Scribd
Upload
62 views

Lecture 5 - DeS and Its Variants

- DES (Data Encryption Standard) is a symmetric-key algorithm that uses a Feistel cipher structure. It has a block size of 64 bits and a key size of 56 bits. - The encryption process in DES consists of an initial permutation, then 16 rounds of processing that uses subkeys generated from the original key, and finally a final inverse permutation. - Each round uses a 48-bit subkey to modify half of the input block using an substitution-permutation network before swapping the two halves. - Triple DES can use two keys or three distinct keys to strengthen security compared to the original DES, though it has now been replaced by the AES standard.

Uploaded by

sameer15112000
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
62 views

Lecture 5 - DeS and Its Variants

- DES (Data Encryption Standard) is a symmetric-key algorithm that uses a Feistel cipher structure. It has a block size of 64 bits and a key size of 56 bits. - The encryption process in DES consists of an initial permutation, then 16 rounds of processing that uses subkeys generated from the original key, and finally a final inverse permutation. - Each round uses a 48-bit subkey to modify half of the input block using an substitution-permutation network before swapping the two halves. - Triple DES can use two keys or three distinct keys to strengthen security compared to the original DES, though it has now been replaced by the AES standard.

Uploaded by

sameer15112000
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 30

Sanjivani Rural Education Society’s

Sanjivani College of Engineering, Kopargaon-423 603


(An Autonomous Institute, Affiliated to Savitribai Phule Pune University, Pune)
NACC ‘A’ Grade Accredited, ISO 9001:2015 Certified

Department of Computer Engineering


(NBA Accredited)

Lecture-05 DES and its variants


Feistel Cipher Structure
• Block size: larger block sizes mean greater security
• Partition the data block into two halves L and R
• Key Size: larger key size means greater security
• Number of rounds: multiple rounds offer increasing security
• In each round,
• R does not change.
• L goes through an operation that depends on R and a
round key derived from the key.
• Subkey generation algorithm: greater complexity will lead
to greater difficulty of cryptanalysis.
• Fast software encryption/decryption: the speed of execution
of the algorithm becomes a concern
2
3
DES: The Data Encryption Standard
• Most widely used block cipher in the world.
• Based on the Feistel cipher structure processing.
• Ruled for more than 3 decades.
• Rounds = 16 no
• Block = 64 bits
• Key = 56 bits
• What is specific to DES is the design of the F function
and how round keys are derived from the main key.

4
DES is a block cipher, as shown in Figure

Figure . Encryption and decryption with DES

6.5
Encryption
64-bit plain-text (X)

Initial Permutation (IP)

64-bit key (K)


Key i
Round (i) Key Generation (KeyGen)

32-bit Switch (SW)

Inversion of Initial Permutation (IP-1)

64-bit cipher-text (Y)


Encryption Steps In DES

• Plain text:64-bit
• Initial Permutation: IP( )
• Divide in 32-bit LPT+RPT
• Roundi: 1≤ i ≤ 16 key
• Final Permutation Inverse IP: IP-1( )
• Cipher text:64-bit
Initial Permutation IP

• IP: the first step of the encryption.


• It reorders the input data bits.
• The last step of encryption is the inverse of IP.
• IP and IP-1 are specified by tables
• http://en.wikipedia.org/wiki/DES_supplementary_
material
Initial Permutation (IP)
• IP
Bit 0 1 2 3 4 5 6 7
1 58 50 42 34 26 18 10 2
9 60 52 44 36 28 20 12 4
17 62 54 46 38 30 22 14 6
25 64 56 48 40 32 24 16 8
33 57 49 41 33 25 17 9 1
41 59 51 43 35 27 19 11 3
49 61 53 45 37 29 21 13 5
57 63 55 47 39 31 23 15 7

◼ Note: IP(IP-1) = IP-1(IP) = I


Details of Single Round in DES

• Separate plaintext as L0R0


• L0: left half 32 bits of plaintext
• R0: right half 32 bits of plaintext
◼ Key Transformation

F
• Expansion/permutation: E( )
• Substitution/choice: S-box( )
• Permutation: P-Box( )
• X-OR & Swap
The F function of DES
• The L and R each have 32 bits, and the round key K 48 bits.

• The F function, on input R and K , produces 32 bits:

F ( R, K ) = P ( S ( E ( R )  K ) )

where E : expands 32 bits to 48 bits;


S : shrinks it back to 32 bits;
P : permutes the 32 bits.

