block ciphers and des
play

Block Ciphers and DES S-DES DES Details DES Design Other Ciphers - PowerPoint PPT Presentation

Oct 01, 2023 •274 likes •788 views

CSS441 Block Ciphers Principles DES Block Ciphers and DES S-DES DES Details DES Design Other Ciphers CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20

  1. CSS441 Block Ciphers Principles DES Block Ciphers and DES S-DES DES Details DES Design Other Ciphers CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l03, Steve/Courses/2015/s2/css441/lectures/block-ciphers-and-des.tex, r4295 1/50

  2. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 2/50

  3. CSS441 Stream Ciphers Block Ciphers ◮ Encrypts a digital data stream one bit or one byte at a Principles time DES ◮ One time pad is example; but practical limitations S-DES ◮ Typical approach for stream cipher: DES Details ◮ Key ( K ) used as input to bit-stream generator algorithm DES Design ◮ Algorithm generates cryptographic bit stream ( k i ) used Other Ciphers to encrypt plaintext ◮ Users share a key; use it to generate keystream 3/50

  4. CSS441 Block Ciphers Block Ciphers ◮ Encrypt a block of plaintext as a whole to produce Principles same sized ciphertext DES ◮ Typical block sizes are 64 or 128 bits S-DES ◮ Modes of operation used to apply block ciphers to DES Details DES Design larger plaintexts Other Ciphers 4/50

  5. CSS441 Reversible and Irreversible Mappings Block Ciphers ◮ n -bit block cipher takes n bit plaintext and produces n Principles bit ciphertext DES ◮ 2 n possible different plaintext blocks S-DES ◮ Encryption must be reversible (decryption possible) DES Details DES Design ◮ Each plaintext block must produce unique ciphertext Other Ciphers block ◮ Total transformations is 2 n ! Reversible Mapping Irreversible Mapping Plaintext Ciphertext Plaintext Ciphertext 00 11 00 11 01 10 01 10 10 00 10 01 11 01 11 01 5/50

  6. CSS441 Ideal Block Cipher Block Ciphers ◮ n -bit input maps to 2 n possible input states Principles ◮ Substitution used to produce 2 n output states DES ◮ Output states map to n -bit output S-DES DES Details ◮ Ideal block cipher allows maximum number of possible DES Design encryption mappings from plaintext block Other Ciphers ◮ Problems with ideal block cipher: ◮ Small block size: equivalent to classical substitution cipher; cryptanalysis based on statistical characteristics feasible ◮ Large block size: key must be very large; performance/implementation problems 6/50

  7. CSS441 General Block Substitution Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 7/50

  8. CSS441 Encryption/Decryption Tables Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 8/50

  9. CSS441 Feistel Structure for Block Ciphers Block Ciphers ◮ Feistel proposed applying two or more simple ciphers in Principles sequence so final result is cryptographically stronger DES than component ciphers S-DES ◮ n -bit block length; k -bit key length; 2 k transformations DES Details ◮ Feistel cipher alternates: substitutions, transpositions DES Design Other Ciphers (permutations) ◮ Applies concepts of diffusion and confusion ◮ Applied in many ciphers today ◮ Approach: ◮ Plaintext split into halves ◮ Subkeys (or round keys) generated from key ◮ Round function, F , applied to right half ◮ Apply substitution on left half using XOR ◮ Apply permutation: interchange to halves 9/50

  10. CSS441 Diffusion and Confusion Block Ciphers Diffusion Principles DES ◮ Statistical nature of plaintext is reduced in ciphertext S-DES ◮ E.g. A plaintext letter affects the value of many DES Details ciphertext letters DES Design ◮ How: repeatedly apply permutation (transposition) to Other Ciphers data, and then apply function Confusion ◮ Make relationship between ciphertext and key as complex as possible ◮ Even if attacker can find some statistical characteristics of ciphertext, still hard to find key ◮ How: apply complex (non-linear) substitution algorithm 10/50

  11. CSS441 Feistel Encryption and Decryption Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 11/50

  12. CSS441 Using the Feistel Structure Block Ciphers ◮ Exact implementation depends on various design Principles features DES ◮ Block size, e.g. 64, 128 bits: larger values leads to more S-DES diffusion DES Details ◮ Key size, e.g. 128 bits: larger values leads to more DES Design confusion, resistance against brute force Other Ciphers ◮ Number of rounds, e.g. 16 rounds ◮ Subkey generation algorithm: should be complex ◮ Round function F : should be complex ◮ Other factors include fast encryption in software and ease of analysis ◮ Trade-off: security vs performance 12/50

