UNIVERSITY OF INFORMATION TECHNOLOGY – VNU-HCM

FACULTY OF COMPUTER NETWORKS AND COMMUNICATIONS

2. Block ciphers: DES - AES

PHỤC VỤ MỤC ĐÍCH GIÁO DỤC
FOR EDUCATIONAL PURPOSE ONLY

A. OVERVIEW

A. OVERVIEW
1. Introduction and learning objective.
The learning objective of this lab is for students to get familiar with the concepts in
modern cryptography, particularly in block ciphers - DES and AES. After finishing the
lab, students should be able to gain first-hand experience with DES encryption
algorithms, encryption modes, padding, and initial vector (IV). This lab will cover the
following topics regarding:

• DES, 2DES, 3DES, AES Encryption,

• Mode of operation and padding.
• Avalanche effect and strength of DES cipher

2. Backgrounds and Prerequisites

To ensure everything goes smoothly and you achieve better results in this lab, you are
expected to be familiar with block cipher concepts and gain enough background
knowledge about DES cipher, mode of operations and strength of DES.
 Lab 2: Block cipher: DES - AES

2
a) Stream cipher and Block cipher

Theorem 2.1
A stream cipher is one that encrypts a digital data stream one bit or one byte at a
time. (Figure 1)
Examples: autokeyed Vigenère cipher and the Vernam cipher.

In the ideal case, a one-time pad version of the Vernam cipher would be used, in
which the keystream (ki) is as long as the plaintext bit stream (pi). If the
cryptographic keystream is random, then this cipher is unbreakable by any means
other than acquiring the keystream (perfect secrecy). However, the keystream must
be provided to both users in advance via some independent and secure channel.
A block cipher is one in which a block of plaintext is treated as a whole and used to
produce a ciphertext block of equal length (Figure 1). Typically, a block size of 64 or
128 bits is used. As with a stream cipher, the two users share a symmetric encryption
key. Using some of the modes of operation, a block cipher can be used to achieve
the same effect as a stream cipher.

Figure 1 Stream cipher and Block cipher.

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

3
b) Feistel cipher structure

Theorem 2.2
Feistel proposed that we can approximate the ideal block cipher by utilizing the
concept of a product cipher, alternates substitutions and permutations (i.e. the
execution of two or more simple ciphers in sequence in such a way that the final
result or product is cryptographically stronger than any of the component ciphers).
(Figure 2.2). Feistel cipher structure is used by DES, and a number of significant
symmetric block ciphers currently in use (TDEA, TLS).

According to Feistel, in encryption process, plaintext will be divided into 2 halves LE0
and RE0 Then, them will be processed in 16 rounds (all rounds have the same structure,
using different sub keys Ki) In each round, left side is modified (substitution)
LEi = REi—1 REi = LEi—1 F(REi—1, Ki)
where: Ki is sub key in round i is generated from the original key K, F is a pseudorandom
function indexed by key Ki. Finally, both sides are swapped (permutation)

Figure 2 Feistel Cipher Structure (16 rounds)

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

4
c) Data Encryption Standard (DES)

Theorem 2.3
DES (Data Encryption Standard) is a symmetric-key algorithm for the encryption
of digital data. It is developed in the early 1970s at IBM and based on Feistel cipher
structure. DES is approved as a standard in 1976 by NIST (National Institute of
Standards and Technology) and then was published as an official Federal
Information Processing Standard (FIPS) for the United States in 1977. DES was
widely used around the world until 1999, NIST introduced a new standard using 3-
DES and then it was replaced by AES in 2001.

The general depiction of DES encryption is shown in the Figure 3. In case of DES, the
plaintext block must be 64 bits in length and the key is 56 bits in length.

Figure 3 General Depiction of DES Encryption Algorithm

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

5
d) Mode of operation
A block cipher takes a fixed-length block of text of length b bits and a key as input and
produces a b-bit block of ciphertext. If the amount of plaintext to be encrypted is
greater than b bits, then the block cipher can still be used by breaking the plaintext up
into b-bit blocks. When multiple blocks of plaintext are encrypted using the same key,
a number of security issues arise.

