Network Security-Unit1.pdf

Full Transcript

Network Security
Unit –I
Network Security Introduction- OSI security architecture- classical encryption
techniques, cipher principles, Data Encryption Standards, Block Cipher Design
Principles and modes of Operation.

Computer Security:
The protection afforded to an automated information system in order to attain
the applicable objectives of preserving the integrity, availability, and confidentiality of
information system resources (includes hardware, software, firmware, information/
data, and telecommunications).

With the introduction of the computer, the need for automated tools for
protecting files and other information stored on the computer became evident. This is
especially the case for a shared system, and the need is even more acute for systems
that can be accessed over the Internet. The generic name for the collection of tools
designed to protect data and to thwart hackers is computer security.

Network security is a set of rules and configurations designed to protect the integrity,
confidentiality and accessibility of computer networks and data using both software
and hardware technologies.

The basic principle of network security is protecting huge stored data and networks in
layers that ensure the bedding of rules and regulations that have to be acknowledged
before performing any activity on the data.

Types of Network Security:
The few types of network securities are discussed below :
1. Access Control: Not every person should have a complete allowance for the
accessibility to the network or its data. One way to examine this is by going
through each personnel’s details. This is done through Network Access Control
which ensures that only a handful of authorized personnel must be able to work
with the allowed amount of resources.

2. Antivirus and Anti-malware Software: This type of network security
ensures that any malicious software does not enter the network and jeopardize
the security of the data. The malicious software like Viruses, Trojans, and
Worms is handled by the same. This ensures that not only the entry of the
malware is protected but also that the system is well equipped to fight once it
has entered.

3. Cloud Security: Now a day, a lot many organizations are joining hands with
cloud technology where a large amount of important data is stored over the
internet. This is very vulnerable to the malpractices that few unauthorized
dealers might pertain. This data must be protected and it should be ensured that
this protection is not jeopardized by anything. Many businesses embrace SaaS

1
 applications for providing some of their employees the allowance of accessing
the data stored over the cloud. This type of security ensures creating gaps in the
visibility of the data.

OSI Security Architecture-
OSI Security Architecture defines the well-planned standard architecture for security
features in computer networking.

Need of OSI Architecture:
Below listed are the needs for OSI Architecture in an organization:

1. Security Needs:
 OSI Architecture caters to the security needs of an organization.
 Safety and security are ensured by OSI Architecture to prevent risk and threats.
2. Systematic Arrangement:
 OSI Architecture gives a systematic approach to the security requirements of
an organization.
 Security policies are well maintained through OSI Architecture.
3. Centralised Processing:
 OSI Architecture maintains a central processing environment.
 LAN and WAN help in the Centralised Processing of OSI Architecture.

Benefits of OSI Architecture:

Below listed are the benefits of OSI Architecture in an organization:
1. Providing Security:
 OSI Architecture in an organization provides the needed security and safety,
preventing potential threats and risks.
 Managers can easily take care of the security and there is hassle-free security
maintenance done through OSI Architecture.
2. Organising Task:
 Managers get the opportunity to organize tasks in an organization effectively.
 A well-planned standard architecture for security features enhances
performance.
3. Meets International Standards:
 Security services are defined and recognized internationally meeting
international standards.
 The standard definition of requirements defined using OSI Architecture is
globally accepted.

Three Pillars of OSI Security Architecture:
OSI Security Architecture is categorized into three broad categories mentioned
- Security Attacks, Security mechanisms, and Security Services.

1. Security attack: Any action that compromises the security of information owned
by an organization.

2
Passive attacks: are in the nature of eavesdropping on, or monitoring of,
transmissions.The goal of the opponent is to obtain information that is being
transmitted.
Two types of passive attacks are the
- release of message contents and traffic Analysis

Active Attacks:
Active attacks involve some modification of the data stream or the creation of a false
stream and can be subdivided into four categories: masquerade, replay, modification
of messages, and denial of service.
- A masquerade takes place when one entity pretends to be a different entity. A
masquerade attack usually includes one of the other forms of active attack. For
example, authentication sequences can be captured and replayed after a valid
authentication sequence has taken place, thus enabling an authorized entity with
few privileges to obtain extra privileges by impersonating an entity that has
those privileges.

- Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.

