symmetric encryption - school of computing and …carbunar/teaching/cnt4403.s...symmetric encryption...

CNT-4403: 19.March.2015 1

Week 9

Cryptography

Symmetric Encryption

Stallings: Ch 3 & 6

Stallings: Ch 4

CNT-4403: 19.March.2015 2

Symmetric Ciphers

Multiple Encryption

Modes of Operation

Today’s Class

CNT-4403: 19.March.2015 3

Symmetric Cryptosystems

Plaintext

Encryption

Algorithm

Encryption Key Decryption Key

Plaintext

Decryption

Algorithm =

CNT-4403: 19.March.2015 4

Stream Ciphers

Block Ciphers

Symmetric Ciphers

CNT-4403: 19.March.2015 5

Encrypt one bit (byte) at a time

Example: Vigenere, Vernam

Length of key = length of (clear/cipher) text

Hard to share between sender and receiver

Stream Ciphers

Plaintext

Pi

Ciphertext

Ci

Key ki

Plaintext

Pi

Key ki

Plaintext Plaintext

Bit-stream

generator Key (K)

Bit-stream

generator Key (K)

CNT-4403: 19.March.2015 6

Encrypt one block of text at a time

64-128 bit long

Encryption key = Decryption key

Shared by sender and receiver

Block Ciphers

Encryption

Algorithm

Key (K)

64 bits

Plaintext

64 bits

Ciphertext

Focus: Block Ciphers!

CNT-4403: 19.March.2015 7

Block Cipher Principles

n bit input to n bit output

2n possible inputs

Each must produce a unique cipertext

Otherwise encryption is not reversible

No decryption possible

CNT-4403: 19.March.2015 8

Ideal Block Cipher

Need 2n table to encrypt!

CNT-4403: 19.March.2015 9

Introduced by Horst Feistel

16 + 1 rounds

Feistel Cipher

Plaintext

F K1

LE0 RE0

LE1=RE0 RE1

What is F ?

Li = Ri–1

Ri = Li–1 F(Ri–1, Ki)

CNT-4403: 19.March.2015 10

Feistel Cipher Structure

CNT-4403: 19.March.2015 11

Most widely used block cipher in world

Adopted in 1977 by NBS (now NIST) As FIPS PUB 46

Encrypts 64-bit data using 56-bit key

Has been considerable controversy over its security

Data Encryption Standard (DES)

CNT-4403: 19.March.2015 12

IBM developed Lucifer cipher

Team led by Feistel in late 60’s

Used 64-bit data blocks with 128-bit key

Redeveloped as a commercial cipher with input from NSA and others

1973: National Bureau of Standards (NBS) issued request for proposals for a national cipher standard IBM submitted their revised Lucifer which was

eventually accepted as the DES

DES History

CNT-4403: 19.March.2015 13

DES standard is public

Considerable controversy over design Choice of 56-bit key (vs Lucifer 128-bit)

Design criteria were classified

Subsequent events and public analysis show in fact design was appropriate

Use of DES has flourished Especially in financial applications

Still standardised for legacy application use

To be replaced by AES

DES Controversy

CNT-4403: 19.March.2015 14

DES Encryption

CNT-4403: 19.March.2015 15

First step of the data computation

IP reorders the input data bits

Even bits to LH half, odd bits to RH half

Quite regular in structure (easy in h/w)

Example:

IP(675a6967 5e5a6b5a) = (ffb2194d 004df6fb)

Initial Permutation (IP)

CNT-4403: 19.March.2015 16

Uses two 32-bit L & R halves

Feistel cipher: Li = Ri–1

Ri = Li–1 F(Ri–1, Ki)

DES “Round” Structure

CNT-4403: 19.March.2015 17

DES Structure: Function F

Expands R to 48-bits using perm E

Adds to subkey using XOR

8 S-boxes to get 32-bit result

Finally permutes using 32-bit perm P

F takes 32-bit R half and 48-bit subkey: