SlideShare a Scribd company logo

RC CNS unit 2.pptx types of algorithms in cns

Download as PPTX, PDF
S
swethajosephsastry

The document covers symmetric key cryptography, exploring its mathematical foundations, including groups, rings, and fields. It discusses various encryption techniques such as substitution and transposition ciphers, detailing methods for encrypting and decrypting messages using keys. Additionally, it examines cryptanalysis and the differences between symmetric and asymmetric cryptography, emphasizing the importance of key secrecy and the mathematical structures that underpin these methods.

Education
1 of 102
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
UNIT -II Symmetric Encryption Mathematics of Symmetric Key Cryptography, Introduction to Modern Symmetric Key Ciphers, Data Encryption Standard, Advanced Encryption Standard.
Unit -2 Cryptography : Cryptography is a technique of securing information and communications through use of codes. Thus preventing unauthorized access to information. The prefix “crypt” means “hidden” and suffix graph means “writing”. Cryptography Types Symmetric Key Cryptography: The sender and receiver of message use a single common key to encrypt and decrypt messages. Asymmetric Key Cryptography: A pair of keys is used to encrypt and decrypt information. A public key is used for encryption and a private key is used for decryption. Even if the public key y is known by everyone the intended receiver can only decode it because he alone knows the private key. Hash Functions: There is no usage of any key in this algorithm. A hash value with fixed length is calculated as per the plain text which makes it impossible for contents of plain text to be recovered..
Mathematics of Symmetric Key Cryptography Algebraic Structures: • Cryptography requires set of integers and specific operations that are defined for those sets. The combination of the set and the operations that are applied to the elements of the set is called an algebraic structure.
Group • A group (G) is indicated by {G, }. It is a group of elements with a binary ∙ operation that satisfies four properties. The properties of Group are ′ ∙ ′ as follows − • Closure − If a and b are elements of G, therefore c = a b is also an ∙ element of set G. This can define that the result of using the operations on any two elements in the set is another element in the set. • Associativity − If a, b, and c are element of G, therefore (a b) c = a (b ∙ ∙ ∙ c), means it does not substance in which order it can use the ∙ operations on higher than two elements. • Identity − For all a in G, there occur an element e in G including e a = a ∙ e = a. ∙ • Inverse − For each a in G, there occur an element a’ known as the inverse of a such that a a = a a = e. ∙ ′ ′ ∙ • A group is an abelian group if it satisfies the following four properties more one additional property of commutativity. • Commutativity − For all a and b in G, we have a b = b a. ∙ ∙
Ring • A ring R is indicated by {R, +, x}. It is a set of elements with two binary operations, known as addition and multiplication including for all a, b, c in R the following axioms are kept − • R is an abelian group regarding addition that is R satisfies properties A1 through A5. In the method of additive group, it indicates the identity element as 0 and the inverse of a as − a. • (M1): Closure under multiplication − If and b belong to R, then ab is also in R. • (M2): Associativity of Multiplication − a(bc)=(ab)c for all a, b, c in R. • (M3): Distributive Laws − • a(b+c)=ab + ac for all a, b, c in R • (a+b)c=ac+bc for all a, b, c in R • (M4): Commutative of Multiplication − ab=ba for all a, b in R. • (M5): Multiplicative identity − There is an element 1 in R including a1=1a for all a in R. • (M6): No zero divisors − If a, b in R and ab = 0, therefore a = 0 or b = 0.
Field • A field F is indicated by {F, +, x}. It is a set of elements with two binary operations known as addition and multiplication, including for all a, b, c in F the following axioms are kept − • F1 is an integer domain that is F satisfies axioms A1 through A5 and M1 through M6. • (M7): Multiplication inverse − For each a in F, except 0, there is an element a−1 in F such that aa−1 = (a−1 )a=1.
Informal Definitions • A GROUP is a set in which you can perform one operation (usually addition or multiplication mod n for us) with some nice properties. • Groups have properties which are useful for many cryptographic operations • A RING is a set equipped with two operations, called addition and multiplication. A RING is a GROUP under addition and satisfies some of the properties of a group for multiplication. • A FIELD is a GROUP under both addition and multiplication.
Comparison of Group, Ring and Field:
Symmetric Key Cipher • The sender and receiver of message use a single common key to encrypt and decrypt messages.
If P is the plaintext, C is the ciphertext, and K is the key, • We assume that Bob creates P1; we prove that P1 = P: • Figure Locking and unlocking with the same key
• Kerckhoff’s Principle Based on Kerckhoff’s principle, one should always assume that the adversary, Eve, knows the encryption/decryption algorithm. The resistance of the cipher to attack must be based only on the secrecy of the key • Cryptanalysis As cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of breaking those codes
RC CNS unit 2.pptx types of algorithms in cns
• Cipher text-Only Attack Figure Ciphertext-only attack In Ciphertext-Only Attack , the attacker knows only some cipher text. He try to find corresponding key and plain text using various methods. Brute-Force attack: Attacker tries all possible keys. We assume that he knows key domain Statistical attack: The cryptanalyst can benefit from some inherent charactersistics of the plain text language to perform statistical attack. Example: Letter E is most frequently used character in English.
• Chosen-Plaintext Attack Figure Chosen-plaintext attack This is similar to known-plaintext attack, but plaintext/cipher text pairs have been choosen by the attacker . This can happen when attacker has access to Alice computer. She can choose some plaintext and interpret ciphertext.
• Known-Plaintext Attack • Figure Known-plaintext attack In this attack, he know some cipher text and plain text pairs that were sent previously by Alice to Bob. Attacker has kept both cipher text and plain text to use them to break the next secrete message.
• Chosen-Ciphertext Attack Figure Chosen-Ciphertext attack This is similar to Chosen Plaintext attack except eve chooses some ciphertext and decrypt it to from a cipher/plain text pairs. This can happen when Eve has access to Bob computer.
Categories of Traditional Ciphers – SUBSTITUTION CIPHERS • A substitution cipher replaces one character with another – TRANSPOSITION CIPHERS • A Transposition cipher reorders symbols
SUBSTITUTION CIPHERS • A substitution cipher replaces one symbol with another. Substitution ciphers can be categorized as either monoalphabetic ciphers or polyalphabetic ciphers. • A substitution cipher replaces one symbol with another. Note: A substitution cipher replaces one symbol with another. Monoalphabetic Ciphers: In monoalphabetic substitution, the relationship between a symbol in the plaintext to a symbol in the ciphertext is always one-to-one.
Example 1 • The following shows a plaintext and its corresponding ciphertext. The cipher is probably • monoalphabetic because both l’s (els) are encrypted as O’s. Example 2 • The following shows a plaintext and its corresponding ciphertext. The cipher is not monoalphabetic because each l (el) is encrypted by a different character. The first l (el) is encrypted with N;the second as Z
Additive Cipher The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes called a shift cipher and sometimes a Caesar cipher, but the term additive cipher better reveals its mathematical nature. Figure Plaintext and ciphertext in Z26
When the cipher is additive, the plaintext, ciphertext, and key are integers in Z 26. Example: Use the additive cipher with key = 15 to encrypt the message “hello”. Solution We apply the encryption algorithm to the plaintext, character by character:
Example: Use the additive cipher with key = 15 to decrypt the message “WTAAD”. Solution We apply the decryption algorithm to the plaintext character by character:
RC CNS unit 2.pptx types of algorithms in cns
Caesar cipher • Here is an example of how to use the Caesar cipher to encrypt the message “HELLO” with a shift of 3: • Write down the plaintext message: HELLO • Choose a shift value. In this case, we will use a shift of 3. • Replace each letter in the plaintext message with the letter that is three positions to the right in the alphabet. • H becomes K (shift 3 from H) • E becomes H (shift 3 from E) • L becomes O (shift 3 from L) • L becomes O (shift 3 from L) • O becomes R (shift 3 from O)
• Hiding some data is known as encryption. When plain text is encrypted it becomes unreadable and is known as ciphertext. In a Substitution cipher, any character of plain text from the given fixed set of characters is substituted by some other character from the same set depending on a key. For example with a shift of 1, A would be replaced by B, B would become C, and so on.
• Finite Fields: • A finite field, a field with a finite number of elements. The finite fields are usually called Galois fields and denoted as GF(pn ). • Note: A Galois field, GF(pn ), is a finite field with pn elements where p is prime. • GF(p) Fields: When n=1, we have GF(p) field. T is field can be the set Z, (0,1,2,p-1), with two operations addition and multiplication. Each element has an additive inverse and that nonzero elements have a multiplicative inverse for prime p. • Example for GF(p) Field: A very common field in this category is GF(2) with the set {0,1} and two operations addition and multiplication a shown below:
NOTE: Addition is same as to XOR and multiplication is AND operation
• GF(2n ) Fields:- • GF(2n ) is a Finite Field with 2n elements. The elements in this set are n-bit words. For example, if n = 3, the set is: { 000, 001, 010, 011, 100, 101, 110, 111 } • Example: if n = 2, then GF(22 ) field in which the set has four 2-bit words: • { 00, 01, 10, 11 }.
Why GF(2n )? • Generally computer stores positive integers as n-bit words, can be 8-bit, 16-bit, 32-bit, 64-bit. This means that range of words(integers) is 0 to 2n -1. So, the modulus is 2n • We have two choices if we use a field structure 1) using GF(p) or GF(2 n ) • If we use GF(p) with the set Zp, where p is the largest prime number less than 2n . This is ineffiecient, if we use integers from p to2n -1. • If n=3, the largest prime less than 23 is 7. This means that we can not use integer 7,8. • If we GF(2n ) with the set 2n elements. The elements in this set are n-bit words. Example: If n=3, , the set is {000,001,010,011,100,101,110,111}
