{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

s-bc - BLOCK CIPHERS 1 44 Permutations and Inverses A...

This preview shows pages 1–13. Sign up to view the full content.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: BLOCK CIPHERS 1 / 44 Permutations and Inverses A function f : { , 1 } ℓ → { , 1 } ℓ is a permutation if there is an inverse function f − 1 : { , 1 } ℓ → { , 1 } ℓ satisfying ∀ x ∈ { , 1 } ℓ : f − 1 ( f ( x )) = x This means f must be one-to-one and onto, meaning for every y ∈ { , 1 } ℓ there is a unique x ∈ { , 1 } ℓ such that f ( x ) = y . 2 / 44 Permutations and Inverses x 00 01 10 11 f ( x ) 01 11 00 10 A permutation x 00 01 10 11 f ( x ) 01 11 11 10 Not a permutation 3 / 44 Permutations and Inverses x 00 01 10 11 f ( x ) 01 11 00 10 A permutation x 00 01 10 11 f − 1 ( x ) 10 00 11 01 Its inverse 4 / 44 Block Ciphers Let E : { , 1 } k × { , 1 } ℓ → { , 1 } ℓ be a function taking a key K and input x to return output E ( K , x ) . For each key K we let E K : { , 1 } ℓ → { , 1 } ℓ be the function defined by E K ( x ) = E ( K , x ) . We say that E is a block cipher if • E K : { , 1 } ℓ → { , 1 } ℓ is a permutation for every K , meaning has an inverse E − 1 K , • E , E − 1 are efficiently computable, where E − 1 ( K , x ) = E − 1 K ( x ) . 5 / 44 Example The table entry corresponding to the key in row K and input in column x is E K ( x ). 00 01 10 11 00 00 01 10 11 01 01 00 11 10 10 10 11 00 01 11 11 10 01 00 In this case, the inverse cipher E − 1 is given by the same table: the table entry corresponding to the key in row K and output in column y is E − 1 K ( y ). 6 / 44 Block Ciphers: Example Let ℓ = k and define E : { , 1 } k × { , 1 } ℓ → { , 1 } ℓ by E K ( x ) = E ( K , x ) = K ⊕ x Then E K has inverse E − 1 K where E − 1 K ( y ) = K ⊕ y Why? Because E − 1 K ( E K ( x )) = E − 1 K ( K ⊕ x ) = K ⊕ K ⊕ x = x The inverse of block cipher E is the block cipher E − 1 defined by E − 1 ( K , y ) = E − 1 K ( y ) = K ⊕ y 7 / 44 Block cipher usage • K \$ ← { , 1 } k • K (magically) given to parties S, R, but not to A. • S,R use E K Algorithm E is public! Think of E K as encryption under key K . Leads to security requirements like: • Hard to get K from y 1 , y 2 , . . . • Hard to get x i from y i 8 / 44 DES History 1972 – NBS (now NIST) asked for a block cipher for standardization 1974 – IBM designs Lucifer Lucifer eventually evolved into DES. Widely adopted as a standard including by ANSI and American Bankers association Used in ATM machines Replaced (by AES) only a few years ago 9 / 44 DES parameters Key Length k = 56 Block length ℓ = 64 So, DES: { , 1 } 56 × { , 1 } 64 → { , 1 } 64 DES − 1 : { , 1 } 56 × { , 1 } 64 → { , 1 } 64 10 / 44 DES Construction function DES K ( M ) // | K | = 56 and | M | = 64 ( K 1 , . . . , K 16 ) ← KeySchedule ( K ) // | K i | = 48 for 1 ≤ i ≤ 16 M ← IP ( M ) Parse M as L bardbl R // | L | = | R | = 32 for i = 1 to 16 do L i ← R i − 1 ; R i ← f ( K i , R i − 1 ) ⊕ L i − 1 C ← IP − 1 ( L 16 bardbl R 16 ) return C Round i: Invertible given K i : 11 / 44 DES Construction function DES...
View Full Document

{[ snackBarMessage ]}

Page1 / 62

s-bc - BLOCK CIPHERS 1 44 Permutations and Inverses A...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online