Cryptography Lecture 5 PowerPoint PPT Presentation

presentation player overlay
1 / 33
About This Presentation
Transcript and Presenter's Notes

Title: Cryptography Lecture 5


1
CryptographyLecture 5
  • Data Encryption Standard (DES)
  • Advanced Encryption Standard (AES)

2
Reading Assignment
  • Reading assignments for Lecture 5
  • Required
  • Pfleeger 2.5, 2.6
  • Recommended
  • Pfleeger 12.2
  • Reading assignments for next class
  • Required
  • Pfleeger Ch 2.7
  • Recommended
  • Pfleeger 12.3

3
Data Encryption Standards DES
4
Data Encryption Standard
  • Mathematics to design strong product ciphers is
    classified
  • Breakable by exhaustive search on 56-bit key size
    for known plaintext, chosen plaintext and chosen
    ciphertext attacks
  • Security computational complexity of computing
    the key under the above scenarios (22 hours)

5
Data Encryption Standard (DES)
  • DES is a product cipher
  • 56 bit key size
  • 64 bit block size for plaintext and cipher text
  • Developed by IBM and adopted by NIST with NSA
    approval
  • Encryption and decryption algorithms are public
    but the design principles are classified

6
DES Multiple Encryption
  • 1992 proven that DES is not a group multiple
    encryptions by DES are not equivalent to a single
    encryption

7
DES Algorithm
64 bit plaintext
56 bit key
Permuted choice
Initial permutation
K1
Left circular shift
Permuted choice 1
Iteration 1
K2
Left circular shift
Permuted choice 2
Iteration 2
K3
Left circular shift
Permuted choice 16
Iteration 16
32 bit swap
Inverse initial permutation
64 bit ciphertext
8
DES Cycle
32 bits
32 bits
R i-1
L i-1( R i-2)
Expansion permutation
48 bits
48 bits
Permuted key
48 bits
32 bits
32 bits
R i
9
DES Multiple Encryption
P
EK1(P)
EK2EK1(P)
Intermediate Ciphertext
Ciphertext
Plaintext
Encryption
Encryption
K1
K2
Known-plaintext meet-in-the-middle
attack Effective key size 57 bit
10
DES Multiple Encryption
P
EK1(P)
DK2EK1(P)
EK1DK2EK1(P)
E
E
D
K1
K2
K1
Tuchman avoid meet-in-the-middle attack If
K1K2 single encryption
11
DES Multiple Encryption
  • Tuchmans technique is part of NIST standard
  • Can be broken in 256 operations if one has 256
    chosen plaintext blocks (Merkle, Hellman 1981)
  • Could use distinct K1,K2,K3 to avoid this attack

12
Modes of DES
  • ECB Electronic Code Book
  • CBC Cipher Block Chaining
  • CFB Cipher FeedBack
  • OFB Output FeedBack
  • Part of NIST standard

13
ECB Mode
64 bit data
56 bit key
56 bit key
E
D
64 bit data
Good for small messages Identical data block will
be identically encrypted
14
CBC Mode
64 bit data
64 bit previous Ciphertext block

56 bit key
56 bit key
E
D
64 bit previous Ciphertext block

CnEkCn-1 ? Pn
64 bit data
Need initiation vector
15
CFB Mode
Needs initialization vector Adv can encipher one
character at a time Error propagation current
transf. next 8 characters
8, 8 bit blocks
8, 8 bit blocks
Left shift
56 bit key
56 bit key
E
D
Left shift


8 bit cipher text
8 bit plain text
8 bit plain text
16
OFB Mode
Needs initialization vector Adv can encipher one
character at a time Error propagation current
transfer only
8, 8 bit blocks
8, 8 bit blocks
Left shift
56 bit key
56 bit key
E
D
Left shift


8 bit cipher text
8 bit plain text
8 bit plain text
17
Advanced Encryption Standard (AES)
18
Advanced Encryption Standard (AES) Motivations
  • Replacement of DES
  • Known vulnerabilities
  • Broken by exhaustive key search attack
  • Triple DES secure but slow
  • Need new standard that is
  • Secure practical cryptanalysis, resist known
    attacks
  • Cost effective
  • Easy to implement (software, hardware) and
    portable
  • Flexible

