Block Ciphers After the DES - PowerPoint PPT Presentation

About This Presentation
Title:

Block Ciphers After the DES

Description:

Block Ciphers After the DES CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk After the DES DES was designed for h/w; slow in s/w. – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 10
Provided by: AliA57
Category:
Tags: des | block | ciphers

less

Transcript and Presenter's Notes

Title: Block Ciphers After the DES


1
Block CiphersAfter the DES
  • CS 470
  • Introduction to Applied Cryptography
  • Instructor Ali Aydin Selcuk

2
After the DES
  • DES was designed for h/w slow in s/w.
  • It was also suspect, due to the secret design
    process
  • By late 80s, need for an independently
    developed, fast-in-s/w cipher was clear.

3
FEAL(Shimizu Miyaguchi, 1987)
  • Idea More complicated f functionbut fast in
    s/wwith fewer rounds hence higher speed.
  • Feistel cipher, originally 4 rounds. (later
    increased to 6, 8, 16, 32)
  • Broken repeatedly
  • 4 rounds with 5 known plaintexts
  • 8 rounds with 12 chosen plaintexts
  • 16 rounds with 228 chosen plaintexts
  • 32 rounds may be adequately secure.

4
IDEA(Lai Massey, 1992)
  • 64-bit block size, 128-bit key
  • 8.5 rounds of
  • ? bitwise XOR
  • addition mod 216
  • ? multpln mod 216 1
  • decryption same as encryption, with inverse
    keys
  • very secure, a bit slow (DES)

5
RC5(Rivest, 1994)
  • Extremely simple flexible
  • Variable block size (w), key size (b), no. of
    rounds (r) specified as RC5-w/r/b.
  • Encryption algorithm
  • L1 L0 K0
  • R1 R0 K1
  • for i 2 to 2r1 do
  • Li Ri-1
  • Ri ((Li-1 ? Ri-1) ltltlt Ri-1) Ki
  • For 64-bit block size (w32), 24 rounds (r12) is
    secure

6
Blowfish(Schneier, 1994)
  • 16-round Feistel cipher with key-dependent,
    large, variable s-boxes
  • variable s-boxes are not fixed targets for
    analysis
  • with large (8x32) s-boxes, chances of a weak
    combination is negligible
  • Simple, very fast f function. (s-box, , ?)
  • x (x1,x2,x3,x4), where each xi is 8-bit.
  • f(x) ((S1(x1) S2(x2)) ? S3(x3)) S4(x4)
  • Slow key schedule.

7
Advanced Encryption Standard (AES)
  • Successful public design process
  • NISTs request for proposals (1997)
  • 15 submissions (1998)
  • 5 finalists (1999)
  • Mars (IBM)
  • RC6 (RSA)
  • Twofish (Schneier et al.)
  • Serpent (Anderson et al.)
  • Rijndael (Daemen Rijmen)
  • Winner Rijndael (2000)

8
Rijndael
  • An SP cipher with algebraically designed s-boxes
    (optimal against LC DC)
  • 128, 192, or 256-bit block size128, 192, or
    256-bit key.
  • 10-14 rounds of
  • ByteSub
  • ShiftRow
  • MixColumn
  • AddRoundKey
  • Decryption is similar to encryption (by design)

9
Rijndael Round Function
  • Input is divided into 8-bit cells organized in 4
    rows.Eg. for 128-bit block size
  • ByteSub Each cell goes through the s-box.
  • ShiftRow Each of the 4 rows is shifted by a
    different amount (diffusion)
  • MixColumn Every column, taken as a 4-entry
    vector over GF(28), is multiplied by a special
    4x4 matrix over GF(28).
  • AddRoundKey All cells are XORed by 8-bit keys.

X1,1 X1,2 X1,3 X1,4
X2,1 X2,2 X2,3 X2,4
X3,1 X3,2 X3,3 X3,4
X4,1 X4,2 X4,3 X4,4
Write a Comment
User Comments (0)
About PowerShow.com