Академический Документы
Профессиональный Документы
Культура Документы
Encryption
Takes an 8-bit block of plaintext and a 10-bit key
as input and produces an 8-bit of cipher.
Decryption
Takes an 8-bit block of cipher and the same 10-bit
key as input and produces an 8-bit of original
plaintext.
Both substitution and transposition operations are
used
It is a complex, multi-phase algorithm
fk (different key)
IP-1: Inverse permutation
Key Generation
Key Generation
10-Bit Key: Make up by sender
1
4 10 1
5 10 9
1
1
3
1
0
6
1
2
0
5
0
0
3
0
3
1
2
0
0
7
1
4
0
7
0
0
4
0
5 6 7
0 0 0
4 10 1
0 0 1
1 1 1
8 5 10
0 1 0
LS-2
P8
K2
0
6
0
0
3
1
1
7
0
0
4
0
0
8
0
8
0
9
1
0
9
0
0 0 0
5 10 9
0 1 1
9 10
1 0
8 6
0 0
0 0
Encryption
8-Bit Plaintext: Make up by sender
1
Encryption
E/P: Expansion/Permutation Rule (constant)
S0 Box (constant)
S1 Box (constant)
1
3
0
3
0
2
3
2
0
2
2
1
3
1
1
3
2
0
3
2
1
0
0
1
2
1
1
0
3
3
0
3
Example of Encryption
X:8-bit Plaintext
IP8: Initial permutation vector
Permutation of X
Splitting into L0,R0
E/P 8: Expansion permutation of R0
EP(0): Expanded R0
K1: Key 1
EP(R0) xor K1
1
2
1
1
4
1
1
0
1
6
0
0
1
1
0
1
1
3
1
1
2
1
1
0
1
1
1
1
3
0
0
0
0
4
1
1
2
1
0
1
0
8
1
1
3
0
1
1
1
5
0
0
4
1
0
1
1
7
1
1
1
1
0
1
Example of Encryption
EP(R0) xor K1
Re-arrange in 2X4 matrix
1
0
1
1
1
1
1
0
1
1
0
1
0
2
2
1
3
1
1
3
2
0
3
2
0
2
3
2
1
2
1
1
0
0
1
1
4
1
2
1
1
0
1
3
1
3
3
0
3
1
1
1
Example of Encryption
F(R0,SK1)
L0
L0 xor F(R0,SK1)
f1,R0
Switch: L1,R1
1
1
0
0
1
1
0
1
1
1
1
1
0
0
0
1
1
0
0
1
1
0
1
1
0
0
1
0
Fk again
L1,R1
E/P 8: Expanded permutation
Expanded permutation of R1
K2: Key 2
E/P(R1) xor K2
1
4
0
0
0
1
1
0
1
1
0
2
1
0
1
1
3
0
0
0
0
2
1
0
1
1
3
0
0
0
0
4
0
1
1
0
1
0
1
1
Fk again
Re-arrange in 2X4 matrix
S0 and S1 Box
Output of S boxes
P4
F(R1,SK2)
1
3
0
3
0
2
2
1
3
1
1
3
2
0
3
2
0
1
1
0
1
1
0
1
0
2
3
2
1
0
0
1
2
1
1
0
3
3
0
3
1
2
0
0
4
1
0
3
0
1
1
1
Fk again
F(R1,SK2)
L1
L1 xor F(R1,SK2)
f2,R1 ->L2, R2
IP-1
Ciphertext
0
1
1
1
4
0
1
1
0
0
1
1
0
0
0
0
3
0
1
1
0
0
5
0
0
7
0
1
2
0
0
8
0
0
6
1
DES
IP-1 o fk16 o SW o fk15 o SW..... o SW o fk1 o IP
DES
56-bit key is used
From which 16 48-bit keys are calculated
DES
Each block is 64 bits
Each half is 32 bits
DES
32-bit right half is expanded to 48 bits
After xor with the key, it is arranged into 8X6
matrix
DES
Use 1st and 6th bit for row, 2nd thru 6th bit for column
There are 8 S Boxes, each is 4 X 16
Entries in S box are 0 - 15
18
22
25
35
38
43
54
Key Shifting
Schedule of left shift
DES: S Boxes.
S blocks takes in as input 6-bit arguments
and outputs four bits.
This is the substitution part of the cipher.
1
1
1
0
1
0
0
0
1
2
1
0
1
1
1
0
1
1
3
0
0
1
1
0
0
1
0
4
0
1
1
1
0
1
0
1
5
1
1
1
0
0
0
0
0
6 Row Column
0
2
9
1
3
3
0
0
15
1
3
14
0
0
8
1
1
2
0
0
12
1
3
10
1
1
0
1
0
1
0
0
1
2
1
0
0
0
0
1
1
0
3
0
0
0
1
0
0
0
0
4
0
1
0
0
0
0
1
1
DES Permutation 32
After substitution, the function output is now
32 bits and it goes through a fixed
permutation.
0
0
1
0
1
0
0
0
0
1
0
0
0
0
0
0
0
1
1
0
0
1
0
0
Cipher Text
Repeat for another 15 rounds
Apply permutation IP-1 at the end of 16th
round.
Use the same algorithm for decryption,
except the sub keys are used in reversed
order. (k16 for round 1, key15 for round 2,
etc....)
DES Reviewed
An initial permutation is applied to
the plain text. The result is split
into two halves (L0,R0). We apply a
function and call it a round:
L1=R0, R1=L0f(R0,K0)
From the initial key K we derive
subkeys: Ki (basically shifts of the
initial key).
DES: Comments
The security of the system depends on the number of
rounds. For example, if the number of rounds is 8
then DES can be broken quite easily by differential
cryptanalysis.
56 bit keys have become easier to break by
exhaustive search. That is if you have one single
copy of a plaintext and the corresponding cipher
state, then one can try all possible keys before a
match occurs.
Modified DES (e.g., triple DES) protocols are used.
DES will be replaced Advanced Encryption System
(AES).
AES
As DES is getting very old, NIST began a public
process to choose a new cipher to be called AES
(Advanced Encryption Standard).
AES algorithms should have 3 key sizes: 128, 192,
256 bits, and operate on block sizes of 128 bits.
The algorithm would be selected by choosing the
fastest cipher,
Additional considerations are memory
requirements, suitability to smart cards, etc
In 1999, the finalist were announced....
Security of Rijndael
Rijndael is a new cipher, so there are
limited results, but so far the news is good.
The use of matrix multiplication is unique
and untested by time. Some controversy
has been raised about this.
Rijndael had the lowest memory
requirements and the fastest encryption of
all the five finalists.