Block Cipher and

Data Encryption
Standard
Dr Savitha G
Dr Girisha S
Dr Ashutosh Holla B
 Stream Cipher
➢A stream cipher is one that encrypts a digital data stream one bit or one byte
at a time
➢ Keystream Generation: A pseudorandom keystream is generated based on a
secret key. This keystream should appear random and not repeat
➢ Thekeystream must be provided to both users in advance via some independent
and secure channel
➢ Thisintroduces insurmountable logistical problems if the intended data traffic is
very large
➢ Forpractical reasons, the bit-stream generator must be implemented as an
algorithmic procedure, so that the cryptographic bit stream can be produced by
both users
Bit-stream generator
• A bit-stream generator is a component or algorithm used in cryptography
(and other domains) to produce a sequence of binary digits (bits).
 The bit-stream generator is a key-controlled algorithm and must produce a bit
stream that is cryptographically strong

 In the context of cryptography, it is typically used to generate pseudorandom or

cryptographically secure bit streams.

 These streams are often utilized as keystreams in stream ciphers or as randomness

sources in secure systems.
 Stream cipher
➢ It must be computationally impractical to predict future portions of the bit stream
based on previous portions of the bit stream
➢ The two users need only to share the generating key, and each can produce the
keystream.
➢The shared key serves as the seed for the pseudorandom bit generator (PRBG) or
cryptographic algorithm used to generate the identical keystream.
➢ Stream ciphers are highly efficient for encrypting data streams of unknown or
continuously varying lengths, such as voice or video calls.
Encryption
• Encrypts one bit or byte of plaintext at a time.
• Combines the plaintext bit/byte with the keystream bit/byte using XOR.
• Ciphertext is produced as Ciphertext = Plaintext ⊕ Keystream.

Decryption
Reverses the process: Plaintext = Ciphertext ⊕ Keystream
 Block Cipher
➢A block cipher is one in which a block of plaintext is treated as a whole and used to
produce a ciphertext block of equal length.
➢ Typically,
a block size of 64 or 128 bits is used. As with a stream cipher the two
users share a symmetric encryption key
➢ Unlike stream ciphers that encrypt data bit by bit, block ciphers process entire
blocks of data at a time, making them suitable for structured data.
➢ Common sizes are 64 bits (e.g., DES) and 128 bits (e.g., AES).
➢ The plaintext is divided into blocks, and each block is encrypted separately.
➢ If the plaintext is smaller than the block size, padding is added.
Encryption and Decryption
 Operates using a secret key to transform plaintext blocks into ciphertext blocks.
 The same key is used for both encryption and decryption (symmetric encryption).
 Stream cipher and Block Cipher
• Two basic building blocks for any cryptographic system

➢ Confusion:

▪ Making the relationship between encryption key and the cipher text as complex as possible.

▪ Relationship between PT and CT is obscured.

▪ That is given CT no information about PT, Key, encryption algorithm.

▪ Thus, even if the attacker can get some handle on the statistics of the ciphertext, the way in which the
key was used to produce that ciphertext is so complex as to make it difficult to deduce the key. This is
achieved by the use of a complex substitution algorithm.

▪ Ex: substitution
➢ Diffusion:
▪ Making each plaintext bit affect as many CT bits as
possible
▪ One bit change in PT has significant change in CT. This is
equivalent to having each ciphertext digit be affected by many
plaintext digits
▪ An example of diffusion is to encrypt a message 𝑀 =
𝑚1 , 𝑚2 , 𝑚3 , … of characters with an averaging operation:
▪ Ex: permutation or transposition
Stream cipher and Block Cipher
• Plain Text =“HELLO”
• Convert each letter to its numerical equivalent (A=0, B=1, ..., Z=25):
• H=7,E=4,L=11,L=11,O=14.
• So, the plaintext is M={7,4,11,11,14}.
• K=2, meaning each ciphertext character 𝑦𝑛 is influenced by 2
subsequent plaintext characters.
Stream cipher and Block Cipher
• For 𝒚𝟏 (first ciphertext character):
• 𝑦1 = 𝑚2 + 𝑚3 𝑚𝑜𝑑 26 = 4 + 11 𝑚𝑜𝑑 26 = 15
• The cipher text corresponding to the value 15 is ‘P’