3
 - Modification of messages simply means that some portion of a legitimate
message is altered, or that messages are delayed or reordered, to produce an
unauthorized effect. For example, a message meaning “Allow John Smith to
read confidential file accounts” is modified to mean “Allow Fred Brown to read
confidential file accounts.”

- The denial of service prevents or inhibits the normal use or management of
communications facilities. This attack may have a specific target for example; an
entity may suppress all messages directed to a particular destination

-

-
2. Security Mechanism

4
The mechanism that is built to identify any breach of security or attack on the
organization is called a security mechanism. Security Mechanisms are also
responsible for providing ways in which an attack can be prevented as soon as it is
detected.
Security mechanism is a mechanism that is designed to detect, prevent, or recover
from a security attack.

3. Security Services:
Security services refer to the different services available for maintaining the security
and safety of an organization. They help in preventing any potential risks to security.
Security services are divided into 5 types:
 Authentication is the most basic service to ensure that desired permission is
well verified and safe
 Access Control ensures that only authorized users have access to the available
resources.
 Data Confidentiality is responsible for ensuring that the data is kept extremely
safe from third-party intruders.
 Data Integrity ensures that the transmitted information received by the
receiver is well- authenticated and there is no tampering with the information
received.
 Non- repudiation restricts the forwarding of the transmitted message by either
of the parties( sender and receiver).

5
Some basic terminology of network security and cryptography

Cryptography
The many schemes used for encryption constitute the area of study known as cryptography

Crypt analysis
Techniques used for deciphering a message without any knowledge of the enciphering details

Cryptology
The areas of cryptography and cryptanalysis together are called cryptology

Cipher
Encryption scheme is known as a cryptographic system or a cipher

Plain Text
This is the original intelligible message or data that is fed into the algorithm as input.

Cipher Text
This is the scrambled message produced as output. It depends on the plaintext and the secret
key. For a given message, two different keys will produce two different cipher texts. The
cipher text is an apparently random stream of data and, as it stands, is unintelligible.

Secret key
The secret key is also input to the encryption algorithm. The key is a value independent of the
plaintext and of the algorithm. The algorithm will produce a different output depending on
the specific key being used at the time. The exact substitutions and transformations
performed by the algorithm depend on the key.

Encryption
The process of converting from plaintext to cipher text

Decryption
The process of restoring the plaintext from the cipher text

Enciphering Algorithm
The encryption algorithm performs various substitutions and transformations on the plaintext

Deciphering Algorithm
This is essentially the encryption algorithm run in reverse. It takes the cipher text and the secret
key and produces the original plaintext.

6
Threat
A potential for violation of security which exists when there is a circumstance, capability,
action, or event, that could breach security and cause harm. That is, a threat is a possible
danger that might exploit vulnerability.

Attack
An assault on system security that derives from an intelligent threat; that is, an intelligent act
that is a deliberate attempt (especially in the sense of a method or technique) to evade
security services and violate the security policy of a system.

Security attack: Any action that compromises the security of information owned by an
organization.

Security mechanism: A process (or a device incorporating such a process) that is designed
to detect, prevent, or recover from a security attack.

Security service: A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization. The services are
intended to counter security attacks, and they make use of one or more security mechanisms
to provide the service.

Principles of Security Symmetric Cipher Model

A symmetric encryption scheme has five ingredients. They are Plain Text, Encryption
Algorithm, Secret Key, Decryption Algorithm, Cipher Text
There are two requirements for secure use of conventional encryption:
We need a strong encryption algorithm. At a minimum, we would like the algorithm to be
such that an opponent who knows the algorithm and has access to one or more cipher
texts would be unable to decipher the cipher text or figure out the key.
Sender and receiver must have obtained copies of the secret key in a secure fashion and
must keep the key secure. If someone can discover the key and knows the algorithm, all
communication using this key is readable.

Fig. 2.1 Model of Symmetric Encryption

7
Fig. 2.2 Model of Symmetric Cryptosystem
Confidentiality: This term covers two related concepts:
Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.

Privacy: Assures that individuals control or influence what information related to
them may be collected and stored and by whom and to whom that information may be
disclosed.

Authentication: The assurance that the communicating entity is the one that it claims to be.
Peer Entity Authentication: Used in association with a logical connection to provide
confidence in the identity of the entities connected.
Data-Origin Authentication: In a connectionless transfer, provides assurance that the
source of received data is as claimed.
Integrity: This term covers two related concepts:
Data integrity: Assures that information and programs are changed only in a specified
and authorized manner.

