Symmetric Encryption

and
Message Confendtiality
Symmetric Encryption
• Symmetric encryption, also referred to as conventional encryption,
secret-key, or single-key encryption, was the only type of encryption
in use prior to the development of public-key encryption in the late
1970s.
• It remains by far the most widely used of the two types of encryption.
1. Symmetric Encryption Principles
• Plaintext: This is the original message or data that is fed into the algorithm as
input.
• Encryption algorithm: The encryption algorithm performs various substitutions
and transformations on the plaintext.
• Secret key: The secret key is also input to the algorithm. The exact substitutions
and transformations performed by the algorithm depend on the key.
• Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the secret key. For a given message, two different keys will produce
two different ciphertexts.
• Decryption algorithm: This is essentially the encryption algorithm run in reverse.
It takes the ciphertext and the same secret key and produces the original plaintext.
 Cryptographic systems are generically classified along three independent dimensions:
1. The type of operations used for transforming plaintext to ciphertext.
All encryption algorithms are based on two general principles: substitution, in
which each element in the plaintext (bit, letter, group of bits or letters) is mapped
into another element, and transposition, in which elements in the plaintext are
rearranged. The fundamental requirement is that no information be lost (i.e., that all
operations be reversible). Most systems, referred to as product systems, involve
multiple stages of substitutions and transpositions.
2. The number of keys used.
If both sender and receiver use the same key, the system is referred to as
symmetric, single-key, secret-key, or conventional encryption. If the sender and receiver
each use a different key, the system is referred to as asymmetric, two- key, or public-key
encryption.
3. The way in which the plaintext is processed.
A block cipher processes the input one block of elements at a time, producing an
output block for each input block.
A stream cipher processes the input elements continuously, producing output one
element at a time, as it goes along.
 Cryptanalysis
• The process of attempting to
discover the plaintext or key
is known as cryptanalysis.
• The strategy used by the
cryptanalyst depends on the
nature of the encryption
scheme and the information
available to the cryptanalyst.
• Table 20.1 summarizes the
various types of cryptanalytic
attacks, based on the amount
of information known to the
cryptanalyst.
 Feistel Cipher Structure
• Many symmetric block encryption algorithms, including DES, have a structure first described by Horst Feistel
of IBM in 1973.
• The inputs to the encryption algorithm are a plaintext block of length 2w bits and a key K.
• The plaintext block is divided into two halves, L0 and R0.
• The two halves of the data pass through n rounds of processing and then combine to produce the ciphertext
block.
• Each round i has as inputs Li-1 and Ri-1, derived from the previous round, as well as a sub key Ki, derived
from the overall K.
• In general, the sub keys Ki are different from K and from each other and are generated from the key by a sub
key generation algorithm.
• All rounds have the same structure.
• A substitution is performed on the left half of the data.
• This is done by applying a round function F to the right half of the data and then taking the exclusive-OR
(XOR) of the output of that function and the left half of the data. The round function has the same general
structure for each round but is parameterized by the round subkey Ki.
• The Feistel structure is a particular example of the more general structure used by all symmetric
block ciphers.
• In general, a symmetric block cipher consists of a sequence of rounds, with each round
performing substitutions and permutations conditioned by a secret key value.
• The exact realization of a symmetric block cipher depends on the choice of the following
parameters and design features:
• Block size: Larger block sizes mean greater security (all other things being equal) but reduced
encryption/decryption speed. A block size of 128 bits is a reasonable tradeoff and is nearly universal
among recent block cipher designs.
• Key size: Larger key size means greater security but may decrease encryption/ decryption speed.
The most common key length in modern algorithms is 128 bits.
