Scribd Logo
Upload

Welcome to Scribd!

  • 199 views

    Block Ciphers

    Uploaded by

    Ankur Agrawal
    Modern block ciphers use a combination of transposition and substitution techniques to encrypt data blocks. A key component is the Feistel cipher structure, which iteratively divides data blocks into halves, applies a round function to one half using a subkey, and swaps the halves. This provides diffusion and confusion. Modern block ciphers also employ substitution boxes and permutation boxes to scramble data at each round. The substitution-permutation network is a common block cipher design that alternates substitution and permutation steps with XOR operations using round keys derived from the main cipher key.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd

    Block Ciphers

    Uploaded by

    Ankur Agrawal
    199 views25 pages
    Modern block ciphers use a combination of transposition and substitution techniques to encrypt data blocks. A key component is the Feistel cipher structure, which iteratively divides data blocks into halves, applies a round function to one half using a subkey, and swaps the halves. This provides diffusion and confusion. Modern block ciphers also employ substitution boxes and permutation boxes to scramble data at each round. The substitution-permutation network is a common block cipher design that alternates substitution and permutation steps with XOR operations using round keys derived from the main cipher key.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Modern block ciphers use a combination of transposition and substitution techniques to encrypt data blocks. A key component is the Feistel cipher structure, which iteratively divides data blocks into halves, applies a round function to one half using a subkey, and swaps the halves. This provides diffusion and confusion. Modern block ciphers also employ substitution boxes and permutation boxes to scramble data at each round. The substitution-permutation network is a common block cipher design that alternates substitution and permutation steps with XOR operations using round keys derived from the main cipher key.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    199 views25 pages

    Block Ciphers

    Uploaded by

    Ankur Agrawal
    Modern block ciphers use a combination of transposition and substitution techniques to encrypt data blocks. A key component is the Feistel cipher structure, which iteratively divides data blocks into halves, applies a round function to one half using a subkey, and swaps the halves. This provides diffusion and confusion. Modern block ciphers also employ substitution boxes and permutation boxes to scramble data at each round. The substitution-permutation network is a common block cipher design that alternates substitution and permutation steps with XOR operations using round keys derived from the main cipher key.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 25

    Modern Block ciphers

    A symmetric classification
    Stream cipher Block cipher

    100110110100010111010010
    1 1 0 0 0

    100110110100010111010010
    100110 110100 010111

    1...

    1..

    1.

    0.

    110010

    011101

    010010

    110010011101010010001001

    1100100111010100100010011

    Stream cipher
    A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time. This method is not much used in modern cryptography. A key stream generator produces a stream of keys which are then used with plaintext to form the cipher text. Example: one time pad, affine cipher.
    Keystream generator

    key

    keystream

    K1,K2,,Kn

    +
    plaintext bits P1,P2,,Pn

    P1 K1,P2 K2,,Pn Kn ciphertext bits

    Advantage: -Less implementation cost. - stream ciphers work on only a few bits at a time thats why they have relatively low memory requirements - It is suitable for H/W implementation. Disadvantage: - Stream ciphers are more difficult to implement correctly. - stream ciphers do not provide integrity protection or authentication. - As the stream ciphers are individually encrypted with not connection to other chunks of data, error correction are more difficult.

    Block cipher
    A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data at once as a group rather than to one bit at a time. Example : DES, Hill Cipher.

    encryption key block of plaintext


    Encryption algorithm

    block of ciphertext

    Advantage : - It is used for S/W implementation. - More suitable In trading applications. - In the real world block ciphers seem to be more general - It is some what faster than stream cipher each time n characters executed. Disadvantage: - Its required more memory space. - required large number of coding for implementation.

