W-bc - Chapter 2 Block Ciphers Blockciphers are the central tool in the design of protocols for shared-key cryptography(aka sym metric cryptography

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Chapter 2 Block Ciphers Blockciphers are the central tool in the design of protocols for shared-key cryptography (aka. sym- metric) cryptography. They are the main available “technology” we have at our disposal. This chapter will take a look at these objects and describe the state of the art in their construction. It is important to stress that blockciphers are just tools—raw ingredients for cooking up some- thing more useful. Blockciphers don’t, by themselves, do something that an end-user would care about. As with any powerful tool, one has to learn to use this one. Even an excellent blockcipher won’t give you security if you use don’t use it right. But used well, these are powerful tools indeed. Accordingly, an important theme in several upcoming chapters will be on how to use blockciphers well. We won’t be emphasizing how to design or analyze blockciphers, as this remains very much an art. This chapter gets you acquainted with some typical blockciphers, and discusses attacks on them. In particular we’ll look at two examples, DES and AES. DES is the “old standby.” It is currently the most widely-used blockcipher in existence, and it is of sufficient historical significance that every trained cryptographer needs to have seen its description. AES is a modern blockcipher, and it is expected to supplant DES in the years to come. 2.1 What is a blockcipher? A blockcipher is a function E : { , 1 } k × { , 1 } n → { , 1 } n . This notation means that E takes two inputs, one being a k-bit string and the other an n-bit string, and returns an n-bit string. The first input is the key. The second might be called the plaintext, and the output might be called a ciphertext. The key-length k and the block-length n are parameters associated to the blockcipher. They vary from blockcipher to blockcipher, as of course does the design of the algorithm itself. For each key K ∈ { , 1 } k we let E K : { , 1 } n → { , 1 } n be the function defined by E K ( M ) = E ( K,M ). For any blockcipher, and any key K , it is required that the function E K be a permutation on { , 1 } n . This means that it is a bijection (ie., a one-to-one and onto function) of { , 1 } n to { , 1 } n . (For every C ∈ { , 1 } n there is exactly one M ∈ { , 1 } n such that E K ( M ) = C .) Accordingly E K has an inverse, and we denote it E − 1 K . This function also maps { , 1 } n to { , 1 } n , and of course we have E − 1 K ( E K ( M )) = M and E K ( E − 1 K ( C )) = C for all M,C ∈ { , 1 } n . We let E − 1 : { , 1 } k × { , 1 } n → { , 1 } n be defined by E − 1 ( K,C ) = E − 1 K ( C ). This is the inverse blockcipher to E . Preferably, the blockcipher E is a public specified algorithm. Both the cipher E and its inverse E − 1 should be easily computable, meaning given K,M we can readily compute E ( K,M ), and given 2 BLOCK CIPHERS K,C we can readily compute E − 1 ( K,C ). By “readily compute” we mean that there are public and relatively efficient programs available for these tasks.relatively efficient programs available for these tasks....
View Full Document

This note was uploaded on 08/31/2011 for the course CSE 207 taught by Professor Daniele during the Winter '08 term at UCSD.

Page1 / 19

W-bc - Chapter 2 Block Ciphers Blockciphers are the central tool in the design of protocols for shared-key cryptography(aka sym metric cryptography

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online