Chap 2-2 Conventional Encryption Message Confidentiality (Symmetric, Block) - PowerPoint PPT Presentation

About This Presentation
Title:

Chap 2-2 Conventional Encryption Message Confidentiality (Symmetric, Block)

Description:

Chap 2-2 Conventional Encryption Message Confidentiality (Symmetric, Block) * * 10.P4 S-BOX 0001 ... – PowerPoint PPT presentation

Number of Views:181
Avg rating:3.0/5.0
Slides: 60
Provided by: csh108
Category:

less

Transcript and Presenter's Notes

Title: Chap 2-2 Conventional Encryption Message Confidentiality (Symmetric, Block)


1
Chap 2-2Conventional Encryption Message
Confidentiality(Symmetric, Block)
2
DES (Data Encryption Standard)
  • Requirements
  • 1. It must provide a high level of security.
  • 2. It must be completely specified and easy to
    understand.
  • 3. The security provided by the algorithm must
    not be based on the secrecy of the algorithm.
  • 4. It must be all users and suppliers.

3
DES (Data Encryption Standard)
  • 5. It must be adaptable for use in diverse
    applications.
  • 6. It must be economical to implement in
    electronic devices and be efficient to use.
  • 7. It must be amenable to validation.
  • 8. It must be exportable.

4
S-DES Structure and Flow Diagram
IP initial permutation SW Switch
5
Part1. Generation of Key ValueKey generation for
simplified DES
6
1.P10
  • ?? ??? 10??? ? ? ?? ??? ??, ??? ???? Index? ??
    ?????? ? ??? ??? ??? ???? ?? ??? ?? ??.

Key 1 0 1 0 0 1 1 0 1 0
Index 1 2 3 4 5 6 7 8 9 10
Key 1 0 0 1 0 0 1 1 0 1
Index 3 5 2 7 4 10 1 9 8 6
Initial Key Values
P10 ?? ? ? Key ?
7
2.Shift(LS-1)
  • ?? ??? ???? 10?? ?? ???? 5??? 2???? ??? ? ???
    5??? ????? 1??? ???? ?? ?????.

Key 1 0 0 1 0 0 1 1 0 1
Index 3 5 2 7 4 10 1 9 8 6
LS-1
Key 0 0 1 0 1 1 1 0 1 0
Index 5 2 7 4 3 1 9 8 6 10
Key?
LS-1 ?? ? ? Key ?
8
3.P8
  • ????? ?? 1??? ?? ???? 2?? 5??? ??? ?? 10??? ???
    Index? ??? ? 8???? ??? ??? ?? ??? ????.

Key 0 0 1 0 1 1 1 0 1 0
Index 1 2 3 4 5 6 7 8 9 10
Key 1 1 1 0 0 1 0 1
Index 6 3 7 4 8 5 10 9
Key?
P8 ?? ? ? Key ?
Key1? ?? 1 1 1 0 0 1 0 1
9
4.Shift(LS-2)
  • Shift(LS-1) ???? 10?? ?? ???? 5??? 2???? ??? ?
    ??? 5??? ????? 2??? ???? ?? ?????.

Key 0 0 1 0 1 1 1 0 1 0
Index 5 2 7 4 3 1 9 8 6 10
LS-1
Key 1 0 1 0 0 0 1 0 1 1
Index 7 4 3 5 2 8 6 10 1 9
Key?
LS-2 ?? ? ? Key ?
10
5.P8
  • ????? ?? 2??? ?? ???? 2?? 5??? ??? ?? 10??? ???
    Index? ??? ? 8???? ??? ??? ?? ??? ????.

Key 1 0 1 0 0 0 1 0 0 1 1
Index 1 2 3 4 5 6 7 8 8 9 10
Key 0 1 1 0 0 0 1 1 1
Index 6 3 7 4 8 5 10 10 9
Key?
P8 ?? ? ? Key ?
Key2? ?? 0 1 1 0 0 0 1 1
11
Part2.?? ? ???
Simplified DES Scheme Encryption Detail
12
1. IP
  • ??? ?? 8??? ??(??) ??? ?? Index?? ?? ???.
  • IP?? ? ??? ??? ???? 4??? ? ??(0111 0100)??
  • ?? ? ??? 4?? (0100) ? ??? Fk ?? ??? ????.

?? 1 0 1 0 0 1 0 1
Index 1 2 3 4 5 6 7 8
? 0 1 1 1 0 1 0 0
Index 2 6 3 1 4 8 5 7
13
2.E/P (expansion/permutation)
  • ??? 4?? ?? 8??? ?? ??? ??? ????.