• For 𝒚𝟐 (Second ciphertext character):

• 𝑦2 = 𝑚3 + 𝑚4 𝑚𝑜𝑑 26 = 11 + 11 𝑚𝑜𝑑 26 = 22
• The cipher text corresponding to the value 15 is ‘W’
Stream cipher and Block Cipher
• For 𝒚𝟑 (Third ciphertext character):
• 𝑦3 = 𝑚4 + 𝑚5 𝑚𝑜𝑑 26 = 11 + 14 𝑚𝑜𝑑 26 = 25
• The cipher text corresponding to the value 15 is ‘Z’

• For 𝒚𝟒 (Fourth ciphertext character):

• Since 𝑚5 is the last character, we can't find two subsequent
plaintext characters. Padding could be used, or encryption might
stop here.
• Using the calculations above, the ciphertext generated for the
plaintext HELLO is: ‘PWZ’
Stream cipher and Block Cipher
• Inference from the above example:
• 𝑦1 depends on 𝑚2 and 𝑚3
• 𝑦2 depends on 𝑚3 and 𝑚4
• changes in any single plaintext character (e.g., 𝑚3 ) will affect
multiple ciphertext characters (𝑦1 and 𝑦2 ).
• Frequency analysis is harder because the ciphertext no longer maps
directly to individual plaintext characters.
• Instead, each ciphertext character is an aggregate result of multiple
plaintext characters.
Stream cipher and Block Cipher
Stream cipher and Block Cipher
 Feistel Cipher Structure
➢ Feistelproposed block cipher by utilizing the concept of a product cipher, which is the
execution of two or more simple ciphers in sequence in such a way that the final result
or product is cryptographically stronger than any of the component ciphers
➢ The essence of the approach is to develop a block cipher with a key length of k bits and
a block length of n bits, allowing a total of 2𝑘 possible transformations

 Key Length: 2k Possible Keys

 Block Length: 2n Possible Plaintext Blocks
 Total Transformations: 2k Possible Mappings
Feistel Cipher Structure
➢ Feistel
proposed the use of a cipher that alternates substitutions and
permutations, where these terms are defined as follows:

➢Substitution: Each plaintext element or group of elements is uniquely

replaced by a corresponding ciphertext element or group of elements

➢Permutation: A sequence of plaintext elements is replaced by a

permutation of that sequence.
➢That is, no elements are added or deleted or replaced in the sequence,
rather the order in which the elements appear in the sequence is
changed
Feistel Cipher Structure
 Feistel Cipher Structure
The output of the first round of the decryption process equals a 32-bit swap
of the input to the sixteenth round of the encryption process.
On the Encryption side:

On the Decryption side: The XOR has the following properties:

• Thus, we have LD1 = RE15 and RD1 = LE15.

• Therefore, the output of the first round of the decryption
process is RE15 ||LE15, which is the 32-bit swap of the
input to the sixteenth round of the encryption.
• This correspondence holds through the 16 iterations
 Feistel Cipher Structure
• For the ith iteration of the encryption algorithm

• Rearranging terms:

• Thus, we have described the inputs to the ith iteration as a function of the
outputs, and these equations confirm the assignments shown in the right-
hand side of Figure
• Finally, the output of the last round of the decryption process is RE0 ||LE0.
• A 32-bit swap recovers the original plaintext, demonstrating the validity of
the Feistel decryption process
Feistel Cipher Structure
➢A Feistel network depends on the choice of the following parameters and
design features:
➢ Block size:
▪ Larger block sizes mean greater security but reduced encryption/decryption
speed for a given algorithm.
▪ The greater security is achieved by greater diffusion
▪ Traditionally, a block size of 64 bits has been considered a reasonable tradeoff
and was nearly universal in block cipher design
▪ However, the new AES uses a 128-bit block size.
➢ Key Size:
▪ Larger key size means greater security but may decrease encryption/
decryption speed
▪ The greater security is achieved by greater resistance to brute-force attacks
and greater confusion
▪ Key sizes of 64 bits or less are now widely considered to be inadequate, and 128
bits has become a common size.
Feistel Cipher Structure
➢ Number of rounds:
▪ Multiple rounds offer increasing security. Typical is 16 rounds as a single
round provide inadequate security.

