1 / 10

Introduction to Information Security Lect. 6 : Block Ciphers

Introduction to Information Security Lect. 6 : Block Ciphers. M . Cryptanalyst Adversary. K . E. D. Insecure Channel. Plaintext M. Ciphertext C. Plaintext M. Secure Channel. Key K. Shared Secret Key. Shared Secret Key. D K (C) = M. C = E K (M).

trevet
Download Presentation

Introduction to Information Security Lect. 6 : Block Ciphers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Information Security Lect. 6: Block Ciphers

  2. M Cryptanalyst Adversary K E D Insecure Channel Plaintext M Ciphertext C Plaintext M Secure Channel Key K Shared Secret Key Shared Secret Key DK(C) = M C = EK(M) Model of Symmetric Cryptosystem

  3. Block Cipher – A Simplified View Input Message (Ciphertext) Input Message (Plaintext) User Key D E D E Encryption Function Decryption Function Decryption Key Schedule Encryption Key Schedule Encryption Round keys Decryption Round keys Output Message (Plaintext) Output Message (Ciphertext)

  4. Most Popular Symmetric Ciphers 2020 2030 1990 2010 2000 1980 1999 1997 DES 3DES American standards AES contest 56 bit key AES 128, 192, 256 bit key 2001 Serpent RC6 Twofish Mars IDEA RC5 Blowfish CAST Other popular algorithms

  5. 1. Feistel Network

  6. Feistel-type Ciphers • Feistel network • An elegant variant of S-P networks that could be implemented using a single algorithm for both encryption and decryption • F( ) does not need to be invertible Horst Feistel is best known for his work on the Feistel network construction – a common method for constructing encryption algorithms. In 1977, he was recognized at the IBM Corporate Technical Recognition Event (CTRE) for "devising a scheme encrypting binary data which is especially significant to IBM products and is the basis for the recently announced Federal Information Processing Standard adopted by the U.S. Commerce Department." His work at IBM led to the development of the pioneering Lucifer and Data Encryption Standards (DES) ciphers, and as a result of his efforts, IBM announced the 3845 and 3846 data encryption devices and the IBM cryptographic subsystem. Feistel earned a bachelor's and a master's degree in physics from MIT and Harvard, respectively. Before joining IBM, he worked with the U.S. Air Force Cambridge Research Center (AFCRC), MIT's Lincoln Laboratory and the Mitre Corporation. Horst Feistel

  7. Block Cipher Architecture : Feistel-type (Encryption) Plaintext R0 L0 K1 Å F round 1 L1 R1 K2 Å F round 2 Lr-1 Rr-1 Kr Å F round r Rr Lr Ciphertext

  8. Block Cipher Architecture : Feistel-type (Decryption) Ciphertext Lr Rr Kr Å F Rr-1 Lr-1 Kr-1 Å F R1 L1 K1 Å F L0 R0 Plaintext

  9. Feistel-type Cipher P = L0 || R0 C = Rr || Lr L1 = R0 Rr-1 = Lr R1 = L0  F(K1, R0) Lr-1 = Rr F(Kr, Rr-1) Li = Ri-1 Ri-1 = Li Ri= Li-1  F(Ki, Ri-1) Li-1 = Ri F(Ki, Ri-1) Lr= Rr-1 R0 = L1 Rr= Lr-1  F(Kr, Rr-1) L0 = R1  F(K1, R0) C = Rr || Lr P = L0 || R0 P = L0 || R0 C = Rr || Lr for i=1 to r for i=r-1 to 0 Li = Ri-1 Ri = Li+1 Ri = Li-1  F(Ki, Ri-1) Li = Ri+1 F(Ki+1, Ri) C = Rr || Lr P = L0 || R0

  10. Design of Feistel-type Ciphers • Design of F-function • The only non-linear part in the Feistel-type cipher • Need not be invertible • Typically uses S-boxes (Substitution boxes) for non-linearity • May also contain mixing (permutation) part of the S-box outputs • Determines the ultimate security • Design of Key scheduling algorithm • Algorithm for deriving as many round keys as necessary from a fixed user key • On-the-fly vs. off-line calculation • Number of rounds • Depends on the strength of round function (F-function) • A safety margin should be considered for long-term security • Determined through the analysis of the whole algorithm against most powerful known cryptanalysis techniques

More Related