larger key size means greater security
–
Number of rounds:
multiple rounds offer
increasing security, typically 16 rounds
–
Subkey generation algorithm:
greater complexity
will lead to greater difficulty of cryptanalysis.
–
Round function:
greater complexity means greater
resistance
Feistel Cipher Parameters

LN2:Symmetric Key Encryption : FIT3031 Information and Network Security 22
Symmetric Encryption Algorithms (DES)
•
Data Encryption Standard (DES)
The most widely used encryption scheme
The algorithm is referred to as the Data Encryption Algorithm
(DEA)
DES is a block cipher
processed in 64-bit blocks
56-bits key
–
8 parity bits are stripped off from the full 64-bit key (8 character)
16 subkeys in 16 rounds
Concern
: Proved insecure in today’s fast processing power
Symmetric Encryption Algorithms

LN2:Symmetric Key Encryption : FIT3031 Information and Network Security 23
Substitution & Permutation
•
Substitution
–
a binary word is replaced by some other binary word
–
also known as S-box
–
impractical to build 64-bit blocks
–
multiple S-boxes of smaller blocks are used
–
Example: for an input ’011001’ to an S-box, the output may
be ’1001’
•
Permutation
:
•
A binary word has its bits reordered (permute)
•
Also known as P-box
•
Example: 1
st
bit may become 7
th
bit, 2
nd
bit 12
th
bit and so on
Substitution & Permutation

LN2:Symmetric Key Encryption : FIT3031 Information and Network Security 24
DES Subkey Generation - round # 1
•
drop 8 parity bits
−
effective key size 56 bits
•
permute the bits and
divide into two 28-bits
•
rotate the bits left by
single bit
•
permute and extract 48
bits as a subkey

LN2:Symmetric Key Encryption : FIT3031 Information and Network Security 25
DES Subkey Generation
•
One bit shift – round
1,2,9 and 16
•
Two bit shift for the
remaining rounds

LN2:Symmetric Key Encryption : FIT3031 Information and Network Security 26
DES Round
•
Each of the sixteen rounds takes a
64-bit block as
inpu
t and produces a
64-bit block as output
•
The output from the initial permutation is the input
to round one
•
Round one’s output is the input to round two
•
Round two’s output is the input to round three
•
…
•
The output from round sixteen is the 64-bit block of
ciphertext

LN2:Symmetric Key Encryption : FIT3031 Information and Network Security 27
Single
DES Round
•
Similar to Fiestel Cipher structure
•
64-bit plaintext is divided into two 32-bit
blocks (L &R)
•
L
i
is the unchanged R
i-1
(previous round)
•
R
i-1
goes through F function
–
E table-expanded to 48bits and permuted
–
48 bits XORed with subkey K
i
–
Substitution produces 32-bit
8 S-boxes
each takes 6 bits and produces 4 bits
transformation is defined by substitution tables
different substitution table for each S-box
–
Permutes the output of S-box
•
R
i
is L
i-1
XORed with permuted output

LN2:Symmetric Key Encryption : FIT3031 Information and Network Security 28
Encryption Algorithms (DES …)
Encryption Algorithms (DES…):Time to break a

#### You've reached the end of your free preview.

Want to read all 64 pages?

- Fall '14
- Cryptography, Advanced Encryption Standard, Block cipher, Symmetric Key Encryption