Documente Academic
Documente Profesional
Documente Cultură
Introduction to Network
Security
S-DES Scheme
Encryption
Decryption
P10
8-bit plaintext
8-bit plaintext
SHIFT
IP
IP - 1
K1
fk
P8
K1
SHIFT
SW
K2
P8
fk
SW
K2
fk
fk
IP - 1
IP
8-bit ciphertext
8-bit ciphertext
Key Generation
Operations
(A) Apply permutation P10:
10
P10
5
LS-1
LS-1
5
(C) Apply permutation P8:
P8
K1
LS-2
LS-2
5
P8
K2
IP
4
E/P
8
4
K1
4
S1
S0
2
Encryption Detail
P4
2
4
SW
The permutation IP
E/P
K2
S0
S1
P4
I P -1
S-box Operation
(1)
(2)
(3)
(4)
S1:
0
2
2
1
3
1
1
3
2
0
3
2
0
2
3
2
1
0
0
1
2
1
1
0
3
3
0
3
Let L, R be the left 4 bits and right 4 bits of the input. Then
FKey( L , R ) = (L XOR f(R, Key), R)
Block Ciphers
In general, a block cipher replaces a block of N plaintext bits
with a block of N ciphertext bits. (E.g., N = 64 or 128.)
A block cipher is a monoalphabetic cipher.
Each block may be viewed as a huge character.
The alphabet consists of 2N gigantic characters.
Each particular cipher is a one-to-one mapping from the
plaintext alphabet to the ciphertext alphabet.
There are 2N! such mappings.
A secret key indicates which mapping to use.
The
Feistel
Cipher
Structure
Round i
Li-1
Ri-1
f
+
Li
Ri
ki
Mathematical Description of
Round i
Let Li 1 and Ri 1 be the input of round i, and
Li and Ri the output.
We have
Li : Ri 1
Ri : Li 1 F ( Ri 1 , Ki )
Or,
(Li , Ri ) : oi ( Li 1 , Ri 1 ), where
i : ( x, y ) ( x F ( y , ki ), y ).
: ( x, y ) ( y, x ).
Note that i 1 i and 1 .
15
Feistel Cipher
Goes through a number of rounds, say 16 rounds.
A Feistel cipher encrypts a plaintext block m as:
c : E k ( m) : o o16 oL o o2 o o1 ( m)
The decryption will be:
Dk ( c ) 11 o 1 o21 oL o 1 o161 o 1 o 1 (c )
o o1 o o2 oL o o16 ( c)
The descryption algorithm is the same as the
encryption algorithm, but uses round keys in the
reverse order.
16
DES Encryption
Overview
49
58
2
11
55
62
6
13
41
50
59
3
47
54
61
5
33
42
51
60
39
46
53
28
25
34
43
52
31
38
45
20
17
26
35
44
23
30
37
12
9
18
27
36
15
22
29
4
21
Initial Permutation IP
Round i
Li-1
Ri-1
32
32
Li
Ri
F
+
32
48
ki
24
The S-Boxes
Eight S-boxes each map 6 to 4 bits
Each S-box is specified as a 4 x 16 table
each row is a permutation of 0-15
outer bits 1 & 6 of input are used to select one
of the four rows
inner 4 bits of input are used to select a
column
Box S1
0
0 14
4 13
0 15
3
1
2 15 11
8
8
9 10 11 12 13 14 15
3 10
6 12 11
3 10
4 14
2 13
1 14
8 13
2 11 15 12
3 14 10
3 15 12
1 10
6 12
5 11
6 13
28
Permutation Function P
P
16
20
21
29
12
28
17
15
23
26
18
31
10
24
14
32
27
19
13
30
22
11
25
1
Avalanche Effect
Avalanche effect:
A small change in the plaintext or in the key results in a
significant change in the ciphertext.
an evidence of high degree of diffusion and confusion
Attacks on DES
Brute-force key search
Needs only two plaintext-ciphertext samples
Trying 1 key per microsecond would take 1000+ years on
average, due to the large key space size, 256 7.21016.
Differential cryptanalysis
Possible to find a key with 247 plaintext-ciphertext samples
Known-plaintext attack
Liner cryptanalysis:
Possible to find a key with 243 plaintext-ciphertext samples
Known-plaintext attack
31
DES Cracker
DES Cracker:
A DES key search machine
contains 1536 chips
Cost: $250,000.
could search 88 billion keys per second
won RSA Laboratorys DES Challenge II-2 by
successfully finding a DES key in 56 hours.
2DES
Consider 2DES with two keys:
C = EK2(EK1(P))
Decryption:
P = DK1(DK2(C))
C = EK2(EK1(P))
EK1
EK2
35
36
37