Ch04 7ed

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 20

Chapter 4

Block Ciphers and the Data


Encryption Standard
© 2017 Pearson Education, Ltd., All rights reserved.
Block Cipher

A block of
plaintext is
treated as a Typically a block
whole and used size of 64 or 128
to produce a bits is used
ciphertext block
of equal length

The majority of
As with a stream network-based
cipher, the two symmetric
users share a cryptographic
symmetric applications make
encryption key use of block
ciphers

© 2017 Pearson Education, Ltd., All rights reserved.


© 2017 Pearson Education, Ltd., All rights reserved.
© 2017 Pearson Education, Ltd., All rights reserved.
Table 4.1
Encryption and Decryption Tables for Substitution Cipher of Figure 4.2

© 2017 Pearson Education, Ltd., All rights reserved.


Feistel Cipher
• Feistel proposed the use of a cipher that alternates
substitutions and permutations
• Each plaintext element or group of elements
Substitutions is uniquely replaced by a corresponding
ciphertext element or group of elements

• No elements are added or deleted or replaced


Permutation in the sequence, rather the order in which the
elements appear in the sequence is changed

• Is a practical application of a proposal by Claude


Shannon to develop a product cipher that alternates
confusion and diffusion functions
• Is the structure used by many significant symmetric
block ciphers currently in use
© 2017 Pearson Education, Ltd., All rights reserved.
Diffusion and Confusion
• Terms introduced by Claude Shannon to capture the
two basic building blocks for any cryptographic system
• Shannon’s concern was to thwart cryptanalysis based
on statistical analysis

Diffusion
• The statistical structure of the plaintext is dissipated into long-range statistics of the
ciphertext
• This is achieved by having each plaintext digit affect the value of many ciphertext
digits

Confusion
• Seeks to make the relationship between the statistics of the ciphertext and the value
of the encryption key as complex as possible
• Even if the attacker can get some handle on the statistics of the ciphertext, the way in
which the key was used to produce that ciphertext is so complex as to make it difficult
to deduce the key

© 2017 Pearson Education, Ltd., All rights reserved.


© 2017 Pearson Education, Ltd., All rights reserved.
Feistel Cipher Design Features
• Block size
• Round function F
• Larger block sizes mean greater security
• Greater complexity generally means
but reduced encryption/decryption speed
for a given algorithm greater resistance to cryptanalysis

• Key size • Fast software encryption/decryption


• In many cases, encrypting is
• Larger key size means greater security
embedded in applications or utility
but may decrease encryption/decryption
functions in such a way as to
speeds
preclude a hardware
• Number of rounds implementation; accordingly, the
speed of execution of the algorithm
• The essence of the Feistel cipher is that a becomes a concern
single round offers inadequate security
but that multiple rounds offer increasing • Ease of analysis
security • If the algorithm can be concisely and
clearly explained, it is easier to
• Subkey generation algorithm analyze that algorithm for
• Greater complexity in this algorithm cryptanalytic vulnerabilities and
should lead to greater difficulty of therefore develop a higher level of
cryptanalysis assurance as to its strength
© 2017 Pearson Education, Ltd., All rights reserved.
Feistel Example

© 2017 Pearson Education, Ltd., All rights reserved.


Data Encryption Standard (DES)

• Issued in 1977 by the National Bureau of Standards (now


NIST) as Federal Information Processing Standard 46
• Was the most widely used encryption scheme until the
introduction of the Advanced Encryption Standard (AES) in
2001
• Algorithm itself is referred to as the Data Encryption
Algorithm (DEA)
• Data are encrypted in 64-bit blocks using a 56-bit key
• The algorithm transforms 64-bit input in a series of steps into a
64-bit output
• The same steps, with the same key, are used to reverse the
encryption
© 2017 Pearson Education, Ltd., All rights reserved.
© 2017 Pearson Education, Ltd., All rights reserved.
Table 4.2

DES
Example
(Table can be found on
page 132 in textbook)

Note: DES subkeys are shown as eight 6-bit values in hex format
© 2017 Pearson Education, Ltd., All rights reserved.
Table 4.3 Avalanche Effect in DES: Change in Plaintext
© 2017 Pearson Education, Ltd., All rights reserved.
Table 4.4 Avalanche Effect in DES: Change in Key
© 2017 Pearson Education, Ltd., All rights reserved.
Table 4.5
Average Time Required for Exhaustive Key Search

© 2017 Pearson Education, Ltd., All rights reserved.


Strength of DES
• Timing attacks
• One in which information about the key or the
plaintext is obtained by observing how long it takes
a given implementation to perform decryptions on
various ciphertexts
• Exploits the fact that an encryption or decryption
algorithm often takes slightly different amounts of
time on different inputs
• So far it appears unlikely that this technique will
ever be successful against DES or more powerful
symmetric ciphers such as triple DES and AES

© 2017 Pearson Education, Ltd., All rights reserved.


Block Cipher Design Principles:
Number of Rounds

In general, the criterion


should be that the If DES had 15 or fewer
The greater the number of rounds is rounds, differential
number of rounds, the chosen so that known cryptanalysis would
more difficult it is to cryptanalytic efforts require less effort than
perform cryptanalysis require greater effort a brute-force key
than a simple brute- search
force key search attack

© 2017 Pearson Education, Ltd., All rights reserved.


Block Cipher Design Principles:
Key Schedule Algorithm
• With any Feistel block cipher, the key is used to
generate one subkey for each round
• In general, we would like to select subkeys to
maximize the difficulty of deducing individual
subkeys and the difficulty of working back to the
main key
• It is suggested that, at a minimum, the key
schedule should guarantee key/ciphertext Strict
Avalanche Criterion and Bit Independence
Criterion
© 2017 Pearson Education, Ltd., All rights reserved.
Summary
• Traditional Block Cipher • The strength of DES
Structure • Use of 56-bit keys
• Stream ciphers • Nature of the DES
• Block ciphers algorithm
• Motivation for the • Timing attacks
Feistel cipher structure
• Feistel cipher • Block cipher design
• The Data Encryption principles
• Number of rounds
Standard (DES)
• Encryption • Design of function F
• Decryption • Key schedule
• Avalanche effect algorithm
© 2017 Pearson Education, Ltd., All rights reserved.

You might also like