200 likes | 405 Views
Secret Key Cryptography. TE/CS 536 Network Security Spring 2006 – Lectures 6&7. Block Encryption - 1. Stream ciphers are not suitable for long messages Block ciphers convert block to another: one-to-one reversible mapping Long enough to avoid known-plaintext attack
E N D
Secret Key Cryptography TE/CS 536 Network Security Spring 2006 – Lectures 6&7
Block Encryption - 1 • Stream ciphers are not suitable for long messages • Block ciphers convert block to another: one-to-one reversible mapping • Long enough to avoid known-plaintext attack • 64 bits – possible number of keys = ? • 128 bits • Output should look random • No correlation between plaintext and ciphertext
Block Encryption - 2 • Substitution (creates confusion) • Permutation (creates diffusion) • Round: combination of substitution and permutation; do until a bit change can affect every output bit • How many rounds? A few but not fewer
Block Cipher Scheme Plaintext block of length N Cipher block of length N Encrypt Secret key
Block Ciphers: modes • ECB: Electronic Code Book • Good for small messages, non-repeating blocks • CBC: Cipher Block Chaining • The cipher text i is XORed with message (i+1) before encryption. • CFB: Cipher Feedback • OFB: Output Feedback
DES (Data Encryption Standard) • Published in 1977, standardized in 1979. • Key: 64 bit quantity=8-bit parity+56-bit key • Every 8th bit is a parity bit. • 64 bit input, 64 bit output. 64 bit M 64 bit C DES Encryption 56 bits
DES Top View 56-bit Key 64-bit Input 48-bit K1 Generate keys LPT RPT Initial Permutation 48-bit K1 Round 1 48-bit K2 Round 2 …... 48-bit K16 Round 16 Swap 32-bit halves Swap Final Permutation Permutation 64-bit Output
RPT Expansion Permutation (32-to-48) 1 2 3 4 5 32 Input: ……. 0 0 1 0 1 1 Output …….. 10 0 1 0 1 0 110 1 2 3 4 5 6 7 8 48
Per-Round Key Generation Initial Permutation of DES key C i-1 D i-1 28 bits 28 bits Circular Left Shift Circular Left Shift One round Round 1,2,9,16: single shift Others: two bits Permutation with 8 bits Discard 48 bits Ki C i D i 28 bits 28 bits
A DES Round 32 bits Ln 32 bits Rn Expand One Round Encryption 48 bits Function F 48 bits Ki S-Boxes P 32 bits 32 bits Ln+1 32 bits Rn+1
6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 S1 S2 S3 S4 S5 S6 S7 S8 + + + + + + + + Permutation The F Function Key is XORed in eight 6-bit chunks with the expanded permuted RPT 6-input bits used to select 4-output bits through an S-box The permutation produces “spread” among the chunks/S-boxes!
2 bits row I1 I2 I3 I4 I5 I6 S O1 O2 O3 O4 i 4 bits column = 1,…8. i S-Box (Substitute and Shrink) • 48 bits ==> 32 bits. (8*6 ==> 8*4) • 2 bits used to select amongst 4 permutations for the rest of the 4-bit quantity
S1 box Each row and column contain different numbers. 0 1 2 3 4 5 6 7 8 9…. 15 0 14 4 13 1 2 15 11 8 3 1 0 15 7 4 14 2 13 1 10 2 4 1 14 8 13 6 2 11 15 3 15 12 8 2 4 9 1 7 5 Example: input: 100110 output: ???
8 S-Boxes • Logic behind the selection of the S-Boxes remains unpublished secret • Is it a good idea technically to publish it?
Decryption • Apply the same operations with the same key Ki at each round: • Input: Rn+1|Ln+1 • Due to the “swap” operation • Output: Rn|Ln • The swap operation at the end will produce the correct result: L|R
Cipher Iterative Action : Input: 64 bits Key: 48 bits Output: 64 bits Key Generation Box : Input: 56 bits Output: 48 bits DES Standard One round (Total 16 rounds)
DES Summary • Simple, easy to implement: • Hardware/gigabits/second, software/megabits/second • 56-bit key DES may be acceptable for non-critical applications but triple DES (DES3) should be secure for most applications today • Supports several operation modes: ECB CBC, OFB, CFB