5.
DES (Data Encryption
Standard)
‣ Key size 56 bits
3-DES (Triple-DES)
‣ Key size 112 bits
IDEA (International Data
Encryption Algorithm)
‣ Key size 128 bits
AES (Advanced Encryption
Standard)
‣ Key size 128, 192, 256 bits
Faculty of Information Technology
Page
5
6. DES Algorithm
DES
Data Encryption
Standard
(Block cipher)
Lucifer
IBM
Lucifer
DES
US NIST (US
National Institute of Standards and
Technology)
DES
Faculty of Information Technology
(Block
Page
6
7. DES Overview
64-bit Plaintext
…
64-bit Key
Initial Permutation
PC1
64 bit
Round 0
64 bit
Round 1
…
K1
48 bit
K2
48 bit
56 bit
PC2
PC2
Left Circular Shift
56 bit
64 bit
Round 15
56-bit Key
56-bit Key
Left Circular Shift
56-bit Key
K16
48 bit
PC2
56 bit
Left Circular Shift
64 bit
32-bit Swap
64 bit
Inverse Initial Permutation
…
64-bit Ciphertext
Faculty of Information Technology
Page
7
8. DES Overview
Data Block
1)Data Block
(IP)
2)Data Block
DES Algorithm
bits
Initial Permutation
16
(substitution)
(permutation)
key
3)Data Block
4)Data Block
Permutation
Key Block
Faculty of Information Technology
48 bits
Inverse Initial
DES Algorithm
Page
8
9. Data Block Data Block
16
Round 0
64-bit
L0 (32 bits)
R0 (32 bits)
f
K1
XOR
Round 1
L1=R0
R1=(L0 XOR f(R0,K1))
f
K2
XOR
L2=R3
Faculty of Information Technology
R2=(L1 XOR f(R1,K2))
Page
9
16. DES Decryption
DES decryption
Encryption
‣
‣
‣
‣
‣
DES
Initial Permutation
decryption
Inverse Initial Permutation
encryption
Round 0
K16
Round
encryption
….
Round 15
K1
Round
encryption
Inverse Initial Permutation
decryption
Faculty of Information Technology
Page
16
17. Avalanche Effect
Avalanche Effect
DES
Faculty of Information Technology
encryption algorithm
input
key
bit
bits
output
Avalanche Effect
Page
17
18. Strength of DES –
Key Size
Key
56-bit
256 = 7.2 x 1016
brute force search
brute
DES Algorithm
force search
1997
Internet
‣
1998
‣
‣
key
Distribution.net
EFF
hardware
1999 Distribution.net
Faculty of Information Technology
EFF
Page
18
20. Triple-DES (3DES) with
Two-Keys
Triple-DES
DES
DES
DES
key
‣
Triple-
Faculty of Information Technology
C = EK1(DK2(EK1(P)))
Encryption
Encrypt-Decrypt-Encrypt
K1 = K2
DES
Triple-DES
Page
20
22. AES (Advance
Encryption Standard)
AES (Advance Encryption Standard)
AES
DES
break
NIST
data block
DES
NIST
bit
Faculty of Information Technology
Rijndael
Page
22
23. AES
AES
Bytes
Data Block
bits = 16 bytes
‣
Data Block 16 bytes
x
4
‣
bytes
Current State
out
in in in in
s s s
s s s s bytesout out out
‣ Current State s
0
4
8
12
0,0
0,1
0,2
0,3
0,0
0,1
0,2
0,3
in1 in5 in9 in13
s10 s1,1 s1,2 s1,3
s10 s1,1 s1,2 s1,3
in2 in6 in10 in14
s2,0 s2,1 s2,2 s2,3
s2,0 s2,1 s2,2 s2,3
in3 in7 in11 in15
s3,0 s3,1 s3,2 s3,3
s3,0 s3,1 s3,2 s3,3
State
ciphertext
input
State Array
encryption
Faculty of Information Technology
0
4
8
12
out1 out5 out9 out13
Current
out2 out6 out10 out14
out3 out7 out11 out15
output
Page
23
24. AES
bits
= 16 bytes
Key Block 16 bytes
‣
x4
‣ Key
k4
k8 k12
k1
k5
k9 k13
k2
Key Block
k0
k6 k10 k14
k3
k7 k11 k15
w0 w1 w2 w3
(Key
Expansion)
f
+ + + +
w4 w5 w6 w7
word
44 words
k k k k
(1kword = 32 bits = 4
k
k k
w w
bytes)k
k k k
Key Expansion
Key Expansion
0
4
8
12
1
5
9
13
0
2
k3
6
10
1
…
w43
14
k7 k11 k15
Faculty of Information Technology
Page
24