• Number of rounds: The essence of a symmetric block cipher is that a single round offers
inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds.
• Subkey generation algorithm: Greater complexity in this algorithm should lead to greater
difficulty of cryptanalysis.
• Round function: Again, greater complexity generally means greater resistance to cryptanalysis.
There are two other considerations in the design of a symmetric block cipher:
• Fast software encryption/decryption:
In many cases, encryption is embedded in applications or utility functions in such a way as to
preclude a hardware implementation. Accordingly, the speed of execution of the algorithm
becomes a concern.
• Ease of analysis:
Although we would like to make our algorithm as difficult as possible to cryptanalyze, there is
great benefit in making the algorithm easy to analyze. That is, if the algorithm can be concisely
and clearly explained, it is easier to analyze that algorithm for cryptanalytic vulnerabilities and
therefore develop a higher level of assurance as to its strength. DES, for example, does not
have an easily analyzed functionality.
Decryption with a symmetric block cipher is essentially the same as the encryption process.
The rule is as follows:
Use the ciphertext as input to the algorithm, but use the subkeys Ki in reverse order. That is,
use Kn in the first round, Kn-1 in the second round, and so on until K1 is used in the last round.
This is a nice feature because it means we need not implement two different algorithms, one
for encryption and one for decryption.
Symmetric Block Cipher
• The most commonly used symmetric encryption algorithms are block
ciphers.
• A block cipher processes the plaintext input in fixed-size blocks and
produces a block of ciphertext of equal size for each plaintext block.
• The three most important symmetric block ciphers: the Data
Encryption Standard (DES), triple DES (3DES), and the Advanced
Encryption Standard (AES).
1. Data Encryption Standard
• Symmetric block cipher
• The most widely used encryption scheme is based on the Data Encryption Standard (DES) adopted
in 1977 by the National Bureau of Standards, now the National Institute of Standards and
Technology (NIST), as Federal Information Processing Standard.
• The algorithm itself is referred to as the Data Encryption Algorithm (DEA). Not used now a days due
to security issues.
• The DES algorithm can be described as follows.
• The plaintext is 64 bits in length and the key is 56 bits in length; longer plaintext amounts are
processed in 64-bit blocks.
• The DES structure is a minor variation of the Feistel network shown.
• There are 16 rounds of processing.
• From the original 56-bit key, 16 subkeys are generated, one of which is used for each round.
• The process of decryption with DES is essentially the same as the encryption process.
• The rule is as follows:
Use the ciphertext as input to the DES algorithm, but use the subkeys Ki in reverse
order. That is, use K16 on the first iteration, K15 on the second iteration, and so on until K1
is used on the sixteenth and last iteration.
Initial Permutation:
- initial permutation changes the position of plain text.
Inverse Initial Permutation:
- Let assume swap function is giving 64 bits which are arranged in sequential order.
- Then Inverse Initial Permutation arranged it as:
32-bit Swap
- 32 bit swap function is very simple. It takes 32 bit of Left hand side and 32 bit of Right hand size
and swap them with each other.
- These 64 bit swapped bits are then given to inverse initial permutation
Rounds
- Each Round take 64 bit input and 48 bit key, and output of every round is 64 bit.
- The 64 bit input is divided into Left hand side 32 bits and Right hand side 32 bit.
- RHS half is then expanded to get 48 bit, by using expansion permutation.
- Now these 48 bits are XOR with 48 bits of Round key and we get 48 bit.
- Then this 48 bit is reduced to get 32 bit. It is reduced by using Substitution box/ S-Box.
- S-Box take 48 bit input and reduce it to 32 bit.
- Now this 32 bit is given to Permutation or Transposition / P-Box. Which changes the position of
given 32 bit.
- Mangler function gives 32 bit
- Then these 32 bit are XOR with LHS 32 bit and get RHS part. Ri = Li-1 XOR F(Ri-1, Ki)
- LHS part is the actual RHS part. Li = Ri-1
Original Key:
- Original key is 32 plus 32 64 bit.
- It is reduced into 48 bit.
- For every round have its key. 16 Rounds so 16 Keys.
Mangler Function:
- Also called F function. It works on RHS 32 bit Expansion Permutation, Xoring, S-Box and P-Box.

