SlideShare ist ein Scribd-Unternehmen logo

Block Ciphers and the Data Encryption Standard

D
Dr.Florence Dayana

Stream Cipher,Block Cipher,The Feistel Cipher,Data Encryption Standard,The Strength of DES

Bildung
1 von 33
Downloaden Sie, um offline zu lesen
NETWORK SECURITY Name of the Staff : M.FLORENCE DAYANA M.C.A.,M.Phil.,(Ph.D)., Head, Dept. of CA Bon Secours College For Women Thanjavur. Class : II MSc., CS Semester : III Unit : I Topic : Block Ciphers and the Data Encryption Standard 2/15/20191
Stream Cipher Encrypts a digital data stream one bit or one byte at a time Examples: •Autokeyed Vigenère cipher •Vernam cipher A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream) In a stream cipher each plain text is encrypted one at a time with the corresponding digit of the key stream, to give a digit of the cipher text stream. An alternative name is a state cipher, as the encryption of each digit is dependent on the current state. In practice, a digit is typically a bit and the combining operation an exclusive - or (XOR). For practical reasons the bit- stream generator must be implemented as an algorithmic procedure so that the cryptographic bit stream can be produced by both users It must be computationally impractical to predict future portions of the bit stream based on previous portions of the bit stream The two users need only share the generating key and each can produce the key stream
Example Stream Ciphers
Block Cipher A block of plaintext is treated as a whole and used to produce a ciphertext block of equal length Typically a block size of 64 or 128 bits is used As with a stream cipher, the two users share a symmetric encryption key The majority of network- based symmetric cryptographic applications make use of block ciphers
Example Block Ciphers
StreamCipher andBlockCipher
A block cipher operates on a plaintext block of n bits to produce a ciphertext block of n bits. There are 2n possible different plaintext blocks and, for the encryption to be reversible (i.e., for decryption to be possible), each must produce a unique ciphertext block. Such a transformation is called reversible, or nonsingular.
Table 3.1 Encryption and Decryption Tables for Substitution Cipher of Figure 3.2
The Feistel Cipher • Feistel cipher is the execution of two or more simple ciphers in sequence in such a way that the final result or product is cryptographically stronger than any of the component ciphers. • Feistel ciphers are a special class of iterated block ciphers where the ciphertext is calculated from the plaintext by repeated application of the same transformation or round function.
THE FEISTEL CIPHER • In a Feistel cipher, the text being encrypted is split into two halves. The round function f is applied to one half using a subkey and the output of f is exclusive ORed with other half. • The two halves are then swapped. Each round follows the same pattern except for the last round there is no swap • A nice feature of a feistel cipher is that encryption and decryption are structurally identical, though the subkeys used during encryption at each round are taken in reverse order during decryption
Feistel Cipher • Proposed the use of a cipher that alternates substitutions and permutations • Feistel is a practical application of a proposal to develop a product cipher that alternates confusion and diffusion functions • Each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements Substitutions • No elements are added or deleted or replaced in the sequence, rather the order in which the elements appear in the sequence is changed Permutation
Diffusion and Confusion • Diffusion means that if we change a character of the plaintext, then several characters of the ciphertext should change, and similarly, if we change a character of the ciphertext, then several characters of the plaintext should change • diffusion refers to dissipating(unwanted) the statistical structure of plaintext over bulk of ciphertext. Diffusion • Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two. • Confusion means that each character of the ciphertext should depend on several parts of the key. Confusion
THE FEISTEL CIPHER 1. The inputs to the encryption algorithm are a plaintext block of length 2w bits and a key k. 2. The plaintext block is divided into two halves L0,R0. 3. The two halves of the data pass through n rounds of processing and then combine to produce the ciphertext block. 4. Feistel Cipher Structure each round i has an inputs Li-1 and Ri-1 derived from the previous round, as well as the subkey ki, derived from the overall k.
In Figure, 16 rounds are used, although any number of rounds could be implemented. All rounds have the same structure. A substitution is performed on the left half of the data.  This is done by applying a round function F to the right half of the data and then taking the Exclusive-OR of the output of that function and the left half of the data. The round function has the same general structure for each round but is parameterized by the round subkey Ki .  Another way to express this is to say that F is a function of right-half block of w bits and a subkey of y bits, which produces an output value of length w bits: F (REi , Ki+1 ). Following this substitution, a permutation is performed that consists of the interchange of the two halves of the data.  This structure is a particular form of the Substitution-Permutation Network (SPN) proposed by Shannon.
Feistel Cipher Design Features Block size • Larger block sizes mean greater security but reduced encryption/decryption speed for a given algorithm Key size • Larger key size means greater security but may decrease encryption/decryption speeds Number of rounds • The essence of the Feistel cipher is that a single round offers inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds. Subkey generation algorithm • Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis • Round function F • Greater complexity generally means greater resistance to cryptanalysis Fast software encryption/decryption • In many cases, encrypting is embedded in applications or utility functions in such a way as to make impossible a hardware implementation; accordingly, the speed of execution of the algorithm becomes a concern software Ease of Analysis • If the algorithm can be concisely and clearly explained, it is easier to analyze that algorithm for cryptanalytic vulnerabilities and therefore develop a higher level of assurance as to its strength
