P.Srinivasulu, CSE, PBRVITS.

Cryptography and Network Security

UNIT- II
Symmetric key Ciphers: Block Cipher principles &Algorithms (DES, AES, Blowfish),
Differential and Linear Cryptanalysis, Block cipher modes of operation, Stream ciphers, RC4,
Location and placement of encryption function, Key distribution
Asymmetric key Ciphers: Principles of public key cryptosystems, Algorithms (RSA, Diffie-
Hellman, ECC), Key Distribution

Block Cipher Principles

Introduction: -
A Block Cipher is an encryption/decryption scheme in which a block of plaintext is treated as a
whole and used to produce a ciphertext block of equal length.
Typically, a block size of 64 or 128 bits is used. Usually, sender and receiver share a symmetric
encryption key.

For Example, The Data Encryption Standard (DES) has been the most widely used Block Cipher
encryption algorithm until recently. It exhibits the classic Feistel structure. DES uses a 64-bit block
and a 56-bit key.
The Feistel Cipher:
Many block ciphers have a Feistel structure. Such a structure consists of a number of identical
rounds of processing.
In each round, a substitution is performed on one half of the data being processed, followed by a
permutation that interchanges the two halves.
The original key is expanded so that a different key is produced and used for each round.
In particular, Feistel proposed the use of a cipher that alternates substitutions and permutations,
Feistel’s is a practical application of a proposal by Claude Shannon to develop a product cipher that
alternates confusion and diffusion functions
Block Cipher Design Principles:
There are three critical aspects of block cipher design:
-the number of rounds,
-design of the function F, and
-key scheduling Algorithm.
Number of Rounds:
 The greater the number of rounds, the more difficult it is to perform cryptanalysis,
even for a relatively weak function F.
 In general, the criterion should be that the number of rounds is chosen so that known
cryptanalytic efforts require greater effort than a simple brute-force key search
attack. This criterion was certainly used in the design of DES.
Design of Function F:
 The heart of a Feistel block cipher is the function F, which provides the element of
confusion in a Feistel cipher. Thus, it must be difficult to “unscramble” the
substitution performed by F.
 F must be nonlinear. The more nonlinear F, the more difficult any type of
cryptanalysis will be.
Key Schedule Algorithm:
 With any Feistel block cipher, the key is used to generate one subkey for each round.
 In general, we would like to select subkeys to maximize the difficulty of deducing
individual subkeys and the difficulty of working back to the main key.
1
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

The Feistel Cipher Structure/Algorithm

Introduction:-
The inputs to the encryption algorithm are a plaintext block of length 2w bits and a key. The
plaintext block is divided into two halves, LE0 and RE0.
The two halves of the data pass through n rounds of processing and then combine to produce
the ciphertext block.
Each round i has as inputs Li-1 and Ri-1 derived from the previous round, as well as a subkey
Ki derived from the overall K. In general, the subkeys Ki are different from K and from each
other. All rounds have the same structure.
A substitution is performed on the left half of the data. This is done by applying a round function F
to the right half of the data and then taking the exclusive-OR of the output of that function and the
left half of the data. The round function has the same general structure for each round but is
parameterized by the round subkey Ki.
Permutation is performed that consists of the interchange of the two halves of the data.
Encryption and Decryption Process:-
The process of Encryption and decryption with a Feistel cipher is shown below:

2
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

The exact realization of a Feistel network depends on the choice of the following parameters and
design features:
 Block size: Larger block sizes mean greater security but reduced encryption /
decryption speed for a given algorithm. The greater security is achieved by greater
diffusion. Traditionally, a block size of 64 bits has been considered a reasonable
tradeoff and was nearly universal in block cipher design. However, the new AES
uses a 128-bit block size.
 Key size: Larger key size means greater security but may decrease encryption/
decryption speed. The greater security is achieved by greater resistance to brute-force
attacks and greater confusion. Key sizes of 64 bits or less are now widely considered
to be inadequate, and 128 bits has become a common size.
 Number of rounds: The essence of the Feistel cipher is that a single round offers
inadequate security but that multiple rounds offer increasing security. A typical size is
16 rounds.
 Subkey generation algorithm: Greater complexity in this algorithm should lead to
greater difficulty of cryptanalysis.
 Round function F: Greater complexity in Round Function generally means greater
resistance to cryptanalysis.

