UNIT 2

Question no 1. What are streams and block cipher? Distinguish between Stream and
block cipher
Answer: Stream Cipher:
• Stream cipher is a type of encryption algorithm that operates on individual bits or
bytes of plaintext and produces a corresponding stream of ciphertext.
• It encrypts and decrypts data bit-by-bit or byte-by-byte.
• It uses a key to generate a keystream, which is then combined with the plaintext
using XOR operation to produce the ciphertext.
• Stream ciphers are generally faster in encryption and decryption compared to block
ciphers.
• Examples of stream ciphers include RC4, ChaCha20, and A5/1.

Bit Stream Bit Stream

Generation Generation
Algorithm Algorithm

Key=01001 Key=01001

Plain Text XOR Cipher Text XOR Plain Text

Block Cipher:
• Block cipher is a type of encryption algorithm that operates on fixed-size blocks of
plaintext and produces corresponding blocks of ciphertext.
• It encrypts and decrypts data in fixed-size blocks, typically 64 bits or more.
• It uses a key to determine the encryption and decryption transformations for each
block of plaintext.
• Block ciphers can handle larger amounts of data and provide better security than
stream ciphers.
• Examples of block ciphers include AES (Advanced Encryption Standard), DES (Data
Encryption Standard), Blowfish, and 3DES.
N Bit

64 bits 64 bits 64 bits 64 bits Plain text in blocks

KEY

64 bits 64 bits 64 bits 64 bits Cipher text in blocks

N Bit
 Question no. 2 Explain DES algorithm with steps and diagram
Answer:
1. The Data Encryption Standard (DES) is a symmetric encryption algorithm used to secure
sensitive data. DES is a block cipher algorithm, which means it encrypts data in fixed-size
blocks.
2. 64 bit Plain Text is passed through DES algorithm and using 56bit key 64 bit Cipher text is
obtain.

Algorithm of DES algorithm:

1. Key Generation: The 64-bit secret key is used to generate 16 subkeys of 48 bits each.
2. Initial Permutation (IP): The 64-bit plaintext block is permuted according to a fixed
permutation table.
3. Encryption Rounds: The plaintext block is divided into two 32-bit halves, and a series
of 16 encryption rounds are performed on these halves using the subkeys generated
in step 1. Each round consists of the following steps:
• Expansion: The right half is expanded from 32 bits to 48 bits using a fixed
permutation table.
• Substitution: Each 6-bit segment of the expanded half is substituted using one
of eight fixed substitution boxes (S-boxes).
• Permutation: The 32-bit output from the S-boxes is permuted using a fixed
permutation table.
• XOR: The permuted output is XORed with the left half of the plaintext.
• Swap: The left and right halves are swapped.
4. Final Permutation (FP): The left and right halves are concatenated and permuted
according to a fixed permutation table to produce the ciphertext.
5. Decryption: The same process as encryption is repeated in reverse, using the subkeys
in reverse order.
Question no 3. Explain IDEA Algorithm
Answer:
IDEA (International Data Encryption Algorithm) is a symmetric encryption algorithm widely
used for securing data.
• IDEA is a block cipher algorithm that operates on fixed-size blocks of data.
• It uses a block size of 64 bits and a key size of 128 bits.
• The algorithm consists of several rounds of operations, typically 8 to 16 rounds
depending on the key length.
• Here are the steps involved in IDEA encryption:
1. Key Expansion: The 128-bit key is expanded to generate round subkeys that
will be used in each round of encryption.
2. Initial Permutation: The input block is subjected to an initial permutation to
rearrange the bits.
3. Round Operations: Several rounds of operations are performed, which include
substitution, modular addition, and XOR operations on the data block using the
round subkeys.
4. Final Permutation: The resulting encrypted block is subjected to a final
permutation to produce the final ciphertext.
• IDEA also supports decryption using the same steps, but with the round subkeys used
in reverse order.
Round Operations of IDEA algorithm
Step1: Multiply * P1 and K1
Step2: Add * P2 and K2
Step3: Add * P3 and K3
Step4: Multiply * P4 and K4
Step5: XOR step1 and step3
Step6: XOR step2 and step4
Step7: Multiply * step5 with K5
Step8: Add * step6 and step7
Step9: Multiply * step8 with K6
Step10: Add * step7 and step9
Step11: XOR step1 and step9
Step12: XOR step3 and step9
Step13: XOR step2 and step10
Step14: XOR step4 and step10

Question No. 4 What are Electronic Code Book (ECB) Algorithm Mode and Cipher Block
Chaining (CBC)? Explain
Answer:
Electronic Code Book (ECB) and Cipher Block Chaining (CBC) are two modes of operation in
block cipher algorithms. They determine how the plaintext is divided into blocks and
encrypted using the key.
1. Electronic Code Book (ECB) Algorithm Mode:
• In ECB mode, the plaintext is divided into fixed-size blocks (usually 64 or 128 bits).
• Each block is encrypted independently using the same encryption key.
• The same plaintext block will always produce the same ciphertext block.
• ECB mode is simple and easy to implement but is considered less secure because
identical plaintext blocks will result in identical ciphertext blocks, which can be
exploited by attackers.
 2. Cipher Block Chaining (CBC) Algorithm Mode:
• In CBC mode, each plaintext block is XORed with the previous ciphertext block before
encryption.
• The first block is XORed with an initialization vector (IV) instead of a previous
ciphertext block.
• This XOR operation introduces randomness and dependencies between blocks,
making it more secure than ECB mode.
• CBC mode ensures that identical plaintext blocks do not produce identical ciphertext
blocks.
• To decrypt, each ciphertext block is decrypted and XORed with the previous
ciphertext block or IV.