? 0 0 1 0 ??? 00101000
Index 4 1 2 3 ??? 00101000
? 1 0 0 0 ??? 00101000
Index 2 3 4 1 ??? 00101000
14
3.XOR??
  • ??? 8?? ?(00101000)? ???? Key1? ?? XOR?? ??.
  • ??? 8?? ?? ?? ???? 4 ??? 2??(1100 1101)?? ??? ??
    4??? S0-box? ?? 4??? S1-box? ??? ????.

? 0 0 1 0 1 0 0 0
Key1 1 1 1 0 0 1 0 1
??? 1 1 0 0 1 1 0 1
15
4.S-box ??
  • ? ???? ???? 4???? ?? ??? ??? ????? S??? ? ?? ???
    ?? 2?? ??? ???? ??? ???? ??? ?? ??? S??? ??? ???
    ?? 2?? ??? ????.

S-1
0 1 2 3
0 1 0 3 2
1 3 2 1 0
2 0 2 1 3
3 3 1 3 2
S-0
0 1 2 3
0 0 1 2 3
1 2 0 1 3
2 3 0 1 0
3 2 1 0 3
1100 ? ??? 01 ??
1101? ??? 00 ??
16
5.P4
  • S-BOX ??? ?? ???? 0100 ? ??? ?? ??? ??

? 0 1 0 0
Index 1 2 3 4
? 1 0 0 0
Index 2 4 3 1
17
6. XOR ??
  • P4? ?? ??? ? 1000? ? IP??? ??? ? ? ?? 4?? ?? XOR
    ?? ???.
  • ?? ??? ?(1111) ? ??? IP ???? ??4??? ???? ?
    (0100)? ??? ????? (0100 1111) ? 8??? ????? ?? ??
    ???? 4??? 2???? ??? ??? (1111)4??? ??? ???
    fk????? ????.

? 1 0 0 0
L 0 1 1 1
??? 1 1 1 1
18
7.E/P
  • ??? 4?? ?? 8??? ?? ??? ??? ????.

Value 1 1 1 1 ??? 11111111
Index 4 1 2 3 ??? 11111111
Value 1 1 1 1 ??? 11111111
Index 2 3 4 1 ??? 11111111
19
8. XOR??
  • ??? 8?? ?(11111111)? ???? Key2? ?? XOR ?? ??.
  • ??? 8?? ?? ?? ???? 4 ??? 2??(1001 1100)?? ???
    ?? 4??? S1-box? ?? 4??? S2-box? ??? ????.

? 1 1 1 1 1 1 1 1
Key2 0 1 1 0 0 0 1 1
??? 1 0 0 1 1 1 0 0
20
9.S-box ??
  • ? ???? ???? 4???? ?? ??? ??? ????? S??? ? ?? ???
    ?? 2?? ??? ???? ??? ???? ??? ?? ??? S??? ??? ???
    ?? 2?? ??? ????.

0 1 2 3
0 1 0 3 2
1 3 2 1 0
2 0 2 1 3
3 3 1 3 2
S-1
S-2
0 1 2 3
0 0 1 2 3
1 2 0 1 3
2 3 0 1 0
3 2 1 0 3
1001 ? ??? 11 ??
1100? ??? 01 ??
21
10.P4
  • S-BOX ??? ?? ???? 1101? ??? ?? ??? ??

? 1 1 0 1
Index 1 2 3 4
? 1 1 0 1
Index 2 4 3 1
22
11. XOR ??
  • P4? ?? ??? ? 1110? ?? IP?? ? ??? ?? ??? 4?? ??
    XOR ?? ???.

? 1 1 0 1
R 0 1 0 0
??? 1 0 0 1
23
12.IP-1
(Inverse IP)
  • ? ???? ??? 4?? (1001)? ??? fk? ??? XOR? ??
    4??(1111)? ???? ??? ??? ??? ? ??? ??? ?? ?? ??
    ??? S-DES??? ?? ??.

?? 1 0 0 1 1 1 1 1
Index 1 2 3 4 5 6 7 8
IP-1 1 1 0 1 1 0 1 1
Index 4 1 3 5 7 2 8 6
??? 11011011 (8bit ciphertext)
24
Part3.???
8-bit ciphertext
  • ?? ?? ??? ???? ??? ??? ??? ?? ??? ???? ????? ?? ??