Feistel Example This figure shows the 15th round of encryption and 2nd round of decryption. The 14th round value is LE14=DE7F and RE14=03A6 and the key value is K15=12DE52. after the round 15 we have LE15=03A6 and RE15=F(03A6,12DE52)xorDE7F.
Data Encryption Standard (DES) • The DES was once a predominant symmetric key algorithm for the encryption data. It was highly influential in the advancement of modern cryptography in the academic world. • Issued in 1977 by the National Bureau of Standards as Federal Information Processing
Data Encryption Standard (DES) • Algorithm itself is referred to as the Data Encryption Algorithm (DEA) • There are two inputs to the encryption function. The plaintext to be encrypted and the key. • Data are encrypted in 64-bit blocks using a 56-bit key • The algorithm transforms 64-bit input in a series of steps into a 64-bit output • The same steps, with the same key, are used to reverse the encryption
6.20 DES is a block cipher Figure Encryption and decryption with DES
6.21 Figure General structure of DES
DES Encryption Algorithm 1. The left hand side of the figure, the plaintext proceeds in three phases. 2.First, 64 bit plaintext passes through an initial permutation(IP) that rearranges the bit produce the permuted input. 3. The phase consisting of sixteen rounds of the same function, which involves both permutation and substitution functions. 4. The output of the last round consists of 64 bits that are a function of input plaintext and a key. 5. The left & right halves of the output are swapped to produce the pre-output.
6. Finally, the pre-output is passed through permutation [IP-1] that is inverse of the initial permutation function, to produce the 64 bit ciphertext. 7. The right hand side portion, in which the 56 bit key is used. Initially the key is passed through a permutation function. 8. Then for each 16 rounds, a subkey(Ki) is produced a combination of a left circular shift and a permutation. 9.This is same for each round. But different subkey is produced because the repeated shift of the key bits
DES Example THE AVALANCHE EFFECT The avalanche effect refers to a desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions. The avalanche effect is evident if, when an input is changed slightly (for example, flipping a single bit) the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext. It means that a very small change in the input will lead to a very big change in the output. The avalanche effect is calculated by:
Avalanche in DES original modified
THE STRENGTH OF DES 1. The use of 56-bit keys: In computing, 56-bit encryption refers to a key size of fifty-six bits, or seven bytes, for symmetric encryption, with the key length of 56 bits, there are 256 possible keys, which is approximately 7.2 * 106 keys. On average, half of the key space has to be searched, a single machine performing one DES encryption per micro second would take more than a thousand years to break the cipher.
2. The Nature of the DES algorithm: The focus of concern has been on the eight substitution tables, S-Boxes, that are used in each iteration. Because the design criteria for these boxes, and indeed for the entire algorithm, were not made public, there is a suspicion that the boxes were constructed in such a way that cryptanalysis is possible for an opponent who knows the weakness in the S-boxes. Strength of DES
Strength of DES 3. Timing attacks • The timing attacks relate to public key algorithms. • The timing attack is one in which information about the key or the plaintext is obtained by observing how long it takes a given implementation to perform decryptions on various ciphertexts • The timing attack Exploits the fact that an encryption or decryption algorithm often takes slightly different amounts of time on different inputs
Block Cipher Design Principles: we much progress has been made in designing block ciphers that are cryptographically strong, the basic principles have not changed. we look three critical aspects of block cipher design 1. The number of Rounds 2. Design of function F 3.Key schedule algorithm 1. Number of rounds The greater the number of rounds, the more difficult it is to perform cryptanalysis In general, the criterion should be that the number of rounds is chosen so that known cryptanalytic efforts require greater effort than a simple brute-force key search attack If DES had 15 or fewer rounds, differential cryptanalysis would require less effort than a brute-force key search
Block Cipher Design Principles: 2. Design of Function F • The heart of a Feistel block cipher is the function F • The more nonlinear F, the more difficult any type of cryptanalysis will be • The SAC and BIC criteria appear to strengthen the effectiveness of the confusion function Strict avalanche criterion (SAC) States that any output bit j of an S-box should change with probability 1/2 when any single input bit i is inverted for all i , j Bit independence criterion (BIC) States that output bits j and k should change independently when any single input bit i is inverted for all i , j , and k The algorithm should have good avalanche properties
Block Cipher Design Principles: 3. Key Schedule Algorithm • With any Feistel block cipher, the key is used to generate one subkey for each round • In general, we would like to select subkeys to maximize the difficulty of deducing individual subkeys and the difficulty of working back to the main key • It is suggested that, at a minimum, the key schedule should guarantee key/ciphertext Strict Avalanche Criterion and Bit Independence Criterion

