Chapter 3 Encryption Algorithms

1
Chapter 3Encryption Algorithms Systems (Part
D)
2
Outline

• NP-completeness Encryption
• Symmetric (secret key) vs Asymmetric (public key)
  Encryptions
• Popular Encryption Algorithms
• Merkle-Hellman Knapsacks
• RSA Encryption
• El Gamal Algorithms
• DES
• Hashing Algorithms
• Key Escrow Clipper

3
Key Escrow and Clipper

• 1993 ATT started to market a telephone
  encryption device, using a new encryption key for
  each conversation.
• Law enforcement wanted a means to break the
  encryption without weakening the encryption
  enough that interceptors could break the
  encryption as well.
• Public concerns about government abuse of power
• The Clipper proposal
• NSA developed the key escrow concept (Fig. 3-20,
  p.119)

4
Key Escrow and Clipper

• The Skipjack algorithm, the Clipper chip, the
  MOSAIC program, Fortezza, Tessera, the Capstone
  chip
• Public reaction to the announcement of the
  Clipper proposal was strongly negative, mainly
  because the algorithm was classified.
• NSA would release only hardware implementation of
  the algorithm, as a computer chip or as an
  encryption device.

5
Key Escrow and Clipper

• Technical aspects
• 32 rounds of scrambling process
• 80-bit key
• 64-bit blocks of plaintext
• Each piece of data transmission is accompanied by
  a law enforcement agents field (LEAF) Fig.
  3-21, p.121

6
Key Escrow and Clipper

• E( (E(k,u)na), f)
• Each unit has two keys.
• f an 80-bit encryption key for the entire family
  of Clipper chips
• u unique key for each of the unit, guarded by
  two escrow agencies (half by each)
• n a 30-bit number identifying the unit
• a an escrow authenticator
• k the session key under which a communication
  was encrypted

7
Key Escrow and Clipper

• p.121 Fig. 3-21
• M, the original message is encrypted by k, the
  session key.
• k, is encrypted by u, the escrow key.
• The encrypted k, n and a are encrypted by f,
  which is known to the law enforcement authority.
• Steps taken by a law enforcement authority to
  decrypt a conversation p.120

8
Key Escrow and Clipper

• 1993 A panel of cryptography experts reviewed
  the design of the Skipjack algorithm and
  concluded the design was sound and secure.
• p.121
• Whats the current status of the proposal?
• Securing Cyberspace The National Strategy.
  ZDNet Tech Update. September 18, 2002.
• http//techupdate.zdnet.com/techupdate/filters/spe
  cialreport/0,14622,6023471,00.html

9
Data Encryption Standard (DES)

• 1976 officially adopted as a U.S. federal
  standard
• Was authorized for use on all public and private
  sector unclassified communication
• Later became an international standard by the ISO
• The strength of DES comes from repeated
  application of the two encryption techniques,
  substitution and permutation, one on top of the
  other, for a total of 16 cycles.
• Product cipher
• C E2 ( E1(P) )
• A secret key method

10
Data Encryption Standard (DES)

• 16 cycles of substitutions and permutations
  Fig.3-12 (p.104)
• Steps in a single cycle Fig. 3-14, Fig. 3-16
• Operates on blocks of data 64 bits per block
• Splits a data block in half left half, right
  half (32 bits)
• Scrambles each half independently shifted left,
  permuted
• Combines the key with the right half the result
  is then combined with the left half
• Swaps the two halves T right half right half
  key right half left half left half T.

11
Key Transformation

• 64-bit key, but only 56 of the bits are used
  (bits 8, 16, 24, 32, 40, 48, 56, 64 are parity
  bits)
• At each step, the key is split into two 28-bit
  halves.
• The halves are shifted by a specified number of
  digits (Table 3-4, p.107), pasted together again,
  and then 48 of these 56 bits are permuted as a
  key during this step (choice permutation Table
  3-5).

12
Data Encryption Standard (DES)

• How to combine a 32-bit right half with a 56-bit
  key?
• p.106 Fig. 3-15
• Expansion permutation The 32-bit half is
  expanded to 48 bits by repeating certain bits
• See Table 3-3, Fig. 3-17 p.107
• Permuted choices The 56-bit key is reduced to 48
  bits by choosing only certain bits (See Table
  3-5, p.108)
• Fig. 3-16 a detailed single cycle

13
Substitutions and S-boxes

• An S-box is a table in which 6 bits of data are
  replaced by 4 bits.
• The 48-bit input is divided into eight 6-bit
  blocks
• ? 8 S-boxes for substitutions (Table 3-6, p.109)
• Substitutions by S-boxes (Fig. 3-18, p.108)

14
S-box substitutions

• Use Table 3-6
• Input Bj 6 bits (b1 b2 b3 b4 b5 b6)
• Output a 4-bit binary number
• Process
• r b1 b6
• c b2 b3 b4 b5
• result the value at (r, c) of the S-box j (Sj)
  of Table 3-6.
• Convert the result to a binary number.

15
S-box substitutions

• Example p.108
• Input Bj B7 010011b
• r 01b 1
• c 1001b 9
• result (r, c) (1, 9) in S7 3 0011b
• Suppose the Input B4 101010b. Whats the
  output of the substitution?

16
P-box permutations

• Permutations
• Initial permutation
• Permutation in each cycle
• Final inverse permutation
• inverse final permutations Table 3-8, 3-9,
  p.110
• Per-cycle permutation
• p.109 Table 3-7
• Examples
• Bit 1 ? bit 9
• Bit 23 ?bit 11
• Bit 19 ? ?
• Bit 27 ? ?

17
Summary of DES Encryption

• Fig. 3-19, p.111
• Input (64-bit data block, 64-bit key)
• process
• 64-bit key ? 56 bits
• Initial permutation
• 16 cycles
• Key transformation (split, shift, permuted)
• Data blocks substitution permutation
• Lj Rj-1 Rj Lj-1 XOR f(Rj-1, kj)
• S-boxes, P-boxes
• Final permutation
• Output 64-bit ciphertext

18
DES Decryption

• Encryption (Lj-1 , Rj-1) ? (Lj , Rj)
• Lj Rj-1
• Rj Lj-1 XOR f(Rj-1, kj)
• Decryption (Lj , Rj) ? (Lj-1 , Rj-1)
• Rj-1 Lj
• Lj-1 Rj XOR f(Lj, kj)
• Reverse key transformation

19
Security of the DES

• DES is in general a secure method although it
  suffers minor weakness caused by complements,
  weak keys, design, key clustering, and
  differential cryptanalysis.
• Nobody has yet shown serious flaws in the DES,
  nor do people really believe that hardware power
  has reached the point where a brute force attack
  can feasibly break the DES.
• The problem with DES is not that it is known, or
  even suspected, to have been broken it is just
  becoming more likely that it could be broken.
• ? A black box approach (the NSAs Clipper
  program)

20
NSAs Role in Computer Security

• 1984 President Reagan issued the National
  Security Decision Directive ("NSDD") 145.
• NSDD-145 gave NSA the authority to develop a
  national policy on computer and communications
  security.
• 1987 The Computer Security Act of 1987 gave
  the responsibility to NIST.
• An important point of this law is that it places
  an entirely new emphasis on computer security,
  not only on classified data, but also on
  unclassified information that are national
  interest.

21
Summary

• Hard problems
• Asymmetric Encryptions
• Merkle-Hellman Knapsacks
• RSA Encryption
• El Gamal Algorithms
• Symmetric Encryptions
• DES
• Key Escrow Clipper
• Hashing Algorithms
• Next Ch. 4 (Protocols and practices)