Polynomials • The data is shown as n-bit words in the computers that satisfy the properties in GF(2n ) . These n-bit words are easily represented by Polynomial of degree n-1. • A polynomial of degree n-1 is an expression of the form: Where xi is called the ith term and ai is called coefficient of the ith term.
RC CNS unit 2.pptx types of algorithms in cns
Note: Polynomials representing n-bit words use two fields: GF(2) for Coefficients and GF(2n ) for terms.
Modulus: • Addition of two polynomials never creates a polynomial out of the set. Multiplication of two polynomials may create a polynomial with degrees more than n-1. This means that we need to divide the result by a modulus and keep only the remainder. • A Prime Polynomial cannot be factored into a polynomial with degree of less than n. Such polynomials are referred to as Irreducible polynomials.
RC CNS unit 2.pptx types of algorithms in cns
Operations on Polynomials: Addition: • Addition and Subtraction operations on polynomials are the same operation. • The addition operation for polynomials with coefficient in GF(2) is add the coefficients of the corresponding term in GF(2). • Adding two polynomials of degree n-1 always create a polynomial with degree n-1, which means that we do not need to reduce the result using the modulus. • Additive Identity: The additive identity in a polynomial is a zero polynomial ( a polynomial with all coefficients set to zero). • Additive inverse: The additive inverse of a polynomial with coefficients in GF(2) is the polynomial itself. This means that the subtraction operation is the same as the addition operation.
• Shift Cipher and Caesar Cipher Historically, additive ciphers are called shift ciphers. Julius Caesar used an additive cipher to communicate with his officers. For this reason, additive ciphers are sometimes referred to as the Caesar cipher. Caesar used a key of 3 for his communications. • Additive ciphers are sometimes referred to as shift ciphers or Caesar cipher
• Example1: What is the key domain for any multiplicative cipher? • Solution: The key needs to be in Z26*. This set has only 12 members: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25. • Example2 : We use a multiplicative cipher to encrypt the message “hello” with a key of 7. The ciphertext is “XCZZU”.
• Affine Ciphers: Combine additve and multiplicative Ciphers • Example1: The affine cipher uses a pair of keys in which the first key is from Z26* and the second is from Z26. • The size of the key domain is 26 × 12 = 312. • Example2: Use an affine cipher to encrypt the message “hello” with the key pair (7, 2).
RC CNS unit 2.pptx types of algorithms in cns
• Monoalphabetic Substitution Cipher • Because additive, multiplicative, and affine ciphers have small key domains, they are very vulnerable to brute-force attack. • A better solution is to create a mapping between each plaintext character and the corresponding ciphertext character. Alice and Bob can agree on a table showing the mapping for each character. • Figure An example key for monoalphabetic substitution cipher
• We can use the key in Figure to encrypt the message The cipher text is
• Polyalphabetic Ciphers • In polyalphabetic substitution, each occurrence of a character may have a different substitute. The relationship between a character in the plaintext to a character in the ciphertext is one-to-many. • Example ‘a’ can be enciphered as ‘D’ in the beginning of the text, but as ‘N’ at the middle. • Polyalphabetic has advantage of hiding the letter frequency
• Example: Autokey Cipher Example: Assume that Alice and Bob agreed to use an autokey cipher with initial key value k1 = 12. Now Alice wants to send Bob the message “Attack is today”. Enciphering is done character
• TRANSPOSITION CIPHERS • A transposition cipher does not substitute one symbol for another, instead it changes the location of the symbols. A symbol in the first position may appaer in the tenth position of the cipher. A symbol in the eighth position may appear in the first osition of the cipher. • Note: A transposition cipher reorders symbols • Keyless Transposition Ciphers • Simple transposition ciphers, which were used in the past, are keyless. • Example 1: • A good example of a keyless cipher using the first method is the rail fence cipher. The ciphertext is created reading the pattern row by row. For example, to send the message “ Meet me at the park” to Bob, Alice writes
She then creates the ciphertext “MEMATEAKETETHPR”.
Example 2: • Alice and Bob can agree on the number of columns and use the second method. Alice writes the same plaintext, row by row, in a table of four columns She then creates the ciphertext “MMTAEEHREAEKTTP” by transmitting the characters column by column. Bob receives the cipher text and follows the reverse process to get plain text
• The cipher in previous example is actually a transposition cipher. The following shows the permutation of each character in the plaintext into the ciphertext based on the positions. The second character in the plaintext has moved to the fifth position in the ciphertext; the third character has moved to the ninth position; and so on.Although the characters are permuted, there is a pattern in the permutation: (01, 05, 09, 13), (02, 06, 10, 13), (03, 07, 11, 15), and (4, 8, 12). In each section, the difference between the two adjacent numbers is 4.
• Keyed Transposition Ciphers • The keyless ciphers permute the characters by using writing plaintext in one way and reading it in another way The permutation is done on the whole plaintext to create the whole ciphertext. • Another method is to divide the plaintext into groups of predetermined size, called blocks, and then use a key to permute the characters in each block separately. • Example Alice needs to send the message “Enemy attacks tonight” to Bob..
• The key used for encryption and decryption is a permutation key, which shows how the character are permuted The permutation yields
• Combining Two Approaches for better result • Encryption or decryption is done in 3 steps: • Text is written into row by row • Permutation is done by reordering columns • New table is read column by column
RC CNS unit 2.pptx types of algorithms in cns
Stream Ciphers and Block Ciphers Stream Ciphers : A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream ciphers are the auto keyed Vigenère cipher and the Vernam cipher.
Block Ciphers • A block cipher is one in which a block of plaintext is treated as a whole and used to produce a cipher text block of equal length. • A block size of 64 or 128 bits is used.
Modern Block Ciphers A symmetric-key modern block cipher encrypts an n-bit block of plaintext or decrypts an n-bit block of cipher text. The encryption or decryption algorithm uses a k-bit key. The Decryption algorithm must be the inverse of the encryption algorithm and must use the same secrete key.
• Components of a Modern Block Cipher Modern block ciphers normally are keyed substitution ciphers in which the key allows only partial mappings from the possible inputs to the possible outputs. It uses P-Boxes,S-Boxes.
P-Boxes • P-Boxes(also called as D-Box means Diffusion box) • A P-box (permutation box) parallels the traditional transposition cipher for characters. It transposes bits. Three types of P boxes
Example • Figure shows all 6 possible mappings of a 3 × 3 P-box.
• Straight P-Boxes • TableExample of a permutation table for a straight P-box(64x64) At output of P-Box: • Input 58 goes to 1st position, input 50 goes to 2nd position, input 42 to 3rd position,….
Product Ciphers • Shannon introduced the concept of a product cipher. A product cipher is a complex cipher combining substitution, permutation, and other components . • Combination of S-box and P-box transformation—a product cipher. Two classes of product ciphers: • Feistel ciphers, Example DES(data encryption standard) • Non-feistel Ciphers, Example AES(Advanced Encryption system)
Diffusion • The idea of diffusion is to hide the relationship between the cipher text and the plain text. Confusion • The idea of confusion is to hide the relationship between the cipher text and the key. Rounds • Diffusion and confusion can be achieved using iterated product ciphers where each iteration is a combination of S-boxes, P-boxes, and other components.
RC CNS unit 2.pptx types of algorithms in cns
Feistel Cipher Structure: • Feistel Cipher is not a specific scheme of block cipher. It is a design model from which many different block ciphers are derived. • DES is just one example of a Feistel Cipher. • A cryptographic system based on Feistel cipher structure uses the same algorithm for both encryption and decryption. • The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half. • In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes through an operation that depends on R and the encryption key. First, we apply an encrypting function ‘f’ that takes two input − the key K and R. The function produces the output f(R,K). Then, we XOR the output of the mathematical function with L
RC CNS unit 2.pptx types of algorithms in cns
RC CNS unit 2.pptx types of algorithms in cns
Block Cipher Design Principles • Block size: Larger block sizes mean greater security (all other things being equal) but reduced encryption/decryption speed for a given algorithm. The greater security is achieved by greater diffusion. Key size: Larger key size means greater security but may decrease encryption/ decryption speed. The greater security is achieved by greater resistance to brute-force attacks and greater confusion • Number of rounds: The essence of the Feistel cipher is that a single round offers inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds. • Subkey generation algorithm: Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis. • Round function F: Again, greater complexity generally means greater resistance to cryptanalysis. Diffusion And Confusion:- The terms diffusion and confusion were introduced by Claude Shannon to capture the two basic building blocks (Plain Text & Cipher Text) for any cryptographic system.
Data Encryption Standard (DES) • The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) in 1997. • DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64 -bit. key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only).
RC CNS unit 2.pptx types of algorithms in cns
• DES Symmetric key Block Cipher algorithm. DES follows Feistel cipher structure. • Plain Text Block Size : 64 • Bits Cipher Text Size :64 Bits • Master Key Size : 64 / 56 • Bits No. Of Rounds 16 • Round Key / Subkey Size: 48 Bits.
Initial Permutation & Inverse Initial Permutation The initial permutation and its inverse are defined by tables, as shown in Tables. The tables are to be interpreted as follows. • The input to a table consists of 64 bits numbered from 1 to 64. • The 64 entries in the permutation table contain a permutation of the numbers from 1 to 64. • Each entry in the permutation table indicates the position of a numbered input bit in the output, which also consists of 64 bits. • The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of each other. Note: Initial Permutation & Inverse Initial Permutations have no cryptography significance in DES.
