230 likes | 317 Vues
Learn about block ciphers, Feistel cipher structure, and DES encryption. Understand confusion, diffusion, and the avalanche effect in encryption. Explore attacks on DES and modern cipher security measures.
E N D
Modern Block Ciphers • One of the most widely used types of cryptographic algorithms • Used in symmetric cryptographic network application. • Difficult Structure to understand then public key ciphers. • Our focus on DES (Data Encryption Standard)
Block vs Stream Ciphers • In Block cipher a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. • A block size of 64 or 128 bits is used • Stream ciphers process messages a bit or byte at a time when en/decrypting • The key stream (Ki)is as long as the plaintext bit stream (Pi). • Many current ciphers are block ciphers • better analyzed • broader range of applications • Examples of classical stream ciphers are the Vigenère cipher
Block Cipher Principles • Most symmetric block ciphers are based on a Feistel Cipher Structure • In general, A block cipher operates on a plaintext block of n bits to produce a cipher text block of n bits (E.g., N = 64 or 128.) • A block cipher is a monoalphabetic cipher. • There are 2N! such mappings. • A secret key indicates which mapping to use.
Claude Shannon and Substitution-Permutation Ciphers • Claude Shannon introduced idea of substitution-permutation (S-P) networks in 1949 paper and form the basis of modern block ciphers • Modern block ciphers use a key of K bits to specify a random subset of 2K mappings. • 2K is much smaller than 2N! • But is still very large. • S-P nets are based on the two primitive cryptographic operations seen before: • substitution (S-box) • permutation (P-box) • provide confusion & diffusion of message & key
Confusion and Diffusion • cipher needs to completely obscure statistical properties of original message • More practically Shannon suggested combining S & P elements to obtain: • diffusion – make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key. • confusion – makes relationship between ciphertext and key as complex as possible
Feistel Cipher Structure • Horst Feistel devised the feistel cipher • based on concept of invertible product cipher • partitions input block into two halves • process through multiple rounds which • perform a substitution on left data half • based on round function of right half & subkey • then have permutation/transformation swapping halves • implements Shannon’s S-P net concept
Round i Li-1 Ri-1 ki f + Li Ri
Feistel Cipher Design Elements • block size • key size • number of rounds • subkey generation algorithm • round function • fast software en/decryption • ease of analysis
DES Round Structure • uses two 32-bit L & R halves • as for any Feistel cipher can describe as: Li= Ri–1 Ri= Li–1 F(Ri–1, Ki) • F takes 32-bit R half and 48-bit subkey: • expands R to 48-bits using perm E • adds to subkey using XOR • 48 bit passes through 8 S-boxes to get 32-bit result • finally permutes using 32-bit perm P
Substitution Boxes S • have eight S-boxes which map 6 to 4 bits. • Each S-box is specified as a 4 x 16 table. • each row is a permutation of 0-15. • The first and last bits of the input to box Si form a 2-bit binary number to select one of four substitutions defined by the four rows in the table for Si. • The middle four bits select one of the sixteen columns.
S-Box Example • The example lists 8 to 6-bit values (ie 18 in hex is 011000 in binary, 09 hex is 001001 binary etc), each of which is replaced following the process detailed above using the appropriate S-box. • S1(011000) lookup row 00 col 1100 in S1 to get 5 • S1(000011) lookup row 01 col 0001 in S1 to get 15 = f in hex 0 1 2 3
Avalanche Effect • Avalanche effect: • The avalanche effect is evident if, when an input is changed slightly (for example, flipping a single bit) the output changes significantly (e.g., half the output bits flip) • A small change in the plaintext or in the key results in a significant change in the ciphertext. • an evidence of high degree of diffusion and confusion
DES exhibits a strong avalanche effect • Changing 1 bit in the plaintext affects 34 bits in the ciphertext on average. • 1-bit change in the key affects 35 bits in the ciphertext on average.
Attacks on DES • Brute-force key search • Trying 1 key per microsecond would take 1000+ years on average, due to the large key space size, 256 ≈ 7.2×1016. • Differential cryptanalysis • Possible to find a key with 247 plaintext-ciphertext samples • Known-plaintext attack • Liner cryptanalysis: • Possible to find a key with 243 plaintext-ciphertext samples • Known-plaintext attack 23