SlideShare a Scribd company logo

Modern Block Cipher- Modern Symmetric-Key Cipher

Download as PPTX, PDF
Mahbubur Rahman
Mahbubur Rahman

Introduction to Modern Symmetric-Key Ciphers- This lecture will cover only "Modern Block Cipher". Slide Credit: Maleka Khatun & Mahbubur Rahman Dept. of CSE, JnU, BD.

Engineering
1 of 40
Maleka Khatun B150305031 Mahbubur Rahman B150305042 Chapter-5 Introduction to Modern Symmetric-Key Cipher (Modern Block Cipher) Presented By
MODERN BLOCK CIPHERS A symmetric-key modern block cipher encrypts an n-bit block of plaintext or decrypts an n-bit block of cipher text. The encryption or decryption algorithm uses a k-bit key. Fig 5.1 A modern block cipher 2 Note: If the message is fewer than n bits, padding must be Added to make it an n-bit block; if more than n bits then it Should be divided into n-bit blocks and the appropriate padding Must be added. The common values for n are 64, 128, 256, or 512
Continue… Example 5.1: How many padding bits must be added to a message of 100 characters if 8-bit ASCII is used for encoding and the block cipher accepts blocks of 64 bits? Answer: Encoding 100 characters using 8-bit ASCII results in an 800-bit message. The plaintext must be divisible by 64. If | M | and |Pad| are the length of the message and the length of the padding, 3
substitution or Transposition A modern block cipher can be designed to act as a substitution cipher or a transposition cipher If the cipher is designed as substitution cipher, a 1-bit or a 0-bit can be replaced by either a 0 or a 1 bit. This means that the plain text and the cipher text can have different number of 1’s. If the cipher is designed as transposition cipher, the bits are only reordered (transposed), there is same number of 1’s in the plaintext or ciphertext. N-bit possible plaintext or cipher text is 2n because each of the block can have one of the two values 0 or 1 To be resistant to exhaustive-search attack, a modern block cipher needs to be designed as a substitution cipher. Example 5.2: Suppose that we have a block cipher where n = 64. If there are 10 1’s in the cipher text, how many trial-and-error tests does Eve need to do to recover the plaintext from the intercepted cipher text in each of the following cases? a. The cipher is designed as a substitution cipher. b. The cipher is designed as a transposition cipher. 4
Continue… Answer: a. In the first case, Eve has no idea how many 1’s are in the plaintext. Eve needs to try all possible 264 64- bit blocks to find one that makes sense. If eve could try 1 billion blocks per second, it will take hundreds of years, on average, before she could be successful. b. In the second case, Eve knows that there are exactly 10 1’s in the plaintext because transposition does not change the number of 1’s or 0’s in the cipher text. Eve can launch an exhaustive-search attack using only those 64-bit blocks that have exactly 10 1’s. there are only (64!)/[(10!)(54!)]= 151, 473, 214, 816 out of 264 64 bit words. Eve can test all of them in less than 3 minutes if she could do 1 billion tests per second. 5
Block Ciphers as Permutation Groups Full-Size Key Transposition Block Ciphers In a full-size key transposition cipher We need to have n! possible keys, so the key should have log2 n! bits. Example 5.3: Answer: The set of permutation tables has 3! = 6 elements. Key should be log2 6! =3 bits long . key can select 23 = 8 mapping. we can use any 6 of them. Show the model and the set of permutation tables for a 3-bit block transposition cipher where the block size is 3 bits. Fig 5.2 a transposition block cipher modeled as permutation 6
Block Ciphers as Permutation Groups Full-Size Key Substitution Block Ciphers A full-size key substitution cipher does not transpose bits; it substitutes bits. We can model the substitution cipher as a permutation if we can decode the input and encode the output. Example 5.4: Answer: The three input plaintext can be an integer between 0 to 7.This can be decoded as 8 bit string with a single 1.For example 000 can be decode as 00000001.101 decode as 00100000.The number of elements of transposition cipher(8!=40,320). The key is also much longer, [log240,320] = 16 bits. Although a 16 bit key can define 65,536 different mappings, only 40,320 are used. Show the model and the set of permutation tables for a 3- bit block substitution cipher. 7
Block Ciphers as Permutation Groups Note: A full-size key n-bit transposition cipher or a substitution block cipher can be modeled as a permutation, but their key sizes are different:  Transposition: the key is [log2 n! ] bits long.  Substitution: the key is [log2 (2n)!] bits long.  Note: Actual ciphers can not use full size keys because the size of the key becomes so large, especially when using substitution block cipher. If the designer of DES(next chapter) which uses 64 bit block cipher, had used a full size key, the key would have been log2(264)! Long , so the key size for DES is only 56 bits, which is a very small fraction of the full size key, this means it only uses 256 mappings out of 22^70 possible mappings.  partial-key cipher is a group under the composition operation if it is a subgroup of the corresponding full-size key cipher. 8
Components of a Modern Block Cipher Modern block ciphers normally are keyed substitution ciphers in which the key allows only partial mappings from the possible inputs to the possible outputs. However modern block ciphers normally are not designed as a single unit. To provide the required properties of a modern block cipher, such as diffusion and confusion, as a modern block cipher is made of a combination of transposition units for diffusion (called D-box) or Substitution units (called S-box), and some other units. D(diffusion)-box: A D-box parallels the traditional cipher for characters. It transposes bits. It is referred to as permutation. That’s why it is also called P-box. The system of output of the D-boxes are predetermined. There are three types of D-boxes. 1.Straight D-boxes 2.Compression D-boxes 3.Expansion D-boxes 9
Continue… Straight D-boxes: A straight D-box with n inputs and n outputs according to permutation. There are n! possible mapping. Compression D-boxes : A compression D-box with n inputs and m outputs where m < n. Expansion D-boxes : An expansion D-box with n inputs and m outputs where m > n. Fig 5.4 types of D-boxes 10