Input Table
RC CNS unit 2.pptx types of algorithms in cns
In output At 1st place 58 At 2nd place 50 At 3rd place 42 .
• In output • At 1st place 40 • At 2nd place 8 • At 3rd place 48 ..
Rounds • The left and right halves of each 64- bit intermediate value are treated as separate 32-bit quantities, labeled L (left) and R (right). • As in any classic Feistel cipher, the overall processing at each round can be summarized in the following formulas: • The round key Ki is 48 bits. The R input is 32 bits. This R input is first expanded to 48 bits by using a table that defines a permutation plus an expansion that involves duplication of 16 of the R bits. • The resulting 48 bits are XORed with Ki. This 48-bit result passes through a substitution function that produces a 32-bit output, which is permuted as defined by Table. • The role of the S-boxes in the function F is illustrated in Figure 3.7.The substitution consists of a set of eight S-boxes, each of which accepts 6 bits as input and produces 4 bits as output. These transformations are defined in Table 3.3, which is interpreted as follows: The first and last bits of the input to box Si form a 2-bit binary number to select one of four substitutions defined by the four rows in the table for Si. The middle four bits select one of the sixteen columns. The decimal value in the cell selected by the row and column is then converted to its 4-bit representation to produce the output. For example, in S1, for input 011001, the row is 01 (row 1) and the column is 1100 (column 12). The value in row 1, column 12 is 9, so the output is 1001.
RC CNS unit 2.pptx types of algorithms in cns
RC CNS unit 2.pptx types of algorithms in cns
RC CNS unit 2.pptx types of algorithms in cns
• P-Boxes • P-Boxes(also called ad D-Box means Diffusion box) • A P-box (permutation box) parallels the traditional transposition cipher for characters. It transposes bits. Three types of P-boxes
DES Weaknesses Analysis • Weakness in Cipher Design: • It is not clear why the designers of DES used the initial and final permutations; these have no security benefits. • In the expansion permutation, the first and fourth bits of every 4-bit series are repeated. • Weakness in Cipher Key: • o DES Key size is 56 bits. To do Brute force attack on a given ciphertext block, the adversary needs to check 256 keys. • With available technology it is possible to check 1 million keys per second •
• The Data Encryption Standard (DES) is an older encryption algorithm that was widely used in the past but has since been replaced by more secure algorithms like AES. Here's a simple explanation of how DES works: • Basic Idea: DES takes a block of plaintext (unencrypted text) and transforms it into ciphertext (encrypted text) using a secret key. This process makes it difficult for unauthorized users to understand the original message. • Block Cipher: DES operates on blocks of data, typically 64 bits in size. If the input message is not a multiple of 64 bits, padding is used to make it fit. • Key Size: DES uses a 56-bit key. This key is used both for encryption and decryption. However, due to advances in computing power, a 56-bit key is now considered relatively insecure. • Substitution-Permutation Network (SPN): Similar to AES, DES uses a series of rounds called a Substitution-Permutation Network. Each round involves substituting and permuting bits of the data according to the key. • Rounds: DES performs 16 rounds of encryption, with each round using a different subkey derived from the main encryption key. • Confusion and Diffusion: Like AES, DES relies on confusion (making the relationship between the plaintext and ciphertext complex) and diffusion (spreading the influence of each plaintext bit across many ciphertext bits) to enhance security. • Security: While DES was once considered secure, advances in computing power have made it vulnerable to brute-force attacks. Today, it's generally recommended to use stronger encryption algorithms like AES with longer key lengths. • In summary, DES is an older encryption standard that transforms plaintext into ciphertext using a 56-bit key and a series of rounds. While it was widely used in the past, it's now considered relatively insecure compared to modern encryption standards.
Double – DES
• Triple – DES • Triple DES was developed in 1999 by IBM – by a team led by Walter Tuchman. DES prevents a meet-in- the-middle attack. 3- DES has a 168-bit key and enciphers blocks of 64 bits. • 3-DES with 2 Keys:
RC CNS unit 2.pptx types of algorithms in cns
RC CNS unit 2.pptx types of algorithms in cns
• The encryption-decryption process is as follows − • Encrypt the plaintext blocks using single DES with key K1. Now decrypt the output of step 1 using single DES with key K2. • Finally, encrypt the output of step 2 using single DES with key K3. The output of step 3 is the ciphertext. • Decryption of a ciphertext is a reverse process. User first decrypt using K3, then encrypt with K2, and finally decrypt with K1
RC CNS unit 2.pptx types of algorithms in cns
• Advanced Encryption Standard (AES) is a widely used encryption algorithm that helps keep information secure when it's being transmitted or stored. Here's a simple explanation of how it works: • Basic Idea: AES takes a block of plaintext (unencrypted text) and transforms it into ciphertext (encrypted text) using a secret key. This makes it unreadable to anyone who doesn't have the key. • Key Size: AES supports three different key sizes: 128-bit, 192-bit, and 256-bit. The larger the key size, the more secure the encryption, because it makes it harder for attackers to guess the key. • Substitution-Permutation Network: AES operates through a series of steps called a Substitution-Permutation Network (SPN). In simple terms, it shuffles and substitutes bits of data in a precise way, making it very difficult to reverse-engineer without the key. • Rounds: AES processes data in multiple rounds, with each round consisting of several steps, including substitution, permutation, and mixing of data. The number of rounds depends on the key size: 10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys. • Confusion and Diffusion: AES achieves security through two main principles: confusion and diffusion. Confusion means that even a small change in the key should produce a significantly different ciphertext. Diffusion means that each bit of the plaintext affects many bits of the ciphertext, spreading out the influence of each bit. • Security: AES has been extensively studied and tested by cryptographers, and it's considered highly secure when used with a strong key. However, like any encryption algorithm, its security ultimately depends on the strength of the key and how well it's implemented. AES is a powerful and widely trusted encryption standard that helps keep sensitive information safe from unauthorized access.
Advanced Encryption Standard (AES Algorithm) • The Advanced Encryption Standard (AES) was published by the National Institute of Standards and Technology (NIST) in 2001. • AES is a symmetric block cipher that is intended to replace DES. The features of AES are as follows − • Symmetric key symmetric block cipher • 128-bit data, 128/192/256-bit keys • Stronger and faster than Triple-DES • Provide full specification and design details • Software implementable in C and Java • AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). • Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix. • Unlike DES, the number of rounds in AES is variable and depends on the length of the key. • AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key.
AES structure
ROUNDS • Unlike DES, the number of rounds in AES is variable and depends on the length of the keyAES uses • 10 rounds for 128-bit keys, • 12 rounds for 192-bit keys and • 14 rounds for 256-bit keys. • Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key.
AES Transformations: There are four transformation functions used in AES Cipher at each round. • Substitute Bytes Transformation • ShiftRows Transformation • MixColumns Transformation • AddRoundKey Transformation
Byte Substitution (SubBytes) The 16 input bytes are substituted by values as specified in a table (S-box) given in design. Each input byte of State is mapped into a new byte in the following way:The leftmost 4 bits of the byte are used as a row value(in hexadecimal form) and the rightmost 4 bits are used as a column value(in hexadecimal form) in S-boxtable. For example, the hexadecimal value {95} references row 9, column 5 of the S-box, which contains the value {2A}. Accordingly, the value {95} is mapped into the value {2A}.
RC CNS unit 2.pptx types of algorithms in cns
• ShiftRows Transformation: In this transformation bytes are permuted(shifted). – In the Encryption, the tranformation is called Shiftrows and the shifting is to the left. – The number of shifts depends on the row number(0,1,2,or 3) of the state matrix as shown below:
RC CNS unit 2.pptx types of algorithms in cns
• The following is an example of ShiftRows. The inverse shift row transformation, called InvShiftRows, performs the circular shifts in the opposite direction for each of the last three rows, with a 1-byte circular right shift for the second row, and so on.
MixColumns Transformation: • Mixing is the transformaton that changes bits inside byte. • This operation takes 4 bytes(a column) and by multiplying it with a constant matrix then mixes them that produces new bytes. • MixColumn: operates on each column individually. Each byte of a column is mapped into a new value. • It takes a column from state and multiply it with a constant square matrix. • The byte values are represented as polynomials with coefficients in GF(2) and mulitplications are done in GF(28 )
Constant matrices for multiplications:
AddRoundKey Transformation: To make the ciphertext more secrete, we add cipher key to the data in a state. AddRoundKey is same as to MixColumns but performs addition operation instead of multiplication. The following is an example of AddRoundKey: The first matrix is State, and the second matrix is the round key.
ANALYSIS OF AES Security • AES was designed after DES. Most of the known attacks on DES were already tested on AES. • Brute-Force Attack • AES is definitely more secure than DES due to the larger-size key. • Statistical Attacks • Numerous tests have failed to do statistical analysis of the ciphertext. • Differential and Linear Attacks • There are no differential and linear attacks on AES as yet. Implementation • AES can be implemented in software, hardware, and firmware. The implementation can use table lookup process or routines that use a well- defined algebraic structure. Simplicity and Cost • The algorithms used in AES are so simple that they can be easily implemented using cheap processors and a minimum amount of memory.
RC CNS unit 2.pptx types of algorithms in cns
RC CNS unit 2.pptx types of algorithms in cns