8-bit plaintext
25
1. IP
  • ??? ??? 8??? IP-1 ??? ?? IP?? ?? Index?? ??
    ???.

??? 1 1 0 1 1 0 1 1
Index 1 2 3 4 5 6 7 8
? 1 0 0 1 1 1 1 1
Index 2 6 3 1 4 8 5 7
IP?? ? ??? ??? ???? 4??? ? ??(1001 1111)?? ??
? ??? 4?? (1111) ? ??? fk ?? ??? ????.
26
2.E/P (expansion/permutation)
  • ??? 4?? ?? 8??? ?? ??? ??? ????.

? 1 1 1 1 ??? 11111111
Index 4 1 2 3 ??? 11111111
? 1 1 1 1 ??? 11111111
Index 2 3 4 1 ??? 11111111
27
3.XOR??
  • ??? 8?? ?(01010101)? ???? Key2? ?? XOR?? ??.
  • ??? 8?? ?? ?? ???? 4 ??? 2??(1001 1100)?? ??? ??
    4??? S0-box? ?? 4??? S1-box? ??? ????.

? 1 1 1 1 1 1 1 1
Key2 0 1 1 0 0 0 1 1
??? 1 0 0 1 1 1 0 0
28
4.S-box ??
  • ? ???? ???? 4???? ?? ??? ??? ????? S??? ? ?? ???
    ?? 2?? ??? ???? ??? ???? ??? ?? ??? S??? ??? ???
    ?? 2?? ??? ????.

S-1
0 1 2 3
0 1 0 3 2
1 3 2 1 0
2 0 2 1 3
3 3 1 3 2
S-0
0 1 2 3
0 0 1 2 3
1 2 0 1 3
2 3 0 1 0
3 2 1 0 3
1100? ??? 01 ??
1001 ? ??? 11 ??
29
5.P4
  • S-BOX ??? ?? ???? 1101 ? ??? ?? ??? ??

? 1 1 0 1
Index 1 2 3 4
? 1 1 0 1
Index 2 4 3 1
30
6. XOR ??
  • P4? ?? ??? ? 1101? ??? ???? IP???? ??? ? ? ?? 4??
    ?? XOR ?? ???.

? 1 1 0 1
L 1 0 0 1
??? 0 1 0 0
31
7.E/P
  • ??? 4?? ?? 8??? ?? ??? ??? ????.

Value 0 0 1 0 ??? 00101000
Index 4 1 2 3 ??? 00101000
Value 1 0 0 0 ??? 00101000
Index 2 3 4 1 ??? 00101000
32
8. XOR??
  • ??? 8?? ?(00101000)? ???? Key1? ?? XOR ?? ??.
  • ??? 8?? ?? ?? ???? 4 ??? 2??(1100 1101)?? ???
    ?? 4??? S1-box? ?? 4??? S2-box? ??? ????.

? 0 0 1 0 1 0 0 0
Key1 1 1 1 0 0 1 0 1
??? 1 1 0 0 1 1 0 1
33
9.S-box ??
  • ? ???? ???? 4???? ?? ??? ??? ????? S??? ? ?? ???
    ?? 2?? ??? ???? ??? ???? ??? ?? ??? S??? ??? ???
    ?? 2?? ??? ????.

0 1 2 3
0 1 0 3 2
1 3 2 1 0
2 0 2 1 3
3 3 1 3 2
S-1
S-2
0 1 2 3
0 0 1 2 3
1 2 0 1 3
2 3 0 1 0
3 2 1 0 3
1101? ??? 00 ??
1100 ? ??? 01 ??
34
10.P4
  • S-BOX ??? ?? ???? 0001? ??? ?? ??? ??

? 0 1 0 0
Index 1 2 3 4
? 1 0 0 0
Index 2 4 3 1
35
11. XOR ??
  • P4? ?? ??? ? 0001? ? IP?? ? ??? ? ? ??? 4?? ??
    XOR ?? ???.

? 1 0 0 0
R 1 1 1 1
??? 0 1 1 1
36
12.IP-1
(Inverse IP)
  • ? ???? ??? 4?? (0111)? ??? fk? ??? XOR? ??
    4??(0100)? ???? ??? ??? ??? ? ??? ??? ?? ?? ??
    ??? S-DES???? ??.