    Block Cipher Principles


    There are three critical aspects of block cipher design: Feistel Cipher Stractute, and Shannon Product Cipher. Feistel Cipher Stracture Number of Rounds: The greater the number of rounds, the more difficult it is to perform cryptanalysis, even for a relatively weak F. In general, the criterion should be that the number of rounds is chosen so that known cryptanalytic efforts require greater effort than a simple brute-force key search attack. This criterion was certainly used in the design of DES. Design of Function F: The function F provides the element of confusion in a Feistel cipher. Thus, it must be difficult to"unscramble" the substitution performed by F. Key Schedule Algorithm : A final area of block cipher design, and one that has received less attention than S-box design, is the key schedule algorithm. With any Feistel block cipher, the key is used to generate one subkey for each round. Shannon Product Cipher : Confusion and diffusion.

    Components of modern block cipher


    A modern block cipher is made of a combination of transposition unit (Called P-box ) and substitution units (S-box) and some special operation. Shannon introduced idea of substitution-permutation (S-P) networks in 1949. In block ciphers, the S-boxes and PBoxes are used to make the relation between the plaintext and the ciphertext difficult to understand P-box: In cryptography, a permutation box (or P-box) is a method of bit-shuffling used to permute or transpose bits across inputs. P-boxes are typically classified as compression, expansion, and straight, according as the number of output bits is less than, greater than, or equal to the number of input bits. Only straight P-boxes are invertible. 1 2 3 4 5 1 2 3 4 5

    5
    1 2 3

    S-box: The S-box can have different number of inputs and outputs. In other words, the input to an S-box could be an n-bit word, but the output can be an m bit word where n and m are not necessarily same. S box may be keyed or keyless . 0 1 2 3 4 5 6 7 8 9 A B C D E F E 4 D 1 2 F B 8 3 A 6 C 5 9 0 7
    Other operations: Exclusive OR Compliment Inverse Circular Shift Swap Split and Combine

    Diffusion and Confusion


    Shannons idea in introducing the product cipher was enable the block ciphers to have two important properties: Diffusion and Confusion. Diffusion: Hide the relationship between the ciphertext and the plaintext. This will frustrated the adversary who uses ciphertext statistics to find the plaintext. Dissipate statistical structure of the plaintext into long-range statistics of the ciphertext Spread the statistics over a range of bits, i.e., let each part of the plaintext affect a large part of the ciphertext, thus making the statistical relationship as difficult as possible Control frequency analysis Can be achieved by repeatedly performing some permutation followed by applying a function to that permutation

    Confusion
    Hide the relationship between the ciphertext and key as difficult as possible If a single bit in a key is changed, most or all bits in the ciphertext also be changed Control attempts to discover the key Can be achieved by using a complex, non-linear, substitution operation (S-box)

    Motivation for Feistel cipher stricture


    -The Feistel cipher structure has the advantage that encryption and decryption operations are very similar, requiring only a reversal of key schedule. Therefore the size of the code to implement such cipher is nearly halved. -Feistel construction is iterative on nature which makes implementing the cryptosystem in hardware easier. -Feistel networks reversible in nature -Feistel networks are combination of multiple rounds of repeat operation such as : -Bit Shuffling -- Substitution box. --Linear mixing (XOR operation) Reversible Mapping Plaintext 00 Ciphertext 11 irreversible Mapping Plaintext 00 Ciphertext 11

    01 10
    11

    10 00
    01

    01
    10 11

    10
    00 01

    Feistel Cipher Structure


    German IBM cryptographer Horst Feistel invented the feistel cipher based on concept of invertible product cipher Feistel cipher is a type of block cipher designed, not a specific cipher. partitions input block into two halves process through multiple rounds(1,2,3,.n) which Divides the data in two halves perform a substitution on left data half based on round function of right half & subkey then have permutation swapping halves implements Shannons S-P net concept

    Feistel Cipher
    The input to a feistel structure is a plaintext box of n bits and a key K. The input key is broken down into two halves, L0 and R0 . The two halves of the data pass through r rounds of processing and the combined to produce the ciphertext block. Each round i has input Li-1 and Ri-1 , derived from previous round, as well as a sub key k derived from the over all key K. In general, subkey ki is different from K and from each other. In this cipher, a substitution is performed via the round function F and permutation is performed that interchanges the two halves of data.

