230 likes | 244 Views
Block Ciphers and the Data Encryption Standard. Modern Block Ciphers. One of the most widely used types of cryptographic algorithms Used in symmetric cryptographic network application. Difficult Structure to understand then public key ciphers. Our focus on DES (Data Encryption Standard).
E N D
Modern Block Ciphers • One of the most widely used types of cryptographic algorithms • Used in symmetric cryptographic network application. • Difficult Structure to understand then public key ciphers. • Our focus on DES (Data Encryption Standard)
Block vs Stream Ciphers • In Block cipher a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. • A block size of 64 or 128 bits is used • Stream ciphers process messages a bit or byte at a time when en/decrypting • The key stream (Ki)is as long as the plaintext bit stream (Pi). • Many current ciphers are block ciphers • better analyzed • broader range of applications • Examples of classical stream ciphers are the Vigenère cipher
Block Cipher Principles • Most symmetric block ciphers are based on a Feistel Cipher Structure • In general, A block cipher operates on a plaintext block of n bits to produce a cipher text block of n bits (E.g., N = 64 or 128.) • A block cipher is a monoalphabetic cipher. • There are 2N! such mappings. • A secret key indicates which mapping to use.
Claude Shannon and Substitution-Permutation Ciphers • Claude Shannon introduced idea of substitution-permutation (S-P) networks in 1949 paper and form the basis of modern block ciphers • Modern block ciphers use a key of K bits to specify a random subset of 2K mappings. • 2K is much smaller than 2N! • But is still very large. • S-P nets are based on the two primitive cryptographic operations seen before: • substitution (S-box) • permutation (P-box) • provide confusion & diffusion of message & key
Confusion and Diffusion • cipher needs to completely obscure statistical properties of original message • More practically Shannon suggested combining S & P elements to obtain: • diffusion – make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key. • confusion – makes relationship between ciphertext and key as complex as possible
Feistel Cipher Structure • Horst Feistel devised the feistel cipher • based on concept of invertible product cipher • partitions input block into two halves • process through multiple rounds which • perform a substitution on left data half • based on round function of right half & subkey • then have permutation/transformation swapping halves • implements Shannon’s S-P net concept
Round i Li-1 Ri-1 ki f + Li Ri
Feistel Cipher Design Elements • block size • key size • number of rounds • subkey generation algorithm • round function • fast software en/decryption • ease of analysis
DES Round Structure • uses two 32-bit L & R halves • as for any Feistel cipher can describe as: Li= Ri–1 Ri= Li–1 F(Ri–1, Ki) • F takes 32-bit R half and 48-bit subkey: • expands R to 48-bits using perm E • adds to subkey using XOR • 48 bit passes through 8 S-boxes to get 32-bit result • finally permutes using 32-bit perm P
Substitution Boxes S • have eight S-boxes which map 6 to 4 bits. • Each S-box is specified as a 4 x 16 table. • each row is a permutation of 0-15. • The first and last bits of the input to box Si form a 2-bit binary number to select one of four substitutions defined by the four rows in the table for Si. • The middle four bits select one of the sixteen columns.
S-Box Example • The example lists 8 to 6-bit values (ie 18 in hex is 011000 in binary, 09 hex is 001001 binary etc), each of which is replaced following the process detailed above using the appropriate S-box. • S1(011000) lookup row 00 col 1100 in S1 to get 5 • S1(000011) lookup row 01 col 0001 in S1 to get 15 = f in hex 0 1 2 3
Avalanche Effect • Avalanche effect: • The avalanche effect is evident if, when an input is changed slightly (for example, flipping a single bit) the output changes significantly (e.g., half the output bits flip) • A small change in the plaintext or in the key results in a significant change in the ciphertext. • an evidence of high degree of diffusion and confusion
DES exhibits a strong avalanche effect • Changing 1 bit in the plaintext affects 34 bits in the ciphertext on average. • 1-bit change in the key affects 35 bits in the ciphertext on average.
Attacks on DES • Brute-force key search • Trying 1 key per microsecond would take 1000+ years on average, due to the large key space size, 256 ≈ 7.2×1016. • Differential cryptanalysis • Possible to find a key with 247 plaintext-ciphertext samples • Known-plaintext attack • Liner cryptanalysis: • Possible to find a key with 243 plaintext-ciphertext samples • Known-plaintext attack 23