Input 0 1 1 1 0 1 0 0
Index 1 2 3 4 5 6 7 8
IP-1 1 0 1 0 0 1 0 1
Index 4 1 3 5 7 2 8 6
?? 10100101 (8bit plaintext)
37
Feistel Cipher Structure
  • Virtually all conventional block encryption
    algorithms, including DES have a structure first
    described by Horst Feistel of IBM in 1973
  • The realization of a Fesitel Network depends on
    the choice of the following parameters and design
    features (see next slide)

38
Feistel Cipher Structure
  • Block size larger block sizes mean greater
    security
  • Key Size larger key size means greater security
  • Number of rounds multiple rounds offer
    increasing security
  • Subkey generation algorithm greater complexity
    will lead to greater difficulty of cryptanalysis.
  • Fast software encryption/decryption the speed of
    execution of the algorithm becomes a concern

39
Classical Feistel Network
40
(No Transcript)
41
(No Transcript)
42
Conventional Encryption Algorithms
  • Data Encryption Standard (DES)
  • The most widely used encryption scheme
  • The algorithm is reffered to the Data Encryption
    Algorithm (DEA)
  • DES is a block cipher
  • The plaintext is processed in 64-bit blocks
  • The key is 56-bits in length

43
General Depiction of DES Encryption Algorithm
64bits 56bits key parity bits or simply set
arbitrary
44
(No Transcript)
45
DES
  • The overall processing at each iteration
  • Li Ri-1
  • Ri Li-1 F(Ri-1, Ki)
  • Concerns about
  • The algorithm and the key length (56-bits)

46
Time to break a code (106 decryptions/µs)
47
Triple DEA
  • Use three keys and three executions of the DES
    algorithm (encrypt-decrypt-encrypt)
  • C ciphertext
  • P Plaintext
  • EKX encryption of X using key K
  • DKY decryption of Y using key K
  • Effective key length of 168 bits

C EK3DK2EK1P
48
Triple DEA
49
Other Symmetric Block Ciphers
  • International Data Encryption Algorithm (IDEA)
  • 128-bit key
  • Used in PGP(Pretty Good in Privacy)
  • Blowfish
  • Easy to implement
  • High execution speed
  • Run in less than 5K of memory

50
Other Symmetric Block Ciphers
  • RC5
  • Suitable for hardware and software
  • Fast, simple
  • Adaptable to processors of different word lengths
  • Variable number of rounds
  • Variable-length key
  • Low memory requirement
  • High security
  • Data-dependent rotations
  • Cast-128
  • Key size from 40 to 128 bits
  • The round function differs from round to round

51
Cipher Block Modes of Operation
  • Cipher Block Chaining Mode (CBC)
  • The input to the encryption algorithm is the XOR
    of the current plaintext block and the preceding
    ciphertext block.
  • Repeating pattern of 64-bits are not exposed
  • For first block, need initialization vector, IV
  • IV must be known to sender and receiver (often
    all 0s)

52
(No Transcript)
53
Cipher Feedback (CFB) Mode
  • Allows use of DES as a stream cipher (appropriate
    when data inherently arrives in bits/bytes)
  • Start with IV
  • Encrypt
  • XOR (MSB) j bits of output with j bit plaintext
  • Result is ciphertext
  • Shift IV by j bits, insert ciphertext

J-bit CFM Mode (Encryption)
54
Location of Encryption Device
  • Link encryption
  • A lot of encryption devices
  • High level of security
  • Decrypt each packet at every switch
  • End-to-end encryption
  • The source encrypt and the receiver decrypts
  • Payload encrypted
  • Header in the clear
  • High Security Both link and end-to-end
    encryption are needed (see Figure 2.9)

55
(No Transcript)
56
Key Distribution
  • A key could be selected by A and physically
    delivered to B.
  • A third party could select the key and physically
    deliver it to A and B.
  • If A and B have previously used a key, one party
    could transmit the new key to the other,
    encrypted using the old key.
  • If A and B each have an encrypted connection to a
    third party C, C could deliver a key on the
    encrypted links to A and B.

57
Key Distribution (See Figure 2.10)
  • Session key
  • Data encrypted with a one-time session key. At
    the conclusion of the session the key is
    destroyed
  • Permanent key
  • Used between entities for the purpose of
    distributing session keys

58
(No Transcript)
59
Summary
  • Conventional Description Algorithms
  • Requirements of DES
  • Key generation for simplified DES
  • Simplified DES Scheme Encryption Detail
  • Location of Encryption Device
  • Key distribution by KDC
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Chap 2-2 Conventional Encryption Message Confidentiality (Symmetric, Block)" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!