Components of a Modern Block Cipher Example 5.5 Shows all 6 possible mappings of a 3 × 3 D-box. Answer: The possible mappings of a 3 × 3 D-box(3!=6 permutation) Example 5.6 Design an 8 × 8 permutation table for a straight D-box that moves the two middle bits (bits 4 and 5) in the input word to the two ends (bits 1 and 8) in the output words. Relative positions of other bits should not be changed. Answer: We need a straight P-box with the table [4 1 2 3 6 7 8 5]. The relative positions of input bits 1, 2, 3, 6, 7, and 8 have not been changed, but the first output takes the fourth input and the eighth output takes the fifth input. 11
invertibility Example 5.7: shows how to invert a permutation table represented as a one-dimensional table. Answer: Fig 5.6 Inverting a permutation table 12
Continue.. So, Compression and expansion D-boxes are not invertible. A straight D-box is invertible. That’s why it is used in both encryption and decryption algorithm. 13
S- Box S(substitution)box: An S-box is an m x n substitution unit, where m and n are not necessarily the same. The number of input and output are not necessarily same. Modern block ciphers use Key-less S- boxes where the mapping from the inputs to the outputs is predetermined. Example 5.10: The following table defines the input/output relationship for an S-box of size 3 × 2. The leftmost bit of the input defines the row; the two rightmost bits of the input define the column. The two output bits are values on the cross section of the selected row and column. Answer: Based on the table, an input of 010 yields the output 01. An input of 101 yields the output of 00. 14
invertibility Example 5.1 For example, if the input to the left box is 001, the output is 101. The input 101 in the right table creates the output 001, which shows that the two tables are inverses of each other. Answer: 15 An S-box may or may not be invertible, In an invertible S-box, the number of input bits should be same as the number of output bits
exclusive - or Exclusive-Or  An important component in most block ciphers is the exclusive-or operation. Properties: The five properties of exclusive-or operation in GF (2n ) field makes this operation a very interesting component for use in a block cipher.  Closure: This property guarantees that the result of exclusive- oring two n-bit words is another n-bit word.  Associativity: This property allows us to use more than one exclusive- or operation in any order. X (Y  Z) (XY) Z 16
Continue..  Commutativity: This property allows us to swap the inputs without affecting the output. X  Y  Y  X  Existence of identity: The identity element for the exclusive-or operation is an n-bit word that consists of all 0’s or (000…0). This implies that exclusive- oring of a word with the identity element does not change that word. X  (00…0) = X  Existence of inverse: In the GF (2n) field, each word is the additive inverse of itself. This implies that exclusive – oring of a word with itself yields the identity element. X  X = (00…0)  Complement: The complement operation is a unary operation (one input ant one output) that flips each bit in a word. A 0-bit is changed to a 1-bit; a 1- bit is changed to 0-bit. We are interested in the complement operation in relation to the exclusive-or operation. If X is the complement of X, then the following two relations hold: X  X = (11…1) X  (11…1) = X 17
Circular Shift Circular Shift Another component found in some modern block ciphers is the circular shift operation. Shifting can to the left or to the right. The circular left shift operation shifts each bit in an n bit word k positions to the left. The leftmost k bits are removed and Become the rightmost bits. Here, n=8, k=3 Circular shift an 8 bit word to left or right 18
Continue.. Swap The swap operation is a special case of the circular shift operation where k = n/2. This means swap operation is valid only if n is an Even number. Split and Combine Two other operations found in some block ciphers are split and combine. It split n bit word in the middle, create two equal length word. Fig 5.11Swap operation on an 8 bit word Fig 5.12 Split and combine on an 8 bit word 19
Product Cipher  Product cipher is a combination of substitution, permutation and other components. As a result, the resulting cipher will be more secure than individual components.  Claude Shannon introduced the concept of product cipher.  Claude Shannon gave emphasis on the security of the plaintext. Thus no attacker can attacks on it.  So, he added two new important properties : diffusion, confusion. Diffusion: Diffusion hides the relationship between plaintext and cipher text. The attacker who uses ciphertext approaches will be frustrated. Each symbol in the ciphertext will depend on some or all the elements of the plaintext. 20
Product Cipher continue… Confusion: Confusion hides the relationship between ciphertext and key. If a single bit in the key will be changed the most or all the bits in the ciphertext will be changed. So, it may be very difficult to identify the key by the attackers according to ciphertext. Diffusion and confusion can be achieved by iterated product cipher. Iterated product cipher is combination of S-box, D-box and other components. Each iteration considered as round.  Here the mapping of output according to input for both S-box, D-box has to be predetermined.  The product cipher used only the straight D-box. Because it is invertible. So, decryption can be done by it. 21
Continue…  Modern block cipher use a round key generator for each round. Round-Key generator: Round key generator creates different keys in each round. If a cipher key is normally given as 64 bit then the round key generator creates sixteen 48 bit keys out of 56 bit. Extra 8 bit is given with the input key(64 bit).this 8 bits are parity bit which are dropped before key generation by parity drop table. 22
Algorithm
Continue.. 57 49 41 33 25 17 09 01 58 50 42 34 26 18 10 02 59 51 43 35 27 19 11 03 60 52 44 36 63 55 47 39 31 23 15 07 62 54 46 38 30 22 14 06 61 53 45 37 29 21 13 05 28 20 12 04 Parity bit drop table(56 bit) 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 Input (64 bits) 24
