Scribd
Upload
4 views20 pages

Lecture 11

The document provides an overview of block ciphers and public key cryptography, focusing on the AES algorithm and its transformations, including SubBytes, ShiftRows, MixColumns, and AddRoundKey. It also discusses key expansion and various modes of operation such as ECB, CBC, CFB, and their security implications. The lecture emphasizes the importance of secure key management and the unique characteristics of each encryption mode.

Uploaded by

lenroydesouza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
4 views20 pages

Lecture 11

The document provides an overview of block ciphers and public key cryptography, focusing on the AES algorithm and its transformations, including SubBytes, ShiftRows, MixColumns, and AddRoundKey. It also discusses key expansion and various modes of operation such as ECB, CBC, CFB, and their security implications. The lecture emphasizes the importance of secure key management and the unique characteristics of each encryption mode.

Uploaded by

lenroydesouza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 20

BLOCK CIPHERS AND

PUBLIC KEY
CRYPTOGRAPHY
Prof. Saurabh Kulkarni
Department of Artificial Intelligence & Data Science
AGENDA FOR THE DAY
• Recap of the last lecture
• AES encryption in detail
• Modes of block cipher operations
• Summary/ Conclusion
AES ALGORITHM DETAILS:
SUBSTITUTE BYTES TRANSFORMATION
• The forward substitute byte transformation, called
SubBytes, is a simple table lookup
• AES defines a 16*16 matrix of byte values, called an S-
box that contains permutation of all possible 256 8-bit
values
• Each individual byte of State is mapped into a new byte
in the following way: The leftmost 4 bits of the byte are
used as a row value and the rightmost 4 bits are used as
a column value
• These row and column values serve as indexes into the S-
box to select a unique 8-bit output value
SUBBYTE EXAMPLE

S-box is designed resistant to crypt analysis as there is low


correlation between input bits and output bits
AES ALGORITHM DETAILS:
SHIFT ROW TRANSFORMATION
• For the forward shift row transformation, called
ShiftRows, the first row of State is not altered
• For the second row, a 1-byte circular left shift is
performed. For the third row, a 2-byte circular left shift is
performed. For the third row, a 3-byte circular left shift is
performed
SHIFT ROWS EXAMPLE
MIX COLUMN
TRANSFORMATION
• The forward mix column transformation, called MixColumns,
operates on each column individually
• Each byte of a column is mapped into a new value that is a function of all
4 bytes in the column
• The mapping makes use of equations over finite fields
ADD ROUND KEY
TRANSFORMATION
• In the forward add round key transformation, called AddRoundKey,
the 128 bits of State are bitwise XORed with the 128 bits of the round
key
• The operation is viewed as a column-wise operation between the four
bytes of a State column and one word of the round key; it can also be
viewed as a byte-level operation
ADD ROUND KEY
TRANSFORMATION
• The inverse add round key transformation is
identical to the forward add round key transformation,
because the XOR operation is its own inverse
• The add round key transformation is as simple as possible
and affects every bit of State
• The complexity of the round key expansion, plus the
complexity of the other stages of AES, ensure security
AES KEY EXPANSION
• The AES key expansion algorithm takes as input a 4-word (16-byte) key
and produces a linear array of 44 words (156 bytes)
• This is sufficient to provide a 4-word round key for the initial Add Round
Key stage and each of the 10 rounds of the cipher
• The key is copied into the first four words of the expanded key
• The remainder of the expanded key is filled in four words at a time
• Each added word w[i] depends on the immediately preceding word, w[i -
1], and the word four positions back, w[i - 4]
• A complex finite-field algorithm is used in generating the expanded key
CIPHER BLOCK MODES OF
OPERATIONS: ELECTRONIC CODE
BOOK (ECB)
• Plaintext is handled b bits at a time and each block of
plaintext is encrypted using the same key
• The term codebook is used because, for a given key,
there is a unique ciphertext for every b-bit block of
plaintext
• Therefore, one can imagine a gigantic codebook in which
there is an entry for every possible b-bit plaintext pattern
showing its corresponding ciphertext
• Lengthy messages in ECB are not secure???
CIPHER BLOCK
CHAINING(CBC) MODE
• The input to the encryption algorithm is the XOR of the
current plaintext block and the preceding ciphertext block
• The same key is used for every block
• In effect, we have chained together the processing of the
sequence of plaintext blocks
CIPHER BLOCK CHAINING
(CBC) MODE
CIPHER BLOCK CHAINING
(CBC) MODE
• The IV must be known to both the sender and receiver
• For maximum security, the IV should be protected as well
as the key
• This could be done by sending the IV using ECB
encryption
• One reason for protecting the IV is if an opponent is able
to fool the receiver into using a different value for IV, then
the opponent is able to invert selected bits in the first
block of plaintext
CIPHER FEEDBACK MODE
• It is possible to convert any block cipher into a stream
cipher by using the cipher feedback (CFB) mode
• A stream cipher eliminates the need to pad a message to
be an integral number of blocks
• It also can operate in real time
COUNTER MODE
COMPARISON OF DIFFERENT
MODES

You might also like