Theorem 2.4
Mode of operation is a technique for enhancing the effect of a cryptographic
algorithm or adapting the algorithm for an application, such as applying a block
cipher to a sequence of data blocks or a data stream. The five modes are intended to
cover a wide variety of applications of encryption for which a block cipher could be
used. To apply a block cipher in a variety of applications, five modes of operation
have been defined by NIST (SP 800-38A):
• ECB - Electronic Code Book
• CBC - Cipher Block Chaining
• CFB - Cipher Feedback
• OFB - Output Feedback
• CTR - Counter

Figure 4 Block Cipher Modes of Operation

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

6
3. Lab environment and Tools
Operating system:
• 1 PC running Window
Tools
• Cryptool 2: CrypTool 2 - CrypTool Portal

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

7
B. LAB TASKS
1. DES – AES Encryption
Task 1.1
Describe in detail (step-by-step) how DES encryption works by using CrypTool.
When it comes to repetitive steps, you don’t have to describe each step in the series,
you just need to describe the first one.

Tips: Using Cryptool 2, you can have a step-by-step look at the encryption process of the
Data Encryption Standard (DES). Open template DES Visualization by searching at the
Startcenter tab. You can also modify both input blocks (plain-text and key). Then, click
"Play"and see how DES work in the central block (DES Visualization) (Figure 5).

Figure 5 DES visualization using CrypTool 2

Advanced Task 1.1

Describe in detail how AES Encryption works, using template AES Visualization in
Cryptool 2.

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

8
2. Mode of Operation - Padding
Task 2.1
Using template Block modes of Symmetric ciphers in Cryptool 2 to show the
difference between two modes of operation: ECB and CBC when encrypting the
smiley picture. Comparing both results and explain why. (Figure 6)

Figure 6 Block modes of Symmetric ciphers in CrypTool 2

Task 2.2
Using DES with different modes of operation (channing mode) to encrypt the
following plaintext:

• Plaintext: UNIVERSITY OF INFORMATION TECHNOLOGY

• Key: Your student ID (8-digit number). Example: 18521234
• Padding mode: PKCS7
• Mode of operation:
a. DES - mode ECB
b. DES - mode CBC
c. DES - mode CFB
d. DES - mode OFB

The output needs to convert to HEX format.

• Find out and compare the differences of the results of 4 channing modes: ECB,
CBC, CFB, OFB

• Find out and describe how PKCS7 padding mode works. What happen if
we don’t use padding in each mode? (set Padding Mode to None). Explain why.

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

9
Tips: You can use template DES cipher in Cryptool 2 for this task. In the DES cipher
block, it is possible to set different Channing Modes in Configuration section. You can
also change the output format to Hexadecimal by modify String Encoder block.

Figure 7 DES Channing Modes in CrypTool 2

3. Avalanche Effect and Error Propagation

An essential property of every block encryption is the avalanche effect. A good
avalanche effect is achieved when a small change in the input (plaintext or key) results
in a significant change in the ciphertext. The objective of this task is to help students
understand this property in DES encryption.

Task 3.1
Using the following plaintext and key:

- Plain text: STAYHOME

- Key(hex): Your Student ID. Example: 18520042

By using CrypTool 2, please do the following experiments:

1. Keep the original key, modify bit(s) to change the plaintext to STAYHOMA.
Check the modifications made and the resulting avalanche effect after each
single round of DES.
2. Keep the original plaintext, change an arbitrary bit in the key. Then, check the
modifications made and the resulting avalanche effect after each single round
of DES.
3. Apply both changes above and check the modifications made and the resulting
avalanche effect after each single round of DES.
Observe and comment on the impact of making these changes in DES encryption.

Tips: You should using template Avalanche (DES) in Cryptool 2. At the beginning of
the presentation (after pressing "Play") you can modify the key and/or plaintext.
Check Enable to change single bits and click on the bit you would like to flip (Figure
8). Then, click Done and you can check the modifications made and the resulting

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

10
avalanche effect after each single round of DES. You will also get other relevant
statistical data and a general overview of the bits affected by the initial modification.