System integrity: Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of
the system.

Non-repudiation
Provides protection against denial by one of the entities involved in a communication of
having participated in all or part of the communication.
Nonrepudiation, Origin: Proof that the message was sent by the specified party

8
 Nonrepudiation, Destination: Proof that the message was received by the specified
party

Access Control
The prevention of unauthorized use of a resource (i.e., this service controls who can have
access to a resource, under what conditions access can occur, and what those accessing the
resource are allowed to do). DATA

Availability
Assures that systems work promptly and service is not denied to
authorized users.

2.1 Cryptography Classifications:

2.2 Types of cryptanalysis: Cryptanalysis is the science of recovering the plaintext of a
message without access to the key. Successful cryptanalysis may recover the plaintext or the
key. The two basic categories of cryptanalysis are 1. Linear Cryptanalysis and 2. Differential
cryptanalysis
Linear Cryptanalysis: Linear cryptanalysis is a known plaintext attack, in which the
attacker studies probabilistic linear relations known as linear approximations between parity
bits of the plaintext, the Ciphertext and the secrete key. In this technique, the attacker obtains
high probability approximations for the parity bit of the secrete key by analysing the parity
bits of the known plaintexts and cipher texts. By use of several techniques such as the
auxiliary technique, the attacker can extend the attack to find more bits of the secret key.
Differential Cryptanalysis: Differential cryptanalysis can be described as a general form of
cryptanalysis that is primarily applicable to block ciphers, cryptographic hash functions. In
other words, it entails a careful analysis of how differences in information input can affect the
resulting difference at the output. In block cipher, differential analysis can be described as a
set of techniques for tracing differences through the network of transformation, discovering
where the cipher exhibits what is known as non-random behaviour and exploiting such details
to recover the secrete key (cryptography key). In the process, observing the desired output
difference between the two chosen or unknown plaintext inputs suggests possible key values.

9
2.3 Classical Encryption Techniques
2.3.1 Substitution Cipher
A substitution technique is one in which the letters of plaintext are replaced by other letters or
by numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution
involves replacing plaintext bit patterns with cipher text bit patterns.

Caesar Cipher
The earliest known use of a substitution cipher, and the simplest, was by Julius Caesar. The
Caesar cipher involves replacing each letter of the alphabet with the letter standing three
places further down the alphabet.

For example,
Plain text : meet me after the toga party
Cipher Text : PHHW PH DIWHU WKH WRJD SDUWB

Note that the alphabet is wrapped around, so that the letter following Z is A. We can define
the transformation by listing all possibilities, as follows:

Plain Text: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher Text: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Let us assign a numerical equivalent to each letter:
A b c d e F g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
N o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23 24 25

Then the algorithm can be expressed as follows.
For each plaintext letter p, substitute the cipher text letter C
C = E(3, p) = (p + 3) mod 26

A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26
where k takes on a value in the range 1 to 25.

The decryption algorithm is simply
p = D(k, C) = (C k) mod 26
If it is known that a given cipher text is a Caesar cipher, then a brute-force cryptanalysis is
easily performed: Simply try all the 25 possible keys.

Three important characteristics of this problem enabled us to use a brute-force cryptanalysis:
The encryption and decryption algorithms are known.
There are only 25 keys to try.
The language of the plaintext is known and easily recognizable.

10
Play Fair Cipher
The best-known multiple-letter encryption cipher is the Play fair, which treats digrams in the
plaintext as single units and translates these units into cipher text digrams. The Play fair
algorithm is based on the use of a 5 x 5 matrix of letters constructed using a keyword.

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

In this case, the keyword is monarchy.

The matrix is constructed by filling in the letters of the keyword (minus duplicates) from left
to right and from top to bottom, and then filling in the remainder of the matrix with the
remaining letters in alphabetic order. The letters I and J count as one letter.

Plaintext is encrypted two letters at a time, according to the following rules:

Repeating plaintext letters that are in the same pair are separated with a filler letter,
such as x, so that balloon would be treated as ba lx lo on
Two plaintext letters that fall in the same row of the matrix are each replaced by the
letter to the right, with the first element of the row circularly following the last. For
example, ar is encrypted as RM
Two plaintext letters that fall in the same column are each replaced by the letter
beneath, with the top element of the column circularly following the last. For
example, mu is encrypted as CM
Otherwise, each plaintext letter in a pair is replaced by the letter that lies in its own
row and the column occupied by the other plaintext letter. Thus, hs becomes BP and
ea becomes IM (or JM, as the encipherer wishes)

Hill cipher
Another interesting multi-letter cipher is the Hill cipher, developed by the mathematician
Lester Hill in 1929. The encryption algorithm takes m successive plaintext letters and
substitutes for them m cipher text letters.

