Example of a product cipher • Repeated substitution and transposition Feistel Cipher LN4: Symmetric Key Cryptography 10 Classical Feistel Network • For each round i ( i =1,2,..., n ), compute • L i = R i- 1 • R i = L i- 1 ⊕ f(R i- 1 , K i ) where f is the round function and K i is the sub- key • decryption is accomplished via • R i- 1 = L i • L i- 1 = R i ⊕ f(R i- 1 , K i ) LN4: Symmetric Key Cryptography 11 Cipher Parameters • Fiestel Cipher depends on : – Block size: larger block sizes mean greater security – Key Size: larger key size means greater security – Number of rounds: multiple rounds offer increasing security, typically 16 rounds – Subkey generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis. – Round function: greater complexity means greater resistance to cryptanalysis Feistel Cipher Parameters LN4: Symmetric Key Cryptography 12 Symmetric Encryption Algorithms (DES) • Data Encryption Standard (DES) The most widely used encryption scheme The algorithm is referred to as the Data Encryption Algorithm (DEA) DES is a block cipher processed in 64-bit blocks 56-bits key – 8 parity bits are stripped off from the full 64-bit key (8 characters) 16 subkeys are generated for the 16 rounds Symmetric Encryption Algorithms
4 LN4: Symmetric Key Cryptography 13 DES Subkey Generation - round # 1 • drops 8 parity bits- effective key size becomes 56 bits • permutes the bits and divides into two 28-bits • rotates the bits left by single bit • permutes and extracts 48 bits as a subkey LN4: Symmetric Key Cryptography 14 DES Subkey Generation • One bit shift – round 1,2,9 and 16 • Two bit shift for the remaining rounds LN4: Symmetric Key Cryptography 15 DES Round • Each of the sixteen rounds takes a 64-bit block as input and produces a 64-bit block as output • The output from the initial permutation is the input to round one • Round one’s output is the input to round two • Round two’s output is the input to round three • … • The output from round sixteen is the 64-bit block of ciphertext LN4: Symmetric Key Cryptography 16 Single DES Round • Similar to Fiestel Cipher structure • 64-bit plaintext is divided into two 32-bit blocks (L &R) • L i is the unchanged R i-1 (previous round) • R i-1 goes through F function – E table-expanded to 48bits and permuted – 48 bits XORed with subkey K i – Substitution produces 32-bit > 8 S-boxes > each takes 6 bits and produces 4 bits > transformation is defined by substitution tables > different substitution table for each S-box – Permutes the output of S-box • R i is L i-1 XORed with permuted output K i
5 LN4: Symmetric Key Cryptography 17 DES Initial Permutation Table LN4: Symmetric Key Cryptography 18 Brute Force Attack: Exhaustive Key Search LN4: Symmetric Key Cryptography 19 Encryption Algorithms (Triple DES) • Apply DES algorithm three times • Use three keys and three executions of the DES algorithm (encrypt-decrypt-encrypt) C = ciphertext : E K [X] = encryption of X using key K P = Plaintext : D K [Y] = decryption of Y using key K • Key length of 168 bits = 3 * 56 • But, due to Meet-in-the-middle attack (see following slides), the
You've reached the end of your free preview.
Want to read all 20 pages?
- Three '18
- Cryptography, Advanced Encryption Standard, Block cipher, Symmetric Key Cryptography, Block cipher modes of operation