Data Encryption Standard Simplified-DES Details of DES DES in - PDF document

Cryptography Data Encryption Standard Overview of the Data Encryption Standard (DES) Data Encryption Standard Simplified-DES Details of DES DES in OpenSSL Cryptography DES in Python School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 19 Feb 2020, des.tex, r1788 1

Cryptography Contents Data Encryption Standard Overview of the Overview of the Data Encryption Standard (DES) Data Encryption Standard (DES) Simplified-DES Details of DES Simplified-DES DES in OpenSSL DES in Python Details of DES DES in OpenSSL DES in Python 2

Cryptography Data Encryption Standard Data Encryption Standard ◮ Symmetric block cipher Overview of the ◮ 56-bit key, 64-bit input block, 64-bit output block Data Encryption Standard (DES) ◮ Developed in 1977 by NIST; designed by IBM (Lucifer) Simplified-DES with input from NSA Details of DES DES in OpenSSL ◮ Principles used in other ciphers, e.g. 3DES, IDEA DES in Python 3

Cryptography Contents Data Encryption Standard Overview of the Overview of the Data Encryption Standard (DES) Data Encryption Standard (DES) Simplified-DES Details of DES Simplified-DES DES in OpenSSL DES in Python Details of DES DES in OpenSSL DES in Python 4

Cryptography Simplified DES Data Encryption Standard ◮ Input (plaintext) block: 8-bits Overview of the ◮ Output (ciphertext) block: 8-bits Data Encryption Standard (DES) ◮ Key: 10-bits Simplified-DES Details of DES ◮ Rounds: 2 DES in OpenSSL ◮ Round keys generated using permutations and left shifts DES in Python ◮ Encryption: initial permutation, round function, switch halves ◮ Decryption: Same as encryption, except round keys used in opposite order 5

Cryptography S-DES Algorithm Data Encryption Standard Overview of the Data Encryption Standard (DES) Simplified-DES Details of DES DES in OpenSSL DES in Python 6 The figure on slide 6 shows the encryption, key generation and decryption steps of S-DES. Key generation, shown in the middle, is used to generate round keys and is the same algorithm when used for both encryption and decryption. That is, the encrypter and decrypter will generate the exact same round keys. Decryption is in fact identical to encryption, except the round keys are used in the opposite order. That is, for encryption round key K 1 is used first, then round key K 2 . For decryption, K 2 is used first and then K 1 . The blocks are defined in the following.

Cryptography S-DES Permutations (definition) Data Encryption Standard Permutations used in S-DES: P10 (permutate) Overview of the Data Encryption Input : 1 2 3 4 5 6 7 8 9 10 Standard (DES) Simplified-DES Output: 3 5 2 7 4 10 1 9 8 6 Details of DES P8 (select and permutate) DES in OpenSSL Input : 1 2 3 4 5 6 7 8 9 10 DES in Python Output: 6 3 7 4 8 5 10 9 P4 (permutate) Input : 1 2 3 4 Output: 2 4 3 1 EP (expand and permutate) Input : 1 2 3 4 Output: 4 1 2 3 2 3 4 1 IP (initial permutation) Input : 1 2 3 4 5 6 7 8 Output: 2 6 3 1 4 8 5 7 7 As an example, permutation P4 takes a 4-bit input and produces a 4-bit output. The 1st bit of the input becomes the 4th bit of the output. The 2nd bit of the input becomes the 1st bit of the output. The 3rd bit of the input becomes the 3rd bit of the output. The 4th bit of the input becomes the 1st bit on the output. The permutations are fixed. That is they are always these exact permu- tations, and known by the encrypter, decrypter and attacker.

Cryptography Other Operations in S-DES Data Encryption Standard ◮ LS-1: left shift by 1 position Overview of the ◮ LS-2: left shift by 2 positions Data Encryption Standard (DES) ◮ IP − 1 : inverse of IP, such that X = IP − 1 (IP( X )) Simplified-DES Details of DES ◮ SW: swap the halves DES in OpenSSL ◮ f K : a round function using round key K DES in Python ◮ F: internal function in each round ◮ Angled lines through arrows with a number next to them indicate the number of bits passing between the blocks 8

Cryptography S-DES Key Generation Data Encryption Standard Overview of the Data Encryption Standard (DES) Simplified-DES Details of DES DES in OpenSSL DES in Python 9 The figure on slide 9 shows the key generation algorithm in S-DES. A 10-bit shared secret key is input to P10, of which the output is split into two 5-bit halves. A left shift is performed on each half. The two 5-bit halves are input to P8, and the output of P8 becomes round key K 1 . The two outputs of the previous left shifts are then shifted again by 2 positions (LS-2). The two 5-bit halves are input to P8, and the output of P8 becomes round key K 2 . K 1 and K 2 are used by the encryption and decryption algorithms.