Continue… 14 17 11 24 01 05 03 28 15 06 21 10 23 19 12 04 26 08 16 07 27 20 13 02 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 57 49 41 33 25 17 09 01 58 50 42 34 26 18 10 02 59 51 43 35 27 19 11 03 60 52 44 36 63 55 47 39 31 23 15 07 62 54 46 38 30 22 14 06 61 53 45 37 29 21 13 05 28 20 12 04 Result of parity bit drop table (56 bit) Compressed D-box(48 bit)18 59 42 03 57 25 41 36 10 17 27 50 11 43 34 33 52 01 02 09 44 35 26 49 30 06 47 62 45 12 55 38 14 38 31 37 06 29 46 04 22 28 53 22 21 07 63 39 Output of D-box 25
Product Cipher Three transformations are happened in every round of the product cipher. 1. The text is mixed with the key to whiten the text( hide the bits of plaintext using the key).It is normally done by the exclusive-or operation. 2. The output of the whitener are organized by S-box. The values of bits will changed by the structure of S-box transformation. 3. The output of the S-boxes passed through a straight D-box to transpose the bits. The predetermined D-box(straight) pos 1 2 3 4 5 6 7 8 In bit 1 2 3 4 5 6 7 8 Out bit 2 7 3 8 6 1 4 5 26
Now, we consider a simple product cipher with 2 rounds. The plaintext and key both are 8 bit. In an N round product cipher plaintext will encrypted N times, key will changed for N times and cipher text will decrypted N times. 5.27
Continue.. Classes of modern cipher: All modern block ciphers are product cipher. The product ciphers are divided into two classes. 1. Feistel Ciphers 2. Non Feistel cipher Feistel cipher use both invertible and noninvertible components. This block cipher is DES. Non Feistel cipher use only invertible components. This type of block cipher is AES. 28
Feistel Cipher A Feistel cipher combines all noninvertible components in an unit and uses the same unit in encryption and decryption algorithm. The encryption and decryption algorithm are inverse of each other (using the same unit of noninvertible components). First thought: In encryption, a noninvertible Function f(k),accepts the key as input. Then the output of the function is exclusive- ored with the plaintext. This combination is called Mixer. The output of this combination becomes ciphertext. It is sent to the receiver. Fig 5.15 The first thought in Feistel cipher design 29
Continue.. The input of decryption is same as the output of encryption algorithm. And the key function is also same. That’s mean C1=C2. Encryption : C1=P1  f(k) Decryption : P2 = C2  f(k) = C1  f(K) [C1=C2] = P1  f(k)  f(k) [X  X=0] = P1  0 = P1 the plaintext are same. So, encryption and decryption algorithm are inverse. 30
Continue… Example 5.12 This is a trivial example. The plaintext and cipher text are each 4 bits long and the key is 3 bits long. Assume that the function takes the first and third bits of the key, interprets these two bits as a decimal number, squares the number, and interprets the result as a 4- bit binary pattern. Show the results of encryption and decryption if the original plaintext is 0111 and the key is 101. Answer: The function extracts the first and second bits to get 11 in binary or 3 in decimal. The result of squaring is 9,which is 1001 in binary. 31
Improvement of Feistel cipher Some improvements are done on the first thought of Feistel cipher to secure the text.  In noninvertible function two inputs are considered. Function is to be a part of plaintext in encryption and ciphertext in decryption. And key can be the second input of the function. By doing this function can be a complex element. To achieve this goal, divide the plaintext into two equal length blocks as left and right. Left block is represented as L and right one is R. The inputs of the function must be same in both algorithm. 32
Continue.. • In encryption the right section of the plaintext and key(k) goes to function as input. The output of this function exclusive- ored with left section of plaintext. And produce the left section of the cipher text. • The right section same as the plaintext. • In decryption algorithm reverse approach is used. The right section of the received cipher text goes to the function. Figure 5.16 Improvement of the previous Feistel design 33
Continue… The input of decryption is same as the output of encryption algorithm. And the key function is also same. That’s mean R2=R3,L2=L3. Rules: Li = L(i-1)  f( R(i-1) , k) Encryption : L2= L1  f(R1,k) ; R1=R2 ; Decryption : L4 = L3  f( R3,k ) = L2  f( R2,K ) =L2  f( R1,K ) [R3=R2=R1] = L1  f( R1,K)  f( R1,K ) = L1  0 = L1 And R4=R3, As L4=L1 and R1=R2=R3=R4 the plaintext are correctly decrypted. 34
Final design of Feistel cipher But the improvement has one problem. The right half section of the plaintext never changes. So, it is very easy for the attacker to identify the left half section of the plain text. The design needs more improvement.  First increase the number of rounds.  Add a new element to each round: swapper. It allows to swap the left and right halves in each other. Consider a two rounds Feistel cipher number of keys are K1,K2.Keys are used in reverse order in encryption and decryption. Between two rounds a middle text is created. This middle text has to be same in encryption and decryption. 35
Continue… The mixer and swapper are inverse. 36
Continue… Here L3=L4,R3=R4,L3=R2,L4=R5. Check the equality of middle text. Rules: 1.Ri= L(i-1)  f( R(i-1) , kn ) 2.Li= K(i-1)  f( L(i-1) , kn ) Now, middle text in decryption L5 = R4  f(L4,K2) = R3  f(L3,K2) [R3=R4,L3=L4] = R3  f(R2,K2) [L3=R2] = L2  f(R2,K2)  f(R2,K2) = L2  0 =L2, R5=L4=L3=R2; So, the middle text are( L5=L2,R5=R2 )equal. 37
Continue… Check the equity of plaintext … Here, L5=L2 ,R5=R2; R6=L5, L4=R5, L3=L4, R3=R4 ,L3=R2, L2=R1; The plaintext in decryption L6 = R5  F(L5,K1) = R2  F(L2,K1) [R5=R2 ,L5=L2] = L1  F(R1,K1)  F(L2,K1) [Rules 1] = L1  F(R1,K1)  F(R1,K1) [L2=R1] = L1 0 = L1 And R6 = L5=L2=R1. The plaintext are same (L6=L1,R6=R1). 38
Non Feistel cipher  Non Feistel cipher only used invertible components. That means S-boxes, need to have equal number of input and output, Compression and expansion D boxes are not allowed. Only can use straight D-boxes.  In non Feistel cipher ,there is no need to divide the plaintext into two equal parts. 39
40