There are two other considerations in the design of a Feistel cipher:

 Fast software encryption/decryption: In many cases, encryption is embedded in
applications or utility functions. Accordingly, the speed of execution of the algorithm
becomes a concern.
 Ease of analysis: Although we would like to make our algorithm as difficult as possible
to cryptanalyze, there is great benefit in making the algorithm easy to analyze. That is,
if the algorithm can be concisely and clearly explained, it is easier to analyze that
algorithm for cryptanalytic vulnerabilities and therefore develop a higher level of
assurance as to its strength. For example, DES does not have an easily analyzed
functionality.

3
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Data Encryption Standard (DES)

Introduction: -
DES is based on a cipher known as the Feistel block cipher. DES is a Symmetric-key
algorithm for the encryption of electronic data.
DES was developed by IBM in 1977 & was adopted by the U.S Department of Defense. Now it is
under the NIST (National Institute of Standard & Technology)
Data Encryption Standard (DES) is a widely-used method of data encryption using a secret
key. DES applies a 56-bit key to each 64-bit block of data as shown below:

Overall structure of DES:-

There are two inputs to the encryption function: the 64 bits plaintext to be encrypted and the 56 bits
key. The overall process of DES Encryption is shown below:

4
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Looking at the left-hand side of the above diagram, we can see that the processing of the
plaintext proceeds in three phases.
 First, the 64-bit plaintext passes through an initial permutation (IP) that rearranges the
bits to produce the permuted input.
 This is followed by a phase consisting of sixteen rounds of the same function, which
involves both permutation and substitution functions. The output of the last (sixteenth)
round consists of 64 bits that are a function of the input plaintext and the key. The left
and right halves of the output are swapped to produce the preoutput.
 Finally, the preoutput is passed through a permutation that is the inverse of the initial
permutation function, to produce the 64-bit cipher text.


The right-hand portion of above diagram shows the way in which the 56-bit key is used.
Initially, the key is passed through a permutation function.
Then, for each of the sixteen rounds, a subkey (Ki) is produced by the combination of a left
circular shift and a permutation.
The permutation function is the same for each round, but a different subkey is produced
because of the repeated shifts of the key bits.
Inner workings of DES:
Below figure shows the internal structure of a single round.

The left and right halves of each 64-bit intermediate value are treated as separate 32-bit
quantities, labeled L (left) and R (right).
The overall processing at each round can be summarized in the following formulas:

Key Generation: -
A 64-bit key is used as input to the algorithm. The bits of the key are numbered from 1
through 64; every eighth bit is ignored to obtain 56-bit key, and then it is followed by a
permutation called Permuted Choice One.
The resulting 56-bit key is then treated as two 28-bit quantities, labelled C0 and D0. At each
round, Ci-1 and Di-1 are separately subjected to a circular left shift or (rotation) of 1 or 2 bits.
These shifted values serve as input to the next round.
They also serve as input to the part labeled Permuted Choice Two, which produces a 48-bit
output that serves as input to the Function F(Ri-1, Ki).
5
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

DES Decryption:-
Decryption uses the same algorithm as encryption, except that the application of the subkeys is
reversed.
That means, Whatever process we following in the encryption that process is used for
decryption also but the order of key is reversed and the process is applied on Cipher Text
message.
i.e. Reverse order of keys are K16, K15 ,……, K1.

The Strength of DES:-

The Use of 56-Bit Keys:
 With a key length of 56 bits, there are 256 possible keys, which is approximately
7.2 x 1016. A brute-force attack appears impractical. A single machine performing
one DES encryption per microsecond would take more than a thousand years to
break the cipher. Diffie and Hellman postulated that the technology existed to
build a parallel machine with 1 million encryption devices, each of which could
perform one encryption per microsecond. This would bring the average search time down to
about 10 hours.

The Nature of the DES Algorithm:

 Possibilities of cryptanalysis is done by finding the characteristics of DES
algorithm.
 Learning of S-Box logic is complex.
 Weakness of the S-boxes not been discovered.
Timing Attacks:
 A timing attack is one in which information about the key or the plaintext is
obtained by observing how long it takes a given implementation to perform
decryptions on various ciphertexts.
 A timing attack exploits the fact that an encryption or decryption algorithm often
takes slightly different amounts of time on different inputs.
 DES appears to be fairly resistant to a successful timing attack.