Empfohlen

symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
Rashmi Burugupalli
 
block ciphers
block ciphersblock ciphers
block ciphers
Asad Ali
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
DES
DESDES
DES
Naga Srimanyu Timmaraju
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Dr.Florence Dayana
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
Animesh Shaw
 
Unit 2
Unit 2Unit 2
Unit 2
KRAMANJANEYULU1
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Seema Goel
 

Empfohlen

symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
Rashmi Burugupalli
 
block ciphers
block ciphersblock ciphers
block ciphers
Asad Ali
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
DES
DESDES
DES
Naga Srimanyu Timmaraju
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Dr.Florence Dayana
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
Animesh Shaw
 
Unit 2
Unit 2Unit 2
Unit 2
KRAMANJANEYULU1
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Seema Goel
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
Srinadh Muvva
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
harshit chavda
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
sarhadisoftengg
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
SAURABHDHAGE6
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
Haris Ahmed
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
Cryptography
CryptographyCryptography
Cryptography
Rutuja Solkar
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
SAurabh PRajapati
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key Cryptosystem
Devakumar Kp
 
RC4&RC5
RC4&RC5RC4&RC5
RC4&RC5
Mohamed El-Serngawy
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
Mazin Alwaaly
 
Aes
AesAes
Aes
Muhammad Asif
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption Standard
Adri Jovin
 
Cryptography
CryptographyCryptography
Cryptography
subodh pawar
 
Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
Shashank Shetty
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
koolkampus
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
Dr.Florence Dayana
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Popescu Petre
 
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceNetwork security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
RathnaDeepa1
 
Network Security UNIT-II
Network Security UNIT-IINetwork Security UNIT-II
Network Security UNIT-II
rathnadeepa2
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
koolkampus
 

Was ist angesagt? (20)

RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
 
Cryptography
CryptographyCryptography
Cryptography
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key Cryptosystem
 
RC4&RC5
RC4&RC5RC4&RC5
RC4&RC5
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
 