Recommended

Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 
Alpha-beta pruning (Artificial Intelligence)
Alpha-beta pruning (Artificial Intelligence)Alpha-beta pruning (Artificial Intelligence)
Alpha-beta pruning (Artificial Intelligence)Falak Chaudry
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash AlgorithmVishakha Agarwal
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 

Recommended

Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 
Alpha-beta pruning (Artificial Intelligence)
Alpha-beta pruning (Artificial Intelligence)Alpha-beta pruning (Artificial Intelligence)
Alpha-beta pruning (Artificial Intelligence)Falak Chaudry
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash AlgorithmVishakha Agarwal
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 
Message digest 5
Message digest 5Message digest 5
Message digest 5Tirthika Bandi
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Modern block cipher
Modern block cipherModern block cipher
Modern block cipherUdit Mishra
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Product Cipher
Product CipherProduct Cipher
Product CipherSHUBHA CHATURVEDI
 
Huffman coding
Huffman coding Huffman coding
Huffman coding Nazmul Hyder
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DESHemant Sharma
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYJyothishmathi Institute of Technology and Science Karimnagar
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithmRuchi Maurya
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Email security
Email securityEmail security
Email securityIndrajit Sreemany
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)SAurabh PRajapati
 
Secure Hash Algorithm (SHA-512)
Secure Hash Algorithm (SHA-512)Secure Hash Algorithm (SHA-512)
Secure Hash Algorithm (SHA-512)DUET
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
AES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAhmudulHassan
 
Modern Cryptography.pptx
Modern Cryptography.pptxModern Cryptography.pptx
Modern Cryptography.pptxwdwd10
 
ch-05.ppt
ch-05.pptch-05.ppt
ch-05.pptanshharjai
 

More Related Content

What's hot

Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Modern block cipher
Modern block cipherModern block cipher
Modern block cipherUdit Mishra
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DESHemant Sharma
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithmRuchi Maurya
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)SAurabh PRajapati
 
Secure Hash Algorithm (SHA-512)
Secure Hash Algorithm (SHA-512)Secure Hash Algorithm (SHA-512)
Secure Hash Algorithm (SHA-512)DUET
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
AES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAhmudulHassan
 

What's hot (20)

Message digest 5
Message digest 5Message digest 5
Message digest 5
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
 
Modern block cipher
Modern block cipherModern block cipher
Modern block cipher
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Product Cipher
Product CipherProduct Cipher
Product Cipher
 
Huffman coding
Huffman coding Huffman coding
Huffman coding
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DES
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITY
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanisms
 
SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithm
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemes
 
Web Security
Web SecurityWeb Security
Web Security
 
Email security
Email securityEmail security
Email security
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
 
Secure Hash Algorithm (SHA-512)
Secure Hash Algorithm (SHA-512)Secure Hash Algorithm (SHA-512)
Secure Hash Algorithm (SHA-512)
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
IP Security
IP SecurityIP Security
IP Security
 
AES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAES KEY EXPANSION .pptx
AES KEY EXPANSION .pptx
 

Similar to Modern Block Cipher- Modern Symmetric-Key Cipher

Modern Cryptography.pptx
Modern Cryptography.pptxModern Cryptography.pptx
Modern Cryptography.pptxwdwd10
 
Block Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxBlock Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxUsamaAliLone3
 
Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1Shiraz316
 
Network Security UNIT-II
Network Security UNIT-IINetwork Security UNIT-II
Network Security UNIT-IIrathnadeepa2
 
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceNetwork security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceRathnaDeepa1
 
Introduction to modern_symmetric-key_ciphers
Introduction to modern_symmetric-key_ciphersIntroduction to modern_symmetric-key_ciphers
Introduction to modern_symmetric-key_ciphersVasuki Ramasamy
 
FPGA Implementation of an Area Optimized Architecture for 128 bit AES Algorithm
FPGA Implementation of an Area Optimized Architecture for 128 bit AES AlgorithmFPGA Implementation of an Area Optimized Architecture for 128 bit AES Algorithm
FPGA Implementation of an Area Optimized Architecture for 128 bit AES AlgorithmIJERA Editor
 
Block Ciphers and DES.pptx
Block Ciphers and DES.pptxBlock Ciphers and DES.pptx
Block Ciphers and DES.pptxDrAnilKannur1
 
Implementation of Various Cryptosystem Using Chaos
Implementation of Various Cryptosystem Using ChaosImplementation of Various Cryptosystem Using Chaos
Implementation of Various Cryptosystem Using ChaosIOSR Journals
 
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture Dhaval Kaneria
 
A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...
A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...
A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...IJNSA Journal
 

Similar to Modern Block Cipher- Modern Symmetric-Key Cipher (20)

Modern Cryptography.pptx
Modern Cryptography.pptxModern Cryptography.pptx
Modern Cryptography.pptx
 
ch-05.ppt
ch-05.pptch-05.ppt
ch-05.ppt
 
Block Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docxBlock Encryption Algorithm Project.docx
Block Encryption Algorithm Project.docx
 
Unit 2
Unit 2Unit 2
Unit 2
 
chap3.pdf
chap3.pdfchap3.pdf
chap3.pdf
 
Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1Chapter 3-block-cipher-des1
Chapter 3-block-cipher-des1
 
Network Security UNIT-II
Network Security UNIT-IINetwork Security UNIT-II
Network Security UNIT-II
 
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer ScienceNetwork security R.Rathna Deepa 2nd M.sc.,Computer Science
Network security R.Rathna Deepa 2nd M.sc.,Computer Science
 
MKG_ISS_04.ppt
MKG_ISS_04.pptMKG_ISS_04.ppt
MKG_ISS_04.ppt
 
Introduction to modern_symmetric-key_ciphers
Introduction to modern_symmetric-key_ciphersIntroduction to modern_symmetric-key_ciphers
Introduction to modern_symmetric-key_ciphers
 
Code Converters & Parity Checker
Code Converters & Parity CheckerCode Converters & Parity Checker
Code Converters & Parity Checker
 
cns 2marks
cns 2markscns 2marks
cns 2marks
 
FPGA Implementation of an Area Optimized Architecture for 128 bit AES Algorithm
FPGA Implementation of an Area Optimized Architecture for 128 bit AES AlgorithmFPGA Implementation of an Area Optimized Architecture for 128 bit AES Algorithm
FPGA Implementation of an Area Optimized Architecture for 128 bit AES Algorithm
 
Network Security Lec4
Network Security Lec4Network Security Lec4
Network Security Lec4
 
Aes
AesAes
Aes
 
Block Ciphers and DES.pptx
Block Ciphers and DES.pptxBlock Ciphers and DES.pptx
Block Ciphers and DES.pptx
 
Implementation of Various Cryptosystem Using Chaos
Implementation of Various Cryptosystem Using ChaosImplementation of Various Cryptosystem Using Chaos
Implementation of Various Cryptosystem Using Chaos
 
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture Paper on Optimized AES Algorithm Core Using FeedBack Architecture
Paper on Optimized AES Algorithm Core Using FeedBack Architecture
 
A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...
A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...
A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to ...
 
