CRYPTOGRAPHIC ALGORITHMS(DES AND AES)

BY- ANAMIKA SINGH ,B.TECH. VIIth sem

What is Encryption

Transform information such that its true meaning is hidden Requires “special knowledge” to retrieve the

information Examples

AES, 3DES, RC4, ROT-13, …

Types of Encryption Schemes

Ciphers

Classical ModernRotor Machines

Substitution Public KeyTransposition Secret Key

BlockStreamSteganography

Symmetric Encryption Terms

AliceBob

Plain text Plain textCipher text

Key Key

EncryptionAlgorithm

DecryptionAlgorithm

Data Encryption Standard

OUTLINE History Encryption Key-generation Decryption Strength of DES

History

DES is a 64 bit block cipher which means that it encrypts data 64 bits at a time.

In 1971, IBM developed an algorithm, named LUCIFER which operates on a block of 64 bits, using a 128-bit key

Walter Tuchman, an IBM researcher, refined LUCIFER and reduced the key size to 56-bit, to fit on a chip.

In 1977, the results of Tuchman’s project of IBM was adopted as the Data Encryption Standard by NSA (NIST).

AES is an important algorithm and was originally meant to replace DES

A Simplified DES Algorithm

Key words Substitution is simply a mapping of one value to

another Permutation is a reordering of the bit positions for

each of the inputs. techniques are used a number of times in iterations

called rounds S-boxes are basically non-linear substitution tables

where either the output is smaller than the input or vice versa

A Simplified DES Algorithm

DES expects two inputs the plaintext to be encrypted and the secret key(64 bit block cipher, key size used is 56 bits)

Initial permutation rearranging the bits to form the “permuted input”.

followed by 16 iteration of the same function substitution and permutation.

Finally, the pre output is passed through a permutation which is simply the inverse of the initial permutation

Encryption

Encryption(round 1)

Initial Permutation

IP 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7

IP-1

40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25

Expansion

32 1 2 3 4 5

4 5 6 7 8 9

8 9 10 11 12 13

12 13 14 45 16 17

16 17 18 19 20 21

20 21 22 23 24 25

24 25 26 27 28 29

28 29 30 31 32 1

16 7 20 21 29 12 28 17

1 15 23 26 5 18 31 10

2 8 24 14 32 27 3 9

9 13 30 6 22 11 4 25

E P

ExpansionExpansion

Encryption(round 1)

Encryption(round 1) S-Box

Encryption(round 1) S-Box

Key Generation

Key Generation

D0C0

Input Key

Permuted Choice One (PC-1)

Permuted Choice Two (PC-2) Schedule of Left Shifts

Di-1Ci-1

DiCi

▪ ▪▪

▪ ▪▪

Keyi

Key Generation

1 2 3 4 5 6 7 89 1

011

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

30

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

Input key

57

49

41

33

25

17

9

1 58

50

42

34

26

18

10

2 59

51

43

35

26

19

11

3 60

52

44

36

63

55

47

39

31

23

15

7 62

54

46

38

30

22

14

6 61

53

45

37

29

21

13

5 28

20

12

4

PC-1

Key Generation

14 17 11 24 1 5 3 2815 6 21 10 23 19 12 426 8 16 7 27 20 13 241 52 31 37 47 55 30 4051 45 33 48 44 49 39 5634 53 46 42 50 36 29 32

PC-2

RN 1 2 3 4 5 6 7 8 9 10

11

12

13

14

15

16

Bits

1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1

Schedule of Line Shift

Strength

Criticism Reduction in key size of 72 bits

Too short to withstand with brute-force attack S-boxes were classified.

Weak points enable NSA to decipher without key. 56-bit keys have 256 = 7.2 x 1016 values

Brute force search looks hard. A machine performing one DES encryption per microsecond

would take more than a thousand year to break the cipher. DES exhibits a strong avalanche effect.

If a small change in either the plaintext or the key, the ciphertext should change markedly.

Advance Encryption Standard

Outline Origin The AES Cipher AES Encryption & Decryption AES Key Expansion Implementation Aspect

AES-Origin Clear a replacement for DES was needed

have theoretical attacks that can break it have demonstrated exhaustive key search attacks

Can use Triple-DES – but slow, has small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were shortlisted in Aug-99 Rijndael was selected as the AES in Oct-2000 issued as FIPS PUB 197 standard in Nov-2001

The AES Cipher - Rijndael

Designed by Rijmen-Daemen in Belgium Has 128/192/256 bit keys, 128 bit data An iterative rather than Feistel (DES) cipher

processes data as block of 4 columns of 4 bytes operates on entire data block in every round

Designed to have: resistance against known attacks speed and code compactness on many CPUs design simplicity

The AES Cipher

Block length is limited to 128 bit The key size can be independently specified to 128,

192 or 256 bits

Key size (words/bytes/bits)