Triple DES (3DES)

Overview:
Triple DES is simply another mode of DES operation. It takes three 64-bit keys, for
an overall key length of 192 bits.

The Triple DES then breaks the user provided key into three subkeys, padding the
keys if necessary so they are each 64 bits long.

The procedure for encryption is exactly the same as regular DES, but it is repeated
three times. Hence the name Triple DES. The data is encrypted with the first key, decrypted
with the second key, and finally encrypted again with the third key.

6
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Advanced Encryption Standard (AES)

Introduction: -
The Advanced Encryption Standard (AES) was published by the National Institute of
Standards and Technology (NIST) in 2001.
AES is a Block cipher intended to replace DES, used for commercial applications. It
uses a 128-bit block size and a key size of 128, 192, or 256 bits.

AES does not use a Feistel structure. Instead, each full round consists of four separate
functions: byte substitution, permutation, arithmetic operations over a finite field, and XOR
with a key.
It was designed to have the following characteristics:
 Resistance against all known attacks
 Speed and code compactness on a wide range of platforms
 Design simplicity

AES Structure :-
The input to the encryption and decryption algorithms is a single 128-bit block, this block is
depicted as a square matrix of bytes as shown below:

This block is copied into the State array, which is modified at each stage of encryption or
decryption. After the final stage, State is copied to an output matrix.

AES Parameters:
The cipher consists of N rounds, where the number of rounds depends on the key length:
10 rounds for a 16-byte key, 12 rounds for a 24-byte key, and 14 rounds for a 32-byte key; as
shown below:
Key size(words/bytes/bits) 4/16/128 6/24/192 8/32/256

Plaintext block Size (words/bytes/bits) 4/16/128 4/16/128 4/16/128

Number of rounds 10 12 14

Round Key size (words/bytes/bits) 4/16/128 4/16/128 4/16/128

Expanded key size (words/bytes) 44/176 52/208 60/240

7
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

The first rounds consist of four distinct transformation functions:

-SubBytes,
-ShiftRows,
-MixColumns, and
-AddRoundKey.

There is a initial single transformation (AddRoundKey) before the first round, which can be
considered Round 0, and the final round contains only three transformations.
Each transformation takes one or more matrices as input and produces a 4 x 4 matrix as output.

The key is depicted as a square matrix of bytes as shown below:.

This key is then expanded into an array of distinct subkeys

Inner Workings of a Round:-

The algorithm begins with an Add round key stage followed by 9 rounds of four stages and a
tenth round of three stages.

This applies for both encryption and decryption with the exception that each stage of a round
in the decryption algorithm is the inverse of its counterpart in the encryption algorithm.

The four stages are as follows:

1. Substitute bytes
2. Shift rows
3. Mix Columns
4. Add Round Key
The tenth round simply leaves out the Mix Columns stage.

The first nine rounds of the decryption algorithm consist of the following:
1. Inverse Shift rows
2. Inverse Substitute bytes
3. Inverse Add Round Key
4. Inverse Mix Columns

Again, the tenth round simply leaves out the Inverse Mix Columns stage. Each of these
stages will now be considered in more detail.

8
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Substitute Bytes
This stage (known as SubBytes) is simply a table lookup using a 16×16 matrix of byte values
called an s-box.
The s-box is not just a random permutation of these values and there is a well- defined method
for creating the s-box tables. The designers of Rijndael showed how this was done.
In this particular stage each byte is mapped into a new byte in the following way:

9
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

For example, the byte {95} (curly brackets selects row 9 column 5. This is then used to update
the state matrix. Figure 7.3 depicts this idea.

The Inverse substitute byte transformation makes use of an inverse s-box.

Shift Rows Transformation:
Shift row transformation used in Encryption is called as Forward Shift row transformation,
which is shown below:
▶ The first row of State matrix is not altered.
▶ For the second row, a 1-byte circular left shift is performed.
▶ For the third row, a 2-byte circular left shift is performed.
▶ For the fourth row, a 3-byte circular left shift is performed.
Shift row transformation used in Decryption is called as Inverse Shift row transformation. It
performs the circular shifts in the opposite direction for each of the last three rows, with a one-
byte circular right shift for the second row and soon, as shown below:
▶ The first row of State matrix is not altered.
▶ For the second row, a 1-byte circular Right shift is performed.
▶ For the third row, a 2-byte circular Right shift is performed.
▶ For the fourth row, a 3-byte circular Right shift is performed.
Mix columns transformation:-
Mix Columns transformation used in Encryption is called as Forward Mix Columns
transformation, which is shown below:
 Forward Mix columns transformation called mix columns, operates on each column
individually.
 Each byte of a column is mapped into a new value that is a function of all 4 bytes in
that column.
 The transformation can be defined by the following matrix multiplication on state.

