Block Ciphers

1
Block Ciphers
2
Ciphers

• Block cipher
• DES
• 3DES
• AES
• IDEA
• Twofish

3
Why encrypt?

• Encryption is needed to protect assets
• Four kinds of importance for cipher technology

Low
High
High
Impact
Low
Importance of system
4
Block Cipher

• Block cipher is an encryption function that works
  on fixed size blocks
• Current block size is 128 bits
• Encrypting a 128-bit plaintext block produces a
  128-bit ciphertext block
• The encryption key is also a series of bits,
  usually 128 or 256 bits
• A secure block cipher is one that keeps the
  plaintext secret

5
Block Cipher

• Trivial distinguisher involves creating all
  possible encryptions of 0 with all the keys in
  the range 1, 2, , 232
• A round is a collection of repetitions of a weak
  block cipher

6
DES

• Data Encryption Standard (DES) was developed by
  IBM for NIST in 1976
• IBMs Lucifer cipher was adopted by NIST as DES
• Horst Feistel, who came to U.S. in 1934 from
  Germany, developed Lucifer cipher at IBM in the
  early 1970s
• Lucifer took plaintext in 64-bit blocks and
  applied a 56-bit key
• The 56-bits come from the fact that 1016 has 56
  bits in its binary representation

7
DES

• 64 bits are represented in 8 bytes. The
  rightmost bit in each byte is used as an odd
  parity bit. Since there are only 7 effective
  bits then, the encryption key strength is limited
  to 7 x 8 56 bits
• Lucifer takes a 64-bit block and divides it into
  a left and right block of 32-bits each
• Some operation is performed to permute the bits
  and then interchange the permuted 32-bit blocks.
  This is called round 1.

8
DES

• Repeat this process for 16 rounds
• Each round uses a 48-bit key chosen from the
  56-bit key
• Key for each round is different

9
DES

• Initially the 32-bits of the right block are
  expanded to 48 bits by duplicating some of the
  bits
• The result is XORed with the 48-bit key
• The resultant 48 bits are placed in an S-
  box (S for substitution)
• The job of S-box is to use a look-up table and
  produce 4 bits for every 6 bits, thus getting a
  new 32-bit block as the output

10
DES

• DES has complementation property
• X denotes the complement of X where all the 0s
  of X are replaced by 1s and vice versa
• E(K,P) (E(K,P)). Here E denotes encryption
  of plaintext P with key K. This is the
  complementation property.

11
DES

• XOR has the property that if you XOR twice, then
  you get the original back
• C A xor B
• C xor B yields A back
• E.g., Consider 10111010
• xor 11001011
• --------------
• 01110001
• xor 11001011
• --------------
• 10111010

12
Triple DES

• Triple DES is also denoted as 3DES
• 3DES uses a 168-bit key made up of three 56-bit
  keys
• 3DES works as follows
• Plaintext Ciphertext1
• Ciphertext1 Ciphertext2
• Ciphertext2 Ciphertext

Encrypt with Key 1
Decrypt with Key 2
Encrypt with Key 3
13
Triple DES

• 3DES was developed to address the key size
  problem
• Modern computers have enough power to break the
  DES key in a short time (3 days or less)
• With three keys, 3DES makes it very difficult to
  break the keys
• NISTs goal was to develop a strong encryption
  standard. NIST approved 3DES as an interim
  standard.

14
AES

• Advanced Encryption Standard had two goals
• 128-bit or higher encryption
• Usability with portable devices such as cell
  phones and PDAs
• Developed through an international competition
  for proposals
• Dutch scientists Joan Daemon and Vincent Rijmen
  developed the Rijndael (pronounced rain doll)
  cipher
• Rijndael was adopted as the AES standard in 2001
• AES provides 128, 192, or 256-bit encryption
  using blocks of size 128, 192, or 256-bits
• All 9 combinations of key size and block size are
  valid

15
AES

• AES is different from DES
• AES uses rounds similar to DES
• AES uses 10 to 14 rounds depending on the key
  size
• AES is faster than 3DES since many calculations
  can be performed in parallel

16
IDEA

• International Data Encryption Algorithm is a
  64-bit block cipher
• Developed in 1991 by Lai and Massey in
  Switzerland
• Uses 128-bit key
• Has 8 and 1/2 rounds in the algorithm
• Software is patented in U.S. but is free for
  non-commercial use

17
Twofish

• Developed by Ferguson and Schneier
• Twofish was a finalist for AES
• Uses Feistel structure like DES
• Provides 128-bit security
• Uses 16 rounds
• Twofish is more expensive to implement than
  Rijndael