Sunteți pe pagina 1din 19

Substitution-Permutation Ciphers

• Substitution-permutation (S-P) networks [Shannon, 1949]


• modern substitution-transposition product cipher
• These form the basis of modern block ciphers
• S-P networks are based on the two primitive
cryptographic operations
• substitution (S-box)
• permutation (P-box)
• provide confusion and diffusion of message
Confusion and Diffusion
• Cipher needs to completely obscure statistical properties of
original message
• A one-time pad does this
• More practically Shannon suggested S-P networks to obtain:
• Diffusion – refers to the property that redundancy in the
statistics of the plaintext is "dissipated" in the statistics of the
ciphertext.
• i.e if we change a character of the plaintext, then several
characters of the ciphertext should change, and similarly, if we
change a character of the ciphertext, then several characters
of the plaintext should change.
• Confusion –Confusion means that the key does not relate in a
simple way to the ciphertext. In particular, each character of
the ciphertext should depend on several parts of the key.
DES (Data Encryption Standard)
• Published in 1977, standardized in 1979.
• Key: 64 bit quantity=8-bit parity+56-bit key
• Every 8th bit is a parity bit.
• 64 bit input, 64 bit output.
General structure of DES
Initial and final permutation steps in DES
Initial and final permutation tables
Feistel Cipher Structure
• Fiestel cipher implements Shannon’s S-P network
concept where a single block of plaintext is transformed
into cipher text after passing through the following
stages:

• partitions input block into two halves


• An initial permutation
• 16 rounds of a given function.
• A 32-bit left-right swap and
• A final permutation.
DES uses 16 rounds. Each round of DES is a Fiestel cipher.
Fiestel
Cipher
Structure
• The computation consists of 16 iterations of a
calculation
• The cipher function f operates on two blocks, one
of 32 bits and one of 48 bits, and produces a block
of 32 bits.
• The input block is then LR, 32 bit block L followed
by a 32 bit block R.
• Let Li-1 and Ri-1 be the left and right halves of the input to
round i.
Li = Ri-1
Ri = Li-1 (+) f (Ri-1, Ki)

• The function f is applied at each round and is referred to


as the Round function
• At each iteration a different block of key K bits is chosen
from the 64-bit key designated KEY to a 48 bit key.
Round Function
The round function involves four operations
• Expansion
• XOR with round key
• Substitution
• permutation
The DES function applies a 48-bit key to the
rightmost 32 bits to produce a 32-bit output.
Expansion P-box
Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to
expand RI−1 to 48 bits.
Expansion permutation

The input 32-bits are expanded to 48 bits in the Expansion P-Box module in the following
way
4 4 4 4 4 4 4 4

6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6

+ + + + + + + +

S1 S2 S3 S4 S5 S6 S7 S8
The permutation produces
“spread” among the
4 4 4 4 4 4 4 4
chunks/S-boxes!
Permutation
Each S-box uses a corresponding 4 row by 16 column table i.e. 8 tables.
Given a 6-bit input, the 1st and the 6th bits are used to address one of the
rows and the remaining 4 bits are used to address one of the 16 columns.
Finally, the value found in the corresponding location of the table is the
4bit output of the S-box
S-Box (Substitute and Shrink)
• 48 bits ==> 32 bits. (8*6 ==> 8*4)
• 2 bits used to select amongst 4 substitutions for the
rest of the 4-bit quantity

2 bits I1
row I2
O1
I3 Si O2
I4 O3
I5 O4

4 bits I6
column i = 1,…8.
S-Box Examples
Each row and column contain different numbers.

0 1 2 3 4 5 6 7 8 9…. 15

0 14 4 13 1 2 15 11 8 3

1 0 15 7 4 14 2 13 1 10

2 4 1 14 8 13 6 2 11 15

3 15 12 8 2 4 9 1 7 5

Example: input: 100110 output: ???


Parity Drop and Compression Permutation

The parity drop module drops the parity bits (bits 8,16,24,..,64) from
the 64-bit key and permutes the rest of the 56 bits according to the
parity drop table.
The Compression permutation module changes the 56 bits to 48 bits
using the key compression table, which are used as the key for a
round.

S-ar putea să vă placă și