Serpent Encryption Algorithm - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Serpent Encryption Algorithm

Description:

... a parallel processing system (such as the two 32bit ALUs of the ... '1' bit to the MSB end, followed by as many '0' bits as required to make up 256 bits. ... – PowerPoint PPT presentation

Number of Views:3459
Avg rating:5.0/5.0
Slides: 22
Provided by: Lapt338
Category:

less

Transcript and Presenter's Notes

Title: Serpent Encryption Algorithm


1
Serpent - Encryption Algorithm
2
What will we talk about?
  • History
  • Introduction
  • Encryption
  • Decryption
  • Security issues
  • Performance

3
History
  • NIST called for a replacement for DES an
    Advanced Encryption Standard (AES).
  • Required properties of AES
  • 128 bit block cipher.
  • Symmetric key.
  • Variant key length 128, 192, 256 bits.
  • Faster then 3DES.
  • As secure as 3DES.

4
Introduction
  • Invented by Eli Biham, Ross Anderson and Lars
    Knudsen.
  • Serpent is actually Serpent-1. There was a
    previous version to it called Serpent-0.
  • Serpent was designed to work best with a parallel
    processing system (such as the two 32bit ALUs of
    the intelMMX chip).

5
Encryption
  • Issues discussed here
  • Block diagram
  • Initial and final permutations
  • Linear transformation
  • The S-Boxes of serpent
  • Serpents key scheduling

6
Block diagram
PlainText
IP
Ki
0-3
4-7
125-128
S-Boxi8
S-Boxi8
S-Boxi8
Linear transformation
i 0,1,,30
7
Block diagram Continue
K31
0-3
4-7
125-128
S-Box7
S-Box7
S-Box7
K32
FP
CipherText
8
Initial final Permutations
  • These permutations have no actual cryptographic
    value.
  • The initial permutation

The final permutation is the reversed permutation
of the initial one.
9
Linear transformation
  • Applied on the result of the S-Boxes, I.e. on
    Si(Bi ? Ki).
  • Each output bit is an exclusive or of some input
    bits.
  • For Example, output bit 0 is an exclusive or of
    input bits 16, 52, 56, 70, 83, 94 and bit 105.
  • The number of input bits XORed to give one output
    bit is variant and not fixed to seven.

10
The S-Boxes of Serpent
  • Serpent-0 used the rows from DES as its S-Boxes.
  • For security reasons The S-Boxes of Serpent were
    changed in Serpent-1 and their number was cut to
    8 (from the original 32 rows of DES S-Boxes).
  • Using less S-Boxes results in using less memory.

11
The S-Boxes - Continue
  • Serpents S-Boxes are subjected to three
    characteristic properties.
  • The S-Boxes were generated using the original DES
    S-Boxes and a key string sboxesforserpent which
    is 16 letters long.
  • Using a different key string will result in
    different S-Boxes.

12
The S-Boxes - Continue
  • Algorithm for generating the S-Boxes
  • index 0
  • repeat
  • currentsbox index modulo 32
  • for i0 to 15 do
  • j sbox(currentsbox1) modulo 32serpenti
  • swapentries (sboxcurrentsboxi,sboxcurrentsbox
    j)
  • if sboxcurrentsbox. has the desired
    properties, save it
  • index index 1
  • until 8 S-boxes have been generated

13
The S-Boxes - Continue
  • The resulting S-Boxes are
  • The S-Boxes are 4 bits permutations.

14
Key scheduling
  • The user key length is variable.
  • The key is eventually padded into 256 bits in the
    following manner short keys with
    less than 256 bits are mapped to full-length keys
    of 256 bits by appending one 1 bit to the MSB
    end, followed by as many 0 bits as required to
    make up 256 bits.

15
Key scheduling - continue
  • Key material generation process
  • Pad user key to 256 bits.
  • Write key as eight 32 bit words w-8, , w-1.
  • Expand these to 132 words w0 w131 in the
    following manner
  • where ? is the fractional part of the golden
    ratio (50.5 1) / 2, or 0x9e3379b9.

16
Key scheduling - continue
  • Pass these words through the S-Boxes to receive
    the sub-keys (key material) in the following
    manner

17
Decryption
  • Decryption is different from encryption in that
    the inverse of the S-boxes must be used in the
    reverse order, as well as the inverse linear
    transformation and reverse order of the sub-keys.
  • Also we first perform the final permutation and
    at the end of the process we perform the initial
    permutation.

18
Security issues
  • The new S-Boxes raise the number of chosen/known
    plaintexts required for either type of attack
    from 2100 to 2256.
  • There are no weak, semi-weak or equivalent keys
    in Serpent so no related keys attack is
    applicable.
  • Dictionary attack under an unknown key will
    require 2128 different plaintexts.

19
Security issues - Continue
  • Linear cryptanalysis will require a number of
    somewhat 2240 blocks of known plaintexts.
  • Using 28 round differential. cryptanalysis will
    yield a probability of 2-120 to find a
    differential that cracks the key.

20
Security issues - Continue
  • Non-linear cryptanalysis only improve the number
    of known plaintexts needed by linear
    cryptanalysis by a small factor.
  • Timing attack is not applicable to Serpent.

21
Performance
  • As we mentioned before, Serpent is as fast as
    DES. The next table illustrate that

On Pentium MMX 133Mhz.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Serpent Encryption Algorithm" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!