CRYPTOGRAPHY https://deepaharivinod.blogspot.
com
MODULE 2
SYMMETRIC CIPHERS: Traditional Block Cipher structure, Data
encryption standard (DES), The AES Cipher.
(Text 1: Chapter 2: Section1, 2, Chapter 4:Section 2, 3, 4)
Text Books:
1. William Stallings , “Cryptography and Network Security Principles and
Practice”, Pearson Education Inc., 6th Edition, 2014, ISBN: 978-93-325-1877-3
Explore Electronics 1
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
MODULE 2
SYMMETRIC CIPHERS
Symmetric key cryptography, also known as private key cryptography,
utilizes a single key for both encryption of the plaintext and decryption of the
cipher text. The key itself must be shared between the sender and the receiver,
and this process, known as key exchange, constitutes an entire subtopic
of cryptography.
Block ciphers
A block cipher is one in which a block of plaintext is treated as a whole
and used to produce a cipher text block of equal length.
Typically, a block size of 64 or 128 bits is used.
As with a stream cipher, the two users share a symmetric encryption key
Figure 2.1: Block cipher
Plaintext: 227 bytes Block size: 16bytes =227/16=14 blocks & 3 bytes
Total block 15 in which last block contain 3 bytes and padding bytes
Explore Electronics 2
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Stream ciphers
A stream cipher is one that encrypts a digital data stream one bit or one
byte at a time. Examples: one time pad
In which the key stream (ki) is as long as the plaintext bit stream (pi).
If the cryptographic key stream is random, then this cipher is unbreakable
by any means other than acquiring the key stream.
However, the key stream must be provided to both users in advance via
some independent and secure channel.
Figure 2.2: stream cipher using algorithmic bit stream generator
Accordingly, for practical reasons, the bit-stream generator must be
implemented as an algorithmic procedure, so that the cryptographic bit stream
can be produced by both users. In this approach the bit-stream generator is a
key-controlled algorithm and must produce a bit stream that is cryptographically
strong. That is, it must be computationally impractical to predict future portions
of the bit stream based on previous portions of the bit stream. The two users
need only share the generating key, and each can produce the key stream.
Explore Electronics 3
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
DIFFERENCES BETWEEN BLOCK CIPHER AND STREAM CIPHER.
Traditional Block Cipher structure
Most symmetric block encryption algorithms in current use are based on
a structure referred to as a Feistel block cipher. There is a vast number of block
ciphers schemes that are in use. Many of them are publically known. Most
popular and prominent block ciphers are listed below.
Digital Encryption Standard (DES) − The popular block cipher of the
1990s. It is now considered as a ‘broken’ block cipher, due primarily to
its small key size.
Advanced Encryption Standard (AES) − It is a relatively new block
cipher based on the encryption algorithm Rijndael that won the AES
design competition.
Stream Ciphers and Block Ciphers
A stream cipher is one that encrypts a digital data stream one bit or one
byte at a time. Examples of classical stream ciphers are the autokeyed Vigenere
Explore Electronics 4
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
cipher and the Vernam cipher. A block cipher is one in which a block of
plaintext is treated as a whole and used to produce a ciphertext block of equal
length.
FEISTEL CIPHER STRUCTURE
Feistel cipher is based on the idea that instead of using Ideal block cipher
which degrades performance, a “substitution-permutation network” can be used.
Feistel Cipher Encryption
The inputs to the encryption algorithm are a plaintext block of length 2w
bits and a key K.
The plaintext block is divided into two halves LO and RO
The two halves of the data pass through rounds of processing and then
combine to produce the cipher text block.
Each round has as inputs Li−1 and Ri−1 derived from the previous round, as
well as a sub key Ki derived from the overall K.
Any number of rounds could implement and all rounds have the same
structure.
A substitution is performed on the left half of the data. This done by
applying around function F.
The Round Function F: F takes the right-half block of the previous round
and a sub key as input.
The output of the function XORed with the left half of the data.
Left and right halves then swapped.
Explore Electronics 5
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Figure 2.3 : Fiestel encryption & decryption 16 rounds
Feistel Cipher Decryption
The process of decryption with a Feistel cipher is same as the encryption
process.
The cipher text input to the algorithm and the sub keys used in reverse
order. That is, sub key of the last round in encryption used in the first
round in decryption, second last in the second round, and so.
The exact realization of a Feistel network depends on the choice of the
following parameters:
Explore Electronics 6
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Block size: Larger block sizes mean greater security but reduced
encryption/decryption speed for a given Traditionally, a block size of 64
bits used which gives enough security without greatly affecting the speed.
Key size: Larger key size means greater security but may decrease
encryption/ decryption speed. The greater security achieved by greater
resistance to brute-force attacks and greater confusion. Key sizes of 64
bits or less now widely considered to inadequate, and 128 bits has
become a common size.
The number of rounds: The essence of the Feistel cipher that a single
round offers inadequate security but that multiple rounds offer increased
security. A typical size 16 rounds.
Sub key generation algorithm: Greater complexity in this algorithm
leads to greater difficulty of cryptanalysis
Round function F: Again, greater complexity generally means greater
resistance to cryptanalysis.
Data encryption standard (DES)
DES encrypts 64-bit blocks using a 56-bit key and produces a 64-bit cipher text.
Same steps, with the same key, used to reverse the encryption with the
order of the keys reversed. The DES widely used.
DES Encryption
The DES encryption is shown in the figure below
o Encryption function has two inputs: the plaintext to be encrypted and the
key.
o The processing of the plaintext proceeds in three phases.