10
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Mix Columns transformation used in Decryption is called as Inverse Mix Columns

transformation, where we use transpose/inverse matrix of matrix used in Mix Columns of
Encryption.

AddRoundKey Transformation:-
▶ In the forward add round key transformation, called AddRoundKey, the 128 bits of
State are bitwise XORed with the 128 bits of the round key.
▶ The inverse add round key transformation is identical to the forward add round key
transformation, because the XOR operation is its own inverse.
Example:

AES Key Expansion:-

 The 128-bit key value can be expanded into 44 words i.e. 44X32=1408bits
 In each round 4 words will be used i.e. 4x32=128 bits
 In Addroundkey first 4 words w0,w1,w2,w3 are used.
 In first round,w4,w5,w6,w7 are used and soon. The 128 bit key is expanded as follows:

▶ First 128 bit key is arranged as a 4x4 matrix each value size is 8-bits
▶ The first 32 bits (k0,k1,k2,k3) is considered as w0.
▶ The first 32 bits (k4,k5,k6,k7) is considered as w1.
▶ The first 32 bits (k8,k9,k10,k11) is considered as w2.
▶ The first 32 bits (k12,k13,k14,k15) is considered as w4.
▶ Next 4 words w4,w5,w6,w7 are followed as
w4=w0 ⊕ w3
w5=w1 ⊕ w4
w6=w2 ⊕ w5
w7=w3 ⊕ w6
11
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Blowfish Algorithm
Introduction: -
 Blow fish is a symmetric block cipher developed by bruce schner in year 1993.
 Blowfish is a Feistel Structure type model.
 Blow fish is designed to have following characteristics
 Speed: Blowfish encrypts data on 32-bit microprocessor
 Compact: it can run in less than 5k memory.
 Simple: very easy to implement.
 Variably secure: the key length is variable and can be as long as 448 bits.
This allows a trade-off between higher speed and higher security.
Encryption and Decryption:-
Blow fish Algorithm encrypts 64bits blocks of plaintext into 64-bit block of ciphertext.
The encryption makes use of 16 times.
Blow fish make use of a key that ranges from 32-bits to 448-bits (multiple of 32-bits)
The key is stored into a k-array (32 bits for each) K1, K2, … Kj where 1≤ j ≤14.
That key is used to generate 18 no. of 32-bit subkeys & 4 no. of 256 32-bit Entries in S-boxes.
The subkeys are stored in the p-array P1, P2, …. P18
There are four s-boxes each with 256 32-bit Entries.

In the encryption process, plaintext is divided into two 32-bit halves LE0, and RE0. We use
the variables LEi, and REi, to refer to the left and right half of the data after round i has
completed. The Encryption and Decryption process is shown below:

12
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

The encryption of a 64-bit block plain-text block input PT is shown in an algorithmic form
as shown below:
1.Divide plain text PT into two blocks LE0 and LR0 of equal size, both LE0 and LR0 will
consists of 32 bits each.

2.For i=1 to 16
LEi = LEi-1 XOR Pi

REi = F (LEi) XOR REi-1

Swap LEi, REi

3. LEi+1 = REi XOR P18

4. REi+1 = LEi XOR P17

Subkeys Generation:-
Blow fish make use of a key that ranges from 32-bits to 448-bits (multiple of 32-bits)
The key is stored into a k-array (32 bits for each) K1, K2, … Kj where 1≤ j ≤14.

That key is used to generate 18 no. of 32-bit subkeys, and the subkeys are stored in the p-array
P1, P2, …. P18

The steps in generating the P-array / Subkeys:

Step1 initialize the P-array using the bits of fractional part of the constant п.

Step 2 Perform a bitwise XOR of the P-array & k-array, reusing words from the
k-array as needed.

Round Function F:-

The input to the function F is the 32-bit, which is divided into 4 bytes. If we label those
bytes a, b, c, and d, then the function can be defined as follows:

13
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

: The function F is shown in below diagram.

