22-06-2012, 03:43 PM
Symmetric Encryption Algorithms
Symmetric Encryption Algorithms.ppt (Size: 415.5 KB / Downloads: 128)
Modern Block Ciphers
Block ciphers are among the most widely used types of cryptographic algorithms
provide secrecy and/or authentication services
in particular will introduce DES (Data Encryption Standard)
Block Cipher Principles
most symmetric block ciphers are based on a Feistel Cipher Structure
needed since must be able to decrypt ciphertext to recover messages efficiently
block ciphers look like an extremely large substitution
would need table of 264 entries for a 64-bit block
instead create from smaller building blocks
using idea of a product cipher
Claude Shannon and Substitution-Permutation Ciphers
in 1949 Claude Shannon introduced idea of substitution-permutation (S-P) networks
modern substitution-transposition product cipher
these form the basis of modern block ciphers
S-P networks are based on the two primitive cryptographic operations we have seen before:
substitution (S-box)
permutation (P-box)
provide confusion and diffusion of message
Confusion and Diffusion
cipher needs to completely obscure statistical properties of original message
a one-time pad does this
more practically Shannon suggested combining elements to obtain:
diffusion – dissipates statistical structure of plaintext over bulk of ciphertext
confusion – makes relationship between ciphertext and key as complex as possible
Feistel Cipher Structure
Horst Feistel devised the feistel cipher
based on concept of invertible product cipher
partitions input block into two halves
process through multiple rounds which
perform a substitution on left data half
based on round function of right half & subkey
then have permutation swapping halves
implements Shannon’s substitution-permutation network concept
Data Encryption Standard (DES)
most widely used block cipher in world
adopted in 1977 by NBS (now NIST)
as FIPS PUB 46
encrypts 64-bit data using 56-bit key
has widespread use
has been considerable controversy over its security
DES Decryption
decrypt must unwind steps of data computation
with Feistel design, do encryption steps again
using subkeys in reverse order (SK16 … SK1)
note that IP undoes final FP step of encryption
1st round with SK16 undoes 16th encrypt round
….
16th round with SK1 undoes 1st encrypt round
then final FP undoes initial encryption IP
thus recovering original data value