Unit 2
Unit 2Unit 2
Unit 2
 

More from Mahbubur Rahman

Randomized Algorithm- Advanced Algorithm
Randomized Algorithm- Advanced AlgorithmRandomized Algorithm- Advanced Algorithm
Randomized Algorithm- Advanced AlgorithmMahbubur Rahman
 
Cloudonomics in Advanced Cloud Computing
Cloudonomics in Advanced Cloud ComputingCloudonomics in Advanced Cloud Computing
Cloudonomics in Advanced Cloud ComputingMahbubur Rahman
 
Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...
Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...
Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...Mahbubur Rahman
 
Geographic Routing in WSN
Geographic Routing in WSNGeographic Routing in WSN
Geographic Routing in WSNMahbubur Rahman
 
Streaming Stored Video- Computer Networking
Streaming Stored Video- Computer Networking Streaming Stored Video- Computer Networking
Streaming Stored Video- Computer Networking Mahbubur Rahman
 
Random Oracle Model & Hashing - Cryptography & Network Security
Random Oracle Model & Hashing - Cryptography & Network SecurityRandom Oracle Model & Hashing - Cryptography & Network Security
Random Oracle Model & Hashing - Cryptography & Network SecurityMahbubur Rahman
 
Ll(1) Parser in Compilers
Ll(1) Parser in CompilersLl(1) Parser in Compilers
Ll(1) Parser in CompilersMahbubur Rahman
 
Web Server And Database Server
Web Server And Database ServerWeb Server And Database Server
Web Server And Database ServerMahbubur Rahman
 

More from Mahbubur Rahman (9)

Randomized Algorithm- Advanced Algorithm
Randomized Algorithm- Advanced AlgorithmRandomized Algorithm- Advanced Algorithm
Randomized Algorithm- Advanced Algorithm
 
Cloudonomics in Advanced Cloud Computing
Cloudonomics in Advanced Cloud ComputingCloudonomics in Advanced Cloud Computing
Cloudonomics in Advanced Cloud Computing
 
Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...
Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...
Constraint Satisfaction Problem (CSP) : Cryptarithmetic, Graph Coloring, 4- Q...
 
Geographic Routing in WSN
Geographic Routing in WSNGeographic Routing in WSN
Geographic Routing in WSN
 
Streaming Stored Video- Computer Networking
Streaming Stored Video- Computer Networking Streaming Stored Video- Computer Networking
Streaming Stored Video- Computer Networking
 
Random Oracle Model & Hashing - Cryptography & Network Security
Random Oracle Model & Hashing - Cryptography & Network SecurityRandom Oracle Model & Hashing - Cryptography & Network Security
Random Oracle Model & Hashing - Cryptography & Network Security
 
Ll(1) Parser in Compilers
Ll(1) Parser in CompilersLl(1) Parser in Compilers
Ll(1) Parser in Compilers
 
Web Server And Database Server
Web Server And Database ServerWeb Server And Database Server
Web Server And Database Server
 
LEX & YACC
LEX & YACCLEX & YACC
LEX & YACC
 

Recently uploaded

UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
System Simulation and Modelling with types and Event Scheduling
System Simulation and Modelling with types and Event SchedulingSystem Simulation and Modelling with types and Event Scheduling
System Simulation and Modelling with types and Event SchedulingBootNeck1
 
Crystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptxCrystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptxachiever3003
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating SystemRashmi Bhat
 
BSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptxBSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptxNiranjanYadav41
 
Ch10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdfCh10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdfChristianCDAM
 
Risk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectRisk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectErbil Polytechnic University
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionMebane Rash
 
DM Pillar Training Manual.ppt will be useful in deploying TPM in project
DM Pillar Training Manual.ppt will be useful in deploying TPM in projectDM Pillar Training Manual.ppt will be useful in deploying TPM in project
DM Pillar Training Manual.ppt will be useful in deploying TPM in projectssuserb6619e
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating SystemRashmi Bhat
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxRomil Mishra
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substationstephanwindworld
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgsaravananr517913
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfAsst.prof M.Gokilavani
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catcherssdickerson1
 
Crushers to screens in aggregate production
Crushers to screens in aggregate productionCrushers to screens in aggregate production
Crushers to screens in aggregate productionChinnuNinan
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communicationpanditadesh123
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdfHafizMudaserAhmad
 

Recently uploaded (20)

UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
System Simulation and Modelling with types and Event Scheduling
System Simulation and Modelling with types and Event SchedulingSystem Simulation and Modelling with types and Event Scheduling
System Simulation and Modelling with types and Event Scheduling
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
Crystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptxCrystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptx
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating System
 
BSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptxBSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptx
 
Ch10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdfCh10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdf
 
Risk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectRisk Management in Engineering Construction Project
Risk Management in Engineering Construction Project
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of Action
 
DM Pillar Training Manual.ppt will be useful in deploying TPM in project
DM Pillar Training Manual.ppt will be useful in deploying TPM in projectDM Pillar Training Manual.ppt will be useful in deploying TPM in project
DM Pillar Training Manual.ppt will be useful in deploying TPM in project
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating System
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptx
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substation
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
 
