Block cipher primitives
DES
AES
Encrypting large message
Message integrity
Block Cipher Scheme
plaintext block of length n -> Encrypt -> cipher block of length n
Block Cipher Primitives
Confusion:
an encryption operation where the relationship between the key and ciphertext is obscured
achieved with substitution
Diffusion
an encryption operation where the influence of one plaintext bit is spread over many ciphertext bits with the goal of hiding statistical properties of the plaintext
achieved with permutation
Both confusion and diffusion by themselves cannot provide (strong enough) security
Round: combination of substitution and permutation, and o so often enough so that a bit change can affect every output bit
Data Encryption Standard
64 bit M -> DES Encryption -> 64 bit C
56 bits
Published in 1977, standardized in 1979
Key:64 bit quantity=8-bit
parity+56-bit key
Every 8th bit is a parity bit
64 bit input, 64 bit output
Data Encryption Standard
DES Top view
64-bit input
permutation
round1
round2
swap
permutation
64-bit output
Bit permutation(1-to-1)
Input <-> Output
DES Round
32 bits Ln, 32 bit Rn
Can be expressed as: Ln+1 = Rn, Rn+1 = LnXORM(Rn,Kn)
Decryption
-Apply the same operations key sequence in reverse
Round1 of decryption uses key of the last round in encryption
-Each round:
Input: Rn+1|Ln+1
Due to the swap operation at the end of encryption
Output:Rn|Ln
The swap operation at the end will produce the correct result:L|R
Mangler Function
The permutation produces “spread” among the chunks/S-Boxes!