Function F uses two primitive operations:

Addition: Addition of words, denoted by +
Bitwise exclusive-OR: This operation is denoted by

The decryption process is quite similar to the encryption process, which uses the reversal of
P-array values.

Blowfish is not suitable for applications in which the secret key changes frequently.

Further, for rapid execution, the P- and S-arrays can be stored rather than rederived from
the key each time the algorithm is used.

This requires over 4 kilobytes of memory. Thus, Blowfish is not appropriate for
applications with limited memory, such as smart cards.

14
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Differential and Linear Cryptanalysis

Introduction: -
Cryptanalysis is the technique of decoding messages from a non-readable format back to a
readable format without knowing how they were initially converted from readable format to
nonreadable format. Usually there are two methods of doing Cryptanalysis as shown below:
-differential cryptanalysis:
-linear cryptanalysis:
Differential Cryptanalysis:
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block
ciphers, but also to stream ciphers and cryptographic hash functions.
Invented by Eli Biham and Adi Shamir In 1990.
This method looks at pairs of cipher text whose plain texts have particular differences. The
technique analyzes the progress of these differences as the plain texts travel through the
various rounds of processing to generate cipher text.

Linear Cryptanalysis:
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to stream
ciphers.
Invented by Mitsuru Matsui in 1993.
In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding linear,
parallel relationships.& linear approximations to the action of a cipher

Some of the differences are shown below:

Differential Cryptanalysis Linear Cryptanalysis
1.Invented by Eli Biham and Adi Invented by Mitsuru Matsui in 1993.
Shamir in 1990
2.Primarily applicable to Block Primarily applicable to Stream Ciphers
Ciphers
3.It is also called as chosen plain It is also called as known plain text attack
text attack
4.It looks at pairs of cipher text Works based on finding linear, parallel
whose plain texts have particular relationships & linear approximations to the
differences action of a cipher
5.used to examine the differences Used to examine the linear combination of
of inputs subsets of inputs
6.Differential cryptanalysis is In linear cryptanalysis, the role of the cryptanalyst
available to obtain clues about is to identify the linear relation between some bits
some bits of the key, thereby of the plaintext, some bits of the ciphertext, and
shortening an exhaustive search some bits of the unknown key
7.Cryptanalyst studies changes to The cryptanalyst decrypts each ciphertext using
the intermediate ciphertext all possible subkeys for one round of encryption
obtained between multiple rounds and studies the resulting intermediate ciphertext
of encryption. to analyze the random result.

15
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Block Cipher Modes of Operation

Introduction: -
To apply a block cipher in a variety of applications, different "modes of operation" have been
defined by NIST.
In essence, a mode of operation is a technique for enhancing the effect of a cryptographic
algorithm or adapting the algorithm for an application.
The modes are intended to cover virtually all the possible applications of encryption for
which a block cipher could be used, as shown below:
-Electronic Codebook Mode:
-Cipher Block Chaining Mode:
-Cipher Feedback Mode:
-Output Feedback Mode:
-Counter Mode:
1)Electronic Codebook Mode:-
The simplest mode is the electronic codebook (ECB) mode, in which plaintext is
handled one block at a time and each block of plaintext is encrypted using the same key.
The term codebook is used because, for a given key, there is a unique ciphertext
for every b-bit block of plaintext.
For a message longer than b bits, the procedure is simply to break the message into b-
bit blocks, padding the last block if necessary. The ECB mode operation is shown below:
here, the plaintext (padded as necessary) consists of a sequence of b-bit blocks, P1, P2,...,
PN; the corresponding sequence of ciphertext blocks is C1, C2,..., CN.

Decryption is performed one block at a time, always using the same key.

16
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

The ECB method is ideal for a short amount of data encryption key. Thus, if you want
to transmit a DES key securely, ECB is the appropriate mode to use.
The most significant characteristic of ECB is that the same b-bit block of plaintext, if it
appears more than once in the message, always produces the same ciphertext.
For lengthy messages, the ECB mode may not be secure. If the message is highly
structured, it may be possible for a cryptanalyst to exploit these regularities.

2)Cipher Block Chaining Mode:-

To overcome the security deficiencies of ECB, we would like a technique in which the
same plaintext block, if repeated, produces different ciphertext blocks. A simple way to satisfy
this requirement is the cipher block chaining (CBC) mode.
In this scheme, the input to the encryption algorithm is the XOR of the current
plaintext block and the preceding ciphertext block; the same key is used for each block.
In effect, we have chained together the processing of the sequence of plaintext blocks. The
input to the encryption function for each plaintext block bears no fixed relationship to the
plaintext block. Therefore, repeating patterns of b bits are not exposed.

