Serpent Encryption Algorithm PowerPoint PPT Presentation

presentation player overlay
1 / 21
About This Presentation
Transcript and Presenter's Notes

Title: Serpent Encryption Algorithm


1
Serpent - Encryption Algorithm
2
What will we talk about?
  • History
  • Introduction
  • Encryption
  • Decryption
  • Security issues
  • Performance

3
History
  • NIST called for a replacement for DES an
    Advanced Encryption Standard (AES).
  • Required properties of AES
  • 128 bit block cipher.
  • Symmetric key.
  • Variant key length 128, 192, 256 bits.
  • Faster then 3DES.
  • As secure as 3DES.

4
Introduction
  • Invented by Eli Biham, Ross Anderson and Lars
    Knudsen.
  • Serpent is actually Serpent-1. There was a
    previous version to it called Serpent-0.
  • Serpent was designed to work best with a parallel
    processing system (such as the two 32bit ALUs of
    the intelMMX chip).

5
Encryption
  • Issues discussed here
  • Block diagram
  • Initial and final permutations
  • Linear transformation
  • The S-Boxes of serpent
  • Serpents key scheduling

6
Block diagram
PlainText
IP
Ki
0-3
4-7
125-128
S-Boxi8
S-Boxi8
S-Boxi8
Linear transformation
i 0,1,,30
7
Block diagram Continue
K31
0-3
4-7
125-128
S-Box7
S-Box7
S-Box7
K32
FP
CipherText
8
Initial final Permutations
  • These permutations have no actual cryptographic
    value.
  • The initial permutation

The final permutation is the reversed permutation
of the initial one.
9
Linear transformation
  • Applied on the result of the S-Boxes, I.e. on
    Si(Bi ? Ki).
  • Each output bit is an exclusive or of some input
    bits.
  • For Example, output bit 0 is an exclusive or of
    input bits 16, 52, 56, 70, 83, 94 and bit 105.
  • The number of input bits XORed to give one output
    bit is variant and not fixed to seven.

10
The S-Boxes of Serpent
  • Serpent-0 used the rows from DES as its S-Boxes.
  • For security reasons The S-Boxes of Serpent were
    changed in Serpent-1 and their number was cut to
    8 (from the original 32 rows of DES S-Boxes).
  • Using less S-Boxes results in using less memory.

11
The S-Boxes - Continue
  • Serpents S-Boxes are subjected to three
    characteristic properties.
  • The S-Boxes were generated using the original DES
    S-Boxes and a key string sboxesforserpent which
    is 16 letters long.
  • Using a different key string will result in
    different S-Boxes.

12
The S-Boxes - Continue
  • Algorithm for generating the S-Boxes
  • index 0
  • repeat
  • currentsbox index modulo 32
  • for i0 to 15 do
  • j sbox(currentsbox1) modulo 32serpenti
  • swapentries (sboxcurrentsboxi,sboxcurrentsbox
    j)
  • if sboxcurrentsbox. has the desired
    properties, save it
  • index index 1
  • until 8 S-boxes have been generated

13
The S-Boxes - Continue
  • The resulting S-Boxes are
  • The S-Boxes are 4 bits permutations.

14
Key scheduling
  • The user key length is variable.
  • The key is eventually padded into 256 bits in the
    following manner short keys with
    less than 256 bits are mapped to full-length keys
    of 256 bits by appending one 1 bit to the MSB
    end, followed by as many 0 bits as required to
    make up 256 bits.

15
Key scheduling - continue
  • Key material generation process
  • Pad user key to 256 bits.
  • Write key as eight 32 bit words w-8, , w-1.
  • Expand these to 132 words w0 w131 in the
    following manner
  • where ? is the fractional part of the golden
    ratio (50.5 1) / 2, or 0x9e3379b9.

16
Key scheduling - continue
  • Pass these words through the S-Boxes to receive
    the sub-keys (key material) in the following
    manner

17
Decryption
  • Decryption is different from encryption in that
    the inverse of the S-boxes must be used in the
    reverse order, as well as the inverse linear
    transformation and reverse order of the sub-keys.
  • Also we first perform the final permutation and
    at the end of the process we perform the initial
    permutation.

18
Security issues
  • The new S-Boxes raise the number of chosen/known
    plaintexts required for either type of attack
    from 2100 to 2256.
  • There are no weak, semi-weak or equivalent keys
    in Serpent so no related keys attack is
    applicable.
  • Dictionary attack under an unknown key will
    require 2128 different plaintexts.

19
Security issues - Continue
  • Linear cryptanalysis will require a number of
    somewhat 2240 blocks of known plaintexts.
  • Using 28 round differential. cryptanalysis will
    yield a probability of 2-120 to find a
    differential that cracks the key.

20
Security issues - Continue
  • Non-linear cryptanalysis only improve the number
    of known plaintexts needed by linear
    cryptanalysis by a small factor.
  • Timing attack is not applicable to Serpent.

21
Performance
  • As we mentioned before, Serpent is as fast as
    DES. The next table illustrate that

On Pentium MMX 133Mhz.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Serpent Encryption Algorithm" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!