Explore Electronics 7
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
o The permuted output then passed through sixteen rounds of the same
function, which involves both permutation and substitution functions. The
left and right halves from the last round swapped to produce pre output.
o The pre-output passed through a permutation that is the inverse of the
initial permutation function, to produce the 64-bit cipher text.
o Moreover, The 64-bit plaintext passes through an initial permutation (IP)
that rearranges the bits to produce the permuted input.
o The right-hand portion of the figure shows the way in which the 56-bit
key used.
o Initially, the key passed through a permutation function.
o Then, a sub key (ki) produced for each of the sixteen rounds by the
combination of a left circular shift and a permutation.
o The permutation functions the same for each round, but a different sub
key produced because of the repeated shifts of the key bits.
Explore Electronics 8
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Figure 2.4 : General dipction of DES algorithm
Details of Single Round
The left and right halves of each 64-bit intermediate value are treated as
separate 32- bit quantities, labelled L (left) and R (right). The overall processing
at each round can be summarized in the following formulas:
Explore Electronics 9
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Figure 2.5: Single Round of DES Algorithm
The round key Ki is 48 bits. The R input is 32 bits. This R input is first
expanded to 48 bits by using a table that defines a permutation plus an
expansion that involves duplication of 16 of the R bits. The role of the S-boxes
in the function F is illustrated in Figure 2.6 .
The substitution consists of a set of eight S-boxes, each of which accepts
6 bits as input and produces 4 bits as output. These transformations are defined
as which is interpreted as follows: The first and last bits of the input to box Si
form a 2-bit binary number to select one of four substitutions defined by the
four rows in the table for Si. The middle four bits select one of the sixteen
columns. The decimal value in the cell selected by the row and column is then
converted to its 4-bit representation to produce the output. For example, in S1
for input 011001, the row is 01 (row 1) and the column is 1100(column 12). The
Explore Electronics 10
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
value in row 1, column 12 is 9, so the output is 1001.example, in S1 for input
011001, the row is 01 (row 1) and the column is 1100 (column 12). The value in
row 1, column 12 is 9, so the output is 1001.
Figure 2.6: Calculation of F(R, K)
Each row of an S-box defines a general reversible substitution. the 32 bits
of input are split into groups of 4 bits, and then become groups of 6 bits by
taking the outer bits from the two adjacent groups. The outer two bits of each
group select one of four possible substitutions (one row of an S-box). Then a 4-
bit output value is substituted for the particular 4-bit input (the middle four
input bits). The 32-bit output from the eight S-boxes is then permuted, so that
on the next round the output from each S-box immediately affects as many
others as possible.
Key Generation
The 64-bit key is used as input to the algorithm. The key is first subjected
to a permutation The resulting 56-bit key is then treated as two 28-bit quantities,
Explore Electronics 11
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
labeled C0 and D0. At each round, Ci-1 and Di-1 are separately subjected to a
circular left shift, or rotation, of 1 or 2 bits These shifted values serve as input to
the next round. They also serve as input to Permuted Choice Two which
produces a 48-bit output that serves as input to the function F(Ri-1, Ki).
DES Decryption
As with any Feistel cipher, decryption uses the same algorithm as
encryption, except that the application of the sub keys is reversed. Additionally,
the initial and final permutations are reversed
The AES Cipher
The Rijndael proposal for AES defined a cipher in which the block length
and the key length can be independently specified to be 128, 192, or 256 bits.
The AES specification uses the same three key size alternatives but limits the
block length to 128 bits. A number of AES parameters depend on the key length
.In the description of this section, we assume a key length of 128 bits, which is
likely to be the one most commonly implemented.
This block is depicted as a square matrix of bytes. This block is copied
into the State array, which is modified at each stage of encryption or decryption.
After the final stage, State is copied to an output matrix. Similarly, the 128-bit
key is depicted as a square matrix of bytes. This key is then expanded into an
array of key schedule words; each word is four bytes and the total key schedule
is 44 words for the 128-bit key. Ordering of bytes within a matrix is by column.
Explore Electronics 12
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Figure : AES Encryption and Decryption
We restrict to description of a typical round of AES encryption. Each round
comprise of four sub-processes. The first round process is depicted below −
Explore Electronics 13
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Byte Substitution (SubBytes)
The 16 input bytes are substituted by looking up a fixed table (S-box)
given in design. The result is in a matrix of four rows and four columns.
Shiftrows
Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall
off’ are re-inserted on the right side of row. Shift is carried out as follows −
First row is not shifted.
Second row is shifted one (byte) position to the left.
Third row is shifted two positions to the left.
Fourth row is shifted three positions to the left.
The result is a new matrix consisting of the same 16 bytes but shifted
with respect to each other.
MixColumns
Each column of four bytes is now transformed using a special
mathematical function. This function takes as input the four bytes of one
column and outputs four completely new bytes, which replace the original
column. The result is another new matrix consisting of 16 new bytes. It should
be noted that this step is not performed in the last round.
Addroundkey
The 16 bytes of the matrix are now considered as 128 bits and are
XORed to the 128 bits of the round key. If this is the last round then the output
is the ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes
and we begin another similar round.
Explore Electronics 14
CRYPTOGRAPHY https://deepaharivinod.blogspot.com
Decryption Process
The process of decryption of an AES ciphertext is similar to the encryption
process in the reverse order. Each round consists of the four processes
conducted in the reverse order −
Add round key
Mix columns
Shift rows
Byte substitution
Since sub-processes in each round are in reverse manner, unlike for a Feistel
Cipher, the encryption and decryption algorithm needs to be separately
implemented, although they are very closely related.
Explore Electronics 15