View
51
Download
0
Category
Preview:
Citation preview
CRYPTOGRAPHIC ALGORITHMS(DES AND AES)
BY- ANAMIKA SINGH ,B.TECH. VIIth sem
What is Encryption
Transform information such that its true meaning is hidden Requires “special knowledge” to retrieve the
information Examples
AES, 3DES, RC4, ROT-13, …
Types of Encryption Schemes
Ciphers
Classical ModernRotor Machines
Substitution Public KeyTransposition Secret Key
BlockStreamSteganography
Symmetric Encryption Terms
AliceBob
Plain text Plain textCipher text
Key Key
EncryptionAlgorithm
DecryptionAlgorithm
Data Encryption Standard
OUTLINE History Encryption Key-generation Decryption Strength of DES
History
DES is a 64 bit block cipher which means that it encrypts data 64 bits at a time.
In 1971, IBM developed an algorithm, named LUCIFER which operates on a block of 64 bits, using a 128-bit key
Walter Tuchman, an IBM researcher, refined LUCIFER and reduced the key size to 56-bit, to fit on a chip.
In 1977, the results of Tuchman’s project of IBM was adopted as the Data Encryption Standard by NSA (NIST).
AES is an important algorithm and was originally meant to replace DES
A Simplified DES Algorithm
Key words Substitution is simply a mapping of one value to
another Permutation is a reordering of the bit positions for
each of the inputs. techniques are used a number of times in iterations
called rounds S-boxes are basically non-linear substitution tables
where either the output is smaller than the input or vice versa
A Simplified DES Algorithm
DES expects two inputs the plaintext to be encrypted and the secret key(64 bit block cipher, key size used is 56 bits)
Initial permutation rearranging the bits to form the “permuted input”.
followed by 16 iteration of the same function substitution and permutation.
Finally, the pre output is passed through a permutation which is simply the inverse of the initial permutation
Encryption
Encryption(round 1)
Initial Permutation
IP 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
IP-1
40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
Expansion
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 45 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
16 7 20 21 29 12 28 17
1 15 23 26 5 18 31 10
2 8 24 14 32 27 3 9
9 13 30 6 22 11 4 25
E P
ExpansionExpansion
Encryption(round 1)
Encryption(round 1) S-Box
Encryption(round 1) S-Box
Key Generation
Key Generation
D0C0
Input Key
Permuted Choice One (PC-1)
Permuted Choice Two (PC-2) Schedule of Left Shifts
Di-1Ci-1
DiCi
▪ ▪▪
▪ ▪▪
Keyi
Key Generation
1 2 3 4 5 6 7 89 1
011
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
30
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Input key
57
49
41
33
25
17
9
1 58
50
42
34
26
18
10
2 59
51
43
35
26
19
11
3 60
52
44
36
63
55
47
39
31
23
15
7 62
54
46
38
30
22
14
6 61
53
45
37
29
21
13
5 28
20
12
4
PC-1
Key Generation
14 17 11 24 1 5 3 2815 6 21 10 23 19 12 426 8 16 7 27 20 13 241 52 31 37 47 55 30 4051 45 33 48 44 49 39 5634 53 46 42 50 36 29 32
PC-2
RN 1 2 3 4 5 6 7 8 9 10
11
12
13
14
15
16
Bits
1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Schedule of Line Shift
Strength
Criticism Reduction in key size of 72 bits
Too short to withstand with brute-force attack S-boxes were classified.
Weak points enable NSA to decipher without key. 56-bit keys have 256 = 7.2 x 1016 values
Brute force search looks hard. A machine performing one DES encryption per microsecond
would take more than a thousand year to break the cipher. DES exhibits a strong avalanche effect.
If a small change in either the plaintext or the key, the ciphertext should change markedly.
Advance Encryption Standard
Outline Origin The AES Cipher AES Encryption & Decryption AES Key Expansion Implementation Aspect
AES-Origin Clear a replacement for DES was needed
have theoretical attacks that can break it have demonstrated exhaustive key search attacks
Can use Triple-DES – but slow, has small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were shortlisted in Aug-99 Rijndael was selected as the AES in Oct-2000 issued as FIPS PUB 197 standard in Nov-2001
The AES Cipher - Rijndael
Designed by Rijmen-Daemen in Belgium Has 128/192/256 bit keys, 128 bit data An iterative rather than Feistel (DES) cipher
processes data as block of 4 columns of 4 bytes operates on entire data block in every round
Designed to have: resistance against known attacks speed and code compactness on many CPUs design simplicity
The AES Cipher
Block length is limited to 128 bit The key size can be independently specified to 128,
192 or 256 bits
Key size (words/bytes/bits)
4/16/128 6/24/192 8/32/256
Number of rounds 10 12 14
Expanded key size (words/byte)
44/176 52/208 60/240
AES Encryption
The AES Cipher
Key received as input array of 4 rows and Nk columns Nk = 4,6, or 8, parameter which depends key size Input key is expanded into an array of 44/52/60 words of
32 bits each 4 different words serve as a key for each round
k0 k4 k8 k12
k1k2k3
k5k6k7
k9k10k11
k13k14k15
w0 w1 w2 …… w43W42
The AES Cipher AddRoundKey() – round key is added to the State using
XOR operation MixColumns() – takes all the columns of the State and mixes
their data, independently of one another, making use of arithmetic over GF(2^8)
ShiftRows() – processes the State by cyclically shifting the last three rows of the State by different offsets
SubBytes() – uses S-box to perform a byte-by-byte substitution of State
The four stages are as follows: Substitute bytes, Shift rows, Mix Columns , Add Round Key
The tenth round simply leaves out the Mix Columns stage.