Crushers to screens in aggregate production
Crushers to screens in aggregate productionCrushers to screens in aggregate production
Crushers to screens in aggregate production
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communication
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf
 

Modern Block Cipher- Modern Symmetric-Key Cipher

  • 1. Maleka Khatun B150305031 Mahbubur Rahman B150305042 Chapter-5 Introduction to Modern Symmetric-Key Cipher (Modern Block Cipher) Presented By
  • 2. MODERN BLOCK CIPHERS A symmetric-key modern block cipher encrypts an n-bit block of plaintext or decrypts an n-bit block of cipher text. The encryption or decryption algorithm uses a k-bit key. Fig 5.1 A modern block cipher 2 Note: If the message is fewer than n bits, padding must be Added to make it an n-bit block; if more than n bits then it Should be divided into n-bit blocks and the appropriate padding Must be added. The common values for n are 64, 128, 256, or 512
  • 3. Continue… Example 5.1: How many padding bits must be added to a message of 100 characters if 8-bit ASCII is used for encoding and the block cipher accepts blocks of 64 bits? Answer: Encoding 100 characters using 8-bit ASCII results in an 800-bit message. The plaintext must be divisible by 64. If | M | and |Pad| are the length of the message and the length of the padding, 3
  • 4. substitution or Transposition A modern block cipher can be designed to act as a substitution cipher or a transposition cipher If the cipher is designed as substitution cipher, a 1-bit or a 0-bit can be replaced by either a 0 or a 1 bit. This means that the plain text and the cipher text can have different number of 1’s. If the cipher is designed as transposition cipher, the bits are only reordered (transposed), there is same number of 1’s in the plaintext or ciphertext. N-bit possible plaintext or cipher text is 2n because each of the block can have one of the two values 0 or 1 To be resistant to exhaustive-search attack, a modern block cipher needs to be designed as a substitution cipher. Example 5.2: Suppose that we have a block cipher where n = 64. If there are 10 1’s in the cipher text, how many trial-and-error tests does Eve need to do to recover the plaintext from the intercepted cipher text in each of the following cases? a. The cipher is designed as a substitution cipher. b. The cipher is designed as a transposition cipher. 4
  • 5. Continue… Answer: a. In the first case, Eve has no idea how many 1’s are in the plaintext. Eve needs to try all possible 264 64- bit blocks to find one that makes sense. If eve could try 1 billion blocks per second, it will take hundreds of years, on average, before she could be successful. b. In the second case, Eve knows that there are exactly 10 1’s in the plaintext because transposition does not change the number of 1’s or 0’s in the cipher text. Eve can launch an exhaustive-search attack using only those 64-bit blocks that have exactly 10 1’s. there are only (64!)/[(10!)(54!)]= 151, 473, 214, 816 out of 264 64 bit words. Eve can test all of them in less than 3 minutes if she could do 1 billion tests per second. 5
  • 6. Block Ciphers as Permutation Groups Full-Size Key Transposition Block Ciphers In a full-size key transposition cipher We need to have n! possible keys, so the key should have log2 n! bits. Example 5.3: Answer: The set of permutation tables has 3! = 6 elements. Key should be log2 6! =3 bits long . key can select 23 = 8 mapping. we can use any 6 of them. Show the model and the set of permutation tables for a 3-bit block transposition cipher where the block size is 3 bits. Fig 5.2 a transposition block cipher modeled as permutation 6
  • 7. Block Ciphers as Permutation Groups Full-Size Key Substitution Block Ciphers A full-size key substitution cipher does not transpose bits; it substitutes bits. We can model the substitution cipher as a permutation if we can decode the input and encode the output. Example 5.4: Answer: The three input plaintext can be an integer between 0 to 7.This can be decoded as 8 bit string with a single 1.For example 000 can be decode as 00000001.101 decode as 00100000.The number of elements of transposition cipher(8!=40,320). The key is also much longer, [log240,320] = 16 bits. Although a 16 bit key can define 65,536 different mappings, only 40,320 are used. Show the model and the set of permutation tables for a 3- bit block substitution cipher. 7
  • 8. Block Ciphers as Permutation Groups Note: A full-size key n-bit transposition cipher or a substitution block cipher can be modeled as a permutation, but their key sizes are different:  Transposition: the key is [log2 n! ] bits long.  Substitution: the key is [log2 (2n)!] bits long.  Note: Actual ciphers can not use full size keys because the size of the key becomes so large, especially when using substitution block cipher. If the designer of DES(next chapter) which uses 64 bit block cipher, had used a full size key, the key would have been log2(264)! Long , so the key size for DES is only 56 bits, which is a very small fraction of the full size key, this means it only uses 256 mappings out of 22^70 possible mappings.  partial-key cipher is a group under the composition operation if it is a subgroup of the corresponding full-size key cipher. 8
  • 9. Components of a Modern Block Cipher Modern block ciphers normally are keyed substitution ciphers in which the key allows only partial mappings from the possible inputs to the possible outputs. However modern block ciphers normally are not designed as a single unit. To provide the required properties of a modern block cipher, such as diffusion and confusion, as a modern block cipher is made of a combination of transposition units for diffusion (called D-box) or Substitution units (called S-box), and some other units. D(diffusion)-box: A D-box parallels the traditional cipher for characters. It transposes bits. It is referred to as permutation. That’s why it is also called P-box. The system of output of the D-boxes are predetermined. There are three types of D-boxes. 1.Straight D-boxes 2.Compression D-boxes 3.Expansion D-boxes 9
  • 10. Continue… Straight D-boxes: A straight D-box with n inputs and n outputs according to permutation. There are n! possible mapping. Compression D-boxes : A compression D-box with n inputs and m outputs where m < n. Expansion D-boxes : An expansion D-box with n inputs and m outputs where m > n. Fig 5.4 types of D-boxes 10
