Homework Title/No.

: 2 Course Code :_____CSE 403

Course Instructor : ___Mr. Manoj Kumar__
Course Tutor(if applicable) :_____Nil___________________
Date of Allotment :________20/2/2011_______________
Date of submission : _______2/2/2011__________________
Student’s Roll No. :____A56____ Section No. :_C27T1__
Declaration :
I declare that this assignment is my individual work. I have not copied from any other student’s
work or from any other source except where due acknowledgement is made explicitly in the
text,nor has any part been written for me by another person.
Student’s Signature :_Harjeet singh_
Evaluator’s comments :
___________________________________________________________________________
Marks obtained :______________________ out of _________________________
Content of Homework should start from this page only:

PART-A
Q1. Write the design principle of Block cipher.
Ans: Block Ciphers:
Basically a particular block cipher just like a Hill cipher treats a n letter block of plain text and
produce the cipher text block of same length. A block cipher encryption algorithm might take
(for example) a 128-bit block of plaintext as input, and output a corresponding 128-bit block of
ciphertext. The exact transformation is controlled using a second input — the secret key.
Decryption is similar: the decryption algorithm takes, in this example, a 128-bit block of
ciphertext together with the secret key, and yields the original 128-bit block of plaintext.
Any block cipher can be operated in one of several modes. These are as follows:
Electronic Codebook (ECB) Mode:

ECB is the simplest mode of operation for a block cipher. The input data is padded out to a
multiple of the block size, broken into a integer number of blocks, each of which is encrypted
independently using the key. In addition to simplicity, ECB has the advantage of allowing any
block to be decrypted independently of the others. Thus, lost data blocks do not affect the
decryption of other blocks. The disadvantage of ECB is that it aids known-plaintext attacks. If
the same block of plaintext is encrypted twice with ECB, the two resulting blocks of ciphertext
will be the same.

Cipher Block Chaining (CBC) Mode

CBC is the most commonly used mode of operation for a block cipher. Prior to encryption, each
block of plaintext is XOR-ed with the prior block of ciphertext.

After decryption, the output of the cipher must then be XOR-ed with the previous ciphertext to
recover the original plaintext. The first block of plaintext is XOR-ed with an initialization vector
(IV), which is usually a block of random bits transmitted in the clear. CBC is more secure than
ECB because it effectively scrambles the plaintext prior to each encryption step. Since the
ciphertext is constantly changing, two identical blocks of plaintext will encrypt to two different
blocks of ciphertext.
CBC can be used to convert a block cipher into a hash algorithm. To do this, CBC is run
repeatedly on the input data, and all the ciphertext is discarded except for the last block, which
will depend on all the data blocks in the message. This last block becomes the output of the hash
function.
The Block Cipher Principle: Block Cipher Principles
As block cipher have different modes of operation (we will discuss this topic later in this lecture)
and
applies to a broader range of applications than stream cipher, we will focus on its design
principles in
this lecture.
A block cipher transform a plaintext block of n letters into an encrypted block. For the alphabet
with
26 letters, there are 26n possible different plaintext blocks. The most general way of encrypting a
n-letter
block is to take each of the plaintext blocks and map it to a cipher block (arbitrary n-letter
substitution
cipher). For decryption to be possible, such mapping needs to be one-to-one (i.e., each plaintext
block
must be mapped to a unique ciphertext block). The number of different one-to-one mappings
among
n-letter blocks is (26n)!.
The length of block n can not be too short in order to secure the cryptographic scheme. For
example, n
= 1 gives a monoalphabetic cipher. Such schemes, as we have seen, are vulnerable to frequency
analysis
and brute-force attacks. However, an arbitrary reversible substitution cipher for a large block size
n is not
practical. Let’s consider the problem of specifying a mapping of all possible n-letter blocks. In a
cipher,
each key specifies such a mapping. Let’s assume the key consists of a block of k letters. Then the
number
of all possible keys is 26k. Then for a n-letter arbitrary substitution block cipher, the key size
needs to
satisfy 26k § (26n)!, i.e., k § n × 26n!.
Q2. What is the purpose of S-boxes in DES?
Ans: - Advanced Encryption Standard (AES) block cipher system is widely used in
cryptographic applications. A nonlinear substitution operation is the main factor of
the AES cipher system strength. The purpose of the proposed approach is to
generate the random S-boxes changing for every change of the secret key. The fact
that the S-boxes are randomly key-dependent and unknown is the main strength of
the new approach, since both linear and differential cryptanalysis requires known S-
boxes.

