lecture 3 feistel based algorithms. today 1.block ciphers - basis 2.feistel cipher 3.des 4.des...
TRANSCRIPT
DES• In 1972, the National Institute of Standards and Technology (called the
National Bureau of Standards at the time) decided that a strong cryptographic algorithm was needed to protect non-classified information.
• In 1974 IBM submitted the Lucifer algorithm, which appeared to meet most of NIST's design requirements.
• NIST enlisted the help of the National Security Agency to evaluate the security of Lucifer.
• DES is classic Feistel cipher with the n=64 bits. Unfortunately even that n is not real. In fact the algorithm use only 56 bits as key. The official explanation was that the 8-th bit from each byte is needed for parity check.
• One of the greatest worries was that the key length, originally 128 bits, was reduced to just 56 bits by NSA request, weakening it significantly.
• The modified Lucifer algorithm was adopted by NIST as a federal standard (see FIPS 46–2) on November 23, 1976. Its name was
changed to the Data Encryption Standard (DES).
Using DES CBC• In CBC mode (Cypher Block Chaining Mode), each ciphertext block βi is
combined using a XOR with the next input block αi+1. The following scheme is used:
We define a block with initial value V I = β0, and then the blocks are ciphered using the following equation
βi = eK (βi−1 α⊕ i ),(i ≥ 1)
using DES
•Usually OFB and CFB is used for 64 bits blocks but there is no problem in applying on the variable length k bits blocks where (1 ≤ k ≤ 64). •All four modes have both advantages and disadvantages. •A ECB and OFB changing a block from unencrypted input text αi will drive to modifications only to one encrypted output block βi. As we expected this may be a weakness from cryptanalytic point of view especially because the OFB modes is often used in securing satellite communication channels.
Using DES to MACDesigning a MAC using CBC.• We begin with an initial block filled with zeroes • Then the encrypted text β1 , β2 , . . . , βn is constructed using key K, ın
CBC mode, The MAC is represented by βn block as is presented in the figure.
• After that Alice will sent the message α1, α2, . . . , αn , associated with the βn MAC.
• When Bob receive the message α1, α2, . . . , αn , and also generate a β1 , . . . , βn using secret key K and checks if the resulted βn is identical with the message MAC.
• It is clear that without having the secret key it is almost impossible to generate the correct MAC
• The following figure sketches the computation of the CBC-MAC of a message comprising blocks using a secret key k and a block cipher E:
Triple DES (3DES)• Triple DES also known as 3DES or sometimes as DES − ede, is an
system based by DES. It was proposed by Walter Tuchman (the former chief of the Intel team that develop the DES) Was published in FIPS Pub 46−3.
• The idea is simple and use the following formula
where:m unencrypted pain text (64 bits),
c is the encrypted result ,k1 , k2, k3 are DES keys (de 56 bits),
DESk : DES encrypt using key k,DESk
−1: DES decript using key k.
References• http://crypto.stackexchange.com/questions/245/does-unbalancing-a-feistel-cipher-alw
ays-improve-security-does-it-improve-securi• http://www.itl.nist.gov/fipspubs/fip81.htm• http://www.cacr.math.uwaterloo.ca/hac/
• http://williamstallings.com/OS4e.html• William Stallings, Cryptography and Network Security, Fourth Edition, 2005, Prentice
Hall• http://www.computersciencestudent.com/• http://williamstallings.com/Crypto/Crypto4e-inst.html• http://www.tropsoft.com/strongenc/des.htm• http://cryptodox.com/NewDES• http://en.wikipedia.org/wiki/Meet-in-the-middle_attack• Xuejia Lai and James L. Massey, A Proposal for a New Block Encryption Standard,
EUROCRYPT 1990, pp389–404
• Bruce Schneier, Applied Cryptography Second Edition John, Cryptography, Second Edition - John Wiley & Sons
• http://top-topics.thefullwiki.org/Broken_block_ciphers