Encryption

• Substitution : Change the letters (bits)

• Permutation: Change its order (place)

DES (Data Encryption Set)
16 Round
• DES is a block cipher and encrypts data in blocks of
size of 64 bits each.
• 64 bits of plain text go as the input to DES, which
produces 64 bits of cipher text.
• The same algorithm and key are used for encryption
and decryption, with minor differences.
• The key length is 56 bits.
Actually, the initial key consists of 64 bits.
However, before the DES process even starts, every 8th
bit of the key is discarded to produce a 56-bit key.
That is bit positions 8, 16, 24, 32, 40, 48, 56, and 64 are
discarded.
• DES is based on the two fundamental attributes of
cryptography:
• Substitution (also called confusion) and
• Permutation (transposition) (also called diffusion).
• DES consists of 16 steps, each of which is called a
round.
• In the first step, the 64-bit plain text block is handed over to an initial
Permutation (IP) function.

• Next, the initial permutation (IP) produces two halves of the permuted
block; saying Left Plain Text (LPT) and Right Plain Text (RPT).

• Each LPT and RPT go through 16 rounds of the encryption process.

• In the end, LPT and RPT are rejoined and a Final Permutation (FP) is
performed on the combined block.

• The result of this process produces 64-bit ciphertext.

 Initial Permutation (IP):
• Initial permutation (IP) happens once before the first round.
• For example, it says that the IP replaces the first bit of the original plain
text block with the 58th bit of the original plain text, the second bit with
the 50th bit of the original plain text block, and so on.
• After IP is done, the resulting 64-bit permuted text block is divided into
two half blocks
• The initial 64-bit key is transformed into a 56-bit key by discarding every 8th
bit of the initial key.
•
• Thus, for each a 56-bit key is available.
• From this 56-bit key, a different 48-bit Sub Key is generated during each
round using a process called key transformation.
• For this, the 56-bit key is divided into two halves, each of 28 bits. These
halves are circularly shifted left by one or two positions, depending on the
round.

• For example: if the round numbers 1, 2, 9, or 16 the shift is done by only one
position for other rounds, the circular shift is done by two positions. The
number of key bits shifted per round is shown in the figure.
• After the shift, 48 of the 56 bits are selected.
• For instance, after the shift, bit number 14 moves to the
first position, bit number 17 moves to the second
position, and so on.
• The key contains only 48-bit positions. Bit number 18 is
discarded (we will not find it in the table), like seven
others, to reduce a 56-bit key to a 48-bit key.
• The32-bit plain text areas called Left Plain Text(LPT) and
Right Plain Text(RPT) are expanded from 32 bits to 48
bits.

• This happens as the 32-bit RPT is divided into 8 blocks,

with each block consisting of 4 bits and two more bits
are added.
• XOR (Whitener). − After the expansion permutation, DES does XOR operation on
the expanded right section and the round key. The round key is used only in this
operation.

• DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output.

• S-boxes

•
• The expanded right plain text now consists of 48 bits and is XORed with the 48-bit key.

• The result of the previous step is divided into 8 boxes. Each box contains 6 bits. After going through the
eight substitution boxes, each box is reduced from 6 bits to 4 bits..
• The result is transposed in accordance with the following rule:​

• XOR the left half with the result from the above step. Store this in the right plain text.

• Store the initial right plain text in the left plain text.

• These halves are inputs for the next round. Remember that there are different keys for each round.

• After the 16 rounds of encryption, swap the left plain text and the right plain text.
• The 48-bit key is XOR with 48-bit RPT and the resulting output is given to the
next step, which is the S-Box substitution.
 DES Analysis
• The DES satisfies both the desired properties of block cipher. These two
properties make cipher very strong.

Avalanche effect − A small change in plaintext results in the very great

change in the cipher text.
The strict avalanche criterion (SAC) is a formalization of the avalanche effect.
It is satisfied if, whenever a single input bit is complemented, each of the
output bits changes with a 50% probability.

Completeness − Each bit of cipher text depends on many bits of plaintext.

• Use S-box 0 for the most significant nibble of each of these eight
bytes, and S-box 1 for the least significant nibble of each byte:

• Input: 0 1 2 3 4 5 6 7
• S-box 0 output: 12 15 7 10 14 13 11 0
• S-box 1 output: 7 2 14 9 3 11 0 4

• Input: 8 9 10 11 12 13 14 15
• S-box 0 output: 2 6 3 1 9 4 5 8
• S-box 1 output: 12 13 1 10 6 15 8 5
 The AES Cipher
Input 4 rows
1st row is unchanged
2nd row does 1 byte circular shift to left
3rd row does 2 byte circular shift to left
4th row does 3 byte circular shift to left
 Symmetric Encryption Techniques

• DES (Data Encryption Set)

• Triple DES
• AEC (Advanced Encryption Set)
 Assignment
• Symmetric encryption
– Types
– Use
– drawbacks

26