CLO 2

Lecture#03
Block Ciphers and DES
(Modern Symmetric Ciphers)
Course: Cryptography & Network Security (CE-408)
Course Teacher: Dr. Rukaiya

Contact Info:

Room No: BS-02, CED

Email: [email protected]

1
 Stream Cipher
For practical reasons the
In the ideal case, a one-time
bit-stream generator must
pad version of the Vernam
be implemented as an
cipher would be used, in
algorithmic procedure so
which the keystream is as
that the cryptographic bit
long as the plaintext bit
stream can be produced by
stream
Encrypts a digital both users
data stream one bit
If the cryptographic It must be
or one byte at a time keystream is random, then computationally
this cipher is unbreakable impractical to predict
by any means other than future portions of the
Examples: acquiring the keystream bit stream based on
• Autokeyed •Keystream must be previous portions of
Vigenère cipher provided to both users in the bit stream
• Vernam cipher advance via some
independent and secure
channel
•This introduces The two users need
insurmountable logistical only share the
problems if the intended generating key and
data traffic is very large each can produce the
keystream

2
 Block Cipher

A block of
plaintext is
Typically, a
treated as a
block size of 64
whole and used
or 128 bits is
to produce a
used
ciphertext block
of equal length

The majority of
As with a
network-based
stream cipher,
symmetric
the two users
cryptographic
share a
applications
symmetric
make use of
encryption key
block ciphers

3
 Key Bit stream Key Bit stream
(K) generation (K) generation
algorithm algorithm

ki ki

Plaintext Ciphertext Plaintext

(pi) (ci) (pi)
ENCRYPTION DECRYPTION

(a) Stream Cipher Using Algorithmic Bit Stream Generator

b bits b bits
Plaintext Ciphertext

Key Encryption Key Decryption

(K) algorithm (K) algorithm

Ciphertext Plaintext

b bits b bits

(b) Block Cipher

Figure 4.1 Stream Cipher and Block Cipher 4

5
 Table 4.1
Encryption and Decryption Tables for Substitution Cipher of Figure 4.2

6
 Feistel/Block Cipher Structure
• Reversible Transformation
• A block cipher operates on a PT block of n bits to produce a CT
blocks
• For encryption to be reversible or non-singular, each must
produce a unique CT block
Reversible Mapping
00 11
01 10
10 00
11 01

• Irreversible Transformation
• For the encryption to be irreversible or singular (decryption is
impossible) not all the PT block would have unique CT block
Reversible Mapping
00 11
01 10
10 01
11 01 7
Feistel Cipher
• Symmetric block encryption algorithms are referred to as
Feistel block cipher

• The concept is to have product cipher

• Product Cipher
It is the execution of two or more simple ciphers in sequence in such a
way that the final result or product is cryptographically stronger than any of the
component ciphers.

• Feistel proposed the use of a cipher that alternates

substitutions and permutations
•Each plaintext element or group of elements
is uniquely replaced by a corresponding
Substitutions ciphertext element or group of elements

•No elements are added or deleted or

replaced in the sequence, rather the order
Permutation in which the elements appear in the
sequence is changed
8
Feistel Cipher

• It is a practical application of a proposal by Claude Shannon

to develop a product cipher

• It is the structure used by many significant symmetric block

ciphers currently in use

• Shannon suggested two methods for frustrating statistical

cryptanalysis e.g., human readable message frequency
distribution, if reflects in the CT

• Two basic building blocks are

• Confusion
• Diffusion

9
Confusion

 It is achieved through XOR operation, performed on PT and the

encryption key

 It gets by the use of a complex substitution algorithm

 Seeks to make the relationship between the statistics of the

ciphertext and the value of the encryption key as complex as
possible

 This will frustrate the adversary who uses CT to find the key. In
other words, if a single bit in the key is changed, most or all bit in
the CT will also be changed.

 Even if the attacker can get some statistics of the CT, the way in
which the key was used to produce that ciphertext is so complex
as to make it difficult to deduce the key

10
Diffusion
• It is achieved through numerous permutations followed
by applying a function to that permutation

• The statistical structure of the plaintext is dissipated into

long-range statistics of the ciphertext

• This is achieved by having each plaintext digit affect the

value of many ciphertext digits as if we change a character
of the PT , then several characters of the CT should change

Example

V1=00101011 Block cipher y1=10111001

00100011 y2=01101100
Avalanche Effect

Confusion is apparently “enough” since OTP is secure. But diffusion

alone is perhaps not enough at least using relatively small blocks
11
A substitution-
permutation
Network