Aes
AesAes
Aes
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption Standard
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 

Ähnlich wie Block Ciphers and the Data Encryption Standard

Ähnlich wie Block Ciphers and the Data Encryption Standard (20)

Network security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceNetwork security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
 
Network Security UNIT-II
Network Security UNIT-IINetwork Security UNIT-II
Network Security UNIT-II
 
presentation based on data encryption standards
presentation based on data encryption standardspresentation based on data encryption standards
presentation based on data encryption standards
 
Information and network security 19 feistel cipher
Information and network security 19 feistel cipherInformation and network security 19 feistel cipher
Information and network security 19 feistel cipher
 
RIT701_CGNS_L5.pptx
RIT701_CGNS_L5.pptxRIT701_CGNS_L5.pptx
RIT701_CGNS_L5.pptx
 
Block Ciphers and DES.pptx
Block Ciphers and DES.pptxBlock Ciphers and DES.pptx
Block Ciphers and DES.pptx
 
Bakiya
BakiyaBakiya
Bakiya
 
Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1
 
Unit 2
Unit 2Unit 2
Unit 2
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design Principles
 
cns 2marks
cns 2markscns 2marks
cns 2marks
 
Unit 2
Unit 2Unit 2
Unit 2
 
CNS2 unit 2.pdf
CNS2 unit 2.pdfCNS2 unit 2.pdf
CNS2 unit 2.pdf
 
Network security Encryption
Network security EncryptionNetwork security Encryption
Network security Encryption
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
 
Fundamentals of Information Encryption
Fundamentals of Information EncryptionFundamentals of Information Encryption
Fundamentals of Information Encryption
 
Confusion and Diffusion.pptx
Confusion and Diffusion.pptxConfusion and Diffusion.pptx
Confusion and Diffusion.pptx
 
information security(Feistal Cipher)
information security(Feistal Cipher)information security(Feistal Cipher)
information security(Feistal Cipher)
 
Module 2.pptx
Module 2.pptxModule 2.pptx
Module 2.pptx
 
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
 

Mehr von Dr.Florence Dayana

Mehr von Dr.Florence Dayana (20)

Dr.M.Florence Dayana-Cloud Computing-unit - 4.pdf
Dr.M.Florence Dayana-Cloud Computing-unit - 4.pdfDr.M.Florence Dayana-Cloud Computing-unit - 4.pdf
Dr.M.Florence Dayana-Cloud Computing-unit - 4.pdf
 
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdfDr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
 
M. Florence Dayana - Hadoop Foundation for Analytics.pptx
M. Florence Dayana - Hadoop Foundation for Analytics.pptxM. Florence Dayana - Hadoop Foundation for Analytics.pptx
M. Florence Dayana - Hadoop Foundation for Analytics.pptx
 
M. FLORENCE DAYANA/unit - II logic gates and circuits.pdf
M. FLORENCE DAYANA/unit - II logic gates and circuits.pdfM. FLORENCE DAYANA/unit - II logic gates and circuits.pdf
M. FLORENCE DAYANA/unit - II logic gates and circuits.pdf
 
M.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfM.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdf
 
M. FLORENCE DAYANA - INPUT & OUTPUT DEVICES.pdf
M. FLORENCE DAYANA - INPUT & OUTPUT DEVICES.pdfM. FLORENCE DAYANA - INPUT & OUTPUT DEVICES.pdf
M. FLORENCE DAYANA - INPUT & OUTPUT DEVICES.pdf
 
Professional English - Reading
Professional English - ReadingProfessional English - Reading
Professional English - Reading
 
Professional English - Speaking
Professional English - SpeakingProfessional English - Speaking
Professional English - Speaking
 
Professional English - Listening
Professional English - ListeningProfessional English - Listening
Professional English - Listening
 