The substitution is determined by m linear equations in which each character is assigned a
numerical value (a = 0, b = 1... z = 25).
For m = 3, the system can be described as follows:

c1 = (k11P1 + k12P2 + k13P3) mod 26
c2 = (k21P1 + k22P2 + k23P3) mod 26
c3 = (k31P1 + k32P2 + k33P3) mod 26

11
This can be expressed in term of column vectors and matrices:

C1 k11 k12 k13
C2 P1 P2 P3 k21 k22 k23 mod26
C3 k31 k32 k33

Or

C = PK mod 26
where C and P are column vectors of length 3, representing the plaintext and cipher text, and
K is a 3 x 3 matrix, representing the encryption key. Operations are performed in mod 26.

P = D(K, C) = CK-1 mod 26 = PKK-1 = P

One Time Pad
An Army Signal Corp officer, Joseph Mauborgne suggested using a random key that is as
long as the message, so that the key need not be repeated. In addition, the key is to be used
to encrypt and decrypt a single message, and then is discarded. Each new message requires a
new key of the same length as the new message. Such a scheme, known as a one-time pad, is
unbreakable.

It produces random output that bears no statistical relationship to the plaintext. Because the
cipher text contains no information whatsoever about the plaintext, there is simply no way to
break the code.

An example should illustrate our point. Suppose that we are using a 27 characters in which
the twenty-seventh character is the space character, but with a one-time key that is as long as
the message.

Consider the
cipher text : ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
We now show two different decryptions using two different keys:

key 1: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih
plain text: mr mustard with the candlestick in the hall
key 2: mfugpmiydgaxgoufhklllmhsqdqogtewbqfgyovuhwt
plain text: miss scarlet with the knife in the library

If the actual key were produced in a truly random fashion, then the cryptanalyst cannot say
that one of these two keys is more likely than the other. Thus, there is no way to decide which
key is correct and therefore which plaintext is correct. Therefore, the code is unbreakable.

2.3.2 Transposition Cipher
A kind of mapping is achieved by performing some sort of permutation on the plaintext
letters. This technique is referred to as a transposition cipher.

12
Rail Fence Technique
The simplest transposition cipher is the rail fence technique, in which the plaintext is written
down as a sequence of diagonals and then read off as a sequence of rows.

For example,
to encipher the message "meet me after the toga party" with a rail fence of depth 2, we
write the following:
m e m a t r h t g p r y
e t e f e t e o a a t

The encrypted message is

Simple Columnar Technique
A more complex scheme is to write the message in a rectangle, row by row, and read the
message off, column by column, but permute the order of the columns. The order of the
columns then becomes the key to the algorithm.
For example,
Key: 3 4 2 1 5 6 7
Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z

1 2 3 4 5 6 7
1 a t t a c k p
2 o s t p o n e
3 d u n t i l t
4 w o a m x y z

Cipher text: TTNAAPTMTSUOAODWCOIXKNLYPETZ

A pure transposition cipher is easily recognized because it has the same letter frequencies as
the original plaintext.

For the type of columnar transposition just shown, cryptanalysis is fairly straightforward and
involves laying out the cipher text in a matrix and playing around with column positions.
Digram and trigram frequency tables can be useful.

The transposition cipher can be made significantly more secure by performing more than one
stage of transposition. The result is a more complex permutation that is not easily
reconstructed.
Thus, if the foregoing message is re-encrypted using the same algorithm,

Key: 3 4 2 1 5 6 7

1 2 3 4 5 6 7

13
 1 t t n a p t m
2 t t s u o a o
3 d w c o i x k
4 n l y p e t z

Cipher text: NSCYAUOPTTWLTTDNPOIETAXTMOKZ

2.4 Comparison of Stream Ciphers and Block Ciphers

A stream cipher is one that encrypts a digital data stream one bit or one byte at a time.
Examples of classical stream ciphers are the autokeyed Vigenère cipher and the Vernam
cipher.