More Related Content

PPT
crypto_1vdgfhhhggggjjgghghghgggghhhhhfhhhhhhjhvcgghcghggg
sultanahimed3
 
PDF
Computer security module 1
Deepak John
 
PDF
Cryptography
Hardik Sondagar
 
PPT
Chap4
nathanurag
 
PPTX
Cryptography and its types and Number Theory .pptx
GoharCh3
 
PDF
internal assement 3
Saturnin Pugnet
 
PDF
doc6.pdf
aminasouyah
 
PDF
lecture5.pdf
aminasouyah
 
crypto_1vdgfhhhggggjjgghghghgggghhhhhfhhhhhhjhvcgghcghggg
sultanahimed3
 
Computer security module 1
Deepak John
 
Cryptography
Hardik Sondagar
 
Chap4
nathanurag
 
Cryptography and its types and Number Theory .pptx
GoharCh3
 
internal assement 3
Saturnin Pugnet
 
doc6.pdf
aminasouyah
 
lecture5.pdf
aminasouyah
 

Similar to RC CNS unit 2.pptx types of algorithms in cns (20)

PDF
sheet6.pdf
aminasouyah
 
PDF
paper6.pdf
aminasouyah
 
PDF
Alex WANG - What is the most effective cryptosystem for public-key encryption?
AlexWang212277
 
PPT
11848 ch04
Debanjan Bhattacharya
 
PPT
11848 ch04(1)
Debanjan Bhattacharya
 
PPT
11848 ch04(1) (1)
Debanjan Bhattacharya
 
PPT
Diffiehellman
chenlahero
 
PPT
ch04_crypotography_william_stallings slides
surajpatil0480
 
PDF
ECC vs RSA: Battle of the Crypto-Ninjas
James McGivern
 
PPT
ch04 cryptography1cryptography1cryptography1
kavyams22
 
PPT
1 Cryptography Introduction_shared.ppt
ssuser0cd7c9
 
PPTX
RC CNS UNIT I.pptx introduction to cnstopics
swethajosephsastry
 
DOCX
Cryptology and Mathematics
butest
 
PDF
27-Equivalent under modulo-27-Oct-2020Material_I_27-Oct-2020_Cryptography_.pdf
Mohamedshabana38
 
PDF
Edward Schaefer
Information Security Awareness Group
 
PDF
Introduction to Network security and privacy
MyilvahananJothivel
 
PDF
Basic galois field arithmatics required for error control codes
Madhumita Tamhane
 
PDF
Ci25500508
IJERA Editor
 
DOCX
There are two types of ciphers - Block and Stream. Block is used to .docx
relaine1
 
PPT
traditional cliphers 7-11-12.ppt
MikialeTesfamariam
 
sheet6.pdf
aminasouyah
 
paper6.pdf
aminasouyah
 
Alex WANG - What is the most effective cryptosystem for public-key encryption?
AlexWang212277
 