  • 11. Components of a Modern Block Cipher Example 5.5 Shows all 6 possible mappings of a 3 × 3 D-box. Answer: The possible mappings of a 3 × 3 D-box(3!=6 permutation) Example 5.6 Design an 8 × 8 permutation table for a straight D-box that moves the two middle bits (bits 4 and 5) in the input word to the two ends (bits 1 and 8) in the output words. Relative positions of other bits should not be changed. Answer: We need a straight P-box with the table [4 1 2 3 6 7 8 5]. The relative positions of input bits 1, 2, 3, 6, 7, and 8 have not been changed, but the first output takes the fourth input and the eighth output takes the fifth input. 11
  • 12. invertibility Example 5.7: shows how to invert a permutation table represented as a one-dimensional table. Answer: Fig 5.6 Inverting a permutation table 12
  • 13. Continue.. So, Compression and expansion D-boxes are not invertible. A straight D-box is invertible. That’s why it is used in both encryption and decryption algorithm. 13
  • 14. S- Box S(substitution)box: An S-box is an m x n substitution unit, where m and n are not necessarily the same. The number of input and output are not necessarily same. Modern block ciphers use Key-less S- boxes where the mapping from the inputs to the outputs is predetermined. Example 5.10: The following table defines the input/output relationship for an S-box of size 3 × 2. The leftmost bit of the input defines the row; the two rightmost bits of the input define the column. The two output bits are values on the cross section of the selected row and column. Answer: Based on the table, an input of 010 yields the output 01. An input of 101 yields the output of 00. 14
  • 15. invertibility Example 5.1 For example, if the input to the left box is 001, the output is 101. The input 101 in the right table creates the output 001, which shows that the two tables are inverses of each other. Answer: 15 An S-box may or may not be invertible, In an invertible S-box, the number of input bits should be same as the number of output bits
  • 16. exclusive - or Exclusive-Or  An important component in most block ciphers is the exclusive-or operation. Properties: The five properties of exclusive-or operation in GF (2n ) field makes this operation a very interesting component for use in a block cipher.  Closure: This property guarantees that the result of exclusive- oring two n-bit words is another n-bit word.  Associativity: This property allows us to use more than one exclusive- or operation in any order. X (Y  Z) (XY) Z 16
  • 17. Continue..  Commutativity: This property allows us to swap the inputs without affecting the output. X  Y  Y  X  Existence of identity: The identity element for the exclusive-or operation is an n-bit word that consists of all 0’s or (000…0). This implies that exclusive- oring of a word with the identity element does not change that word. X  (00…0) = X  Existence of inverse: In the GF (2n) field, each word is the additive inverse of itself. This implies that exclusive – oring of a word with itself yields the identity element. X  X = (00…0)  Complement: The complement operation is a unary operation (one input ant one output) that flips each bit in a word. A 0-bit is changed to a 1-bit; a 1- bit is changed to 0-bit. We are interested in the complement operation in relation to the exclusive-or operation. If X is the complement of X, then the following two relations hold: X  X = (11…1) X  (11…1) = X 17
  • 18. Circular Shift Circular Shift Another component found in some modern block ciphers is the circular shift operation. Shifting can to the left or to the right. The circular left shift operation shifts each bit in an n bit word k positions to the left. The leftmost k bits are removed and Become the rightmost bits. Here, n=8, k=3 Circular shift an 8 bit word to left or right 18
  • 19. Continue.. Swap The swap operation is a special case of the circular shift operation where k = n/2. This means swap operation is valid only if n is an Even number. Split and Combine Two other operations found in some block ciphers are split and combine. It split n bit word in the middle, create two equal length word. Fig 5.11Swap operation on an 8 bit word Fig 5.12 Split and combine on an 8 bit word 19
  • 20. Product Cipher  Product cipher is a combination of substitution, permutation and other components. As a result, the resulting cipher will be more secure than individual components.  Claude Shannon introduced the concept of product cipher.  Claude Shannon gave emphasis on the security of the plaintext. Thus no attacker can attacks on it.  So, he added two new important properties : diffusion, confusion. Diffusion: Diffusion hides the relationship between plaintext and cipher text. The attacker who uses ciphertext approaches will be frustrated. Each symbol in the ciphertext will depend on some or all the elements of the plaintext. 20
  • 21. Product Cipher continue… Confusion: Confusion hides the relationship between ciphertext and key. If a single bit in the key will be changed the most or all the bits in the ciphertext will be changed. So, it may be very difficult to identify the key by the attackers according to ciphertext. Diffusion and confusion can be achieved by iterated product cipher. Iterated product cipher is combination of S-box, D-box and other components. Each iteration considered as round.  Here the mapping of output according to input for both S-box, D-box has to be predetermined.  The product cipher used only the straight D-box. Because it is invertible. So, decryption can be done by it. 21
  • 22. Continue…  Modern block cipher use a round key generator for each round. Round-Key generator: Round key generator creates different keys in each round. If a cipher key is normally given as 64 bit then the round key generator creates sixteen 48 bit keys out of 56 bit. Extra 8 bit is given with the input key(64 bit).this 8 bits are parity bit which are dropped before key generation by parity drop table. 22
  • 24. Continue.. 57 49 41 33 25 17 09 01 58 50 42 34 26 18 10 02 59 51 43 35 27 19 11 03 60 52 44 36 63 55 47 39 31 23 15 07 62 54 46 38 30 22 14 06 61 53 45 37 29 21 13 05 28 20 12 04 Parity bit drop table(56 bit) 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 Input (64 bits) 24