The AES Cipher(Round-1)
Add round key
Substitute bytes
Shift rows
Mix columns
Add Round key
Substitute bytes
Shift rows
Mix columns
Add round key
Substitute bytes
Shift rows
Add round key
plaintext
Cipher text
keyW[4,7] W[36,39] W[40,43]
Round 1
Round 9
The AES Cipher
Only Add round key makes use of the key Other three functions are used for diffusion and
confusion Final round consists of only three stages
The AES Structure
Substitute Byte
A simple substitution of each byte It uses one table of 16x16 bytes containing a
permutation of all 256 8-bit values Each byte of state is replaced by byte indexed by row
(left 4-bits) & column (right 4-bits) S-box constructed using defined transformation of
values in GF(28) Designed to be resistant to all known attacks
Substitute Byte
S-Box Substitution
S-Box Substitution
Substitute Byte Example
Shift Rows
A circular byte shift in each each 1st row is unchanged 2nd row does 1 byte circular shift to left 3rd row does 2 byte circular shift to left 4th row does 3 byte circular shift to left
Decrypt inverts using shifts to right Since state is processed by columns, this step
permutes bytes between the columns
Shift Rows Example
Mix Columns Transformation
Each column is operated on individually each byte is replaced by a value dependent on all 4 bytes
in the column The Mix Columns transformation of a single column j (0
j 3) of state can be expressed as: S0 0,j = (2 • s0,j) (3 • s1,j) s2,j s3,j S0 1,j = s0,j (2 • s1,j) (3 • s2,j) s3,j S0 2,j = s0,j s1,j (2 • s2,j) (3 • s3,j) S0 3,j = (3 • s0,j) s1,j s2,j (2 • s3,j)
Mix Columns Transformation
Mix Columns Example
Add Round Key
XOR each byte of the round key with its corresponding byte in the state array
S0,0 S0,1 S0,2 S0,3S1,0 S1,1 S1,2 S1,3S2,0 S2,1 S2,2 S2,3S3,0 S3,1 S3,2 S3,3
S’0,0 S’0,1 S’0,2 S’0,3S’1,0 S’1,1 S’1,2 S’1,3S’2,0 S’2,1 S’2,2 S’2,3S’3,0 S’3,1 S’3,2 S’3,3
S0,1
S1,1
S2,1
S3,1
S’0,1
S’1,1
S’2,1
S’3,1
R0,0 R0,1 R0,2 R0,3R1,0 R1,1 R1,2 R1,3R2,0 R2,1 R2,2 R2,3R3,0 R3,1 R3,2 R3,3
R0,1
R1,1
R2,1
R3,1
XOR
AES Key Expansion
takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words
start by copying key into first 4 words then loop creating words that depend on
values in previous & 4 places back in 3 of 4 cases just XOR these together 1st word in 4 has rotate + S-box + XOR round
constant on previous, before XOR 4th back
AES Key Expansion
AES Decryption
AES decryption is not identical to encryption since steps done in reverse
but can define an equivalent inverse cipher with steps as for encryption but using inverses of each step with a different key schedule
AES Decryption
All functions are easily reversible and their inverse form is used in decryptionDecryption algorithm is not identical to the encryption algorithmAgain, final round consists of only three stages
Implementation Aspect
Can efficiently implement on 8-bit CPU Byte substitution works on bytes using a table of 256
entries Shift rows is simple byte shift Add round key works on byte XOR’s Mix columns requires matrix multiply in GF(28)
which works on byte values, can be simplified to use table lookups & byte XOR’s
Implementation Aspect
Can efficiently implement on 32-bit CPU redefine steps to use 32-bit words can pre compute 4 tables of 256-words then each column in each round can be computed
using 4 table lookups + 4 XORs at a cost of 4Kb to store tables
Designers believe this very efficient implementation was a key factor in its selection as the AES cipher
Recommended