11848 ch04
Debanjan Bhattacharya
 
11848 ch04(1)
Debanjan Bhattacharya
 
11848 ch04(1) (1)
Debanjan Bhattacharya
 
Diffiehellman
chenlahero
 
ch04_crypotography_william_stallings slides
surajpatil0480
 
ECC vs RSA: Battle of the Crypto-Ninjas
James McGivern
 
ch04 cryptography1cryptography1cryptography1
kavyams22
 
1 Cryptography Introduction_shared.ppt
ssuser0cd7c9
 
RC CNS UNIT I.pptx introduction to cnstopics
swethajosephsastry
 
Cryptology and Mathematics
butest
 
27-Equivalent under modulo-27-Oct-2020Material_I_27-Oct-2020_Cryptography_.pdf
Mohamedshabana38
 
Edward Schaefer
Information Security Awareness Group
 
Introduction to Network security and privacy
MyilvahananJothivel
 
Basic galois field arithmatics required for error control codes
Madhumita Tamhane
 
Ci25500508
IJERA Editor
 
There are two types of ciphers - Block and Stream. Block is used to .docx
relaine1
 
traditional cliphers 7-11-12.ppt
MikialeTesfamariam
 
Ad

Recently uploaded (20)

PDF
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
PPTX
Radiologic_Anatomy_of_the_Brachial_plexus [final].pptx
atiaruhi95
 
PDF
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
PDF
SOIL: Factor, Horizon, Process, Classification, Degradation, Conservation
Sipra Biswas
 
PDF
1_English_Language_Set_2.pdf probationary
emailjagmeetsingh9
 
PDF
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
PPTX
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
PPTX
Introduction to Building Materials
Mrunali Vasava
 
PPTX
Digestion and Absorption of Carbohydrates, Proteina and Fats
rekhapositivity
 
PDF
Trump Administration's workforce development strategy
Mebane Rash
 
PDF
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
PPTX
Unit 4 Skeletal System.ppt.pptxopresentatiom
umair817123
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PPTX
Orientation - ARALprogram of Deped to the Parents.pptx
JeromeTamayoSantiago1
 
PDF
Practical Manual AGRO-233 Principles and Practices of Natural Farming
MilindKhedekar2
 
PDF
advance database management system book.pdf
hinamannan364
 
PPTX
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
ChatGPT for Dummies - Pam Baker Ccesa007.pdf
Demetrio Ccesa Rayme
 
PDF
RMMM.pdf make it easy to upload and study
sajedul2
 
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
Radiologic_Anatomy_of_the_Brachial_plexus [final].pptx
atiaruhi95
 
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
SOIL: Factor, Horizon, Process, Classification, Degradation, Conservation
Sipra Biswas
 
1_English_Language_Set_2.pdf probationary
emailjagmeetsingh9
 
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
Introduction to Building Materials
Mrunali Vasava
 
Digestion and Absorption of Carbohydrates, Proteina and Fats
rekhapositivity
 
Trump Administration's workforce development strategy
Mebane Rash
 
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
Unit 4 Skeletal System.ppt.pptxopresentatiom
umair817123
 
Classroom Observation Tools for Teachers
Nicaramirez
 
Orientation - ARALprogram of Deped to the Parents.pptx
JeromeTamayoSantiago1
 
Practical Manual AGRO-233 Principles and Practices of Natural Farming
MilindKhedekar2
 
advance database management system book.pdf
hinamannan364
 
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
ChatGPT for Dummies - Pam Baker Ccesa007.pdf
Demetrio Ccesa Rayme
 