INPUT AND OUTPUT DEVICES.pdf
INPUT AND OUTPUT DEVICES.pdfINPUT AND OUTPUT DEVICES.pdf
INPUT AND OUTPUT DEVICES.pdf
 
NETWORK SECURITY-SET.pptx
NETWORK SECURITY-SET.pptxNETWORK SECURITY-SET.pptx
NETWORK SECURITY-SET.pptx
 
Network Security- Secure Socket Layer
Network Security- Secure Socket LayerNetwork Security- Secure Socket Layer
Network Security- Secure Socket Layer
 
M.florence dayana dream weaver
M.florence dayana dream weaverM.florence dayana dream weaver
M.florence dayana dream weaver
 
M.florence dayana computer networks transport layer
M.florence dayana computer networks transport layerM.florence dayana computer networks transport layer
M.florence dayana computer networks transport layer
 
M.Florence Dayana Computer Networks Types
M.Florence Dayana Computer Networks TypesM.Florence Dayana Computer Networks Types
M.Florence Dayana Computer Networks Types
 
M.Florence Dayana Computer Networks Introduction
M.Florence Dayana Computer Networks IntroductionM.Florence Dayana Computer Networks Introduction
M.Florence Dayana Computer Networks Introduction
 
M. FLORENCE DAYANA/DATABASE MANAGEMENT SYSYTEM
M. FLORENCE DAYANA/DATABASE MANAGEMENT SYSYTEMM. FLORENCE DAYANA/DATABASE MANAGEMENT SYSYTEM
M. FLORENCE DAYANA/DATABASE MANAGEMENT SYSYTEM
 
M.Florence Dayana
M.Florence DayanaM.Florence Dayana
M.Florence Dayana
 
M.Florence Dayana / Basics of C Language
M.Florence Dayana / Basics of C LanguageM.Florence Dayana / Basics of C Language
M.Florence Dayana / Basics of C Language
 
M.Florence Dayana/Cryptography and Network security
M.Florence Dayana/Cryptography and Network securityM.Florence Dayana/Cryptography and Network security
M.Florence Dayana/Cryptography and Network security
 

Kürzlich hochgeladen

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 

Kürzlich hochgeladen (20)