https://www.youtube.com/watch?v=j53iXhTSi_s&list=PLBlnK6fEyqRiOCCDSdi6Ok_8PU2f_nkuf&index=2
-Li = Ri-1
-Ri = Li-1 XOR F(Ri-1, Ki)
a. Double DES
• Drawback of DES is: Potential vulnerability of DES to a Brut-force attack.
As key size is 56 bit, so we have 256 .
• To overcome this we use Double DES. Here encryption is performed two
times.
•For both encryptions we use DES encryption algorithms and two
keys K1 and K2, where k
• Both keys are of 56 bits so now we have total 112 bit key is used. But it is
used in 2 stages.
• Double DES decryption reverse the procedure.
• Drawback: Double DES is vulnerable to Meet in the Middle Attack.
• Drawback of Double DES is MEET in MIDDLE Attack.
• This Double DES is vulnerable to Meet in the Middle attack. ()
• Meet in middle attack: (known plain text attack, where attack
knows PT an CT both) For example attacker knows PT: START
and CT: FINAL, so he just need key which is used.
• Attacker feed PT to encryption algo, and he knows K1 and K2
is used both are 56 bits. So he do Key try 1 to 56 for Key 1, 256
(Brut force attack). Same for Key 2.

So we use Triple DES

b. Triple DES
• Triple DES (3DES) was first standardized for use in financial applications in ANSI standard X9.17 in 1985. 3DES
was incorporated as part of the Data Encryption Standard in 1999.
• 3DES uses three keys and three executions of the DES algorithm.
• The function follows an encrypt-decrypt-encrypt (EDE) sequence (Figure 20.2a):
C = E(K3, D(K2, E(K1, p)))
where
C = ciphertext
P = plaintext
E[K, X] = encryption of X using key K
D[K, Y] = decryption of Y using key K
• Decryption is simply the same operation with the keys reversed (Figure 20.2b):
P = D(K1, E(K2, D(K3, C)))
• There is no cryptographic significance to the use of decryption for the second stage of 3DES encryption.
Its only advantage is that it allows users of 3DES to decrypt data encrypted by users of the older single DES:
C = E(K1, D(K1, E(K1, P))) = E[K, P]
Triple DES is vulnerable to meet in the middle attack
2. Advanced Encryption Standard (AES)
• Advanced Encryption Standard (AES) was issued as a federal information processing standard (FIPS 197).
• It is intended to replace DES and triple DES with an algorithm that is more secure and efficient.
Overview of the Algorithm
• Symmetric block cipher.
• AES uses a block length of 128 bits and a key length that can be 128, 192, or 256 bits.
• The input to the encryption and decryption algorithms is a single 128-bit block.
• In FIPS PUB 197, this block is depicted as a square matrix of bytes (16 byte).
• This block is copied into the State array, which is modified at each stage of encryption or decryption.
• No of rounds depend upon criteria, Round N. in each Round there is 4 transformations, whereas in Round N there
will be 3 transformations.
• After the final stage, State is copied to an output matrix.
• Similarly, the 128-bit key is depicted as a square matrix of bytes.
• This key is then expanded into an array of key schedule words; each word is 4 bytes and the total key schedule is 44
words for the 128-bit key.
• The ordering of bytes within a matrix is by column.
• So, for example, the first 4 bytes of a 128-bit plaintext input to the encryption cipher occupy the first column of the in
matrix, the second 4 bytes occupy the second column, and so on. Similarly, the first 4 bytes of the expanded key,
which form a word, occupy the first column of the w matrix.
 • The following comments give some insight into AES:
1. One noteworthy feature of this structure is that it is not a Feistel structure. Recall that in the classic Feistel
structure, half of the data block is used to modify the other half of the data block, and then the halves are
swapped. AES does not use a Feistel structure but processes the entire data block in parallel during each
round using substitutions and permutation.
2. The key that is provided as input is expanded into an array of forty-four 32-bit words, w[i]. Four distinct
words (128 bits) serve as a round key for each round.
3. Four different stages are used, one of permutation and three of substitution:
• Substitute Bytes: Uses a table, referred to as an S-box,3 to perform a byteby-byte substitution of the
block
• Shift Rows: A simple permutation that is performed row by row
• Mix Columns: A substitution that alters each byte in a column as a function of all of the bytes in the
column
• Add Round key: A simple bitwise XOR of the current block with a portion of the expanded key
4. The structure is quite simple. For both encryption and decryption, the cipher begins with an Add Round
Key stage, followed by nine rounds that each includes all four stages, followed by a tenth round of three
stages. Figure 20.4 depicts the structure of a full encryption round.
5. Only the Add Round Key stage makes use of the key. For this reason, the cipher begins and ends with an
Add Round Key stage. Any other stage, applied at the beginning or end, is reversible without knowledge of
the key and so would add no security.
6. The Add Round Key stage by itself would not be formidable. The other three stages together scramble the
bits, but by themselves would provide no security because they do not use the key. We can view the cipher
as alternating operations of XOR encryption (Add Round Key) of a block, followed by scrambling of the block
(the other three stages), followed by XOR encryption, and so on. This scheme is both efficient and highly
secure.
7. Each stage is easily reversible. For the Substitute Byte, Shift Row, and Mix Columns stages, an inverse
function is used in the decryption algorithm. For the Add Round Key stage, the inverse is achieved by XORing
the same round key to the block, using the result that A ⊕ A ⊕ B = B.
8. As with most block ciphers, the decryption algorithm makes use of the expanded key in reverse order.
However, the decryption algorithm is not identical to the encryption algorithm. This is a consequence of the
particular structure of AES.
9. Once it is established that all four stages are reversible, it is easy to verify that decryption does recover
the plaintext. Figure 20.3 lays out encryption and decryption going in opposite vertical directions. At each
horizontal point (e.g., the dashed line in the figure), State is the same for both encryption and decryption.
10. The final round of both encryption and decryption consists of only three stages. Again, this is a
consequence of the particular structure of AES and is required to make the cipher reversible.
Parameters of AES:
Encryption & Decryption:

• Word means it is of 32
bits. W[0,3] (4 words,
4*32 = 128 bits)
• In 1st step it do initial
transformation, it is
performed by XOR PT
of 16 bytes to key.
AES Transformation Functions:
1. Substitute Bytes
2. Shift Row
3. Mix Columns
4. Add Round Key
1. Substitute byte/ Sub byte:
• Every value is replaced by the value in table.
2. Shift Rows
• 1st row remain same.
• 2nd row will be shift by 1 position forward, i.e. first value S1,0 will be shifted to last and S1,1 will shift to
first location and so on.
• 3ed row will jump by 2 locations i.e. last S2,3 will become second S2,1 and second-last S2,2 will become
first S2,0 and so on.
• 4th row will shift 1 position in reverse i.e. last S3,3 will become first S3,0 and rest will move 1 point back.
3. Move Columns:
• Pre defined Matrix value is present, simply block is multiplied with that matrix.
• Both matrixes are 4*4
4. Add Round Key:
• We take four words from key scheduling algorithm and added with block.
• Simple bit wise XOR operation.