  13. CSS441 Feistel Example Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 13/50

  14. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 14/50

  15. CSS441 Data Encryption Standard Block Ciphers ◮ Symmetric block cipher Principles ◮ 56-bit key, 64-bit input block, 64-bit output block DES ◮ One of most used encryption systems in world S-DES ◮ Developed in 1977 by NBS/NIST DES Details ◮ Designed by IBM (Lucifer) with input from NSA DES Design ◮ Principles used in other ciphers, e.g. 3DES, IDEA Other Ciphers ◮ Simplified DES (S-DES) ◮ Cipher using principles of DES ◮ Developed for education (not real world use) 15/50

  16. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 16/50

  17. CSS441 Simplified DES Block Ciphers ◮ Input (plaintext) block: 8-bits Principles ◮ Output (ciphertext) block: 8-bits DES ◮ Key: 10-bits S-DES DES Details ◮ Rounds: 2 DES Design ◮ Round keys generated using permutations and left shifts Other Ciphers ◮ Encryption: initial permutation, round function, switch halves ◮ Decryption: Same as encryption, except round keys used in opposite order 17/50

  18. CSS441 S-DES Algorithm Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 18/50

  19. CSS441 S-DES Operations Block Ciphers ◮ P10 (permutate) Principles Input : 1 2 3 4 5 6 7 8 9 10 DES Output: 3 5 2 7 4 10 1 9 8 6 S-DES DES Details ◮ P8 (select and permutate) DES Design Input : 1 2 3 4 5 6 7 8 9 10 Other Ciphers Output: 6 3 7 4 8 5 10 9 ◮ P4 (permutate) Input : 1 2 3 4 Output: 2 4 3 1 19/50

  20. CSS441 S-DES Operations Block Ciphers ◮ EP (expand and permutate) Principles Input : 1 2 3 4 DES Output: 4 1 2 3 2 3 4 1 S-DES DES Details ◮ IP (initial permutation) DES Design Input : 1 2 3 4 5 6 7 8 Other Ciphers Output: 2 6 3 1 4 8 5 7 ◮ IP − 1 (inverse of IP) ◮ LS-1 (left shift 1 position) ◮ LS-2 (left shift 2 positions) 20/50

  21. CSS441 S-DES Key Generation Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 21/50

  22. CSS441 S-DES Encryption Details Block Ciphers Principles DES S-DES DES Details DES Design Other Ciphers 22/50

  23. CSS441 S-DES S-Boxes Block Ciphers ◮ S-DES (and DES) perform substitutions using S-Boxes Principles ◮ S-Box considered as a matrix: input used to select DES row/column; selected element is output S-DES ◮ 4-bit input: bit 1 , bit 2 , bit 3 , bit 4 DES Details DES Design ◮ bit 1 bit 4 specifies row (0, 1, 2 or 3 in decimal) Other Ciphers ◮ bit 2 bit 3 specifies column ◮ 2-bit output  01 00 11 10   00 01 10 11  11 10 01 00 10 00 01 11     S 0 = S 1 =     00 10 01 11 11 00 01 00     11 01 11 10 10 01 00 11 23/50

  24. CSS441 S-DES Example Block Ciphers ◮ Plaintext: 01110010 Principles ◮ Key: 1010000010 DES ◮ Ciphertext: 01110111 S-DES DES Details DES Design Other Ciphers 24/50

  25. CSS441 S-DES Summary Block Ciphers ◮ Educational encryption algorithm Principles ◮ S-DES expressed as functions: DES S-DES ciphertext = IP − 1 ( f K 2 ( SW ( f K 1 ( IP ( plaintext ))))) DES Details DES Design plaintext = IP − 1 ( f K 1 ( SW ( f K 2 ( IP ( ciphertext ))))) Other Ciphers ◮ Security of S-DES: ◮ 10-bit key, 1024 keys: brute force easy ◮ If know plaintext and corresponding ciphertext, can we determine key? Very hard 25/50

  26. CSS441 Comparing DES and S-DES Block Ciphers Principles S-DES DES DES ◮ 8-bit blocks S-DES ◮ 64-bit blocks DES Details ◮ 10-bit key: 2 x 8-bit ◮ 56-bit key: 16 x 48-bit DES Design round keys round keys Other Ciphers ◮ IP: 8-bits ◮ IP: 64 bits ◮ F operates on 4 bits ◮ F operates on 32 bits ◮ 2 S-Boxes ◮ 8 S-Boxes ◮ 2 rounds ◮ 16 rounds S-DES encryption: ciphertext = IP − 1 ( f K 2 ( SW ( f K 1 ( IP ( plaintext ))))) DES encryption: ciphertext = IP − 1 ( f K 16 ( SW ( f K 15 ( SW ( . . . ( f K 1 ( IP ( plaintext )))))))) 26/50

  27. CSS441 Contents Block Ciphers Principles Block Cipher Principles DES S-DES DES Details The Data Encryption Standard DES Design Other Ciphers Simplified-DES DES Details DES Design Issues and Attacks 3DES, AES and Other Block Ciphers 27/50

