Stream Cipher

▪ A stream cipher is one that encrypts a digital data stream one bit
or one byte at a time.
▪ Examples of classical stream ciphers are Autokeyed Vigenère
cipher ,A5/1, RC4 and Vernam cipher.
Block Cipher
▪ A block cipher is one in which a block of plaintext is treated as a
whole and used to produce a ciphertext block of equal length.
▪ Typically, a block size of 64 or 128 bits is used.
▪ Examples are Feistel Cipher, DES, Triple DES and AES
Diffusion and Confusion
▪ Diffusion hides the relationship between the ciphertext and the
plaintext.
▪ This is achieved by having each plaintext digit affect the value of
many ciphertext digits.
▪ Confusion hides the relationship between the ciphertext and the
key.
▪ This is achieved by the use of a complex substitution algorithm.
 Plaintext (2w bits)
Feistel Cipher Structure
L0 w bits w bits R0 Or Block Cipher Structure
Round 1
K1
F

L1 R1

Round i
Ki
F

Li Ri

Round n
Kn
Ln Rn
F
Ln+1 Rn+1
Ln Rn

Ciphertext (2w bits)

Feistel Cipher Structure
▪ Input plaintext block of length 2w bits
▪ key K = n bits , Sub-keys: K1, K2, …, Kn (Derived from K)
▪ All rounds have the same structure.
▪ A substitution is performed by taking exclusive-OR on left half(Li)
of the data and the output of round function F which has inputs
right half(Ri) and sub key ki.
▪ A permutation is performed that consists of interchange of two
halves of data.
▪ This structure is called Substitution-Permutation Network (SPN)
Feistel Network Factors
▪ Block size: Common block size of 64-bit. However, the new
algorithms uses a 128-bit, 256-bit block size.
▪ Key size: Key sizes of 64 bits or less are now widely considered to
be insufficient, These days at least 128 bit, more better, e.g. 192 or
256 bit
▪ Number of rounds: A typical size is 16 rounds.
▪ Round function F: Again, greater complexity generally means
greater resistance to cryptanalysis.
▪ Subkey generation algorithm: Greater complexity in this
algorithm should lead to greater difficulty of cryptanalysis.
Feistel Encryption & Decryption
▪ Prove that o/p of first round
of Decryption is equal to 32-
bit swap of i/p of 16th round
of Encryption
▪ LD1=RE15 & RD1=LE15
▪ On Encryption Side:
𝐿𝐸16 = 𝑅𝐸15
𝑅𝐸16 = 𝐿𝐸15 ⊕ 𝐹(𝑅𝐸15 , 𝐾16 )

▪ On Decryption Side:
𝐿𝐷1 = 𝑅𝐷0 = 𝐿𝐸16 = 𝑅𝐸15
𝑅𝐷1 = 𝐿𝐷0 ⊕ 𝐹 𝑅𝐷0 , 𝐾16
= 𝑅𝐸16 ⊕ 𝐹 𝑅𝐸15 , 𝐾16
= [𝐿𝐸15 ⊕ 𝐹 𝑅𝐸15 , 𝐾16 ] ⊕ 𝐹 𝑅𝐸15 , 𝐾16
XOR Associativity
𝑇ℎ𝑢𝑠, Property
∵ 𝐴=⊕𝑅𝐸
𝐿𝐷 𝐵 ⊕ & 𝐶𝑅𝐷= 𝐴=⊕
𝐿𝐸[𝐵 ⊕ 𝐶]
1 15 1 15
Data Encryption Standard (DES)
▪ Type: Block Cipher
▪ Block Size : 64-bit
▪ Key Size: 64-bit, with only 56-bit effective
▪ Number of Rounds: 16
64-bit plaintext 64-bit key

Initial Permutation Permuted choice 1

64 56
K1 48 56
Round 1 Permuted choice 2 Left circular shift
64 56
K2 48 56
Round 2 Permuted choice 2 Left circular shift

K16 48 56
Round 16 Permuted choice 2 Left circular shift

32-bit swap
64
Inverse
Initial Permutation
DES Encryption
64-bit ciphertext
Algorithm
DES Encryption Algorithm (Cont…)
▪ First, the 64-bit plaintext passes through an initial permutation
(IP) that rearranges the bits to produce the permuted input.
▪ This is followed by a phase consisting of sixteen rounds of the
same function, which involves both permutation and substitution
functions.
▪ Finally, the preoutput is passed through a permutation that is the
inverse of the initial permutation function, to produce the 64-bit
ciphertext.
▪ The 56-bit key is passed through a permutation function.
▪ For each of the sixteen rounds, a subkey (Ki) is produced by the
combination of a left circular shift and a permutation.
DES Single Round
32-bits 32-bits 28-bits 28-bits
𝐿𝑖−1 𝑅𝑖−1 𝐶𝑖−1 𝐷𝑖−1