11
Step 1: Key Generation

• Original Key: Key0


• Permuted Choice One: PC_1( )
• Permuted Choice Two: PC_2( )
• Schedule of Left Shift: SLS( )
• It involves permutation & selection
• Compression from 56 bit key to 48 bit key
• Round = 1,2,9,16 -> PC_1( ) No of key bit
• Round = Remaining-> PC_2( ) shifted
Round Key/Sub Key Generation

• Main key: 64 bits.


• 56-bits are selected and permuted using Permuted Choice One
(PC1); and then divided into two 28-bit halves.
• In each round:
• Left-rotate each half separately by either 1 or 2 bits according
to a rotation schedule.
• Select 24-bits from each half, and permute the combined 48
bits.
• This forms a round key/sub key.
Step 2: Expansion/permutation:
◼ Expansion permutation table for RPT
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 45 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1

Expansion
Expansion
Expansion permutation
Since RI−1 is a 32-bit input and KI is a 48-bit key, we first
need to expand RI−1 to 48 bits.
(XOR)
After the expansion permutation, DES uses the XOR
operation on the expanded right section and the round key.
Note that both the right section and the key are 48-bits in
length. Also note that the round key is used only in this
operation.

STEP 1 (XOR) STEP 2 = RESULT FOR NEXT STEP


Encryption (Round)

(Key Generation)

[1]
Step 3: S-Box Substitution
The S-Boxes

• Eight S-boxes each map 6 to 4 bits


• Each S-box is specified as a 4 x 16 table
• each row is a permutation of 0-15
• outer bits 1 & 6 of input are used to select one of the four rows
• inner 4 bits of input are used to select a column
• All the eight boxes are different.
Encryption (Round)
◼ S-box
Box S1
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7

1 0 15 7 4 14 2 13 1 10 6 12 11 6 5 3 8

2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0

3 15 •12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

For example, S1(101010) = 6 = 0110.


21
Step 4: P-BOX permutation->Replacement of
bit
INPUT POSITION 16 = OUTPUT POSITION 1

◼ P
16 7 20 21 29 12 28 17

1 15 23 26 5 18 31 10

2 8 24 14 32 27 3 9

9 13 30 6 22 11 4 25
Step 5:XOR & SWAP
Li-1 Ri-1

Expansion/permutation (E_table)

XOR Ki

F Substitution/choice (S-box)

Permutation (P)

XOR

Li Ri Next Round
Final Permutation
• At the end of the 16 rounds, it is performed only
once.
-1
• Simple transposition ◼ IP
Bit 0 1 2 3 4 5 6 7
1 40 8 48 16 56 24 64 32
9 39 7 47 15 55 23 63 31
17 38 6 46 14 54 22 62 30
25 37 5 45 13 53 21 61 29
33 36 4 44 12 52 20 60 28
41 35 3 43 11 51 19 59 27
49 34 2 42 10 50 18 58 26
57 33 1 41 9 49 17 57 25
Decryption
• The same algorithm as
encryption.
• Reversed the order of key
(Key16, Key15, … Key1).
• For example:
• IP undoes IP-1 step of
encryption.
• 1st round with SK16 undoes
16th encrypt round.

[1]
Multiple Encryption with DES
• In 2001, NIST published the Advanced Encryption Standard
(AES) to replace DES.

• But users in commerce and finance are not ready to give up on


DES.

• As a temporary solution to DES’s security problem, one may


encrypt a message (with DES) multiple times using multiple
keys:
• 2DES is not much securer than the regular DES
• So, 3DES with either 2 or 3 keys is used used in PGP.
26
2DES

• Consider 2DES with two keys:


C = EK2(EK1(P))

• Decryption: P = DK1(DK2(C))

• Key length: 56 x 2 = 112 bits

• This should have thwarted brute-force attacks?

• Wrong!

27
Triple-DES with Two-Keys
• If algorithm uses 3 encryptions
• would seem to need 3 distinct keys
• but can we use 2 keys with E-D-E sequence
• C = EK1[DK2[EK1[P]]]
• P = DK1[EK2[DK1[C]]]
• So Triple DES work with two keys
• This is called as EDE mode.
• standardized in ANSI X9.17 & ISO8732
• no current known practical attacks
Triple-DES with Three-Keys
• although are no practical attacks on two-key Triple-
DES have some indications
• can use Triple-DES with Three-Keys to avoid even
these
• C = EK3[EK2[EK1[P]]]
• has been adopted by some Internet applications,
• E.g PGP, S/MIME
• Highly Secure
THANK YOU

You might also like