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2 . . . M N . Then, each block M i is encrypted to the

1.11k views • 63 slides
Players Will discuss how to distribute key to all parties later Symmetric ciphers unusable for

Players Will discuss how to distribute key to all parties later Symmetric ciphers unusable for

Organisation Organisation Overview Block Ciphers Overview Block Ciphers Historic Ciphers Security of Block ciphers Historic Ciphers Security of Block ciphers Symmetric Ciphers Symmetric Ciphers Assume encryption and decryption use the

425 views • 5 slides
One Time Pad, Block Ciphers, One Time Pad, Block Ciphers, Basic Ciphers Basic Ciphers

One Time Pad, Block Ciphers, One Time Pad, Block Ciphers, Basic Ciphers Basic Ciphers

One Time Pad, Block Ciphers, One Time Pad, Block Ciphers, Basic Ciphers Basic Ciphers Encryption Modes Encryption Modes Shift Cipher Brute%force attack can easily break Ahmet Burak Can Substitution Cipher Hacettepe University

191 views • 6 slides
Iterative Block Ciphers from Tweakable Block Ciphers with Long Tweaks Ryota Nakamichi and Tetsu

Iterative Block Ciphers from Tweakable Block Ciphers with Long Tweaks Ryota Nakamichi and Tetsu

Iterative Block Ciphers from Tweakable Block Ciphers with Long Tweaks Ryota Nakamichi and Tetsu Iwata Nagoya University, Japan FSE 2020 November 913, 2020, Virtual 1 / 19 Block Ciphers block cipher (BC) E : K { 0 , 1 } n { 0

530 views • 24 slides
Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length

Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length

Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2 . . . M N . Then, each block M i is encrypted to the ciphertext block C i = E K ( M i ), and the results are concatenated to the

334 views • 8 slides
Handout 2 Summary of this handout: Symmetric Ciphers Overview Block Ciphers Feistel Ciphers

Handout 2 Summary of this handout: Symmetric Ciphers Overview Block Ciphers Feistel Ciphers

06-20008 Cryptography The University of Birmingham Autumn Semester 2012 School of Computer Science Eike Ritter 2 October, 2012 Handout 2 Summary of this handout: Symmetric Ciphers Overview Block Ciphers Feistel Ciphers DES II.

588 views • 10 slides
B) Symmetric Ciphers B.a) Fundamentals B.b) Block Ciphers B.c) Stream Ciphers 2 B.a)

B) Symmetric Ciphers B.a) Fundamentals B.b) Block Ciphers B.c) Stream Ciphers 2 B.a)

1 B) Symmetric Ciphers B.a) Fundamentals B.b) Block Ciphers B.c) Stream Ciphers 2 B.a) Fundamentals 3 B.1 Definition A mapping Enc: P K C for which k := Enc( ,k): P C is bijective for each k K is called an

1.1k views • 32 slides
B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n

B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n

1 B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n is called a block cipher . The positive integer n denotes the block size ( block length ). 3 B.25 Remark and Convention The encryption

709 views • 67 slides
Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof. Raluca Ada Popa Jan 31, 2018 Announcements Project 1 is out, due Feb 14 midnight Recall: Block cipher A function E : {0, 1} k {0, 1} n

553 views • 32 slides
T-79.159 Cryptography and Data Security Lecture 3: 3.1 Introduction to block ciphers 3.2 DES

T-79.159 Cryptography and Data Security Lecture 3: 3.1 Introduction to block ciphers 3.2 DES

T-79.159 Cryptography and Data Security Lecture 3: 3.1 Introduction to block ciphers 3.2 DES 3.3 IDEA 3.4 AES Kaufman et al: Chapter 3 Stallings: Chapters 3, 5 1 Block ciphers Confidentiality primitive Threat: recover the plaintext

774 views • 15 slides
Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof.

Block ciphers, stream ciphers (start on:) Asymmetric cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 15, 2016 Announcements Project due Sept 20 Recall: Block cipher A function E : {0, 1} k {0, 1} n {0, 1} n . Once

417 views • 30 slides
T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher

T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher

T-79.159 Cryptography and Data Security Lecture 4: 4.1 Stream ciphers 4.2 Block cipher confidentiality modes of operation Kaufman et al: Ch 4 Stallings: Ch 6, Ch 3 1 Stream ciphers Stream ciphers are generally faster than block

535 views • 12 slides
Perfect Block Ciphers With Small Blocks Louis Granboulan 1 , 2 Thomas Pornin 3 1 cole Normale

Perfect Block Ciphers With Small Blocks Louis Granboulan 1 , 2 Thomas Pornin 3 1 cole Normale