Cryptography S-DES Encryption Data Encryption Standard Overview of the Data Encryption Standard (DES) Simplified-DES Details of DES DES in OpenSSL DES in Python 10 The figure on slide 10 shows the encryption algorithm in detail. An initial permutation is applied on the plaintext, then split into the left and right half. The right half is input into function F. The 4 bits of the right half are expanded and permutated, and then the 8 bits are XORed with the round key. The left 4 bits are used in S-Box S0 and the right 4 bits are used in S-Box S1. Each S-Box outputs 2 bits. The resulting 4 bits are input to P4. The output of the 4 bits from P4 are XORed with the left half out of IP. The resulting 4 bits as well as the 4-bit right half from IP are input to the SWap, i.e. swapping the halves. The round is repeated, this time using K 2 , and finally the inverse initial permutation is applied to produce the ciphertext.

Cryptography S-DES S-Boxes (definition) Data Encryption Standard S-Box considered as a matrix: input used to select row/column; selected element is output Overview of the Data Encryption 4-bit input: bit 1 , bit 2 , bit 3 , bit 4 Standard (DES) bit 1 bit 4 specifies row (0, 1, 2 or 3 in decimal) Simplified-DES Details of DES bit 2 bit 3 specifies column DES in OpenSSL DES in Python     01 00 11 10 00 01 10 11 11 10 01 00 10 00 01 11     S 0 = S 1 =     00 10 01 11 11 00 01 00     11 01 11 10 10 01 00 11 11

Cryptography Encrypt with S-DES (exercise) Data Encryption Standard Show that when the plaintext 01110010 is encrypted using S-DES with key 1010000010 that the ciphertext obtained is Overview of the Data Encryption 01110111 . Standard (DES) Simplified-DES Details of DES DES in OpenSSL DES in Python 12 1. Rearrange K using P10: 1000001100 2. Left shift by 1 position both the left and right halves: 00001 11000 3. Rearrange the halves with P8 to produce K 1 : 10100100 4. Left shift by 2 positions the left and right halves: 00100 00011 5. Rearrange the halves with P8 to produce K 2 : 01000011

Cryptography S-DES Summary Data Encryption Standard ◮ Educational encryption algorithm Overview of the ◮ S-DES expressed as functions: Data Encryption Standard (DES) Simplified-DES ciphertext = IP − 1 ( f K 2 ( SW ( f K 1 ( IP ( plaintext ))))) Details of DES DES in OpenSSL plaintext = IP − 1 ( f K 1 ( SW ( f K 2 ( IP ( ciphertext ))))) DES in Python ◮ Brute force attack on S-DES is easy since only 10-bit key ◮ If know plaintext and corresponding ciphertext, can we determine key? Very hard 15

Cryptography S-DES Compared to Real DES Data Encryption Standard ◮ S-DES vs DES Overview of the ◮ Block size: 8 bits vs 64 bits Data Encryption Standard (DES) ◮ Rounds: 2 vs 16 Simplified-DES Details of DES ◮ IP: 8 bits vs 64 bits DES in OpenSSL ◮ F: 4 bits vs 32 bits DES in Python ◮ S-Boxes: 2 vs 8 ◮ Round key: 8 bits vs 48 bits 16 The following section presents the details of DES. This is primarily for reference (or as evidence of the similarities and differences with S-DES). You are not expected to know the details of the DES operations.

Cryptography Contents Data Encryption Standard Overview of the Overview of the Data Encryption Standard (DES) Data Encryption Standard (DES) Simplified-DES Details of DES Simplified-DES DES in OpenSSL DES in Python Details of DES DES in OpenSSL DES in Python 17

Cryptography General DES Encryption Algorithm Data Encryption Standard Overview of the Data Encryption Standard (DES) Simplified-DES Details of DES DES in OpenSSL DES in Python 18 The figure on slide 18 shows the overall steps in DES encryption as well as key generation. The details of each block are shown in the following.

Cryptography Permutation Tables for DES Data Encryption Standard Overview of the Data Encryption Standard (DES) Simplified-DES Details of DES DES in OpenSSL DES in Python 19 The figure on slide 19 shows the initial permutation and it’s inverse. The table is read row-by-row. So the 58th input bit becomes the 1st output bit. The 50th input bit becomes the 2nd output bit. And the 7th input bit becomes the 64th output bit.

Cryptography Permutation Tables for DES Data Encryption Standard Overview of the Data Encryption Standard (DES) Simplified-DES Details of DES DES in OpenSSL DES in Python 20 The figure on slide 20 shows E and P which are used within a round of DES, shown in The figure on slide 21.