Here Cipher Text generation formula is:

For decryption, each cipher block is passed through the decryption algorithm. The
result is XORed with the preceding ciphertext block to produce the plaintext block.

Here Plain Text generation formula is:

The IV is a data block that is that same size as the cipher block. The IV must be knownto
both the sender and receiver but be unpredictable by a third party

17
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

3)Cipher Feedback Mode:-

First, consider encryption. The input to the encryption function is a b-bit shift register that
is initially set to some initialization vector (IV). The leftmost (most significant) s bits of the
output of the encryption function are XORed with the first segment of plaintext P1 to produce
the first unit of ciphertext C, which is then transmitted. In addition, the contents of the shift
register are shifted left by s bits and C is placed in the rightmost (least significant) s bits of the
shift register. This process continues until all plaintext units have been encrypted.

In the figure, it is assumed that the unit of transmission is s bits; a common value is s =
8. As with CBC, the units of plaintext are chained together, so that the ciphertext of any
plaintext unit is a function of all the preceding plaintext. In this case, rather than units of b bits,
the plaintext is divided into segments of s bits. Formula to generate Cipher Text is:

For decryption, the same scheme is used, except that the received ciphertext unit is
XORed with the output of the encryption function to produce the plaintext unit.

18
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Formula to generate Plain Text is:

4)Output Feedback Mode:-

The output feedback (OFB) mode is similar in structure to that of CFB, as illustrated in Figure.

As can be seen, it is the output of the encryption function that is fed back to the shift register
in OFB, whereas in CFB the cipher text unit is fed back to the shift register. One advantage of
the OFB method is that bit errors in transmission do not propagate.

For example, if a bit error occurs in C1 only the recovered value of is P1 affected; subsequent
plaintext units are not corrupted. With CFB, C1 also serves as input to the shift register and
therefore causes additional corruption downstream. The disadvantage of OFB is that it is
more vulnerable to a message stream modification attack than is CFB.

Formula to generate Cipher Text is:

Formula to generate Plain Text is:

19
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

5)Counter Mode:-
In CTR mode a counter, equal to the plaintext block size is used. The only requirement is that
the counter value must be different for each plaintext block that is encrypted. Typically, the
counter is initialized to some value and then incremented by 1 for each subsequent block.

For encryption, the counter is encrypted and then XORed with the plaintext block to produce
the ciphertext block; there is no chaining.

For decryption, the same sequence of counter values is used, with each encrypted counter
XORed with a ciphertext block to recover the corresponding plaintext block.

Advantages:
a)Hardware efficiency
b)Software efficiency
c)Preprocessing
d)Random access
e)Provable security
f)Simplicity

20
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Stream ciphers
Introduction: -
A stream cipher encrypts or decrypts a digital data one bit or one byte at a time as shown
below:

The process of Encryption and Decryption is shown below:

Examples:
Examples of classical stream ciphers are
--the auto keyed Vigenère cipher,
--the Vernam cipher
--RC4 Algorithm.

21
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

RC4 Algorithm
Introduction: -
 RC4 designed in 1987 by Ronald Rivest.
 It is a symmetric key encryption algorithm and is example of Stream Cipher.

 It is mainly used in
-Data communication and networking protocols
-IEEE 802.11 wireless LAN std:
WEP (Wired Equivalent Privacy), WPA (WiFi Protocol Access)
-SSL-Secure socket Layer Protocol and
TLS-Transport Layer Security between web browsers and servers

 Because it is a stream cipher is operate on smaller units of plaintext, usually bits or

bytes .

 A stream cipher generates what is called a key stream (a sequence of bits used as a
key).

 Encryption is accomplished by combining the key stream with the plaintext, usually
with the bitwise XOR operation.

How does it works:-

The steps involved in RC4 are shown below:
1. Initialize an array of 256 bytes.
2. Run the Key Scheduling Algorithm (KSA) on them.
3. Run the Pseudo-Random Generation Algorithm (PRGA) on the (KSA) output to generate
Key stream.
4. XOR the data with a key stream.

