Information

Security :
Principles and
Practice
 By:William
Stallings

Chapter 1  Introduction
1
 Information Security

Lecture 2
Dr.Hani Al-medhegi
 Part I: Crypto

Part 1  Cryptography
3
 Crypto Basics

Part 1  Cryptography
4
 Symmetric Key Crypto

Part 1  Cryptography
5
 Symmetric Key Crypto
 Stream cipher  generalize one-time
pad
o Except that key is relatively short
o Key is stretched into a long keystream
o Keystream is used just like a one-time pad
 Block cipher  generalized codebook
Concept
o Block cipher key determines a codebook
o Each key yields a different codebook
o Employs both “confusion” and “diffusion”
Part 1  Cryptography
6
 Block Ciphers

Part 1  Cryptography
7
Cryptography and Network Security
By Behrouz A. Forouzan

Chapter (6)
Data Encryption Standard
(DES)

Part 1  Cryptography
8
 6-1 Introduction
The Data Encryption Standard (DES)
is a symmetric-key block cipher
published by the National Institute of
Standards and Technology (NIST).
Topics discussed in this section:
6.1.1 History
6.1.2 Overview

Part 1  Cryptography
9
 6.1.1 History

In 1973, NIST published a request for

proposals for a national symmetric-key
cryptosystem. A proposal from IBM, a
modification of a project called Lucifer,
was accepted as DES. DES was published
in the Federal Register in March 1975 as a
draft of the Federal Information
Processing Standard (FIPS).

Part 1  Cryptography
10
 6.1.2 Overview
DES is a block cipher, as shown in Figure 6.1.
Figure 6.1 Encryption and decryption with DES

Part 1  Cryptography
11
 6-2 DES STRUCTURE
The encryption process is made of
two permutations (P-boxes), which
we call initial and final permutations,
and sixteen Feistel rounds.
Topics discussed in this section:
6.2.1 Initial and Final Permutations
6.2.2 Rounds
6.2.3 Cipher and Reverse Cipher
6.2.4 Examples

Part 1  Cryptography
12
 6-2 Continue
Figure 6.2 General structure of DES

Part 1  Cryptography
13
 6.2.1 Initial and final permutations

Figure 6.3 Initial and final permutation steps in

DES

Part 1  Cryptography
14
 6.2.1 Continue
Table 6.1 Initial and final permutation tables

Chapter 1  Introduction
15
 6.2.1 Continued
Example 6.1
Find the output of the initial permutation box when the input is
given in hexadecimal as:
0x0002 0x0002 00000000
0000 0000 0001
0001
Solution
Only bit 15 and bit 64 are 1s;the other bits are 0s. In the final
permutation, bit 15 becomes bit 63 and bit 64 becomes bit 25.
The result is

0x0000 0080 0000 0002

Part 1  Cryptography
16
 6.2.1 Continued
Example 6.2
Prove that the initial and final permutations are the inverse
of each other by finding the output of the final permutation
if the input is
0x0000 0080 0000 0002
Solution
The input has only two Is; the output must also have only
two 1s. Using Table 6.1,we can find the output related to
these two bits. Bit 25 in the input becomes bit 64 in the
output. Bit 63 in the input becomes bit 15 in the output. So
the output has only two 1s, bit 25 and bit 63. The result in
hexadecimal is
0x0002 0000 0000 0001

Part 1  Cryptography
17
 6.2.1 Continued
Note:
The initial and final permutations are
straight P-boxes that are inverses of
each other.
They have no cryptography
significance in DES.

Part 1  Cryptography
18
 6.2.2 Rounds
DES uses 16 rounds. Each round of DES is a Feistel cipher.
Figure 6.4 A round in DES (encryption site)

Part 1  Cryptography
19
 6.2.2 Continued
DES Function
The heart of DES is the DES function. The DES function
applies a 48-bit key to the rightmost 32 bits to produce a
32-bit output.
Figure 6.5 DES function

Part 1  Cryptography
20
 6.2.2 Continue
Expansion P-box
Since RI−1 is a 32-bit input and KI is a 48-bit key, we first
need to expand RI−1 to 48 bits.
Figure 6.6 Expansion permutation

Part 1  Cryptography
21
 6.2.2 Continue
Although the relationship between the input and output
can be defined mathematically, DES uses Table 6.2 to
define this P-box.
Table 6.2 Expansion P-box table

Part 1  Cryptography
22
 6.2.2 Continue
Whitener (XOR)
After the expansion permutation, DES uses the
XOR operation on the expanded right section and
the round key. Note that both the right section
and the
key are 48-bits in length. Also note that the
round key is used only in this operation.

Part 1  Cryptography
23
 6.2.2 Continue
S-Boxes
The S-boxes do the real mixing (confusion). DES uses 8 S-
boxes, each with a 6-bit input and a 4-bit output. See
Figure 6.7.
Figure 6.7 S-boxes

Part 1  Cryptography
24
 6.2.2 Continue
Figure 6.8 S-box rule

Part 1  Cryptography
25
 6.2.2 Continue
Table 6.3 shows the permutation for S-box1. For the rest of
the boxes see the textbook.
Table 6.3 S-box 1

Part 1  Cryptography
26
 6.2.2 Continued
Example 6.3
The input to S-box 1 is 100011. What is the output?
Solution
If we write the first and the sixth bits together, we get 11
in binary, which is 3 in decimal. The remaining bits are
0001 in binary, which is 1 in decimal. We look for the value
in row 3, column 1, in Table 6.3 (S-box 1). The result is 12
in decimal, which in binary is 1100. So the input 100011
yields the output 1100.