In the ideal case, a one-time pad version of the Vernam cipher would be used, in which the
keystream is as long as the plaintext bit stream. If the cryptographic keystream is random,
then this cipher is unbreakable by any means other than acquiring the keystream. However,
the keystream must be provided to both users in advance via some independent and secure
channel. This introduces insurmountable logistical problems if the intended data traffic is
very large.
Accordingly, for practical reasons, the bit-stream generator must be implemented as an
algorithmic procedure, so that the cryptographic bit stream can be produced by both users. In
this approach, the bit-stream generator is a key-controlled algorithm and must produce a bit
stream that is cryptographically strong. Now, the two users need only share the generating
key, and each can produce the keystream.

Fig.2.1 Stream Cipher using algorithmic bit-stream generator

A block cipher is an encryption/decryption scheme in which a block of plaintext is treated as
a whole and used to produce a cipher text block of equal length. Typically, a block size of 64
or 128 bits is used. In general, they seem applicable to a broader range of applications than
stream ciphers. The vast majority of network-based symmetric cryptographic applications
make use of block ciphers.

14
 Fig.2.2 Block Cipher

Feistel Block Cipher
Feistel proposed that we can approximate the ideal block cipher by utilizing the concept of a
product cipher, which is the execution of two or more simple ciphers in sequence in such a
way that the final result or product is cryptographically stronger than any of the component
ciphers The essence of the approach is to develop a block cipher with a key length of k bits
and a block length of bits, allowing a total of 987possible transformations, rather than the !
transformations available with the ideal block cipher.
In particular, Feistel proposed the use of a cipher that alternates substitutions and
permutations, where these terms are defined as follows:
Substitution: Each plaintext element or group of elements is uniquely replaced by a
corresponding ciphertext element or group of elements.
Permutation: A sequence of plaintext elements is replaced by a permutation of that
sequence. That is, no elements are added or deleted or replaced in the sequence, rather the
order in which the elements appear in the sequence is changed.

product cipher that alternates confusion and diffusion functions.

Diffusion: A cryptographic technique that seeks to obscure the statistical structure of the
plaintext by spreading out the influence of each individual plaintext digit over many cipher
text digits.

Confusion: A cryptographic technique that seeks to make the relationship between the
statistics of the cipher text and the value of the encryption key as complex as possible. This is
achieved by the use of a complex scrambling algorithm that depends on the key and the input.

Figure 2.3 depicts the structure proposed by Feistel. The inputs to the encryption algorithm
are a plaintext block of length 2w bits and a key.The plaintext block is divided into two
halves L0 and R0. The two halves of the data pass through rounds of processing and then
combine to produce the ciphertext block. Each round i has as inputs Li-1 and Ri-1 derived from
the previous round, as well as a subkey Ki derived from the overall K. In general, the subkeys
Ki are different from K and from each other. In Figure 2.3, 16 rounds are used, although any
number of rounds could be implemented.

All rounds have the same structure. A substitution is performed on the left half of the data.
This is done by applying a round function F to the right half of the data and then taking the
exclusive-OR of the output of that function and the left half of the data. The round function
has the same general structure for each round but is parameterized by the round subkey Ki.
Another way to express this is to say that F is a function of right-half block of w bits and a

15
subkey of y bits, which produces an output value of length w bits: F(REi, Ki+1). Following
this substitution, a

Fig.2.3 Feistel Encryption and Decryption

The exact realization of a Feistel network depends on the choice of the following
parameters and design features:
Block size: Larger block sizes mean greater security (all other things being equal) but
reduced encryption/decryption speed for a given algorithm. The greater security is achieved
by greater diffusion. Traditionally, a block size of 64 bits has been considered a reasonable

16
 trade off and was nearly universal in block cipher design. However, the new AES uses a 128-
bit block size.
Key size: Larger key size means greater security but may decrease encryption/ decryption
speed. The greater security is achieved by greater resistance to brute-force attacks and greater
confusion. Key sizes of 64 bits or less are now widely considered to be inadequate, and 128
bits has become a common size.
Number of rounds: The essence of the Feistel cipher is that a single round offers
inadequate security but that multiple rounds offer increasing security. A typical size is 16
rounds.
Subkey generation algorithm: Greater complexity in this algorithm should lead to greater
difficulty of cryptanalysis.
Round function F: Again, greater complexity generally means greater resistance to
cryptanalysis.