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 

Block Ciphers and the Data Encryption Standard

  • 1. NETWORK SECURITY Name of the Staff : M.FLORENCE DAYANA M.C.A.,M.Phil.,(Ph.D)., Head, Dept. of CA Bon Secours College For Women Thanjavur. Class : II MSc., CS Semester : III Unit : I Topic : Block Ciphers and the Data Encryption Standard 2/15/20191
  • 2. Stream Cipher Encrypts a digital data stream one bit or one byte at a time Examples: •Autokeyed Vigenère cipher •Vernam cipher A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream) In a stream cipher each plain text is encrypted one at a time with the corresponding digit of the key stream, to give a digit of the cipher text stream. An alternative name is a state cipher, as the encryption of each digit is dependent on the current state. In practice, a digit is typically a bit and the combining operation an exclusive - or (XOR). For practical reasons the bit- stream generator must be implemented as an algorithmic procedure so that the cryptographic bit stream can be produced by both users It must be computationally impractical to predict future portions of the bit stream based on previous portions of the bit stream The two users need only share the generating key and each can produce the key stream
  • 4. Block Cipher A block of plaintext is treated as a whole and used to produce a ciphertext block of equal length Typically a block size of 64 or 128 bits is used As with a stream cipher, the two users share a symmetric encryption key The majority of network- based symmetric cryptographic applications make use of block ciphers
  • 7. A block cipher operates on a plaintext block of n bits to produce a ciphertext block of n bits. There are 2n possible different plaintext blocks and, for the encryption to be reversible (i.e., for decryption to be possible), each must produce a unique ciphertext block. Such a transformation is called reversible, or nonsingular.
  • 8. Table 3.1 Encryption and Decryption Tables for Substitution Cipher of Figure 3.2
  • 9. The Feistel Cipher • Feistel cipher is the execution of two or more simple ciphers in sequence in such a way that the final result or product is cryptographically stronger than any of the component ciphers. • Feistel ciphers are a special class of iterated block ciphers where the ciphertext is calculated from the plaintext by repeated application of the same transformation or round function.
  • 10. THE FEISTEL CIPHER • In a Feistel cipher, the text being encrypted is split into two halves. The round function f is applied to one half using a subkey and the output of f is exclusive ORed with other half. • The two halves are then swapped. Each round follows the same pattern except for the last round there is no swap • A nice feature of a feistel cipher is that encryption and decryption are structurally identical, though the subkeys used during encryption at each round are taken in reverse order during decryption
  • 11. Feistel Cipher • Proposed the use of a cipher that alternates substitutions and permutations • Feistel is a practical application of a proposal to develop a product cipher that alternates confusion and diffusion functions • Each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements Substitutions • No elements are added or deleted or replaced in the sequence, rather the order in which the elements appear in the sequence is changed Permutation
  • 12. Diffusion and Confusion • Diffusion means that if we change a character of the plaintext, then several characters of the ciphertext should change, and similarly, if we change a character of the ciphertext, then several characters of the plaintext should change • diffusion refers to dissipating(unwanted) the statistical structure of plaintext over bulk of ciphertext. Diffusion • Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two. • Confusion means that each character of the ciphertext should depend on several parts of the key. Confusion
  • 13. THE FEISTEL CIPHER 1. The inputs to the encryption algorithm are a plaintext block of length 2w bits and a key k. 2. The plaintext block is divided into two halves L0,R0. 3. The two halves of the data pass through n rounds of processing and then combine to produce the ciphertext block. 4. Feistel Cipher Structure each round i has an inputs Li-1 and Ri-1 derived from the previous round, as well as the subkey ki, derived from the overall k.
  • 14. In Figure, 16 rounds are used, although any number of rounds could be implemented. All rounds have the same structure. A substitution is performed on the left half of the data.  This is done by applying a round function F to the right half of the data and then taking the Exclusive-OR of the output of that function and the left half of the data. The round function has the same general structure for each round but is parameterized by the round subkey Ki .  Another way to express this is to say that F is a function of right-half block of w bits and a subkey of y bits, which produces an output value of length w bits: F (REi , Ki+1 ). Following this substitution, a permutation is performed that consists of the interchange of the two halves of the data.  This structure is a particular form of the Substitution-Permutation Network (SPN) proposed by Shannon.
  • 15. Feistel Cipher Design Features Block size • Larger block sizes mean greater security but reduced encryption/decryption speed for a given algorithm Key size • Larger key size means greater security but may decrease encryption/decryption speeds Number of rounds • The essence of the Feistel cipher is that a single round offers inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds. Subkey generation algorithm • Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis • Round function F • Greater complexity generally means greater resistance to cryptanalysis Fast software encryption/decryption • In many cases, encrypting is embedded in applications or utility functions in such a way as to make impossible a hardware implementation; accordingly, the speed of execution of the algorithm becomes a concern software Ease of Analysis • If the algorithm can be concisely and clearly explained, it is easier to analyze that algorithm for cryptanalytic vulnerabilities and therefore develop a higher level of assurance as to its strength