The AES algorithm is based on permutations and substitutions. Permutations are

rearrangements of data, and substitutions replace one unit of data with another.
AES performs permutations and substitutions using several different techniques. To
illustrate these techniques, let's walk through a concrete example of AES encryption
using the data shown below.

The following is the 128-bit value that you will encrypt with the indexes array:

00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

The 192-bit key value is:

00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16

17 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 .

Q3. Explain briefly AES.

Ans: To be a successful replacement to DES, the AES algorithm design would need to satisfy a
number of criteria: strong security, simple design, good performance, and so on.
Security obviously holds the top priority for the AES algorithm. With security in mind, the
algorithm must account for future resiliency -- the algorithm's designed-in ability to withstand
future attacks.
Moreover, the algorithm design, contrary to conventional wisdom, should be simple so that it can
be successfully cryptanalyzed.
Next on the AES criteria list: good performance. Widespread market adoption will require
reasonably good performance on a variety of platforms, ranging from easy-to-crack smart cards
to the largest servers. Good algorithm performance includes speed for the encryption and
decryption process as well as the key schedule.
It is specified that proposed algorithms must implement a symmetric block cipher, with a block
size of 128 bits, and keys sizes of 128, 192 and 256 bits (at least). They want an algorithm whose
security is at least as good as Triple-DES, but with significantly improved efficiency.
Part B:
Q4. How strength of DES can be calculated?
Ans: In the late 1990s, specialized “DES Cracker” machines were built that could recover a DES
key after a few hours. In other words, by trying possible key values, the hardware could
determine which key was used to encrypt a message.
Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255
keys per second), then it would take that machine approximately 149 thousand-billion (149
trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to
be less than 20 billion years old. DES keys are 56 bits long.

Q5. Give an overview of working principle of triple DES.

Ans: Triple DES (3DES) was developed as an improvement to DES.
3DES encrypts the message three times with three different keys.
Run DES three times:
ECB mode:
If K2 = K3, this is DES
Backwards compatibility
Known not to be just DES with K4 (1992)
Has 112 bits of security, not 3 56 = 168
Triple DES uses a "key bundle" which comprises three DES keys, K1, K2 and K3, each of 56
bits (excluding parity bits). The encryption algorithm is:
ciphertext = EK3(DK2(EK1(plaintext)))
I.e., DES encrypt with K1, DES decrypt with K2, then DES encrypt with K3.
Decryption is the reverse:
plaintext = DK1(EK2(DK3(ciphertext)))
I.e., decrypt with K3, encrypt with K2, then decrypt with K1.
Each triple encryption encrypts one block of 64 bits of data.
In each case the middle operation is the reverse of the first and last. This improves the strength of
the algorithm when using keying option 2, and provides backward compatibility with DES with
keying option 3
Q6. What is multiple Encryption and where it is used?
Ans: The technique of Multiple encryption which is also known as cascade encryption, cascade
ciphering, multiple ciphering is the process of encrypting an already encrypted message one or
more times, either using the same or a different algorithm.
Intuitively, we might expect that by encrypting a message twice with some block cipher, either
with the same key or by using two different keys, then we would expect the resultant encryption
to be stronger in all but some exceptional circumstances. And by using three encryptions, we
would expect to achieve a yet greater level of security. While there are some more complicated
issues to consider (see Question 61), this is pretty much the case, and triple-DES has been used
for a considerable time as a more secure cipher for protecting the keys used with single-DES.
However, there are some surprising results when we consider exactly how much additional
protection is provided by using double and triple encryption.

For instance, the use of double encryption does not provide the expected increase in security
[MH81] when compared with the increased implementation requirements, and it cannot be
recommended as a good alternative. Instead, triple-encryption is the point at which multiple
encryption gives substantial improvements in security.
The reson why it is used: For more information security and to prevent Brute Force attacks you
can encrypt the same text or file multiple times. Set how many time you want to encrypt you
data.
Multiple encryption provides good protection from plaintext attacks making ciphering stronger.
A good example of multiple encryption is Triple DES.