There are two other considerations in the design of a Feistel cipher:
Fast software encryption/decryption: In many cases, encryption is embedded in
applications or utility functions in such a way as to preclude a hardware implementation.
Accordingly, the speed of execution of the algorithm becomes a concern.
Ease of analysis: Although we would like to make our algorithm as difficult as possible to
cryptanalyze, there is great benefit in making the algorithm easy to analyze. That is, if the
algorithm can be concisely and clearly explained, it is easier to analyze that algorithm for
cryptanalytic vulnerabilities and therefore develop a higher level of assurance as to its
strength. DES, for example, does not have an easily analyzed functionality.

Block Cipher Design Principles:
A block cipher is one in which a block of plaintext is treated as a whole and used to produce a cipher text
block of equal length.
Typically a block size of 64 or 128 bits is used.

o A block cipher operates on a plaintext block of n bits to produce a cipher-text block of n bits.
There are 2n possible different plaintext blocks and, for the encryption to be reversible (i.e., for
decryption to be possible), each must produce a unique ciphertext block. Such a transformation is
called reversible, or nonsingular.

17
1. Number of Rounds
This block cipher design principle indicates the overall strength of the ciphering algorithm. The more the
number of rounds, the greater is the strength of the block cipher – making it more difficult to break into or
decrypt the algorithm.

In the event of a weak Function F design, the number of rounds can determine how easy (or difficult) it is to
break into the algorithm.

Simultaneously, a higher number of rounds can also make the encryption and decryption process slow and
inefficient.
this design principle is always a trade between efficiency and security.

2. Function F Design
Based on the Feistel structure, the entire encryption process consists of multiple rounds of plain text
processing – where the input block of each round is denoted by two halves namely, L (for left half) and R
(for right half).
Function F is essentially an encrypting function that takes in the encryption key “K” and “R” as the inputs
and produces the encrypted output.
It is the block cipher design principle that determines security.
Function F should be designed in such a way that it cannot be unscrambled or substituted. The higher the
non-linearity of function F, the more is its strength.
In other words, this function must be designed based on the bit independence criteria, meaning the output
bits must be independently changed whenever there is any change in the input bits.

3. Key Schedule Algorithm
The key schedule algorithm calculates the round keys.
This algorithm differs according to the block ciphering schemes or methods.
For example, the key schedule algorithm in the DES scheme divides the 56-bit key into two halves of 28-bit
each.
Similarly, the Serpent algorithm uses the 256-bit key for generating 132 words with a length of 32 bits.

18
Block Cipher Modes of Operation
When multiple blocks of plaintext are encrypted using the same key, a number of security
issues arise. To apply a block cipher in a variety of applications, five modes of operation have
been defined by NIST. In essence, a mode of operation is a technique for enhancing the effect
of a cryptographic algorithm or adapting the algorithm for an application, such as applying a
block cipher to a sequence of data blocks or a data stream.

(i) Electronic Code Book (ECB) Mode
This mode is a most straightforward way of processing a series of sequentially listed message
blocks.
Operation
The user takes the first block of plaintext and encrypts it with the key to produce the
first block of cipher text.
He then takes the second block of plaintext and follows the same process with same
key and so on so forth.
The ECB mode is deterministic
under the same key, the output cipher text blocks will be the same.
In fact, for a given key technically we can create a codebook of cipher texts for all possible
plaintext blocks. Encryption would then entail only looking up for required plaintext and
select the corresponding cipher text. Thus, the operation is analogous to the assignment of
code words in a codebook, and hence gets an official name: Electronic Codebook mode of
operation (ECB). It is illustrated as follows:

19
Fig.2.4 ECB - Encryption and Decryption

20
(ii) Cipher Block Chaining (CBC) Mode
CBC mode of operation provides message dependence for generating ciphertext and makes
the system non-deterministic.
Operation
The operation of CBC mode is depicted in the following illustration. The steps are as follows:
Load the n-bit Initialization Vector (IV) in the top register
XOR the n-bit plaintext block with data value in top register
Encrypt the result of XOR operation with underlying block cipher with key K.
Feed cipher text block into top register and continue the operation till all plaintext
blocks are processed
For decryption, IV data is XORed with first cipher text block decrypted. The first
cipher text block is also fed into to register replacing IV for decrypting next cipher
text block

21
Fig.2.5 CBC - Encryption and Decryption

22
(iii) Cipher Feedback (CFB) Mode
In this mode, each ciphertext block ‘fed back’ into the next plaintext block in order to gets
encryption process encrypt the next plaintext block.