Expansion/ permutation Left Shift Left Shift

(E table) (S) (S)
48
Ki Permutation/
XOR compression
48
48 (Permuted choice 2)

Substitution/choice
(S-box)
32
Permutation
(P)
32

XOR

𝐿𝑖 𝑅𝑖 𝐶𝑖 𝐷𝑖
DES Single Round (Cont…)
1. Key Transformation
• Permutation of selection of sub-key from original key
2. Expansion Permutation (E-table)
• Right half is expanded from 32-bits to 48-bits
3. S-box Substitution
• Accepts 48-bits from XOR operation and produce 32-bits using
8 substitution boxes (each S-boxes has a 6-bit i/p and 4-bit
o/p).
4. P-Box Permutation
5. XOR and Swap
Role of S-box
Role of S-box (Cont…)
▪ The outer two bits of each group select one row of an S-box.
▪ Inner four bits selects one column of an S-box.

S-box 1
▪ Example:
Input 0 1 1 0 0 1 Output 1 0 0 1

Row Column
Avalanche Effect
▪ Desirable property of any encryption algorithm is that a change in
one bit of the plaintext or of the key should produce a change in
many bits of cipher text.
▪ DES performs strong avalanche effect.

▪ Although the two plaintext blocks differ only in the rightmost bit,
the ciphertext blocks differ in 29 bits.
▪ This means that changing approximately 1.5 % of the plaintext
creates a change of approximately 45 % in the ciphertext.
AES (Advanced Encryption Standard)
▪ The Rijndael proposal for AES defined a cipher in which the block length
and the key length can be independently specified to be 128, 192, or
256 bits.
Key size (words/ bytes/ bits) 4/16/128 6/24/192 8/32/256
Block size (words/ bytes/ bits) 4/16/128 4/16/128 4/16/128
Round key size (words/ bytes/ bits) 4/16/128 4/16/128 4/16/128
Number of Rounds 10 12 14

▪ AES designed to have characteristics

1. Resistance against all known attacks
2. Speed and code compactness on a wide range of platforms
3. Design simplicity
AES (Advanced Encryption Standard)

Plaintext (128 bits)

AES Key (128-256 bits)

Ciphertext (128 bits)

 AES Structure
Initialization
1. Expand 16-byte key to get
the actual key block to be
used.
2. Initialize 16-byte plaintext
block called as state.
3. XOR the state with the key
block.

For each round

1. Apply S-box
2. Rotate rows of state
3. Mix columns
4. Add Round key: XOR the
state with key block.
Data Units in AES
Block to State & State to Block
Plain Text to State
AES Structure
▪ The first N-1 rounds consist of four distinct transformation
functions.

• The 16 input bytes are substituted using an S-

SubBytes
box

• Each of the four rows of the matrix is shifted

ShiftRows
to the left

• Each column of four bytes is now transformed

MixColumns
using a special mathematical function.
• The 16 bytes of the matrix are now considered as
AddRoundKey 128 bits and are XORed to the 128 bits of the
round key.
SubByte Transformation
▪ The forward substitute byte transformation, called SubBytes, is a
simple table lookup
ShiftRows
▪ The first row of State is not altered.
▪ For the second row, a 1-byte circular left shift is performed.
▪ For the third row, a 2-byte circular left shift is performed.
▪ For the fourth row, a 3-byte circular left shift is performed.
MixColumns
▪ Each byte of a column is mapped into a new value that is a
function of all four bytes in that column.
AddRoundKey
▪ In the forward add round key transformation, the 128 bits of State
are bitwise XORed with the 128 bits of the round key.

State Round Key

AES Overall Structure
 AES Key Expansion
▪ The AES key expansion algorithm takes as
input a four-word (16-byte) key and produces
a linear array of 44 words (176 bytes).
▪ Each added word w[i] depends on the
immediately preceding word, w[i - 1].
▪ In three out of four cases, a simple XOR is
used.
Key Expansion Example