Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security
Uploaded by Sri Dhanush Reddy Kondapalli

DES – Data Encryption Standard

advertisement 
DES – Data Encryption Standard
Unit - 3
DES - Introduction
•
•
•
•
•
•
•
•
•
It is a symmetric key block cipher. It uses Feistel Structure.
Block size of plain text: 64 bit
No of rounds: 16 rounds
Key size: 64 bit (converted to 56 bits)
Each round will have a separate independent key.
No of sub keys: 16 sub keys
Sub key size: 48 bit
Cipher text: 64 bit
Initial permutation will follow transposition order –
rearranging bit positions.
Round Function of DES
Round function
• After IP – Round1 will be performed 64 bit, divided into two
halves – 32 bits(L&R).
• Expansion Permutation will be applied and 16 more bits will
be added to the right 32 bits
Input – 32 bits output – 48 bits
Key generation
• Permuted choice 1 – we will eliminate the multiples of 8 (eg:
8,16,24…).
Input – 64 bits output – 56 bits
•
•
•
•
56 bit is given as input to left circular shift.
56 bit is divided into two halves (28 bits (L&R)).
Left shift bits is decided depending upon round number.
After LCS apply permuted choice 2 (rearrange the bit positions
some 8 bits will be ignored/removed) – 48 bits.
• Output from permuted choice 2 is XORed with output from
expansion permutation.
• Output of the XORed function (48 bits) is given as an input to
S box and reduced to (32 bits).
Round
1
2
3
4
5
6
7
8
9
10
Bits
shifted
1
1
2
2
2
2
2
2
1
2
Round
11
12
13
14
15
16
Bits
shifted
2
2
2
2
2
1
S box function
• Totally there are 8 S boxes.
Input – 48 bits output – 32 bits
< 48 bits>
6 Bits
6 Bits
6 Bits
6 Bits
6 Bits
6 Bits
6 Bits
6 Bits
S1
S2
S3
S4
S5
S6
S7
S8
4 Bits
4 Bits
4 Bits
4 Bits
4 Bits
4 Bits
4 Bits
4 Bits
< 32 bits (2 bits reduced for each S box)>
• Eg: consider 6 bits 100110
• First & last bit represent row number (2 bits).
• Between four bits – column number (4 bits).
•
•
•
•
•
•
•
Max number of representation using 2 bits (00,01,10,11).
Max number of representation using 4 bits
(0000 – 1111)
From eg: F+L bit -> 10 (Row) which is equal to 2.
Remaining 4 bits 0011 (Column) which is equal to 3.
Result: 8 (1000) -> 4 bits.
In DES security lies in the S boxes.
AES Cipher
•
•
•
•
•
•
•
•
•
Block size – 128 bits (PT).
Number of rounds – 10 rounds.
Key size – 128 bits (key is processed in terms of word means 32 bits).
1 word – 32 bits (128 bits – 4 words/ 16 bytes).
Number of sub keys – 44 sub keys.
Sub key size – 32 bits/1 word/4 bytes.
Each round – 4 sub keys (4X32 = 128bits/4 words/16bytes).
Pre round calculation – 4 sub keys (Before starting round functions).
Cipher size – 128 bits.
• Shift Rows – Circular right shift will be done.
• Mix columns – one word should be multiplied with the predefined matrix
(4x4).
• In round 10 small change will be there no need to have mix
columns.(eliminated)
• Keys - R2 [W8…W11] – K2 R3[W13…W16] – K3…. R10[w40…W43] –
K9.
State Array
Each column considered as one word – used to store intermediate results
S(0,0) – 0th byte of 0th word
Key
40 words are used in 10 rounds and 4 words are used in pre round.
128 bits/ 4 words
The key is expanded to 44 words
Substitution Bytes
Output gets stored in
state array
State Array
Input Array
In 8 bits- First Four – Row Number – 0…15.
Next Four – Column Number - 1…15.
O/P – 8 bits.
Size of S box – 16X16 but in DES it is 4X16.