RMMM.pdf make it easy to upload and study
sajedul2
 
Ad

RC CNS unit 2.pptx types of algorithms in cns

  • 1. UNIT -II Symmetric Encryption Mathematics of Symmetric Key Cryptography, Introduction to Modern Symmetric Key Ciphers, Data Encryption Standard, Advanced Encryption Standard.
  • 2. Unit -2 Cryptography : Cryptography is a technique of securing information and communications through use of codes. Thus preventing unauthorized access to information. The prefix “crypt” means “hidden” and suffix graph means “writing”. Cryptography Types Symmetric Key Cryptography: The sender and receiver of message use a single common key to encrypt and decrypt messages. Asymmetric Key Cryptography: A pair of keys is used to encrypt and decrypt information. A public key is used for encryption and a private key is used for decryption. Even if the public key y is known by everyone the intended receiver can only decode it because he alone knows the private key. Hash Functions: There is no usage of any key in this algorithm. A hash value with fixed length is calculated as per the plain text which makes it impossible for contents of plain text to be recovered..
  • 3. Mathematics of Symmetric Key Cryptography Algebraic Structures: • Cryptography requires set of integers and specific operations that are defined for those sets. The combination of the set and the operations that are applied to the elements of the set is called an algebraic structure.
  • 4. Group • A group (G) is indicated by {G, }. It is a group of elements with a binary ∙ operation that satisfies four properties. The properties of Group are ′ ∙ ′ as follows − • Closure − If a and b are elements of G, therefore c = a b is also an ∙ element of set G. This can define that the result of using the operations on any two elements in the set is another element in the set. • Associativity − If a, b, and c are element of G, therefore (a b) c = a (b ∙ ∙ ∙ c), means it does not substance in which order it can use the ∙ operations on higher than two elements. • Identity − For all a in G, there occur an element e in G including e a = a ∙ e = a. ∙ • Inverse − For each a in G, there occur an element a’ known as the inverse of a such that a a = a a = e. ∙ ′ ′ ∙ • A group is an abelian group if it satisfies the following four properties more one additional property of commutativity. • Commutativity − For all a and b in G, we have a b = b a. ∙ ∙
  • 5. Ring • A ring R is indicated by {R, +, x}. It is a set of elements with two binary operations, known as addition and multiplication including for all a, b, c in R the following axioms are kept − • R is an abelian group regarding addition that is R satisfies properties A1 through A5. In the method of additive group, it indicates the identity element as 0 and the inverse of a as − a. • (M1): Closure under multiplication − If and b belong to R, then ab is also in R. • (M2): Associativity of Multiplication − a(bc)=(ab)c for all a, b, c in R. • (M3): Distributive Laws − • a(b+c)=ab + ac for all a, b, c in R • (a+b)c=ac+bc for all a, b, c in R • (M4): Commutative of Multiplication − ab=ba for all a, b in R. • (M5): Multiplicative identity − There is an element 1 in R including a1=1a for all a in R. • (M6): No zero divisors − If a, b in R and ab = 0, therefore a = 0 or b = 0.
  • 6. Field • A field F is indicated by {F, +, x}. It is a set of elements with two binary operations known as addition and multiplication, including for all a, b, c in F the following axioms are kept − • F1 is an integer domain that is F satisfies axioms A1 through A5 and M1 through M6. • (M7): Multiplication inverse − For each a in F, except 0, there is an element a−1 in F such that aa−1 = (a−1 )a=1.
  • 7. Informal Definitions • A GROUP is a set in which you can perform one operation (usually addition or multiplication mod n for us) with some nice properties. • Groups have properties which are useful for many cryptographic operations • A RING is a set equipped with two operations, called addition and multiplication. A RING is a GROUP under addition and satisfies some of the properties of a group for multiplication. • A FIELD is a GROUP under both addition and multiplication.
  • 8. Comparison of Group, Ring and Field:
  • 9. Symmetric Key Cipher • The sender and receiver of message use a single common key to encrypt and decrypt messages.
  • 10. If P is the plaintext, C is the ciphertext, and K is the key, • We assume that Bob creates P1; we prove that P1 = P: • Figure Locking and unlocking with the same key
  • 11. • Kerckhoff’s Principle Based on Kerckhoff’s principle, one should always assume that the adversary, Eve, knows the encryption/decryption algorithm. The resistance of the cipher to attack must be based only on the secrecy of the key • Cryptanalysis As cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of breaking those codes
  • 13. • Cipher text-Only Attack Figure Ciphertext-only attack In Ciphertext-Only Attack , the attacker knows only some cipher text. He try to find corresponding key and plain text using various methods. Brute-Force attack: Attacker tries all possible keys. We assume that he knows key domain Statistical attack: The cryptanalyst can benefit from some inherent charactersistics of the plain text language to perform statistical attack. Example: Letter E is most frequently used character in English.
  • 14. • Chosen-Plaintext Attack Figure Chosen-plaintext attack This is similar to known-plaintext attack, but plaintext/cipher text pairs have been choosen by the attacker . This can happen when attacker has access to Alice computer. She can choose some plaintext and interpret ciphertext.
  • 15. • Known-Plaintext Attack • Figure Known-plaintext attack In this attack, he know some cipher text and plain text pairs that were sent previously by Alice to Bob. Attacker has kept both cipher text and plain text to use them to break the next secrete message.
  • 16. • Chosen-Ciphertext Attack Figure Chosen-Ciphertext attack This is similar to Chosen Plaintext attack except eve chooses some ciphertext and decrypt it to from a cipher/plain text pairs. This can happen when Eve has access to Bob computer.
  • 17. Categories of Traditional Ciphers – SUBSTITUTION CIPHERS • A substitution cipher replaces one character with another – TRANSPOSITION CIPHERS • A Transposition cipher reorders symbols
  • 18. SUBSTITUTION CIPHERS • A substitution cipher replaces one symbol with another. Substitution ciphers can be categorized as either monoalphabetic ciphers or polyalphabetic ciphers. • A substitution cipher replaces one symbol with another. Note: A substitution cipher replaces one symbol with another. Monoalphabetic Ciphers: In monoalphabetic substitution, the relationship between a symbol in the plaintext to a symbol in the ciphertext is always one-to-one.
  • 19. Example 1 • The following shows a plaintext and its corresponding ciphertext. The cipher is probably • monoalphabetic because both l’s (els) are encrypted as O’s. Example 2 • The following shows a plaintext and its corresponding ciphertext. The cipher is not monoalphabetic because each l (el) is encrypted by a different character. The first l (el) is encrypted with N;the second as Z
  • 20. Additive Cipher The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes called a shift cipher and sometimes a Caesar cipher, but the term additive cipher better reveals its mathematical nature. Figure Plaintext and ciphertext in Z26
  • 21. When the cipher is additive, the plaintext, ciphertext, and key are integers in Z 26. Example: Use the additive cipher with key = 15 to encrypt the message “hello”. Solution We apply the encryption algorithm to the plaintext, character by character:
  • 22. Example: Use the additive cipher with key = 15 to decrypt the message “WTAAD”. Solution We apply the decryption algorithm to the plaintext character by character:
  • 24. Caesar cipher • Here is an example of how to use the Caesar cipher to encrypt the message “HELLO” with a shift of 3: • Write down the plaintext message: HELLO • Choose a shift value. In this case, we will use a shift of 3. • Replace each letter in the plaintext message with the letter that is three positions to the right in the alphabet. • H becomes K (shift 3 from H) • E becomes H (shift 3 from E) • L becomes O (shift 3 from L) • L becomes O (shift 3 from L) • O becomes R (shift 3 from O)
  • 25. • Hiding some data is known as encryption. When plain text is encrypted it becomes unreadable and is known as ciphertext. In a Substitution cipher, any character of plain text from the given fixed set of characters is substituted by some other character from the same set depending on a key. For example with a shift of 1, A would be replaced by B, B would become C, and so on.
  • 26. • Finite Fields: • A finite field, a field with a finite number of elements. The finite fields are usually called Galois fields and denoted as GF(pn ). • Note: A Galois field, GF(pn ), is a finite field with pn elements where p is prime. • GF(p) Fields: When n=1, we have GF(p) field. T is field can be the set Z, (0,1,2,p-1), with two operations addition and multiplication. Each element has an additive inverse and that nonzero elements have a multiplicative inverse for prime p. • Example for GF(p) Field: A very common field in this category is GF(2) with the set {0,1} and two operations addition and multiplication a shown below:
  • 27. NOTE: Addition is same as to XOR and multiplication is AND operation
  • 28. • GF(2n ) Fields:- • GF(2n ) is a Finite Field with 2n elements. The elements in this set are n-bit words. For example, if n = 3, the set is: { 000, 001, 010, 011, 100, 101, 110, 111 } • Example: if n = 2, then GF(22 ) field in which the set has four 2-bit words: • { 00, 01, 10, 11 }.
  • 29. Why GF(2n )? • Generally computer stores positive integers as n-bit words, can be 8-bit, 16-bit, 32-bit, 64-bit. This means that range of words(integers) is 0 to 2n -1. So, the modulus is 2n • We have two choices if we use a field structure 1) using GF(p) or GF(2 n ) • If we use GF(p) with the set Zp, where p is the largest prime number less than 2n . This is ineffiecient, if we use integers from p to2n -1. • If n=3, the largest prime less than 23 is 7. This means that we can not use integer 7,8. • If we GF(2n ) with the set 2n elements. The elements in this set are n-bit words. Example: If n=3, , the set is {000,001,010,011,100,101,110,111}
  • 30. Polynomials • The data is shown as n-bit words in the computers that satisfy the properties in GF(2n ) . These n-bit words are easily represented by Polynomial of degree n-1. • A polynomial of degree n-1 is an expression of the form: Where xi is called the ith term and ai is called coefficient of the ith term.