➢ Subkey generation algorithm:

▪ Greater complexity will lead to greater difficulty of cryptanalysis.

➢ Round function F:
▪ Greater complexity generally means greater resistance to cryptanalysis.
Feistel Cipher Structure
Data Encryption Standard (DES)
➢ Symmetric block cipher
➢ Most widely used block cipher in world
➢ Adoptedin 1977 by National Bureau of Standards (NBS), now the
National Institute of Standards and Technology (NIST)
➢ Encrypts 64-bit data using 56-bit key
➢ Has widespread use
➢ The algorithm transforms 64-bit input in a series of steps into a 64-
bit output. The same steps, with the same key, are used to reverse
the encryption
Data Encryption Standard (Des)
• Follows Feistel structure
• Block size = 64 bits of plain text
• No of rounds = 16 rounds
• Key size = 56 bits
• No of subkeys = 16 subkeys (16 rounds)
• Sub key size = 48 bits
• Cipher text size = 64 bits
Data Encryption Standard (Des)
Data Encryption Standard (Des)
Data Encryption Standard (Des)
 Key Generation
• DES uses a 56-bit key. Actually, The initial key consists of 64 bits.
• However, before the DES process even starts, every 8th bit of the key is discarded
to produce a 56-bit key. That is bit positions 8, 16, 24, 32, 40, 48, 56, and 64 are
discarded.

• Thus, the discarding of every 8th bit of the key produces a 56-bit key from the
original 64-bit key.
 Data Encryption Standard (DES)
• DES is based on two fundamental attributes:
 substitution (also called confusion) and
 transposition (also called diffusion).
• DES consists of 16 steps, each of which is called a round. Each round performs
the steps of substitution and transposition.
 Data Encryption Standard (DES)
DES Basic steps:
• First, the 64-bit plaintext passes through an initial permutation (IP) that rearranges
the bits to produce the permuted input
• The initial permutation is performed on plain text.
• Next, the initial permutation (IP) produces two halves of the permuted block; saying
Left Plain Text (LH) and Right Plain Text (RH).
• This is followed by a phase consisting of sixteen rounds of the same function, which
involves both permutation and substitution functions.
• The left and right halves of the output are swapped to produce the preoutput.
• Finally, the preoutput is passed through a permutation [IP-1 ] that is the inverse of
the initial permutation function, to produce the 64-bit ciphertext.
• With the exception of the initial and final permutations, DES has the exact structure
of a Feistel cipher
Data Encryption Standard (Des)
Data Encryption Standard (Des)
 How DES works?
• Initial Permutation (IP)
 The 64-bit plaintext is permuted according to a predefined table.

• 16 Rounds of Feistel Cipher

 The 64-bit block is divided into two halves: Left (L) and Right (R).
 For each round:
 The right half (R) is expanded to 48 bits using an expansion function.
 The expanded R is XORed with the round key.
 The result is passed through 8 S-boxes (Substitution boxes), reducing it back to 32 bits.
 The output is permuted using the P-box (Permutation function).
 The new R is XORed with the left half (L) and swapped.
How DES works?
• Final Permutation (FP)
 After 16 rounds, the halves are swapped again and permuted using an
inverse of the initial permutation.

• Ciphertext Output
 The final 64-bit output is the encrypted ciphertext.
 Key Generation
• The initial 64-bit key, which you can choose randomly, is transformed into a 56-bit key by
discarding every 8th bit.

• This process reduces the key to 56 bits, which is then divided into two 28-bit halves.

• Initial Key (in hex): 133457799BBCDFF1

• Convert to binary and drop every 8th bit:

 Key (in binary): 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001

• Drop every 8th bit:

 56-bit Key: 00010010 01101001 01011011 11001001 10110111 10110111 11110001

• In DES, each of the 16 rounds uses a different 48-bit sub-key derived from the original 56-bit key.
This process adds complexity and ensures that the encryption is secure.
 Round Shifts

Key Generation
1 1

2 1

3 2
• 48-bit key generation process for each round
4 2
• Splitting into Halves:
5 2

• The 56-bit key is divided into two 28-bit halves: 6 2

 C0 (first 28 bits): 00010010 01101001 01011011 1100 (28 bits) 7 2
 D0 (second 28 bits): 1001 10110111 10110111 11110001 (28 bits)
8 2