4/16/128 6/24/192 8/32/256

Number of rounds 10 12 14

Expanded key size (words/byte)

44/176 52/208 60/240

AES Encryption

The AES Cipher

Key received as input array of 4 rows and Nk columns Nk = 4,6, or 8, parameter which depends key size Input key is expanded into an array of 44/52/60 words of

32 bits each 4 different words serve as a key for each round

k0 k4 k8 k12

k1k2k3

k5k6k7

k9k10k11

k13k14k15

w0 w1 w2 …… w43W42

The AES Cipher AddRoundKey() – round key is added to the State using

XOR operation MixColumns() – takes all the columns of the State and mixes

their data, independently of one another, making use of arithmetic over GF(2^8)

ShiftRows() – processes the State by cyclically shifting the last three rows of the State by different offsets

SubBytes() – uses S-box to perform a byte-by-byte substitution of State

The four stages are as follows: Substitute bytes, Shift rows, Mix Columns , Add Round Key

The tenth round simply leaves out the Mix Columns stage.

The AES Cipher(Round-1)

Add round key

Substitute bytes

Shift rows

Mix columns

Add Round key

Substitute bytes

Shift rows

Mix columns

Add round key

Substitute bytes

Shift rows

Add round key

plaintext

Cipher text

keyW[4,7] W[36,39] W[40,43]

Round 1

Round 9

The AES Cipher

Only Add round key makes use of the key Other three functions are used for diffusion and

confusion Final round consists of only three stages

The AES Structure

Substitute Byte

A simple substitution of each byte It uses one table of 16x16 bytes containing a

permutation of all 256 8-bit values Each byte of state is replaced by byte indexed by row

(left 4-bits) & column (right 4-bits) S-box constructed using defined transformation of

values in GF(28) Designed to be resistant to all known attacks

Substitute Byte

S-Box Substitution

S-Box Substitution

Substitute Byte Example

Shift Rows

A circular byte shift in each each 1st row is unchanged 2nd row does 1 byte circular shift to left 3rd row does 2 byte circular shift to left 4th row does 3 byte circular shift to left

Decrypt inverts using shifts to right Since state is processed by columns, this step

permutes bytes between the columns

Shift Rows Example

Mix Columns Transformation

Each column is operated on individually each byte is replaced by a value dependent on all 4 bytes

in the column The Mix Columns transformation of a single column j (0

j 3) of state can be expressed as: S0 0,j = (2 • s0,j) (3 • s1,j) s2,j s3,j S0 1,j = s0,j (2 • s1,j) (3 • s2,j) s3,j S0 2,j = s0,j s1,j (2 • s2,j) (3 • s3,j) S0 3,j = (3 • s0,j) s1,j s2,j (2 • s3,j)

Mix Columns Transformation

Mix Columns Example

Add Round Key

XOR each byte of the round key with its corresponding byte in the state array

S0,0 S0,1 S0,2 S0,3S1,0 S1,1 S1,2 S1,3S2,0 S2,1 S2,2 S2,3S3,0 S3,1 S3,2 S3,3

S’0,0 S’0,1 S’0,2 S’0,3S’1,0 S’1,1 S’1,2 S’1,3S’2,0 S’2,1 S’2,2 S’2,3S’3,0 S’3,1 S’3,2 S’3,3

S0,1

S1,1

S2,1

S3,1

S’0,1

S’1,1

S’2,1

S’3,1

R0,0 R0,1 R0,2 R0,3R1,0 R1,1 R1,2 R1,3R2,0 R2,1 R2,2 R2,3R3,0 R3,1 R3,2 R3,3

R0,1

R1,1

R2,1

R3,1

XOR

AES Key Expansion

takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words

start by copying key into first 4 words then loop creating words that depend on

values in previous & 4 places back in 3 of 4 cases just XOR these together 1st word in 4 has rotate + S-box + XOR round

constant on previous, before XOR 4th back

AES Key Expansion

AES Decryption

AES decryption is not identical to encryption since steps done in reverse

but can define an equivalent inverse cipher with steps as for encryption but using inverses of each step with a different key schedule

AES Decryption

All functions are easily reversible and their inverse form is used in decryptionDecryption algorithm is not identical to the encryption algorithmAgain, final round consists of only three stages

Implementation Aspect

Can efficiently implement on 8-bit CPU Byte substitution works on bytes using a table of 256

entries Shift rows is simple byte shift Add round key works on byte XOR’s Mix columns requires matrix multiply in GF(28)

which works on byte values, can be simplified to use table lookups & byte XOR’s

Implementation Aspect

Can efficiently implement on 32-bit CPU redefine steps to use 32-bit words can pre compute 4 tables of 256-words then each column in each round can be computed

using 4 table lookups + 4 XORs at a cost of 4Kb to store tables

Designers believe this very efficient implementation was a key factor in its selection as the AES cipher