    Feistel Cipher Structure

    Encryption and decipher procedure


    1. Divide the input into two halves(L0, R0) .The length of L0 and R0 will be same. 2. For each round i=1,2,3.n compute Li=Ri-1 Ri= Li-1 + F(Ri-1 + Ki) Where F is the round function and Ki is the subkey of the round i 3. Ciphertext C= (Ln, Rn) Decipherment: 1. Start with the cipher text C=(Ln, Rn) 2. For each round i= n, n-1.2,1 Ri-1 =L1 Li-1= Ri+ F(Li+Ki) Where F is the round function and Ki is the subkey of the round i 3. Plaintext P=(L0, R0)

    Feistel Cipher Decryption

    Feistel Cipher Design Elements


    block size : Larger block sizes mean greater security (all other things being equal) but reduced encryption/decryption speed for a given algorithm. The greater security is achieved by greater diffusion Traditionally, a block size of 64 bits has been considered a reasonable tradeoff and was nearly universal in block cipher design. Key size: Larger key size means greater security but may decrease encryption/decryption speed. The greater security is achieved by greater resistance to brute-force attacks and greater confusion. Key sizes of 64 bits or less are now widely considered to be insufficient, and 128 bits has become a common size.
    Number of rounds: The essence of the Feistel cipher is that a single round offers insufficient security but that multiple rounds offer increasing security. A typical size is 16 rounds. Subkey generation algorithm: Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis. Round function: the increased complexity in round function also enhance the difficulties against the attacks by cryptanalysis.

    The Substitution-Permutation Network (SPN)


    Main attraction: Encryption and decryption easy to implement in hardware. Simple description as an iterated cipher. Plain text and cipher text : length lm Given an r bit key K, derive from it N + 1 keys K1, K2, KN + 1, each lm bits long using key scheduling algorithm Fix a substitutions S Fix a permutation P

    SPN Algorithm
    Encryption proceeds in N stages. Stage Encryption proceeds in N stages. Stage j encryption for j = 1 to N 1:
    X-or with subkey Kj break into l-bit substrings and substitute each substring using S Permute the bits using P

    Stage N encryption:
    X-or with subkey KN break into l-bit substrings and substitute each substring using S X-or with KN+1

    First and last X-or are called Whitening.

    SPN example (example 3.1, from Stinsons book)


    l = m = N = 4; r = 32 (32 bit key).
    Key scheduling: Given 32-bit key K, K1 = bits 116 of K; K4 = bits 1328 of K; K2 = bits 520 of K; K5 = bits 1732 of K. K3 = bits 924 of K; S :

    0 1 2 3 4 5 6 7 8 9 A B C D E F E 4 D 1 2 F B 8 3 A 6 C 5 9 0 7
    P :

    1 2 3 4

    5 6 7

    9 10 11 12

    13 14 15 16 4 8 12 16

    1 5 9 13 2 6 10 14 3 7 11 15

    K = 0011 1010 1001 0100 1101 0110 0011 1111 Round keys are as follow: K1= 0011 1010 1001 0100 K2= 1010 1001 0100 1101 K3= 1001 0100 1101 0110 K4= 0100 1101 0110 0011 K5= 1101 0110 0011 1111

    Plain text x = 0010 0110 1011 0111 Encryption of x proceeds as follows: w0 = 0010 0110 1011 0111 K1 = 0011 1010 1001 0100 u1 = 0001 1100 0010 0011 v1 = 0100 0101 1101 0001 w1 = 0010 1110 0000 0111

    w1 = K2 = u2 = v2 = w2 =

    0010 1010 1000 0011 0100

    1110 1001 0111 1000 0001

    0000 0100 0100 0010 1011

    0111 1101 1010 0110 1000

    SPN example pictorially

    Advantage of SPN
    Design is simple for hardware as well as software Software implementation S-box is implemented in the form of look-up table Less development cost. Less computational cost.

    Thank you

    You might also like