lecture 7.pdf

Full Transcript

1

University of Science and Technology
Faculty of Computer Science and Information Technology
Department of Information and Communication Technology
Lecture (7)

Block Ciphers and the Data Encryption
Standard

Instructor: Mashair Omer
2 Modern Block Ciphers
We will now look at modern block ciphers
one of the most widely used types of
cryptographic algorithms
provide secrecy and/or authentication
services
in particular will introduce DES (Data
Encryption Standard)
3 Block vs Stream Ciphers
block ciphers process messages in into
blocks, each of which is then
en/decrypted like a substitution on very
big characters 64-bits or more
stream ciphers process messages a bit or
byte at a time when en/decrypting
many current ciphers are block ciphers
4
Block Cipher Principles
 most symmetric block ciphers are based on a Feistel
Cipher Structure.
 using idea of a product cipher
 Claude Shannon and Substitution-Permutation Ciphers
 in 1949 Claude Shannon introduced idea of substitution-
permutation (S-P) networks
 modern substitution-transposition product cipher
 these form the basis of modern block ciphers
 S-P networks are based on the two primitive cryptographic
operations we have seen before:
 substitution (S-box)
 permutation (P-box)
 provide confusion and diffusion of message
5
Confusion and Diffusion

cipher needs to completely obscure
statistical properties of original message
a one-time pad does this
more practically Shannon suggested
combining elements to obtain:
diffusion – dissipates statistical structure of
plaintext over bulk of cipher text
confusion – makes relationship between
cipher text and key as complex as possible
 Feistel Cipher Structure
6
Horst Feistel devised the feistel cipher
based on concept of invertible product
cipher
partitions input block into two halves
process through multiple rounds
perform a substitution on left data half
based on round function of right half &
subkey
then have permutation swapping halves
implements Shannon’s substitution-
permutation network concept
 Feistel Cipher Structure
7
 Feistel Cipher Design Principles:
8
 block size
 increasing size improves security, but slows cipher
 key size
 increasing size improves security, makes exhaustive key searching
harder, but may slow cipher
 number of rounds
 increasing number improves security, but slows cipher
 subkey generation
 greater complexity can make analysis harder, but slows cipher
 round function
 greater complexity can make analysis harder, but slows cipher
 fast software en/decryption & ease of analysis
 are more recent concerns for practical use and testing
 Feistel Cipher Decryption
9
10 Data Encryption Standard
 The most widely used encryption scheme is based on the Data
Encryption Standard
 1967: Feistel at IBM
 Lucifer: block size 128; key size 128 bit
 1972: NBS asks for an encryption standard
 1975: IBM developed DES (modification of Lucifer) block size 64
bits; key size 56 bits
 1975: NSA suggests modifications
 1977: NBS adopts DES as encryption standard in (FIPS 46-1, 46-
2).
 2001: NIST adopts Rijndael as replacement to DES.
11
DES Features

 Block size = 64 bits
 Key size = 56 bits (in reality, 64 bits, but 8 are used
as parity-check bits for error control, see next slide)
 Number of rounds = 16
 16 intermediary keys, each 48 bits