19
AES Origin
  • Started in 1997 and lasted for several years
  • Requirements specified by NIST
  • Algorithm unclassified and publicly available
  • Available royalty free world wide
  • Symmetric key
  • Operates on data blocks of 128 bits
  • Key sizes of 128, 192, and 256 bits
  • Fast, secure, and portable
  • Active life of 20-30 years
  • Provides full specifications

20
  • AES Finalists
  • 1999

21
Rijndael Algorithm
  • Chosen for security, performance, efficiency,
    ease of implementation, and flexibility
  • Block cipher (variable block and key length)
  • Federal Information Processing Standard (FIPS)

22
  • Rijndael
  • Symmetric, block cipher
  • Key size 128, 192, or 256 bits
  • Block size 128
  • Processed as 4 groups of 4 bytes (state)
  • Operates on the entire block in every round
  • Number of rounds depending on key size
  • Key128 ? 9 rounds
  • Key192 ? 11 rounds
  • Key256 ? 13 rounds

23
  • Rijndael Basic Steps
  • Byte Substitution Non-linear function for
    confusion
  • S-box used on every byte (table look-up)
  • Shift Rows Linear mixing function for diffusion
  • Permutes bytes between columns
  • Different for different block sizes (128, 192
    same, 256 different)
  • Mix columns Transformation
  • Shifting left and XOR bits
  • Effect matrix multiplication
  • Add Round Key incorporates key and creates
    confusion
  • XOR state with unique key
  • All operations can be combined into XOR and table
    look-ups ? Very fast and efficient

24
Strength of Algorithm
  • New little experimental results
  • Cryptanalysis results
  • Few theoretical weakness
  • No real problem
  • No relation to government agency ? no allegations
    of tampering with code
  • Has sound mathematical foundation

25
Byte Substitution
  • Simple substitution for each byte
  • S-box 16x16 bytes
  • Each byte of state is replaced by byte in row
    (left 4 bits) and column (right 4 bits)
  • S-box is designed to resist known attacks (Galois
    Field(28))

26
s00 s01 s02 s03 s10 s11 s12 s13 s20 s21
s22 s23 s30 s31 s32 s33
S-box
s'00 s'01 s'02 s'03 s'10 s'11 s'12
s'13 s'20 s'21 s'22 s'23 s'30 s'31 s'32
s'33
e.g., if s00 5B and row 5 and Column B in S-box
contains value 39, then s'00 39
27
Shift Row
  • Circular byte shift (128 or 192 bits block)
  • 1st row unchanged
  • 2nd row 1 byte circular shift to left
  • 3rd row 2 bytes circular shift to left
  • 4th row 3 bytes circular shift to left
  • Decryption shift to right

28
Shift Row Transformation
s'0,0 s'0,1 s'0,2 s'0,3 s'1,1 s'1,2 s'1,3
s'1,0 s'2,2 s'2,3 s'2,0 s'2,1 s'3,3 s'3,0
s'3,1 s'3,2
s0,0 s0,1 s0,2 s0,3 s1,0 s1,1 s1,2
s1,3 s2,0 s2,1 s2,2 s2,3 s3,0 s3,1 s3,2
s3,3
29
Mix Column
  • Each column is processed separately
  • Each byte is replaced by a value depending on all
    4 bytes in the column
  • Each element of the column is multiplied with a
    plynomial

30
Add Subkey
  • Generate unique subkey
  • Create new words depending on
  • Previous word and 4 places back
  • 3 and 4 cases XOR together
  • Every 4th has s-box rotate XOR constant
  • Designed to resist attack
  • XOR state with unique key

31
AES Decryption
  • Non-identical to encryption
  • Steps done in reverse
  • Different key schedule

32
  • Operating Modes
  • Electronic Code Book (ECB) Mode
  • Cipher Block Chaining (CBC) Mode
  • Cipher Feedback (CFB) Mode
  • Output Feedback (OFB) Mode

33
Next class
Summary of Secret Key Encryption Project
Information
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2026 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Cryptography Lecture 5" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!