DESTRIPLE DES.pdf
Transcript
DES/TRIPLE DES Tuesday, 25 August 2020 10:17 AM Block ciphers - ie they take fixed-size blocks of plaintext and uses a key to generate a block of ciphertext bits, generally of same size. The last block needs to be padded with redundant information to make it up to the block size eg 64 bits. DE...
DES/TRIPLE DES Tuesday, 25 August 2020 10:17 AM Block ciphers - ie they take fixed-size blocks of plaintext and uses a key to generate a block of ciphertext bits, generally of same size. The last block needs to be padded with redundant information to make it up to the block size eg 64 bits. DES, Triple DES, AES, Blowfish and Twofish are all block ciphers. Fiestal Block Cipher (eg DES and Triple DES, Blowfish/Twofish) Divides each block in 2 - a right and left side. Substitution: One side (L) is encrypted using an encryption function which uses the right side (R) and a key, while the other side (R) remains unchanged. The output is then XOR'd. (with the round key) Permutation: the two sides are swapped The process is repeated for as many rounds as required. In practice, eg DES, each round uses a different key which is a subkey of the whole encryption key. Decrypting - take the encrypted message and run it through the same process and it comes out decrypted! More rounds in a FiestaL cipher gives more security but makes it slower. DES The Data Encryption Standard (DES) is a symmetric-key block cipher. DES uses 16 round Feistel structure. The block size is 64-bit. Key length is also 64-bit, but DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm. Each round's key is a 48 bit subkey of the 56 bit original key. IA3 Activities 3 Page 1 Triple DES The speed of exhaustive key searches against DES after 1990 began to cause discomfort amongst users of DES. However, users did not want to replace DES as it takes an enormous amount of time and money to change encryption algorithms that are widely adopted and embedded in large security architectures. The pragmatic approach was not to abandon the DES completely, but to change the manner in which DES is used. This led to the modified schemes of Triple DES. IA3 Activities 3 Page 2 So if the 2nd step is to reverse the cipher why do it? Wouldn't you end up with the original plaintext, negating step 1? No - because it uses a different key. A replacement for DES was needed as its key size was too small. With increasing computing power, it was considered vulnerable against exhaustive key search attack. Triple DES was designed to overcome this drawback but it was found slow. AES (Advanced Encryption Standard) The features of AES are as follows − Symmetric key symmetric block cipher 128-bit data, 128/192/256-bit keys Stronger and faster than Triple-DES Provide full specification and design details Software implementable in C and Java AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). AES performs all its computations on bytes rather than bits. The number of rounds in AES is variable and depends on the length of the key. AES uses 10 rounds IA3 Activities 3 Page 3 The number of rounds in AES is variable and depends on the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key. IA3 Activities 3 Page 4