Operation
The operation of CFB mode is depicted in the following illustration. For example, in the

an initialization vector (IV) as the initial random n-bit input block. The IV need not be secret.
Steps of operation are:
 Load the IV in the top register
 Encrypt the data value in top register with underlying block cipher with key K
 Take only ‘s’ number of most significant bits (left bits) of output of encryption process and XOR
them with ‘s’ bit plaintext message block to generate cipher text block.
 Feed cipher text block into top register by shifting already present data to the left and
continue the operation till all plaintext blocks are processed
 Essentially, the previous cipher text block is encrypted with the key, and then the
result is XORed to the current plaintext block
Similar steps are followed for decryption. Pre-decided IV is initially loaded at the start
of decryption

23
Fig.2.6 CFB - Encryption and Decryption

(iv) Output Feedback (OFB) Mode
It involves feeding the successive output blocks from the underlying block cipher back to it.
These feedback blocks provide string of bits to feed the encryption algorithm which act as the
key-stream generator as in case of CFB mode.

The key stream generated is XOR-ed with the plaintext blocks. The OFB mode requires an
IV as the initial random n-bit input block. The IV need not be secret.

The operation is depicted in the following illustration:

24
Fig.2.7 OFB - Encryption and Decryption

(v) Counter (CTR) Mode
It can be considered as a counter-based version of CFB mode without the feedback. In this
mode, both the sender and receiver need to access to a reliable counter, which computes a
new shared value each time a cipher text block is exchanged. This shared counter is not
necessarily a secret value, but challenge is that both sides must keep the counter
synchronized.
Operation
Both encryption and decryption in CTR mode are depicted in the following illustration. Steps
in operation are:
Load the initial counter value in the top register is the same for both the sender and
the receiver. It plays the same role as the IV in CFB (and CBC) mode
Encrypt the contents of the counter with the key and place the result in the bottom
register

25
 Take the first plaintext block P1 and XOR this to the contents of the bottom register
The result of this is C1. Send C1 to the receiver and update the counter. The counter
update replaces the cipher text feedback in CFB mode
Continue in this manner until the last plaintext block has been encrypted.
The decryption is the reverse process. The cipher text block is XORed with the output
of encrypted contents of counter value. After decryption of each cipher text block
counter is updated as in case of encryption

Fig.2.8 CTR - Encryption and Decryption

26
 Table 2.1: Block Cipher Modes of Operation

2.5 Data Encryption Standard

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the
National Institute of Standards and Technology (NIST).

DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block
size is 64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since
8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits
only). General Structure of DES is depicted in the following illustration:

27
 Fig.2.9 DES Structure

Since DES is based on the Feistel Cipher, all that is required to specify DES is:

Round function
Key schedule

Initial and Final Permutation
The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses
of each other. They have no cryptography significance in DES. The initial and final
permutations are shown as follows:

Fig.2.10 Initial Permutation

28
 Fig.2.11 Final Permutation
Details of one round in DES

Fig.2.12 One Round in DES

Round Function (F):
The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the
rightmost 32 bits to produce a 32-bit output.

29
Fig.2.13 Round function

Expansion Permutation Box 32-bit and round key is a 48-bit,
we first need to expand right input to 48 bits. Permutation logic is graphically
depicted in the following illustration

Fig.2.14 Expansion Permutation

The graphically depicted permutation logic is generally described as table in DES
specification illustrated as shown:

Fig.2.15 Expansion Permutation Table

30
 XOR (Whitener). operation on
the expanded right section and the round key. The round key is used only in this
operation.

Substitution Boxes. -boxes carry out the real mixing (confusion). DES uses
8 S-boxes, each with a 6-bit input and a 4-bit output. Refer the following illustration

Fig.2.16 Substitution

The S-box rule is illustrated below

Fig.2.17 S-box rule

There are a total of eight S-box tables. The output of all eight s-boxes is then
combined in to 32-bit section.

31
Fig.2.18 S-boxes

32
 Straight Permutation -bit output of S-boxes is then subjected to the
straight permutation with rule shown in the following illustration:

Fig.2.19 Permutation Table

Key Generation
The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of
key generation is depicted in the following illustration

Fig.2.20 Key Generation

33