symmetric encryption example: des weichao wang. 2 overview of the des a block cipher: – encrypts...
TRANSCRIPT
![Page 1: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/1.jpg)
Symmetric Encryption Example: DES
Weichao Wang
![Page 2: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/2.jpg)
2
Overview of the DES
• A block cipher:– encrypts blocks of 64 bits using a 64 bit key– outputs 64 bits of ciphertext
• A product cipher– basic unit is the bit– performs both substitution and transposition
(permutation) on the bits• Cipher consists of 16 rounds (iterations), each with a
48-bit round key generated from the 64-bit key
![Page 3: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/3.jpg)
3
Generation of Round Keys
key
PC-1
C0 D0
LSH LSH
D1
PC-2 K1
K16LSH LSH
C1
PC-2
• Round keys are 48 bits each
![Page 4: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/4.jpg)
4
Encipherment
input
IP
L0 R0
f K1
L1 = R0 R1 = L0 f(R0, K1)
R16 = L15 f(R15, K16) L16 = R15
IPŠ1
output
![Page 5: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/5.jpg)
5
The f Function
RiŠ1 (32 bits)
E
RiŠ1 (48 bits)
Ki (48 bits)
S1 S2 S3 S4 S5 S6 S7 S8
6 bits into each
P
32 bits
4 bits out of each
![Page 6: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/6.jpg)
6
• S-Box– There are eight S-Box, each maps 6-bit input to 4-
bit output– Each S-Box is a look-up table– This is the only non-linear step in DES and
contributes the most to its safety• P-Box– A permutation
![Page 7: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/7.jpg)
7
Controversy
• Considered too weak– Diffie, Hellman said “in a few years technology
would allow DES to be broken in days”• DES Challenge organized by RSA• In 1997, solved in 96 days; 41 days in early 1998; 56
hours in late 1998; 22 hours in Jan 1999• http://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCrac
ker/HTML/19990119_deschallenge3.html– Design decisions not public• S-boxes may have backdoors
![Page 8: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/8.jpg)
8
Undesirable Properties
• 4 weak keys– They are their own inverses
• 12 semi-weak keys– Each has another semi-weak key as inverse
• Complementation property– DESk(m) = c DESk(m) = c
• S-boxes exhibit irregular properties– Distribution of odd, even numbers non-random– Outputs of fourth box depends on input to third box
![Page 9: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/9.jpg)
9
• Number of rounds– After 5 rounds, every cipher bit is impacted by
every plaintext bit and key bit– After 8 rounds, cipher text is already a random
function– When the number of rounds is 16 or more, brute
force attack will be the most efficient attack for known plaintext attack
– So NSA knows a lot when it fixes the DES
![Page 10: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/10.jpg)
10
Differential Cryptanalysis
• A chosen ciphertext attack– Requires 247 (plaintext, ciphertext) pairs
• Revealed several properties– Small changes in S-boxes reduce the number of (plaintext,
ciphertext) pairs needed– Making every bit of the round keys independent does not
impede attack• Linear cryptanalysis improves result– Requires 243 (plaintext, ciphertext) pairs
![Page 11: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/11.jpg)
11
DES Modes
• Electronic Code Book Mode (ECB)– Encipher each block independently
• Cipher Block Chaining Mode (CBC)– Xor each plaintext block with previous ciphertext block– Requires an initialization vector for the first one– The initialization vector can be made public
• Encrypt-Decrypt-Encrypt Mode (2 keys: k, k)• Encrypt-Encrypt-Encrypt Mode (3 keys: k, k, k)
![Page 12: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/12.jpg)
12
CBC Mode Encryption
init. vector m1
DES
c1
m2
DES
c2
sent sent
…
…
…
![Page 13: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/13.jpg)
13
CBC Mode Decryption
init. vector c1
DES
m1
…
…
…
c2
DES
m2
![Page 14: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/14.jpg)
14
Self-Healing Property
• What will happen if a bit gets lost during transmission?– All blocks will not be aligned
• When one bit in a block flipped, only the next two blocks will be impacted.– Plaintext “heals” after 2 blocks
![Page 15: Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits](https://reader035.vdocuments.mx/reader035/viewer/2022072006/56649d025503460f949d56fe/html5/thumbnails/15.jpg)
15
Current Status of DES
• Design for computer system, associated software that could break any DES-enciphered message in a few days published in 1998
• Several challenges to break DES messages solved using distributed computing
• NIST selected Rijndael as Advanced Encryption Standard, successor to DES– Designed to withstand attacks that were successful on DES– 128 bit block size; 128, 192, or 256 bit key– Encryption speed can be 700MB/sec on an i7 CPU