Question N0. 4. Explain Blowfish algorithm in detail.

Answer:
Operations: (Blowfish encrypts 64-bit block with a variable-length key)
1) Subkey Generation: This process covert the key up to 448 bit long to subkeys totaling
7168 bits
2) Data Encryption : This process involves the iteration of a simple function 16 times. Each
round contains a key-dependent permutation and key and data substitution
• Blowfish is a very fast algorithm which takes 64 bit input as plaintext and generates
64 bit output ciphertext
• It uses the concept of P-array which uses 32 bit subkeys and there are
18 P arrays P1 to P18
• Blowfish Algorithm runs 16 times i.e. 16 rounds
Processes:
1. Subkey Generation:
• Key Size is variable but blowfish algorithm generates very large sub-keys . The key
size is in the range of 32 bits to 448 bits or 14 words.
• Concept of P-array consists of 18, 32 bit sub-keys
 • There are 4 S-boxes containing 256 entries of 32 bits
• P-array is initialized first then four s boxes with fixed string
• Then P-arryas are XORed with subkeys ie from P1 to P18 . Once the sub keys are
generated the encryption process begins.
1. Data encryption and decryption:
• We use the P arrays and S boxes during this process

Algorithm for encryption of 64 bit block

1. Divide Plain text into two blocks Left Plain text(LP) and (Right plain text(RP) of equal
sizes. Thus both LP and RP will consist of 32 bit each
2. For i=1 to 16
LP = LP ⊕ Pi
RP = f(LP) ⊕ RP
Swap LP ,RP
(undo last swap)
1. RP = RP ⊕ P17
2. LP = LP ⊕ P18
3. Concatenate LP and RP back into Plain text to get ciphertext CT
Question no.5. Explain RC4 and RC5 algorithm
Answer:
RC4:
• RC4 (Rivest Cipher 4) is a symmetric key stream cipher algorithm
• It uses a variable-length key ranging from 1 to 256 bytes.
Steps:
1. Initialize the S-box based on the provided key.
2. Perform key scheduling to manipulate the S-box based on the key.
3. Set up index pointers i and j.
4. Generate a pseudo-random keystream by swapping S-box elements, generating
keystream bytes, and updating index pointers.
5. XOR each byte of the input with the corresponding byte from the keystream to
encrypt or decrypt.
6. Repeat the generation and XOR process for each byte in the message.

RC 5:
• RC5 (Rivest Cipher 5) is a symmetric block cipher algorithm.
• It supports variable-length keys (0-2040 bit).
• The block size can be 32, 64, or 128 bits.
• The algorithm consists of a specific number of rounds (12,16,20).
Steps:
1. Key Expansion: Generate round keys for each round based on the original key.
2. Initialization: Set up the block size, number of rounds, and other parameters.
3. Round Function: Perform a series of rounds using mixing and transformation
operations.
4. Key Mixing: Combine each round key with a portion of the data block.
5. Data Mixing: Apply mixing operations to the data block, such as bit rotations and XOR
operations.
6. Round Feistel Network: Further mix and transform the data block using the round
function.
7. Final Round: Perform a final round using a modified version of the round function.
8. Output: Obtain the encrypted or decrypted data block as the final result.

Question no 6 . explain AES algorithm

Answer:
Advanced Encryption Standard (AES) is a symmetric block cipher algorithm widely used for
encryption and decryption of data. Here are some key points about the AES algorithm:
• Key Sizes: AES supports three different key sizes: 128 bits, 192 bits, and 256 bits. The
key size determines the strength and security of the encryption.
• Block Size: AES operates on fixed-size data blocks of 128 bits. The data to be encrypted
is divided into blocks, and each block is processed individually.
• Rounds: The number of rounds in AES depends on the key size. AES-128 uses 10 rounds,
AES-192 uses 12 rounds, and AES-256 uses 14 rounds. Each round adds more
complexity and security to the encryption process.

Steps of AES algorithm:

1. Key Expansion: The original encryption key is expanded using a key schedule
algorithm to generate a set of round keys. The number of round keys generated
depends on the key size and the number of rounds.
2. Initial Round: In the initial round, the input plaintext block is XORed with the first
round key.
3. Rounds: The main encryption or decryption process consists of multiple rounds. The
number of rounds depends on the AES key size. Each round consists of four main
operations: SubBytes, ShiftRows, MixColumns, and AddRoundKey.
a. SubBytes: Each byte of the block is substituted with a corresponding byte from the S-Box
lookup table. This step provides confusion and non-linearity.
b. ShiftRows: The bytes in each row of the block are cyclically shifted to the left. This step
provides diffusion and ensures that the bytes in different rows are spread out.
c. MixColumns: Each column of the block is transformed using a matrix multiplication
operation. This step provides diffusion and spreads the influence of each byte to other
columns.
d. AddRoundKey: The round key for the current round is XORed with the block. This step
adds the unique properties of the round key to the block.
4. Final Round: The final round is similar to the other rounds, but without the
MixColumns operation. It consists of SubBytes, ShiftRows, and AddRoundKey.
5. Output: After the final round, the resulting block is the encrypted or decrypted data.