The Block diagram of RC4 is shown below:

22
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

1)Initialization of array:

2)Key Scheduling Algorithm:

23
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

3)Pseudo-Random Generation Algorithm:

4)XOR the data with a key stream:

 Encryption is accomplished by combining the key stream with the plaintext
with the bitwise XOR operation .
 Example:
11001100 plaintext
01101100 key stream
10100000 Cipher text

Location and Placement of Encryption Function

We have two major alternatives;
-Link Encryption
-End to End Encryption

1)Link Encryption:
-At the lowest practical level, the encryption function could be performed at the network layer.
- Encryption occurs independently on every link
- It implies that decryption must done at every link
- Required may devices to perform encryption an decryption

2)End to End Encryption

- Encryption occurs at original Source
- It implies that decryption must done at final destination
- need devices or software modules at each end with shared keys

24
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Principles of Public Key Cryptosystems

Introduction: -
Public-key cryptography is asymmetric, involving the use of two separate keys, one key for
decryption and other is for decryption.
Public-key/two-key/asymmetric cryptography involves the use of two keys:
 a public-key, which may be known by anybody, and can be used to encrypt messages, and
verify signatures
 a private-key, known only to the recipient, used to decrypt messages, and sign
(create) signatures.
Advantages:
 It eliminates the key distribution problem.
 Increasing of security.
 Can provide digital signatures that can be repudiated

Symmetric -key cryptography uses one key for Encryption and Decryption process. The Secret
Key must be shared by both sender and receiver.
Advantages:
 A symmetric cryptosystem is faster.
 A system only which possesses the secret key can decrypt a message.
Disadvantages:
 Symmetric cryptosystems have a problem of key transportation.
 Cannot provide digital signatures that cannot be repudiated.

General Idea: -
The general structure of the Public key cryptography is shown below:

25
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

The essential steps involved in a public-key encryption scheme are given below:
1) Each user generates a pair of keys to be used for encryption and decryption.
2) Each user places one of the two keys in a public register and the other key is kept
private.
3) If B wants to send a confidential message to A, B encrypts the message using A’s
public key.
4) When A receives the message, decrypts it using private key. Nobody else can
decrypt the message because that can only be done using A’s private key
5) If a user wishes to change his keys –generate another pair of keys and publish the
public one: no interaction with other users is needed.

Notations used in Public-key cryptography:

 The public key of user A will be denoted KUA.
 The private key of user A will be denoted KRA.
 Encryption method will be a function E.
 Decryption method will be a function D
In Asymmetric-key cryptography, plaintext and ciphertext are treated as integers.
and Encryption and Decryption can be represented as follows:

C = f (K , P)
public
P = g(K , C)
private

Applications for public-key cryptosystems:

1) Encryption/decryption: sender encrypts the message with the receiver’s public key.
2) Digital signature: sender “signs” the message using his private key
3) Key exchange: two sides cooperate to exchange a secret key for later use in a secret- key cryptosystem.

Security of Public-key schemes:

 Like private key schemes brute force exhaustive search attack is always theoretically possible.

 Security relies on a large enough difference in difficulty between easy (en/decrypt) and hard
(cryptanalyse) problems. More generally the hard problem is known, its just made too hard to do
in practise.

 Requires the use of very large numbers, hence isslow compared to private key schemes

26
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

RSA Algorithm
Introduction: -
 RSA Algorithm follows principles of Public Key Cryptography.
 It is Used by modern computers to encrypt and decrypt messages.
 RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, in 1978.
 Uses large integers (eg. 1024 bits) as keys
 security due to cost of factoring large numbers

RSA Algorithm steps:

1. Key Generation:

i.e. compute a value d such

2. Encryption Process:

3. Decryption Process:

27
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Example: Convert Plain Text M=5 into Cipher Text using RSA Algorithm.

Solution: Select two prime numbers as p and q

28
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Here sender sends the ciphertext obtained after performing encryption process.
The Receiver gets the plain text after performing Decryption.
29
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Diffie-Hellman Key Exchange Algorithm

Introduction: -
 It is not an Encryption Algorithm
 It is a key Exchange algorithm using public key cryptography (using public Key and private
key)
 The purpose of the algorithm is to enable two users to securely exchange a key
that can then be used for subsequent encryption of messages.

Algorithm Steps: -

30
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

31
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

How to find primitive Roots: -

32
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

Key Exchange Protocol: -

33
P.Srinivasulu, CSE, PBRVITS. Cryptography and Network Security

34