Figure 8 Change input data in Avalanche Visualization

Advanced Task 3.2

SEED Lab - Secret-Key Encryption Lab (Task 5)
To understand the error propagation property of various encryption modes, we
would like to do the following exercise:
- Create a text file that is at least 1000 bytes long
- Encrypt the file using the AES-128
- Unfortunately, a single bit of the 55th byte in the encrypted file got corrupted.
You can achieve this corruption using the bless hex editor.
- Decrypt the corrupted ciphertext file using the correct key and IV.
How much information can you recover by decrypting the corrupted file, if
the encryption mode is ECB, CBC, CFB, or OFB, respectively?

4. Strength of DES and other block ciphers: AES, 3DES

Task 4.1
Perform a (brute-force attack) on DES cipher to solve the following cipher- text.
Knowing that the cipher-text was encrypted using ECB mode.

95 C8 EA FE 7B E9 5D BD 70 65 DE 31 62 8C 90 8A E4 16 98 18 E1 DC DE 83 00
A1 22 5D EF 6E AA C6 F1 80 12 08 CB DA 0D 22

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

11
Determine the estimated time needed to brute-force (using multiple cores of your
CPU) for each of the following cases:

- Without knowing the key

- Knowing that the key pattern is 11-11-11-**-**-**-**-** (* is an arbitrary
value)
- Knowing that the key pattern is 11-11-11-11-11-**-**-**

Tips: CrypTool 2 support to perform brute-force attack on DES cipher. Using template
DES Brute-force Analysics. Note that you need to modify this template adapt with lab
task before using:

Figure 9 DES Brute-force attack in CrypTool 2

Advanced Task 4.2

Padding Ocracle Attack on DES

Padding Ocracle Attack (POA) is an attack which uses the padding validation of a
crypto - graphic message to decrypt the ciphertext. In symmetric ciphers, the
padding oracle attack can be applied to the CBC mode of operation, where the
"oracle"(usually a server) leaks data about whether the padding of an encrypted
message is correct or not. Such data can allow attackers to decrypt (and sometimes
encrypt) messages through the oracle using the oracle’s key, without knowing the
encryption key.

Using the template Padding Oracle Attack on DES, your task is to observe and
describe how to perform this attack on DES.

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

12
Advanced Task 4.3
Compare the strengths and differences of DES, Triple-DES (3DES), and AES. Why
shouldn’t we use double-DES (2DES) encryption?

C. REQUIREMENTS
You are expected to complete all tasks in section B (Lab tasks). Advanced tasks are
optional, and you could get bonus points for completing those tasks. We prefer you
work in a team of two or three to get the highest efficiency.
Your submission must meet the following requirements:
▪ You need to submit a detailed lab report in .pdf format, using the report
template provided on the UIT Courses website.
▪ Either Vietnamese or English report is accepted, that’s up to you. The report
written in the mixing of multiple languages is not allowed (except for the
untranslatable keywords).
▪ When it comes to programming tasks (require you to write an application or
script), please attach all source-code and executable files (if any) in your
submission. Please also list the important code snippets followed by
explanations and screenshots when running your application in your report.
Simply attaching code without any explanation will not receive points.
▪ Your submissions must be your own. You are free to discuss with other
classmates to find the solution. However, copying reports is prohibited, even
if only a part of your report. Both reports of the owner and the copier will be
rejected. Please remember to cite any source of the material (website,
book,…) that influences your solution.

Notice: Combine your lab report and all related files into a single ZIP file (.zip), name
it as follow:
StudentID1_StudentID2_ReportLabX.zip

D. REFERENCES
[1] William Stallings, Cryptography and network security: Principles and practice, 7th ed,
Pearson Education, 2017. Chapter 3, chapter 4, chapter 6, chapter 7

[2] Wenliang Du (Syracuse University), SEED Cryptography Labs

https://seedsecuritylabs.org/Labs_20.04/Crypto/

Faculty of Computer Networks NETWORK SECURITY

and Communications
 Lab 2: Block cipher: DES - AES

13
[3] Wenliang Du (Syracuse University), SEED Cryptography Labs
https://seedsecuritylabs.org/Labs_20.04/Files/Crypto_Encryption

Training platforms and related materials

▪ ASecuritySite-https://asecuritysite.com
▪ Cryptopals-https://cryptopals.com

Attention: Don’t share any materials (slides, readings, assignments, labs, etc..) out of our
class without my permission!

Faculty of Computer Networks NETWORK SECURITY

and Communications