DES Encryption Algorithm

AES Evaluation Criteria

• Initial criteria: security, effort for practical cryptanalysis, cost in terms of computational efficiency, algorithm and implementation characteristics
• Final criteria: general security, ease of software and hardware implementation

AES Structure

• Data block of 4 columns of 4 bytes is the state
• Key is expanded to an array of words
• AES has 9/11/13 rounds in which state undergoes:
  • Byte substitution (1 S-box used on every byte)
  • Shift rows (permute bytes between groups/columns)
  • Mix columns (subs using matrix multiply of groups)
  • Add round key (XOR state with key material)
• Initial XOR key material and incomplete last round
• Fast XOR and table lookup implementation

AES Encryption Process

• Symmetric encryption principles
• Stream ciphers and RC4
• Cryptography and cryptanalysis
• Feistel cipher structure
• Data encryption standard
• Advanced encryption standard
• Algorithm details
• Key distribution

Comparison of Symmetric Algorithms

• AES, DES, and Triple DES
• Plaintext block size: 128 bits
• Ciphertext block size: 128 bits
• Key size: 128, 192, or 256 bits

DES General Structure

• Symmetric-key block cipher
• Adopted in 1977 by National Bureau of Standards (now NIST)
• Algorithm is referred to as the Data Encryption Algorithm (DEA)
• Minor variation of the Feistel network

DES Design Controversy

• Controversy over design, particularly in choice of 56-bit key
• Subsequent events and public analysis show design was appropriate
• Use of DES has flourished, especially in financial applications

Meet-in-the-Middle Attack

• Given a known pair (P,C), the attack proceeds as follows:
  • Encrypt all 256 possible values of K1, store results in a table
  • Decrypt C using all 256 possible values of K2
  • Check for matching between the two tables
• Solution: Triple DES with two keys

Triple DES (3DES)

• Repeats basic DES algorithm three times using either two or three unique keys
• First standardized for use in financial applications in ANSI standard X9.17 in 1985
• Attractions:
  • 168-bit key length overcomes vulnerability to brute-force attack of DES
  • Underlying encryption algorithm is the same as in DES
• Drawbacks:
  • Algorithm is sluggish in software
  • Uses a 64-bit block size

Advanced Encryption Standard (AES) Origins

• NIST issued a call for ciphers in 1997
• 15 candidates were accepted in June 1998
• 5 were shortlisted in August 1999
• Rijndael was selected as the winner in November 2001

Advanced Encryption Standard (AES)

• Designed by Rijmen-Daemen in Belgium
• Has 128/192/256-bit keys, 128-bit data
• An iterative rather than Feistel cipher
• Processes data as a block of 4 columns of 4 bytes (128 bits)
• Operates on the entire data block in every round
• Designed to be:
  • Resistant against known attacks
  • Speed and code compactness on many CPUs
  • Design simplicity