  • 16. Feistel Example This figure shows the 15th round of encryption and 2nd round of decryption. The 14th round value is LE14=DE7F and RE14=03A6 and the key value is K15=12DE52. after the round 15 we have LE15=03A6 and RE15=F(03A6,12DE52)xorDE7F.
  • 17. Data Encryption Standard (DES) • The DES was once a predominant symmetric key algorithm for the encryption data. It was highly influential in the advancement of modern cryptography in the academic world. • Issued in 1977 by the National Bureau of Standards as Federal Information Processing
  • 18. Data Encryption Standard (DES) • Algorithm itself is referred to as the Data Encryption Algorithm (DEA) • There are two inputs to the encryption function. The plaintext to be encrypted and the key. • Data are encrypted in 64-bit blocks using a 56-bit key • The algorithm transforms 64-bit input in a series of steps into a 64-bit output • The same steps, with the same key, are used to reverse the encryption
  • 19.
  • 20. 6.20 DES is a block cipher Figure Encryption and decryption with DES
  • 22. DES Encryption Algorithm 1. The left hand side of the figure, the plaintext proceeds in three phases. 2.First, 64 bit plaintext passes through an initial permutation(IP) that rearranges the bit produce the permuted input. 3. The phase consisting of sixteen rounds of the same function, which involves both permutation and substitution functions. 4. The output of the last round consists of 64 bits that are a function of input plaintext and a key. 5. The left & right halves of the output are swapped to produce the pre-output.
  • 23. 6. Finally, the pre-output is passed through permutation [IP-1] that is inverse of the initial permutation function, to produce the 64 bit ciphertext. 7. The right hand side portion, in which the 56 bit key is used. Initially the key is passed through a permutation function. 8. Then for each 16 rounds, a subkey(Ki) is produced a combination of a left circular shift and a permutation. 9.This is same for each round. But different subkey is produced because the repeated shift of the key bits
  • 24. DES Example THE AVALANCHE EFFECT The avalanche effect refers to a desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions. The avalanche effect is evident if, when an input is changed slightly (for example, flipping a single bit) the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext. It means that a very small change in the input will lead to a very big change in the output. The avalanche effect is calculated by:
  • 26.
  • 27.
  • 28. THE STRENGTH OF DES 1. The use of 56-bit keys: In computing, 56-bit encryption refers to a key size of fifty-six bits, or seven bytes, for symmetric encryption, with the key length of 56 bits, there are 256 possible keys, which is approximately 7.2 * 106 keys. On average, half of the key space has to be searched, a single machine performing one DES encryption per micro second would take more than a thousand years to break the cipher.
  • 29. 2. The Nature of the DES algorithm: The focus of concern has been on the eight substitution tables, S-Boxes, that are used in each iteration. Because the design criteria for these boxes, and indeed for the entire algorithm, were not made public, there is a suspicion that the boxes were constructed in such a way that cryptanalysis is possible for an opponent who knows the weakness in the S-boxes. Strength of DES
  • 30. Strength of DES 3. Timing attacks • The timing attacks relate to public key algorithms. • The timing attack is one in which information about the key or the plaintext is obtained by observing how long it takes a given implementation to perform decryptions on various ciphertexts • The timing attack Exploits the fact that an encryption or decryption algorithm often takes slightly different amounts of time on different inputs
  • 31. Block Cipher Design Principles: we much progress has been made in designing block ciphers that are cryptographically strong, the basic principles have not changed. we look three critical aspects of block cipher design 1. The number of Rounds 2. Design of function F 3.Key schedule algorithm 1. Number of rounds The greater the number of rounds, the more difficult it is to perform cryptanalysis In general, the criterion should be that the number of rounds is chosen so that known cryptanalytic efforts require greater effort than a simple brute-force key search attack If DES had 15 or fewer rounds, differential cryptanalysis would require less effort than a brute-force key search
  • 32. Block Cipher Design Principles: 2. Design of Function F • The heart of a Feistel block cipher is the function F • The more nonlinear F, the more difficult any type of cryptanalysis will be • The SAC and BIC criteria appear to strengthen the effectiveness of the confusion function Strict avalanche criterion (SAC) States that any output bit j of an S-box should change with probability 1/2 when any single input bit i is inverted for all i , j Bit independence criterion (BIC) States that output bits j and k should change independently when any single input bit i is inverted for all i , j , and k The algorithm should have good avalanche properties
  • 33. Block Cipher Design Principles: 3. Key Schedule Algorithm • With any Feistel block cipher, the key is used to generate one subkey for each round • In general, we would like to select subkeys to maximize the difficulty of deducing individual subkeys and the difficulty of working back to the main key • It is suggested that, at a minimum, the key schedule should guarantee key/ciphertext Strict Avalanche Criterion and Bit Independence Criterion