Example of a product cipher
•
Repeated substitution and transposition
Feistel Cipher
LN4: Symmetric Key
Cryptography 10
Classical Feistel Network
•
For each round
i
(
i
=1,2,...,
n
), compute
•
L
i
= R
i-
1
•
R
i
= L
i-
1
⊕
f(R
i-
1
, K
i
)
where f is the round
function and
K
i
is the sub-
key
•
decryption is
accomplished via
•
R
i-
1
= L
i
•
L
i-
1
= R
i
⊕
f(R
i-
1
, K
i
)
LN4: Symmetric Key
Cryptography 11
Cipher Parameters
•
Fiestel Cipher depends on
:
–
Block size:
larger block sizes mean greater
security
–
Key Size:
larger key size means greater security
–
Number of rounds:
multiple rounds offer
increasing security, typically 16 rounds
–
Subkey generation algorithm:
greater complexity
will lead to greater difficulty of cryptanalysis.
–
Round function:
greater complexity means
greater resistance to cryptanalysis
Feistel Cipher Parameters
LN4: Symmetric Key
Cryptography 12
Symmetric Encryption Algorithms (DES)
•
Data Encryption Standard (DES)
The most widely used encryption scheme
The algorithm is referred to as the Data Encryption
Algorithm (DEA)
DES is a block cipher
processed in 64-bit blocks
56-bits key
–
8 parity bits are stripped off from the full 64-bit key (8
characters)
16 subkeys
are generated for the 16 rounds
Symmetric Encryption Algorithms

4
LN4: Symmetric Key
Cryptography 13
DES Subkey Generation - round # 1
•
drops 8 parity bits-
effective key size
becomes 56 bits
•
permutes the bits and
divides into two 28-bits
•
rotates the bits left by
single bit
•
permutes and extracts 48
bits as a subkey
LN4: Symmetric Key
Cryptography 14
DES Subkey Generation
•
One bit shift – round
1,2,9 and 16
•
Two bit shift for the
remaining rounds
LN4: Symmetric Key
Cryptography 15
DES Round
•
Each of the sixteen rounds takes a 64-bit block
as input and produces a 64-bit block as output
•
The output from the initial permutation is the
input to round one
•
Round one’s output is the input to round two
•
Round two’s output is the input to round three
•
…
•
The output from round sixteen is the 64-bit
block of ciphertext
LN4: Symmetric Key
Cryptography 16
Single DES Round
•
Similar to Fiestel Cipher structure
•
64-bit plaintext is divided into two 32-bit
blocks (L &R)
•
L
i
is the unchanged R
i-1
(previous round)
•
R
i-1
goes through F function
–
E table-expanded to 48bits and permuted
–
48 bits XORed with subkey K
i
–
Substitution produces 32-bit
>
8 S-boxes
>
each takes 6 bits and produces 4 bits
>
transformation is defined by substitution
tables
>
different substitution table for each S-box
–
Permutes the output of S-box
•
R
i
is L
i-1
XORed with permuted output
K
i

5
LN4: Symmetric Key
Cryptography 17
DES Initial Permutation Table
LN4: Symmetric Key
Cryptography 18
Brute Force Attack: Exhaustive Key Search
LN4: Symmetric Key
Cryptography 19
Encryption Algorithms (Triple DES)
•
Apply DES algorithm three times
•
Use three keys and three executions of the DES
algorithm (encrypt-decrypt-encrypt)
C = ciphertext :
E
K
[X] = encryption of X using key K
P = Plaintext :
D
K
[Y] = decryption of Y using key K
•
Key length of 168 bits = 3 * 56
•
But, due to Meet-in-the-middle attack (see following
slides), the

#### You've reached the end of your free preview.

Want to read all 20 pages?

- Three '18
- Cryptography, Advanced Encryption Standard, Block cipher, Symmetric Key Cryptography, Block cipher modes of operation