Shift Rows
Depends upon row number we have to sift rows.
4X4
4X1 4X1
• Add Round Key (Performing XOR operation)
State Array
[O/P from Mix Columns]
XORed
Key (4 words)
Consider 1st column of state array (1st word) XORed with first word of
the key and store the result in the array.
Blowfish Encryption Algorithm
• Block cipher: 64-bit block
• Variable key length: 32 bits to 448 bits (default 128
bits)
• Number of rounds: 16
• Designed by Bruce Schneier
• Much faster than DES and IDEA
• Follows Fiestel Structure.
• There are two parts to this algorithm
– A part that handles the expansion of the key.
– A part that handles the encryption of the data.
The expansion of the key
• Break the original key into a set of sub keys. Ranges
from 32-448 bits.
• There is a P-Array and four 32 bit S-boxes.
• A P-Array contains 18 32bit subkeys, while each Sbox contains 256 entries.
The encryption of data
• 64 bit input is denoted with an x, while P-Array is
denoted by Pi.
Algorithm: Blowfish Encryption
1. Divide x into two 32-bit halves:xL, xR
2. For i = 1to 16:
3. xL = XL XOR Pi
4. xR = F(XL) XOR xR
5. Swap XL and xR
6. Swap XL and xR (Undo the last swap.)
7. xR = xR XOR P17
8. xL = xL XOR P18 Recombine xL and xR
Areas Of Applications
• Bulk encryption: The algorithm should be efficient in
encrypting data files or a continuous data stream.
• Random bit generation: The algorithm should be
efficient in producing single random bits.
• Packet encryption: The algorithm should be efficient
in encrypting packet-sized data.
• Hashing: The algorithm should be efficient in being
converted to a one-way hash function.
MD 5 Algorithm
• In cryptography, MD5 (Message-Digest algorithm 5)
is a widely used cryptographic hash function with a
128-bit hash value.
• MD5 has been employed in a wide variety of security
applications, and is also commonly used to check the
integrity of files.
Use of MD5 Algorithm
• To be considered cryptographically secure MD5
should meet two requirements:
– It is impossible to generate two inputs that
cannot produce the same hash function.
– It is impossible to generate a message having the
same hash value.
• How do the MD5 Algorithm works?
• MD5 produces an output of 128-bit hash value.
• This encryption of input of any size into hash values undergoes 5
steps
• Step1: Append Padding Bits
– Padding means adding extra bits to the original message.
– So in MD5 original message is padded such that its length in bits is
congruent to 448 modulo 512.
– Padding is done such that the total bits are 64 less being a multiple of
512 bits length.
– Padding is done even if the length of the original message is already
congruent to 448 modulo 512. In padding bits, the only first bit is 1 and
the rest of the bits are 0.
• Step 2: Append Length
– After padding, 64 bits are inserted at the end which is used to record the
length of the original input. The resulting message has a length multiple
of 512 bits.
• Step 3: Initialize MD buffer
– A four-word buffer (A, B, C, D) is used to compute the values
for the message digest. Here A, B, C, D are 32- bit registers.
• Step 4: Processing message in 16-word block
– MD5 uses the auxiliary functions which take the input as three
32-bit number and produces a 32-bit output. These functions use
logical operators like OR, XOR, AND.
• Step 5: Output (Message Digest in Buffers)
• Totally 64 constants
• CV – Chaining Variable.
Round 1
• a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s)
Round 2
• a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s)
Round 3
• a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s)
Round 4
• a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s)
• T[i] – Set of 64 Constants
• X[k] – Part of plain text
• F,G,H,I – Logical function
• <<< s – Circular Left Shift
Constants of MD5 Algorithm
Related documents
BITS Special Editorial Reports
BITS Special Editorial Reports
In this recitation, you may help the students with some... 1. You may ask them to design a 4-bit...
In this recitation, you may help the students with some... 1. You may ask them to design a 4-bit...
Recitation_Week10
Recitation_Week10
Download
advertisement