Block ciphers with non-standard sizes Choosing uniformly a random permutation P ERMUTATOR Sampling following the Hypergeometric Distribution Security Analysis Perfect Block Ciphers With Small Blocks Louis Granboulan 1 , 2 Thomas Pornin 3 1

550 views • 23 slides
Design Issues of Block Ciphers The objectives of this part is to show certain design issues of

Design Issues of Block Ciphers The objectives of this part is to show certain design issues of

Design Issues of Block Ciphers The objectives of this part is to show certain design issues of block ciphers. 1 Block Ciphers and Stream Ciphers A one-key cipher is a 5-tuple ( M , C , K , E k , D k ) , where M , C , K are respectively the

461 views • 12 slides
How to Operationally Detect the Misuse of Stream Ciphers (and even Block Ciphers Sometimes) and

How to Operationally Detect the Misuse of Stream Ciphers (and even Block Ciphers Sometimes) and

Introduction Cryptology Basics Detection Cryptanalysis The Word Case The Excel Case Conclusion How to Operationally Detect the Misuse of Stream Ciphers (and even Block Ciphers Sometimes) and Break them Eric Filiol, filiol@esiea.fr ESIEA -

808 views • 64 slides
Contents Introduction Classification of Symmetric Ciphers Types of Attacks

Contents Introduction Classification of Symmetric Ciphers Types of Attacks

Contents Introduction Classification of Symmetric Ciphers Types of Attacks Properties of Secure Ciphers Components of Block Ciphers Classes of Block Ciphers DES AES Secure Communication using

606 views • 27 slides
Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr. Principal Software Engineer 2019/02/19 What are cache based attacks ? In cryptography In cryptographic operations, leaking the internal state of a

338 views • 8 slides
Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

PQCRYPTO Summer School on Post-Quantum Cryptography 2017 Stefan Klbl June 19th, 2017 DTU Compute, Technical University of Denmark Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security fail?

758 views • 72 slides
Number Theory and Cryptography Chapter 4 Chapter Motivation Number theory is the part of

Number Theory and Cryptography Chapter 4 Chapter Motivation Number theory is the part of

Number Theory and Cryptography Chapter 4 Chapter Motivation Number theory is the part of mathematics devoted to the study of the integers and their properties. Key ideas in number theory include divisibility and the primality of integers.

1.77k views • 103 slides
Introduction to Lattices Oded Regev (Tel Aviv University and CNRS, ENS-Paris) Bar-Ilan

Introduction to Lattices Oded Regev (Tel Aviv University and CNRS, ENS-Paris) Bar-Ilan

Winter School on Lattice-Based Cryptography and Applications Bar-Ilan University, Israel 19/2/2012 Introduction to Lattices Oded Regev (Tel Aviv University and CNRS, ENS-Paris) Bar-Ilan University Dept. of Computer Science Lattices A

846 views • 41 slides
Mathematical Cryptography Diffie Hellman, Discrete Log Problem, Collision Algorithms Mentor: Tao

Mathematical Cryptography Diffie Hellman, Discrete Log Problem, Collision Algorithms Mentor: Tao

Mathematical Cryptography Diffie Hellman, Discrete Log Problem, Collision Algorithms Mentor: Tao Song , Mentee: Lisette del Pino University of Pennsylvania Directed Reading Program May 16, 2020 Mentor: Tao Song , Mentee: Lisette del Pino

1.35k views • 98 slides
Section 1 Commitment Schemes Commitment Schemes Commitment Schemes Digital analogue of a safe.

Section 1 Commitment Schemes Commitment Schemes Commitment Schemes Digital analogue of a safe.

Commitment Schemes Section 1 Commitment Schemes Commitment Schemes Commitment Schemes Digital analogue of a safe. Commitment Schemes Commitment Schemes Digital analogue of a safe. Definition 1 (Commitment scheme) An efficient two-stage

605 views • 23 slides
The legacy of export-grade cryptography in the 21st century Nadia Heninger University of

The legacy of export-grade cryptography in the 21st century Nadia Heninger University of

The legacy of export-grade cryptography in the 21st century Nadia Heninger University of Pennsylvania October 6, 2016 International Traffic in Arms Regulations April 1, 1992 version Category XIII--Auxiliary Military Equipment ... (b)

1.05k views • 79 slides
NaCls crypto box in hardware Michael Hutter, J urgen Schilling, Peter Schwabe, and Wolfgang

NaCls crypto box in hardware Michael Hutter, J urgen Schilling, Peter Schwabe, and Wolfgang

NaCls crypto box in hardware Michael Hutter, J urgen Schilling, Peter Schwabe, and Wolfgang Wieser Cryptography Research, TU Graz (IAIK), Radboud University Nijmegen September 14, 2015 CHES 2015, Saint-Malo, France NaCl and crypto box

394 views • 36 slides

More recommend