• For each of the 16 rounds, the halves are circularly shifted 9 1

left by one or two positions, depending on the round number. 10 2

The number of shifts per round is predetermined as follows:
11 2

Example for Rounds 1 and 2: 12 2

Round 1: 13 2

14 2
•Shift C0 and D0 left by 1 position.
•C1: 00100100 11010010 10110111 1000 15 2

•D1: 00110110 11110110 11111110 0011 16 1

Key Generation
• Round 2:
• Shift C1 and D1 left by 1 position.
• C2: 01001001 10100101 01101111 0000
• D2: 01101101 11101101 11111100 0110
• This shifting process is repeated for all 16 rounds.
• Compression Permutation
• After shifting, the 56-bit key (combined C and D halves) is compressed to 48
bits using a permutation table. This table selects 48 specific bits from the 56-
bit combined key to create the 48-bit round key.
• This table is used to select and reorder the bits from the combined 56-bit key
to produce the 48-bit round key.
Key Generation
14 17 11 24 1 5

3 28 15 6 21 10

23 19 12 4 26 8

16 7 27 20 13 2
41 52 31 37 47 55

30 40 51 45 33 48

44 49 39 56 34 53
46 42 50 36 29 32
Key Generation
• Assume the combined 56-bit key after shifting for round 1 is:

• Combined C1 and D1:

00100100 11010010 10110111 00110110 11110110 11111110 0011

• Apply the compression permutation to select and rearrange the bits:

• 48-bit Round Key (example bits selected):
111000110010001010110010000100110011010000101111
• By repeating this process for each round, we generate a unique 48-bit round
key for each of the 16 rounds, which are then used in the encryption process.
 Rounds (Round 1 as an Example)
• DES involves 16 rounds of key transformations. For each round, a 48-bit sub-
key is generated from the 56-bit key
• After splitting the blocks, we use the round function. In each round, the left half
remains as it is, and we need to perform the operations below on the right half.
1.Expansion Permutation (E)
2.Key mixing (⊕
3.Substitution (S1, S2,…,S8)
4.Permutation (P)

• After getting the final result from the right half, we need to perform an XOR
operation of the left and right half.
Data Encryption Standard (Des)
Expansion Permutation (E)
• The 32-bit right half (R0) is expanded to 48 bits using
the expansion table. Here, each bit is substituted with
the one given at the respected position in the table. The
32 1 2 3 4 5
expansion table duplicates certain bits to increase the
size from 32 to 48 bits 4 5 6 7 8 9

• Expansion Table: 8 9 10 11 12 13
• Apply the expansion permutation on R0: 12 13 14 15 16 17
• R0 (32 bits): 10101010 10101010 10101010 10101010 16 17 18 19 20 21
• Expanded R0 (48 bits): 01010101 01011010 10100101 20 21 22 23 24 25
01101010 01011010 10101010
24 25 26 27 28 29

28 29 30 31 32 1
Key Mixing (⊕)
• The expanded R0 is XORed with the round key (48-bit). Using the example
from the previous step, our round key for Round 1 is:

• Round Key (48

bits): 111000110010001010110010000100110011010000101111
• Perform XOR operation:

• Result: 10110101 00010000 00011111 01111000 01010000 00011101

Substitution (S-Boxes):
• The result is divided into eight 6-bit blocks, and each block is
substituted using the S-Boxes
Permutation (P)
• The 32-bit result of the S-Boxes is permuted using a fixed table:

16 7 20 21 29 12 28 17 16

1 15 23 26 5 18 31 10 1

2 8 24 14 32 27 3 9 2

19 13 30 6 22 11 4 25 19

• Applying this permutation provides the final 32-bit output of the

round function (F).
XOR Operation
• After getting the final result from the right half, we need to perform
an XOR operation of the left half (L0) and the result from the right
half.
• The result after Round 1 is the combination of the original right half
(R0) and the XOR result:
• L1: <Original R0>
• R1: <XOR Result>
• This process is repeated for all 16 rounds. Each round uses a
different 48-bit sub-key, and the final result is obtained after the
16th round, followed by the final permutation (FP).
END