  • 32. Note: Polynomials representing n-bit words use two fields: GF(2) for Coefficients and GF(2n ) for terms.
  • 33. Modulus: • Addition of two polynomials never creates a polynomial out of the set. Multiplication of two polynomials may create a polynomial with degrees more than n-1. This means that we need to divide the result by a modulus and keep only the remainder. • A Prime Polynomial cannot be factored into a polynomial with degree of less than n. Such polynomials are referred to as Irreducible polynomials.
  • 35. Operations on Polynomials: Addition: • Addition and Subtraction operations on polynomials are the same operation. • The addition operation for polynomials with coefficient in GF(2) is add the coefficients of the corresponding term in GF(2). • Adding two polynomials of degree n-1 always create a polynomial with degree n-1, which means that we do not need to reduce the result using the modulus. • Additive Identity: The additive identity in a polynomial is a zero polynomial ( a polynomial with all coefficients set to zero). • Additive inverse: The additive inverse of a polynomial with coefficients in GF(2) is the polynomial itself. This means that the subtraction operation is the same as the addition operation.
  • 36. • Shift Cipher and Caesar Cipher Historically, additive ciphers are called shift ciphers. Julius Caesar used an additive cipher to communicate with his officers. For this reason, additive ciphers are sometimes referred to as the Caesar cipher. Caesar used a key of 3 for his communications. • Additive ciphers are sometimes referred to as shift ciphers or Caesar cipher
  • 37. • Example1: What is the key domain for any multiplicative cipher? • Solution: The key needs to be in Z26*. This set has only 12 members: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25. • Example2 : We use a multiplicative cipher to encrypt the message “hello” with a key of 7. The ciphertext is “XCZZU”.
  • 38. • Affine Ciphers: Combine additve and multiplicative Ciphers • Example1: The affine cipher uses a pair of keys in which the first key is from Z26* and the second is from Z26. • The size of the key domain is 26 × 12 = 312. • Example2: Use an affine cipher to encrypt the message “hello” with the key pair (7, 2).
  • 40. • Monoalphabetic Substitution Cipher • Because additive, multiplicative, and affine ciphers have small key domains, they are very vulnerable to brute-force attack. • A better solution is to create a mapping between each plaintext character and the corresponding ciphertext character. Alice and Bob can agree on a table showing the mapping for each character. • Figure An example key for monoalphabetic substitution cipher
  • 41. • We can use the key in Figure to encrypt the message The cipher text is
  • 42. • Polyalphabetic Ciphers • In polyalphabetic substitution, each occurrence of a character may have a different substitute. The relationship between a character in the plaintext to a character in the ciphertext is one-to-many. • Example ‘a’ can be enciphered as ‘D’ in the beginning of the text, but as ‘N’ at the middle. • Polyalphabetic has advantage of hiding the letter frequency
  • 43. • Example: Autokey Cipher Example: Assume that Alice and Bob agreed to use an autokey cipher with initial key value k1 = 12. Now Alice wants to send Bob the message “Attack is today”. Enciphering is done character
  • 44. • TRANSPOSITION CIPHERS • A transposition cipher does not substitute one symbol for another, instead it changes the location of the symbols. A symbol in the first position may appaer in the tenth position of the cipher. A symbol in the eighth position may appear in the first osition of the cipher. • Note: A transposition cipher reorders symbols • Keyless Transposition Ciphers • Simple transposition ciphers, which were used in the past, are keyless. • Example 1: • A good example of a keyless cipher using the first method is the rail fence cipher. The ciphertext is created reading the pattern row by row. For example, to send the message “ Meet me at the park” to Bob, Alice writes
  • 45. She then creates the ciphertext “MEMATEAKETETHPR”.
  • 46. Example 2: • Alice and Bob can agree on the number of columns and use the second method. Alice writes the same plaintext, row by row, in a table of four columns She then creates the ciphertext “MMTAEEHREAEKTTP” by transmitting the characters column by column. Bob receives the cipher text and follows the reverse process to get plain text
  • 47. • The cipher in previous example is actually a transposition cipher. The following shows the permutation of each character in the plaintext into the ciphertext based on the positions. The second character in the plaintext has moved to the fifth position in the ciphertext; the third character has moved to the ninth position; and so on.Although the characters are permuted, there is a pattern in the permutation: (01, 05, 09, 13), (02, 06, 10, 13), (03, 07, 11, 15), and (4, 8, 12). In each section, the difference between the two adjacent numbers is 4.
  • 48. • Keyed Transposition Ciphers • The keyless ciphers permute the characters by using writing plaintext in one way and reading it in another way The permutation is done on the whole plaintext to create the whole ciphertext. • Another method is to divide the plaintext into groups of predetermined size, called blocks, and then use a key to permute the characters in each block separately. • Example Alice needs to send the message “Enemy attacks tonight” to Bob..
  • 49. • The key used for encryption and decryption is a permutation key, which shows how the character are permuted The permutation yields
  • 50. • Combining Two Approaches for better result • Encryption or decryption is done in 3 steps: • Text is written into row by row • Permutation is done by reordering columns • New table is read column by column
  • 52. Stream Ciphers and Block Ciphers Stream Ciphers : A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream ciphers are the auto keyed Vigenère cipher and the Vernam cipher.
  • 53. Block Ciphers • A block cipher is one in which a block of plaintext is treated as a whole and used to produce a cipher text block of equal length. • A block size of 64 or 128 bits is used.
  • 54. Modern Block Ciphers A symmetric-key modern block cipher encrypts an n-bit block of plaintext or decrypts an n-bit block of cipher text. The encryption or decryption algorithm uses a k-bit key. The Decryption algorithm must be the inverse of the encryption algorithm and must use the same secrete key.
  • 55. • Components of a Modern Block Cipher Modern block ciphers normally are keyed substitution ciphers in which the key allows only partial mappings from the possible inputs to the possible outputs. It uses P-Boxes,S-Boxes.
  • 56. P-Boxes • P-Boxes(also called as D-Box means Diffusion box) • A P-box (permutation box) parallels the traditional transposition cipher for characters. It transposes bits. Three types of P boxes
  • 57. Example • Figure shows all 6 possible mappings of a 3 × 3 P-box.
  • 58. • Straight P-Boxes • TableExample of a permutation table for a straight P-box(64x64) At output of P-Box: • Input 58 goes to 1st position, input 50 goes to 2nd position, input 42 to 3rd position,….
  • 59. Product Ciphers • Shannon introduced the concept of a product cipher. A product cipher is a complex cipher combining substitution, permutation, and other components . • Combination of S-box and P-box transformation—a product cipher. Two classes of product ciphers: • Feistel ciphers, Example DES(data encryption standard) • Non-feistel Ciphers, Example AES(Advanced Encryption system)
  • 60. Diffusion • The idea of diffusion is to hide the relationship between the cipher text and the plain text. Confusion • The idea of confusion is to hide the relationship between the cipher text and the key. Rounds • Diffusion and confusion can be achieved using iterated product ciphers where each iteration is a combination of S-boxes, P-boxes, and other components.
  • 62. Feistel Cipher Structure: • Feistel Cipher is not a specific scheme of block cipher. It is a design model from which many different block ciphers are derived. • DES is just one example of a Feistel Cipher. • A cryptographic system based on Feistel cipher structure uses the same algorithm for both encryption and decryption. • The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half. • In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes through an operation that depends on R and the encryption key. First, we apply an encrypting function ‘f’ that takes two input − the key K and R. The function produces the output f(R,K). Then, we XOR the output of the mathematical function with L
  • 65. Block Cipher Design Principles • Block size: Larger block sizes mean greater security (all other things being equal) but reduced encryption/decryption speed for a given algorithm. The greater security is achieved by greater diffusion. Key size: Larger key size means greater security but may decrease encryption/ decryption speed. The greater security is achieved by greater resistance to brute-force attacks and greater confusion • Number of rounds: The essence of the Feistel cipher is that a single round offers inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds. • Subkey generation algorithm: Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis. • Round function F: Again, greater complexity generally means greater resistance to cryptanalysis. Diffusion And Confusion:- The terms diffusion and confusion were introduced by Claude Shannon to capture the two basic building blocks (Plain Text & Cipher Text) for any cryptographic system.
  • 66. Data Encryption Standard (DES) • The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) in 1997. • DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64 -bit. key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only).
  • 68. • DES Symmetric key Block Cipher algorithm. DES follows Feistel cipher structure. • Plain Text Block Size : 64 • Bits Cipher Text Size :64 Bits • Master Key Size : 64 / 56 • Bits No. Of Rounds 16 • Round Key / Subkey Size: 48 Bits.
  • 69. Initial Permutation & Inverse Initial Permutation The initial permutation and its inverse are defined by tables, as shown in Tables. The tables are to be interpreted as follows. • The input to a table consists of 64 bits numbered from 1 to 64. • The 64 entries in the permutation table contain a permutation of the numbers from 1 to 64. • Each entry in the permutation table indicates the position of a numbered input bit in the output, which also consists of 64 bits. • The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of each other. Note: Initial Permutation & Inverse Initial Permutations have no cryptography significance in DES.
