Scribd
Upload
16 views23 pages

Ch04 Crypto8e

Uploaded by

5s7h9zjgmf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
16 views23 pages

Ch04 Crypto8e

Uploaded by

5s7h9zjgmf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 23

Cryptography

and Network
Security
Eighth Edition
by William Stallings

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


Chapter 4
Block Ciphers and the Data
Encryption Standard
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Stream Cipher
For practical reasons the bit-
In the ideal case, a one-time
stream generator must be
pad version of the Vernam
Encrypts a digital data implemented as an
cipher would be used, in
stream one bit or one byte algorithmic procedure so
which the keystream is as
at a time that the cryptographic bit
long as the plaintext bit
stream can be produced by
stream
both users
Examples: If the cryptographic It must be
• Autokeyed Vigenère cipher keystream is random, computationally
• Vernam cipher then this cipher is impractical to predict
unbreakable by any future portions of the
means other than bit stream based on
acquiring the previous portions of
keystream the bit stream
• Keystream must be
provided to both users in
advance via some
independent and secure
channel
• This introduces The two users need
insurmountable logistical only share the
problems if the intended generating key and
data traffic is very large
each can produce the
keystream

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


Block Cipher

A block of
plaintext is treated
Typically a block
as a whole and
size of 64 or 128
used to produce a
bits is used
ciphertext block of
equal length

The majority of
As with a stream network-based
cipher, the two symmetric
users share a cryptographic
symmetric applications make
encryption key use of block
ciphers

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Table 4.1
Encryption and Decryption Tables for Substitution Cipher
of Figure 4.2

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


Feistel Cipher
• Feistel proposed the use of a cipher that alternates
substitutions and permutations
• Each plaintext element or group of elements
Substitutions is uniquely replaced by a corresponding
ciphertext element or group of elements

• No elements are added or deleted or replaced


Permutation in the sequence, rather the order in which the
elements appear in the sequence is changed

• Is a practical application of a proposal by Claude


Shannon to develop a product cipher that alternates
confusion and diffusion functions
• Is the structure used by many significant symmetric
block ciphers currently in use
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Diffusion and Confusion
• Terms introduced by Claude Shannon to capture the
two basic building blocks for any cryptographic system
• Shannon’s concern was to thwart cryptanalysis based
on statistical analysis

Diffusion
• The statistical structure of the plaintext is dissipated into long-range statistics of the
ciphertext
• This is achieved by having each plaintext digit affect the value of many ciphertext
digits

Confusion
• Seeks to make the relationship between the statistics of the ciphertext and the value
of the encryption key as complex as possible
• Even if the attacker can get some handle on the statistics of the ciphertext, the way in
which the key was used to produce that ciphertext is so complex as to make it difficult
to deduce the key

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Feistel Cipher Design Features
• Block size
• Round function F
• Larger block sizes mean greater
• Greater complexity generally
security but reduced
encryption/decryption speed for a given means greater resistance to
algorithm cryptanalysis

• Key size • Fast software


encryption/decryption
• Larger key size means greater security
• In many cases, encrypting is
but may decrease
embedded in applications or utility
encryption/decryption speeds
functions in such a way as to
• Number of rounds preclude a hardware
implementation; accordingly, the
• The essence of the Feistel cipher is that speed of execution of the
a single round offers inadequate algorithm becomes a concern
security but that multiple rounds offer
increasing security • Ease of analysis
• If the algorithm can be concisely
• Subkey generation algorithm and clearly explained, it is easier to
• Greater complexity in this algorithm analyze that algorithm for
should lead to greater difficulty of cryptanalytic vulnerabilities and
cryptanalysis therefore develop a higher level of
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
assurance as to its strength
Feistel Example

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


Data Encryption Standard (DES)

• Issued in 1977 by the National Bureau of Standards (now


NIST) as Federal Information Processing Standard 46
• Was the most widely used encryption scheme until the
introduction of the Advanced Encryption Standard (AES) in
2001
• Algorithm itself is referred to as the Data Encryption
Algorithm (DEA)
• Data are encrypted in 64-bit blocks using a 56-bit key
• The algorithm transforms 64-bit input in a series of steps
into a 64-bit output
• The same steps, with the same key, are used to reverse the
encryption
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Table 4.2

DES
Example
(Table can be found on page
106 in the textbook)

Note: DES subkeys are shown as eight 6-bit values in hex format
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Table 4.3 Avalanche Effect in DES: Change in Plaintext
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table can be found on page 107 in the textbook)
Table 4.4 Avalanche Effect in DES: Change in Key
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table can be found on page 107 in the textbook)
Table 4.5
Average Time Required for Exhaustive Key Search

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table can be found on page 109 in the textbook)
Strength of DES
• Timing attacks
• One in which information about the key or the
plaintext is obtained by observing how long it takes
a given implementation to perform decryptions on
various ciphertexts
• Exploits the fact that an encryption or decryption
algorithm often takes slightly different amounts of
time on different inputs
• So far it appears unlikely that this technique will
ever be successful against DES or more powerful
symmetric ciphers such as triple DES and AES

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


Block Cipher Design Principles:
Number of Rounds

In general, the
criterion should be
If DES had 15 or
that the number of
The greater the fewer rounds,
rounds is chosen so
number of rounds, differential
that known
the more difficult it is cryptanalysis would
cryptanalytic efforts
to perform require less effort
require greater
cryptanalysis than a brute-force
effort than a simple
key search
brute-force key
search attack

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


Block Cipher Design Principles:
Design of Function F
• The heart of a Feistel The algorithm should have good
block cipher is the avalanche properties
function F
• The more nonlinear F, the Bit
Strict avalanche
more difficult any type of independence
criterion (SAC)
criterion (BIC)
cryptanalysis will be
• The SAC and BIC States that any output States that output bits
j and k should change
criteria appear to bit j of an S-box should
change with probability independently when
any single input bit i is
strengthen the 1/2 when any single input
bit i is inverted for all i , j inverted for all i , j ,
effectiveness of the and k

confusion function

© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.


Block Cipher Design Principles:
Key Schedule Algorithm
• With any Feistel block cipher, the key is used to
generate one subkey for each round
• In general, we would like to select subkeys to
maximize the difficulty of deducing individual
subkeys and the difficulty of working back to the
main key
• It is suggested that, at a minimum, the key
schedule should guarantee key/ciphertext Strict
Avalanche Criterion and Bit Independence
Criterion
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Summary
• Understand the • Explain the concept
distinction between of the avalanche
stream ciphers and effect
block ciphers
• Discuss the
• Present an overview cryptographic
of the Feistel cipher strength of DES
and explain how
decryption is the • Summarize the
inverse of encryption principal block
cipher design
• Present an overview
principles
of Data Encryption
Standard (DES)
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy