Documente Academic
Documente Profesional
Documente Cultură
Instantiation of PRP
Nitesh Saxena
DES – Data Encryption Standard
Encrypts by series of substitution and transpositions.
Based on Feistel Structure
Worldwide standard for more than 20 years.
Has a history of controversy.
Designed by IBM (Lucifer) with later help
(interference?) from NSA.
No longer considered secure for highly sensitive
applications.
Replacement standard AES (advanced encryption
standard) recently completed.
00 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
01 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
10 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
11
15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
Sj
row : b1b 2
S (b1b 2b3b 4b5b 6)
column : b 3b 4 b 5b 6
S (011001) = 6 d = 0110
3/1/2011 Lecture 1 - Introduction 9
DES Decryption
Same as the encryption algorithm with the
“reversed” key schedule – NEXT!
Rounds 2-15
L15 R15
Round-16 (key K16)
R15 L15 ⊕ F ( R15, K 16)
swap
L15 ⊕ F ( R15, K 16) R15
IP inverse
3/1/2011
y Cipher text
Lecture 1 - Introduction 11
encrypt
L15 ⊕ F ( R15, K 16) R15
IP inverse
y Cipher text
IP
L15 ⊕ F ( R15, K 16) R15
Round-1 (K16)
decrypt
R15 L15 ⊕ F ( R15, K 16) ⊕ F ( R15, K 16)
R15 L15
b⊕b = 0
Since
b⊕0 = b
3/1/2011 Lecture 1 - Introduction 12
DES Security
S-Box design not well understood (secret).
Has survived some recent sophisticated
attacks (differential cryptanalysis)
Key is too short. Hence is vulnerable to brute
force attack.
1998 distributed attack took 3 months.
$1,000,000 machine will crack DES in 35
minutes – 1997 estimate. $10,000 – 2.5 days.
X
P E E C
Encryption
K2 K1
X
C D D P
Decryption
P A B
E D E C
Encryption
K1 K2 K1
C B A
D E D P
Decryption
K
DES
Encrypt K
DES
Encrypt
• • • K
DES
Encrypt
C1 C2 CN
C1 C2 CN
• • •
P1 P2 PN
+ + CN-1 +
C1 C2 CN
C1 C2 CN
IV + + CN-1 +
P1 P2 PN