  • 72. In output At 1st place 58 At 2nd place 50 At 3rd place 42 .
  • 73. • In output • At 1st place 40 • At 2nd place 8 • At 3rd place 48 ..
  • 74. Rounds • The left and right halves of each 64- bit intermediate value are treated as separate 32-bit quantities, labeled L (left) and R (right). • As in any classic Feistel cipher, the overall processing at each round can be summarized in the following formulas: • The round key Ki is 48 bits. The R input is 32 bits. This R input is first expanded to 48 bits by using a table that defines a permutation plus an expansion that involves duplication of 16 of the R bits. • The resulting 48 bits are XORed with Ki. This 48-bit result passes through a substitution function that produces a 32-bit output, which is permuted as defined by Table. • The role of the S-boxes in the function F is illustrated in Figure 3.7.The substitution consists of a set of eight S-boxes, each of which accepts 6 bits as input and produces 4 bits as output. These transformations are defined in Table 3.3, which is interpreted as follows: The first and last bits of the input to box Si form a 2-bit binary number to select one of four substitutions defined by the four rows in the table for Si. The middle four bits select one of the sixteen columns. The decimal value in the cell selected by the row and column is then converted to its 4-bit representation to produce the output. For example, in S1, for input 011001, the row is 01 (row 1) and the column is 1100 (column 12). The value in row 1, column 12 is 9, so the output is 1001.
  • 78. • P-Boxes • P-Boxes(also called ad D-Box means Diffusion box) • A P-box (permutation box) parallels the traditional transposition cipher for characters. It transposes bits. Three types of P-boxes
  • 79. DES Weaknesses Analysis • Weakness in Cipher Design: • It is not clear why the designers of DES used the initial and final permutations; these have no security benefits. • In the expansion permutation, the first and fourth bits of every 4-bit series are repeated. • Weakness in Cipher Key: • o DES Key size is 56 bits. To do Brute force attack on a given ciphertext block, the adversary needs to check 256 keys. • With available technology it is possible to check 1 million keys per second •
  • 80. • The Data Encryption Standard (DES) is an older encryption algorithm that was widely used in the past but has since been replaced by more secure algorithms like AES. Here's a simple explanation of how DES works: • Basic Idea: DES takes a block of plaintext (unencrypted text) and transforms it into ciphertext (encrypted text) using a secret key. This process makes it difficult for unauthorized users to understand the original message. • Block Cipher: DES operates on blocks of data, typically 64 bits in size. If the input message is not a multiple of 64 bits, padding is used to make it fit. • Key Size: DES uses a 56-bit key. This key is used both for encryption and decryption. However, due to advances in computing power, a 56-bit key is now considered relatively insecure. • Substitution-Permutation Network (SPN): Similar to AES, DES uses a series of rounds called a Substitution-Permutation Network. Each round involves substituting and permuting bits of the data according to the key. • Rounds: DES performs 16 rounds of encryption, with each round using a different subkey derived from the main encryption key. • Confusion and Diffusion: Like AES, DES relies on confusion (making the relationship between the plaintext and ciphertext complex) and diffusion (spreading the influence of each plaintext bit across many ciphertext bits) to enhance security. • Security: While DES was once considered secure, advances in computing power have made it vulnerable to brute-force attacks. Today, it's generally recommended to use stronger encryption algorithms like AES with longer key lengths. • In summary, DES is an older encryption standard that transforms plaintext into ciphertext using a 56-bit key and a series of rounds. While it was widely used in the past, it's now considered relatively insecure compared to modern encryption standards.
  • 82. • Triple – DES • Triple DES was developed in 1999 by IBM – by a team led by Walter Tuchman. DES prevents a meet-in- the-middle attack. 3- DES has a 168-bit key and enciphers blocks of 64 bits. • 3-DES with 2 Keys:
  • 85. • The encryption-decryption process is as follows − • Encrypt the plaintext blocks using single DES with key K1. Now decrypt the output of step 1 using single DES with key K2. • Finally, encrypt the output of step 2 using single DES with key K3. The output of step 3 is the ciphertext. • Decryption of a ciphertext is a reverse process. User first decrypt using K3, then encrypt with K2, and finally decrypt with K1
  • 87. • Advanced Encryption Standard (AES) is a widely used encryption algorithm that helps keep information secure when it's being transmitted or stored. Here's a simple explanation of how it works: • Basic Idea: AES takes a block of plaintext (unencrypted text) and transforms it into ciphertext (encrypted text) using a secret key. This makes it unreadable to anyone who doesn't have the key. • Key Size: AES supports three different key sizes: 128-bit, 192-bit, and 256-bit. The larger the key size, the more secure the encryption, because it makes it harder for attackers to guess the key. • Substitution-Permutation Network: AES operates through a series of steps called a Substitution-Permutation Network (SPN). In simple terms, it shuffles and substitutes bits of data in a precise way, making it very difficult to reverse-engineer without the key. • Rounds: AES processes data in multiple rounds, with each round consisting of several steps, including substitution, permutation, and mixing of data. The number of rounds depends on the key size: 10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys. • Confusion and Diffusion: AES achieves security through two main principles: confusion and diffusion. Confusion means that even a small change in the key should produce a significantly different ciphertext. Diffusion means that each bit of the plaintext affects many bits of the ciphertext, spreading out the influence of each bit. • Security: AES has been extensively studied and tested by cryptographers, and it's considered highly secure when used with a strong key. However, like any encryption algorithm, its security ultimately depends on the strength of the key and how well it's implemented. AES is a powerful and widely trusted encryption standard that helps keep sensitive information safe from unauthorized access.
  • 88. Advanced Encryption Standard (AES Algorithm) • The Advanced Encryption Standard (AES) was published by the National Institute of Standards and Technology (NIST) in 2001. • AES is a symmetric block cipher that is intended to replace DES. The features of AES are as follows − • Symmetric key symmetric block cipher • 128-bit data, 128/192/256-bit keys • Stronger and faster than Triple-DES • Provide full specification and design details • Software implementable in C and Java • AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). • Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix. • Unlike DES, the number of rounds in AES is variable and depends on the length of the key. • AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key.
  • 90. ROUNDS • Unlike DES, the number of rounds in AES is variable and depends on the length of the keyAES uses • 10 rounds for 128-bit keys, • 12 rounds for 192-bit keys and • 14 rounds for 256-bit keys. • Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key.
  • 91. AES Transformations: There are four transformation functions used in AES Cipher at each round. • Substitute Bytes Transformation • ShiftRows Transformation • MixColumns Transformation • AddRoundKey Transformation
  • 92. Byte Substitution (SubBytes) The 16 input bytes are substituted by values as specified in a table (S-box) given in design. Each input byte of State is mapped into a new byte in the following way:The leftmost 4 bits of the byte are used as a row value(in hexadecimal form) and the rightmost 4 bits are used as a column value(in hexadecimal form) in S-boxtable. For example, the hexadecimal value {95} references row 9, column 5 of the S-box, which contains the value {2A}. Accordingly, the value {95} is mapped into the value {2A}.
  • 94. • ShiftRows Transformation: In this transformation bytes are permuted(shifted). – In the Encryption, the tranformation is called Shiftrows and the shifting is to the left. – The number of shifts depends on the row number(0,1,2,or 3) of the state matrix as shown below:
  • 96. • The following is an example of ShiftRows. The inverse shift row transformation, called InvShiftRows, performs the circular shifts in the opposite direction for each of the last three rows, with a 1-byte circular right shift for the second row, and so on.
  • 97. MixColumns Transformation: • Mixing is the transformaton that changes bits inside byte. • This operation takes 4 bytes(a column) and by multiplying it with a constant matrix then mixes them that produces new bytes. • MixColumn: operates on each column individually. Each byte of a column is mapped into a new value. • It takes a column from state and multiply it with a constant square matrix. • The byte values are represented as polynomials with coefficients in GF(2) and mulitplications are done in GF(28 )
  • 98. Constant matrices for multiplications:
  • 99. AddRoundKey Transformation: To make the ciphertext more secrete, we add cipher key to the data in a state. AddRoundKey is same as to MixColumns but performs addition operation instead of multiplication. The following is an example of AddRoundKey: The first matrix is State, and the second matrix is the round key.
  • 100. ANALYSIS OF AES Security • AES was designed after DES. Most of the known attacks on DES were already tested on AES. • Brute-Force Attack • AES is definitely more secure than DES due to the larger-size key. • Statistical Attacks • Numerous tests have failed to do statistical analysis of the ciphertext. • Differential and Linear Attacks • There are no differential and linear attacks on AES as yet. Implementation • AES can be implemented in software, hardware, and firmware. The implementation can use table lookup process or routines that use a well- defined algebraic structure. Simplicity and Cost • The algorithms used in AES are so simple that they can be easily implemented using cheap processors and a minimum amount of memory.