphers • Substitution Ciphers: – It does not transpose bits, but substitutes values – Can we model this as a permutation? – Yes.
    [Show full text]
  • Confusion and Diffusion
    Confusion and Diffusion Ref: William Stallings, Cryptography and Network Security, 3rd Edition, Prentice Hall, 2003 Confusion and Diffusion 1 Statistics and Plaintext • Suppose the frequency distribution of plaintext in a human-readable message in some language is known. • Or suppose there are known words or phrases that are used in the plaintext message. • A cryptanalysist can use this information to break a cryptographic algorithm. Confusion and Diffusion 2 Changing Statistics • Claude Shannon suggested that to complicate statistical attacks, the cryptographer could dissipate the statistical structure of the plaintext in the long range statistics of the ciphertext. • Shannon called this process diffusion . Confusion and Diffusion 3 Changing Statistics (p.2) • Diffusion can be accomplished by having many plaintext characters affect each ciphertext character. • An example of diffusion is the encryption of a message M=m 1,m 2,... using a an averaging: y n= ∑i=1,k mn+i (mod26). Confusion and Diffusion 4 Changing Statistics (p.3) • In binary block ciphers, such as the Data Encryption Standard (DES), diffusion can be accomplished using permutations on data, and then applying a function to the permutation to produce ciphertext. Confusion and Diffusion 5 Complex Use of a Key • Diffusion complicates the statistics of the ciphertext, and makes it difficult to discover the key of the encryption process. • The process of confusion , makes the use of the key so complex, that even when an attacker knows the statistics, it is still difficult to deduce the key. Confusion and Diffusion 6 Complex Use of a Key(p.2) • Confusion can be accomplished by using a complex substitution algorithm.
    [Show full text]