sign in sign up
<<
Home , Feistel cipher

BLOCK PRINCIPLES

STREAM CIPHER

• Encrypts a digital data stream 1-bit or 1-byte at a time.

BLOCK CIPHER

• Encrypts a block of to produce a block of equal length. • A typical block size is 64-bits. • The vast majority of network-based conventional cryptographic applications make use of block .

EXAMPLE

Consider 2-bit block

0 1 2 3

0 1 2 3

00 ! 11; 01 ! 10; 10 ! 11; 11 ! 01

BLOCK CIPHER THEORY

• It operates on a plaintext block of n-bits and produces a ciphertext block of n-bits. • There are 2n possible different plaintext blocks. • Each plaintext block must produce a unique ciphertext in order to be reversible.

EXAMPLE

• 4-bit blocks, n = 4. o 24, which is 16 plaintext blocks. o Therefore 16 ciphertext blocks • Fig. 3.4 o The 16 plaintext blocks are 0, 1, 2, 3, 4 …….., 14, 15. o They are (0000), (0001), (0010) …….(1111). • Table 3.1

PRACTICAL PROBLEM

• For small block size, example n = 4, the system is equivalent to a classical . • Vulnerable to a statistical analysis of plain text. • 24 = 16 unique mapping between plaintext and cipher text and make possible 4x16 = 64 mappings • For n = 64, 64x264 = 270 = 1021 mappings. • The mapping itself is the . • Therefore, arbitrary reversible substitution cipher for a large block size is not practical. • Having a very large keyspace increase security but produces different difficulty. • Therefore Feistel Cipher is proposed using diffusion and confusion functions.

Table 3.1 and Decryption Tables for Substition Cipher of Figure 3.4

Plaintext Ciphertext Ciphertext Plaintext 0000 1110 0000 1110 0001 0100 0001 0011 0010 1101 0010 0100 0011 0001 0011 1000 0100 0010 0100 0001 0101 1111 0101 1100 0110 1011 0110 1010 0111 1000 0111 1111 1000 0011 1000 0111 1001 1010 1001 1101 1010 0110 1010 1001 1011 1100 1011 0110 1100 0101 1100 1011 1101 1001 1101 0010 1110 0000 1110 0000 1111 0111 1111 0101

BLOCK CIPHER PRINCIPLES

DIFFUSION (PLAINTEXT ⇔ CIPHERTEXT)

The statistical structure of the plaintext is dissipated (degenerate) into long-range statistics of the ciphertext. This is achieved by each plaintext digit affect the value of many ciphertext digits. An example of diffusion: k = Yn ∑mn+i (mod26) where Yn is the ciphertext and the i=1 message (plaintext) m1, m2, m3, ……

In block cipher, diffusion can be achieved by repeatedly performing some permutation on the data followed by applying a function to that permutation.

CONFUSION (CIPHERTEXT ⇔ KEY)

It makes the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible.

FEISTEL ENCRYPTION

Explain Fig. 3.5.

Input: o Plaintext block of 2w-bits and a key K. o Divide the plaintext block into halves L0 and R0. o Two halves of the data pass through n (in general 16) rounds of processing. o The combine to produce ciphertext.

Plaintext (2w bits)

L0 w bits w bits R Round 1 0 K1 F

L R 1 • • 1 • • • • Round i Ki F

L R i • • i • • • • Round n Kn F

Ln Rn

Ln+1 Rn+1

Ciphertext (2w bits) Figure 3.5 Classical Feistel Network

Substitution: o It is performed on left half of the data. o It is performed using exclusive OR.

Round Function: o It is performed on the right half of the data. o It is parameterized by the round subkey Ki.

Permutation: o It is performed by the interchange of the two halves of the data.

PARAMETERS FOR FEISTEL CIPHER

Block size: o Larger block size mean greater security. o Reduces encryption and decryption speed. o Block size of 64-bits is a reasonable tradeoff.

: o Larger key size mean greater security. o Reduces encryption/decryption speed. o 64-bits widely considered adequate but 128-bit has become common size.

Number of rounds: o Single round offers inadequate security. o Multiple rounds offer increasing security. o A typical size is 16 rounds.

Subkey generation algorithm: o Greater complexity in this algorithm should lead to greater difficulty of .

Round function: o Greater complexity means greater resistance to cryptanalysis.

Fast software encryption/decryption:

Ease of analysis:

FEISTEL DECRYPTION

Explain Fig. 3.6.

Prove: o The same algorithm with a reversed key produces the correct plaintext from the ciphertext which was created by an algorithm and a key. o It means prove:

• LDn = RE16-n; RDn = LE16-n

Proof: by induction.

n = 1:

From encryption:

LE16 = RE15 RE16 = LE15 ⊕ F(RE15, K16)

From decryption:

LD1 = RD0 = LE16 = RE15 RD1 = LD0 ⊕ F(RD0, K16) = RE16 ⊕ F(RE15, K16)

= (LE15 ⊕ F(RE15, K16)) ⊕ F(RE15, K16) = LE15 ⊕ (F(RE15, K16) ⊕ F(RE15, K16)) = LE15 ⊕ 0 = LE15.

That is;

LD1 = RE15 RD1 = LE15

Therefore, hypothesis is true for n = 1.

Assume, it is true for n=i.

LDi = RE16-i RDi = LE16-i

Prove it is true for n=i+1:

From encryption:

LEi = REi-1 i=1 .. 16 REi = LEi-1 ⊕ F(REi-1, Ki) i=1 .. 16

From decryption:

LDi+1 = RDi = LE16-i from assumption = RE (16-i)-1 from encryption = RE16-(i+1)

RDi+1 = LDi ⊕ F(RDi, K16-i) = RE16-i ⊕ F(LE16-i, K16-i) from assumption = (LE(16-i-1) ⊕ F(RE16-i-1, K16-i)) ⊕ F(RE16-i-1, K16-i) from encryption = LE(16-i-1) = LE16-(i+1)

That is:

LDi+1 = RE16-(i+1) RDi+1 = LE16-(i+1)

Therefore by induction:

LDn = RE16-n; RDn = LE16-n

Therefore LD16 = RE0 and RD16 = LE0

After switching we get the original plaintext.

Output (plaintext)

Input (plaintext) RD16 = LE0 LD16 = RE0

LE0 K1 RE0 LD = RE RD = LE 16 0 16 0 F F

RE1 K LE1 2 RD15 = LE1 LD15 = RE1 K1

F F

LE RE 2 2 LD14 = RE2 RD14 = LE2 K2

LE14 K15 RE14 LD2 = RE14 RD2 = LE14

F F

RE K LE 15 16 15 RD1 = LE15 LD1 = RE15 K15

F F

LE16 RE16 LD0 = RE16 RD0 = LE16 K16

RE16 LE16

Input (ciphertext)

Output (ciphertext)

Figure 3.6 Feistel Encryption and Decryption