12
 Feistel Cipher Design Features/Parameters

• Block size
 Larger block sizes mean greater security but reduced
encryption/decryption speed for a given algorithm
• Key size
 Larger key size means greater security but may decrease
encryption/decryption speeds (greater confusion & resistance
to brute-force attack- now 128 bits key is common)
• Number of rounds
 The essence of the Feistel cipher is that a single round offers
inadequate security but that multiple rounds offer increasing
security
• Subkey generation algorithm
 Greater complexity in this algorithm should lead to greater
difficulty of cryptanalysis

13
 Feistel Cipher Design Features
• Round function F
 Greater complexity generally means greater resistance to
cryptanalysis (e.g., include S-boxes, permutation etc.)
• Fast software encryption/decryption
 In many cases, encrypting is embedded in applications or
utility functions in such a way as to preclude a hardware
implementation; accordingly, the speed of execution of the
algorithm becomes a concern
• Ease of analysis
 If the algorithm can be concisely and clearly explained, it is
easier to analyze that algorithm for cryptanalytic
vulnerabilities and therefore develop a higher level of
assurance as to its strength

14
Feistel Ciphers Mechanism (Example)

15
 Data Encryption Standard (DES)

• Issued in 1977 by the National Bureau of Standards (now

NIST) as Federal Information Processing Standard 46

• Was the most widely used encryption scheme until the

introduction of the Advanced Encryption Standard (AES) in
2001
• It was used to encrypt PINs and account transactions in ATMs

• Algorithm itself is referred to as the Data Encryption

Algorithm (DEA)

• Data are encrypted in 64-bit blocks using a 56-bit key

• The algorithm transforms 64-bit input in a series of steps
into a 64-bit output
• The same steps, with the same key, are used to reverse the
encryption
16
17
 Why 16 Rounds?
The goal is to completely scramble the
data and key so that every bit of CT
depends on every bit of the data and key

After sufficient rounds, there should be

no correlation between the CT and either
PT or key

• Minimum of 12 rounds were needed to sufficiently scramble the

key and data together (for confusion & diffusion)

• Secondly, the operation of 16 rounds would return the key back

to its original position in the electronic device for the next round.
18
Symmetric Key
• Key is usually a 64-bit
number where every eighth
bit is a parity bit
• The key generation algorithm
creates 16 different 48-bit
sub-keys, one for each round

19
Details of Single Round of DES

20
DES Example
• Key = 0f1571c947d9e859

21
 DES Example
• Plaintext = 02468aceeca86420
• Key = 0f1571c947d9e859

22
Permutation Choice

23
Details of Single Round of DES

24
 DES Example
• Plaintext = 02468aceeca86420
1. Apply initial Permutation

25
26
27
DES Example

28
Table 4.3 Avalanche Effect in DES: Change in Plaintext 29
Table 4.4 Avalanche Effect in DES: Change in Plaintext 30
Table 4.5 : Average Time Required for Exhaustive Key Search

31
Strength of DES
 Brute force attack is impractical with key length
of 56 bits as there are 256 possible keys or 7.2 ×
1016 keys

 Strength can be increased by compression of the

plaintext before encryption

 It becomes questionable since very powerful

machines can do parallel bit of time to break
ciphertext

32
Security provided by DES
 It depends on several factors

 Mathematical Soundness
 Length of Key
 Key Management
 Input data Formatting
 Mode of Operation
 Implementation

33
Block Cipher Principles: Number of Rounds

In general, the
criterion should be
that the number of If DES had 15 or
The greater the rounds is chosen so fewer rounds,
number of rounds, that known differential
the more difficult cryptanalytic cryptanalysis
it is to perform efforts require would require less
cryptanalysis greater effort than effort than a brute-
a simple brute- force key search
force key search
attack

34
 Block Cipher Design Principles: Key
Scheduling Algorithm

• With any Feistel block cipher, the key is used to

generate one subkey for each round
• In general, we would like to select subkeys to
maximize the difficulty of deducing individual subkeys
and the difficulty of working back to the main key
• It is suggested that, at a minimum, the key schedule
should guarantee key/ciphertext Strict
Avalanche Criterion and Bit Independence
Criterion

35
 Summary

• Understand the distinction between stream ciphers and

block ciphers
• Present an overview of the Feistel cipher and explain how
decryption is the inverse of encryption
• Present an overview of Data Encryption Standard (DES)
• Explain the concept of the avalanche effect
• Discuss the cryptographic strength of DES
• Summarize the principal block cipher design principles

36