  • 25. Continue… 14 17 11 24 01 05 03 28 15 06 21 10 23 19 12 04 26 08 16 07 27 20 13 02 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 57 49 41 33 25 17 09 01 58 50 42 34 26 18 10 02 59 51 43 35 27 19 11 03 60 52 44 36 63 55 47 39 31 23 15 07 62 54 46 38 30 22 14 06 61 53 45 37 29 21 13 05 28 20 12 04 Result of parity bit drop table (56 bit) Compressed D-box(48 bit)18 59 42 03 57 25 41 36 10 17 27 50 11 43 34 33 52 01 02 09 44 35 26 49 30 06 47 62 45 12 55 38 14 38 31 37 06 29 46 04 22 28 53 22 21 07 63 39 Output of D-box 25
  • 26. Product Cipher Three transformations are happened in every round of the product cipher. 1. The text is mixed with the key to whiten the text( hide the bits of plaintext using the key).It is normally done by the exclusive-or operation. 2. The output of the whitener are organized by S-box. The values of bits will changed by the structure of S-box transformation. 3. The output of the S-boxes passed through a straight D-box to transpose the bits. The predetermined D-box(straight) pos 1 2 3 4 5 6 7 8 In bit 1 2 3 4 5 6 7 8 Out bit 2 7 3 8 6 1 4 5 26
  • 27. Now, we consider a simple product cipher with 2 rounds. The plaintext and key both are 8 bit. In an N round product cipher plaintext will encrypted N times, key will changed for N times and cipher text will decrypted N times. 5.27
  • 28. Continue.. Classes of modern cipher: All modern block ciphers are product cipher. The product ciphers are divided into two classes. 1. Feistel Ciphers 2. Non Feistel cipher Feistel cipher use both invertible and noninvertible components. This block cipher is DES. Non Feistel cipher use only invertible components. This type of block cipher is AES. 28
  • 29. Feistel Cipher A Feistel cipher combines all noninvertible components in an unit and uses the same unit in encryption and decryption algorithm. The encryption and decryption algorithm are inverse of each other (using the same unit of noninvertible components). First thought: In encryption, a noninvertible Function f(k),accepts the key as input. Then the output of the function is exclusive- ored with the plaintext. This combination is called Mixer. The output of this combination becomes ciphertext. It is sent to the receiver. Fig 5.15 The first thought in Feistel cipher design 29
  • 30. Continue.. The input of decryption is same as the output of encryption algorithm. And the key function is also same. That’s mean C1=C2. Encryption : C1=P1  f(k) Decryption : P2 = C2  f(k) = C1  f(K) [C1=C2] = P1  f(k)  f(k) [X  X=0] = P1  0 = P1 the plaintext are same. So, encryption and decryption algorithm are inverse. 30
  • 31. Continue… Example 5.12 This is a trivial example. The plaintext and cipher text are each 4 bits long and the key is 3 bits long. Assume that the function takes the first and third bits of the key, interprets these two bits as a decimal number, squares the number, and interprets the result as a 4- bit binary pattern. Show the results of encryption and decryption if the original plaintext is 0111 and the key is 101. Answer: The function extracts the first and second bits to get 11 in binary or 3 in decimal. The result of squaring is 9,which is 1001 in binary. 31
  • 32. Improvement of Feistel cipher Some improvements are done on the first thought of Feistel cipher to secure the text.  In noninvertible function two inputs are considered. Function is to be a part of plaintext in encryption and ciphertext in decryption. And key can be the second input of the function. By doing this function can be a complex element. To achieve this goal, divide the plaintext into two equal length blocks as left and right. Left block is represented as L and right one is R. The inputs of the function must be same in both algorithm. 32
  • 33. Continue.. • In encryption the right section of the plaintext and key(k) goes to function as input. The output of this function exclusive- ored with left section of plaintext. And produce the left section of the cipher text. • The right section same as the plaintext. • In decryption algorithm reverse approach is used. The right section of the received cipher text goes to the function. Figure 5.16 Improvement of the previous Feistel design 33
  • 34. Continue… The input of decryption is same as the output of encryption algorithm. And the key function is also same. That’s mean R2=R3,L2=L3. Rules: Li = L(i-1)  f( R(i-1) , k) Encryption : L2= L1  f(R1,k) ; R1=R2 ; Decryption : L4 = L3  f( R3,k ) = L2  f( R2,K ) =L2  f( R1,K ) [R3=R2=R1] = L1  f( R1,K)  f( R1,K ) = L1  0 = L1 And R4=R3, As L4=L1 and R1=R2=R3=R4 the plaintext are correctly decrypted. 34
  • 35. Final design of Feistel cipher But the improvement has one problem. The right half section of the plaintext never changes. So, it is very easy for the attacker to identify the left half section of the plain text. The design needs more improvement.  First increase the number of rounds.  Add a new element to each round: swapper. It allows to swap the left and right halves in each other. Consider a two rounds Feistel cipher number of keys are K1,K2.Keys are used in reverse order in encryption and decryption. Between two rounds a middle text is created. This middle text has to be same in encryption and decryption. 35
  • 36. Continue… The mixer and swapper are inverse. 36
  • 37. Continue… Here L3=L4,R3=R4,L3=R2,L4=R5. Check the equality of middle text. Rules: 1.Ri= L(i-1)  f( R(i-1) , kn ) 2.Li= K(i-1)  f( L(i-1) , kn ) Now, middle text in decryption L5 = R4  f(L4,K2) = R3  f(L3,K2) [R3=R4,L3=L4] = R3  f(R2,K2) [L3=R2] = L2  f(R2,K2)  f(R2,K2) = L2  0 =L2, R5=L4=L3=R2; So, the middle text are( L5=L2,R5=R2 )equal. 37
  • 38. Continue… Check the equity of plaintext … Here, L5=L2 ,R5=R2; R6=L5, L4=R5, L3=L4, R3=R4 ,L3=R2, L2=R1; The plaintext in decryption L6 = R5  F(L5,K1) = R2  F(L2,K1) [R5=R2 ,L5=L2] = L1  F(R1,K1)  F(L2,K1) [Rules 1] = L1  F(R1,K1)  F(R1,K1) [L2=R1] = L1 0 = L1 And R6 = L5=L2=R1. The plaintext are same (L6=L1,R6=R1). 38
  • 39. Non Feistel cipher  Non Feistel cipher only used invertible components. That means S-boxes, need to have equal number of input and output, Compression and expansion D boxes are not allowed. Only can use straight D-boxes.  In non Feistel cipher ,there is no need to divide the plaintext into two equal parts. 39
  • 40. 40