Part 1  Cryptography
27
 6.2.2 Continued
Example 6.4
The input to S-box 8 is 000000. What is the output?
Solution
If we write the first and the sixth bits together, we get 00
in binary, which is 0 in decimal. The remaining bits are
0000 in binary, which is 0 in decimal. We look for the value
in row 0, column 0, in Table 6.10 (S-box 8). The result is 13
in decimal, which is 1101 in binary. So the input 000000
yields the output 1101.

Part 1  Cryptography
28
 6.2.2 Continue
Straight Permutation
Table 6.11 Straight permutation table

Part 1  Cryptography
29
 6.2.3 Cipher and Reverse Cipher

Using mixers and swappers, we can create the cipher and

reverse cipher, each having 16 rounds.

First Approach
To achieve this goal, one approach is to make the last
round (round 16) different from the others; it has only a
mixer and no swapper.

Note: In the first approach, there is no swapper in the last

round.

Part 1  Cryptography
30
 6.2.3 Continued
Figure 6.9 DES cipher and reverse cipher for the first
approach

Part 1  Cryptography
31
 6.2.3 Continued
Algorithm 6.1 Pseudocode for DES cipher

Part 1  Cryptography
32
 6.2.3 Continued
 Algorithm 6.1 Pseudocode for DES cipher (continued)

Part 1  Cryptography
33
 6.2.3 Continued
Algorithm 6.1 Pseudocode for DES cipher (continued)

Part 1  Cryptography
34
 6.2.3 Continued
Algorithm 6.1 Pseudocode for DES cipher (continued)

Part 1  Cryptography
35
 6.2.3 Continued
Alternative Approach
We can make all 16 rounds the same by including one
swapper
to the 16th round and add an extra swapper after that (two
swappers cancel the effect of each other).

Key Generation
The round-key generator creates sixteen 48-bit keys out of
a 56-bit cipher.

Part 1  Cryptography
36
 6.2.3 Continued
Figure 6.10 Key generation

Part 1  Cryptography
37
 6.2.3 Continued
Table 6.12 Parity-bit drop table

Table 6.13 Number of bit shifts

Part 1  Cryptography
38
 6.3 DES ANALYSIS
Critics have used a strong magnifier to analyze DES.
Tests have been done to measure the strength of some
desired properties in a block cipher.

Topics discussed in this section:

6.3.1 Properties
6.3.2 Design Criteria
6.3.3 DES Weaknesses

Part 1  Cryptography
39
 6.3.1 Properties
Two desired properties of a block cipher are the avalanche
effect and the completeness.

Example 6.7
To check the avalanche effect in DES, let us encrypt two
plaintext blocks (with the same key) that differ only in one
bit and observe the differences in the number of bits in
each round.

Part 1  Cryptography
40
 6.3.1 Continued
Example 6.7
Although the two plaintext blocks differ only in the
rightmost bit, the ciphertext blocks differ in 29 bits. This
means that changing approximately 1.5 percent of the
plaintext creates a
change of approximately 45 percent in the ciphertext.

Table 6.17 Number of bit differences for Example 6.7

Part 1  Cryptography
41
 6.3.1 Continued
Completeness effect
Completeness effect means that each bit of the ciphertext
needs to depend on many bits on the plaintext.

Part 1  Cryptography
42
 6.3.2 Design Criteria

S-Boxes
The design provides confusion and diffusion of bits from
each round to the next.

P-Boxes
They provide diffusion of bits.

Number of Rounds
DES uses sixteen rounds of Feistel ciphers. the ciphertext
is
thoroughly a random function of plaintext and ciphertext.

Part 1  Cryptography
43
 6.3.3 DES Weaknesses

During the last few years critics have found some

weaknesses in DES.
Weaknesses in Cipher Design
1. Weaknesses in S-boxes
2. Weaknesses in P-boxes
3. Weaknesses in K
Table 6.18 Weak keys

Part 1  Cryptography
44
 6.3.3 Continued
Example 6.8
Let us try the first weak key in Table 6.18 to encrypt a
block two times. After two encryptions with the same key
the original plaintext block is created. Note that we have
used the encryption algorithm two times, not one
encryption followed by another decryption.

Part 1  Cryptography
45
 6.3.3 Continued
Figure 6.11 Double encryption and decryption with a weak
key

Part 1  Cryptography
46
 6.3.3 Continued
Table 6.19 Semi-weak keys

Part 1  Cryptography
47
 6.3.3 Continued

Part 1  Cryptography
48
 6.3.3 Continued
Figure 6.12 A pair of semi-weak keys in encryption and
decryption

Part 1  Cryptography
49
 6.3.3 Continued
Example
What is the probability of randomly selecting a weak, a
semi-weak, or a possible weak key?

Solution

Part 1  Cryptography
50