Administration Computer Security CS477 Final project http euclid barry edu chchuan cs477 cs 477 html Lecture 3 Ching Hua Chuan September 3th 2008 Last Class Symmetric Encryption Principles Chap 2 1 Ingredients requirements a simplified model Cryptography Today s Outline Symmetric Block Encryption Algorithms Chap 2 2 Data Encryption Standard DES Triple DES Advanced Encryption Standard AES Classification Cryptanalysis Type of attacks definition of secure Feistel Cipher Structure Structure parameters Block Ciphers The most commonly used symmetric encryption algorithms Processes the plaintext input in fixedsized blocks and produces a block of ciphertext of equal size Three most important symmetric block ciphers DES triple DES 3DES and AES Data Encryption Standard DES plaintext The most widely used encryption scheme is based on DES Data Encryption Standard DES is adopted by National Institute of Standards and Technology NIST as an official Federal Information Processing Standard FIPS for the United States in 1977 Designed by IBM first published in 1975 ciphertext Data Encryption Standard DES The plaintext is 64 bits in length longer plaintext amounts are processed in 64 bit blocks The key is 56 bits in length 16 subkeys are generated from the original key for 16 rounds Decryption use ciphertext as input and use keys in reverse order Recall the Feistel Structure The Feistel F Function expansion 48 bits nonlinear replace using a lookup table key mixing XOR 6 bits substitution S boxes fixed permutation P box The figure is obtained from http en wikipedia org wiki Data Encryption Standard Key Schedule Permuted Choice 1 The Strength of DES 56 bits 28 bits circular shift 24 bits The figure is obtained from http en wikipedia org wiki Data Encryption Standard The algorithm so far no fatal weaknesses are found Key length 56 bits 256 7 2 1016 keys 10 hours can break a DES code with 56 bit key 128 bit key is unbreakable by brute force Time to Break a Code 106 decryptions us Triple DES 3DES Triple DES 3DES Use three keys and three executions of the DES algorithm encrypt decrypt encrypt C E K3 D K2 E K1 P C E K3 D K2 E K1 P C ciphertext P plaintext E K X encryption of X using key K D K Y decryption of Y using key K P D K1 E K2 D K3 C The Strength of 3DES The effective key length is 168 bits with 3 distinct keys 3DES has the same resistance to cryptanalysis as DES 168 bit key length makes brute force attacks impossible Advanced Encryption Standard AES Drawbacks with DES and 3DES Slow in software implementation 64 bit block size is too small NIST s call for proposals for AES in 1997 Block length is 128 bits Support key lengths of 128 192 and 256 bits As secure as DES but more efficient Dr Joan Daemen and Dr Vincent Rijmen s algorithm was selected Advanced Encryption Standard AES Advanced Encryption Standard AES Overview of the algorithm Figure 2 5 128 bit key is expanded into 44 32 bit words and 4 words 128 bits serve as a round key Four stages are used in a round Today s Summary Symmetric Block Encryption Algorithms Chap 2 2 Data Encryption Standard DES Key length strength general structure drawbacks Triple DES Key length strength structure drawbacks Advanced Encryption Standard AES Structure stages advantages key length block length Substitute bytes S boxes Shift rows 0100 shift right 0010 Mix columns alters each byte in a column as a function of all of the bytes in the column Add round key bitwise XOR Each stage is easily reversible