SlideShare a Scribd company logo

Cryptographic algorithms

Download as PPTX, PDF
A
Anamika Singh

The document summarizes cryptographic algorithms DES and AES. It describes the basic concepts of encryption, the history and workings of DES including key generation and encryption/decryption processes. It then explains the AES cipher which was selected to replace DES, including the cipher structure involving substitution, shifting, mixing and adding round keys in multiple rounds of processing. The key expansion process is also summarized, which derives the round keys from the main encryption key.

Engineering
1 of 47
Downloaded 53 times
1
2
3
4
5
6
7
8
Most read
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Most read
35
36
37
38
39
40
41
42
Most read
43
44
45
46
47
CRYPTOGRAPHIC ALGORITHMS (DES AND AES) BY- ANAMIKA SINGH ,B.TECH. VIIth sem
What is Encryption  Transform information such that its true meaning is hidden  Requires “special knowledge” to retrieve the information  Examples  AES, 3DES, RC4, ROT-13, …
Types of Encryption Schemes Ciphers Classical Modern Rotor Machines Substitution Public KeyTransposition Secret Key BlockStream Steganography
Symmetric Encryption Terms  Alice Bob Plain text Plain textCipher text Key Key Encryption Algorithm Decryption Algorithm
Data Encryption Standard  OUTLINE  History  Encryption  Key-generation  Decryption  Strength of DES
History  DES is a 64 bit block cipher which means that it encrypts data 64 bits at a time.  In 1971, IBM developed an algorithm, named LUCIFER which operates on a block of 64 bits, using a 128-bit key  Walter Tuchman, an IBM researcher, refined LUCIFER and reduced the key size to 56-bit, to fit on a chip.  In 1977, the results of Tuchman’s project of IBM was adopted as the Data Encryption Standard by NSA (NIST).  AES is an important algorithm and was originally meant to replace DES
A Simplified DES Algorithm  Key words  Substitution is simply a mapping of one value to another  Permutation is a reordering of the bit positions for each of the inputs.  techniques are used a number of times in iterations called rounds  S-boxes are basically non-linear substitution tables where either the output is smaller than the input or vice versa
A Simplified DES Algorithm  DES expects two inputs the plaintext to be encrypted and the secret key(64 bit block cipher, key size used is 56 bits)  Initial permutation rearranging the bits to form the “permuted input”.  followed by 16 iteration of the same function substitution and permutation.  Finally, the pre output is passed through a permutation which is simply the inverse of the initial permutation
Encryption
Encryption(round 1)
Initial Permutation  IP 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7  IP-1 40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
Expansion 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 45 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 9 13 30 6 22 11 4 25  E  P ExpansionExpansion
Encryption(round 1)
Encryption(round 1) S-Box
Encryption(round 1) S-Box
Key Generation
Key Generation D0C0 Input Key Permuted Choice One (PC-1) Permuted Choice Two (PC-2) Schedule of Left Shifts Di-1Ci-1 DiCi ▪ ▪ ▪ ▪ ▪ ▪ Key i
Key Generation 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 30 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 Input key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 26 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4 PC-1
Key Generation 14 17 11 24 1 5 3 28 15 6 21 10 23 19 12 4 26 8 16 7 27 20 13 2 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 PC-2 RN 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Bits 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1 Schedule of Line Shift
Strength  Criticism  Reduction in key size of 72 bits  Too short to withstand with brute-force attack  S-boxes were classified.  Weak points enable NSA to decipher without key.  56-bit keys have 256 = 7.2 x 1016 values  Brute force search looks hard.  A machine performing one DES encryption per microsecond would take more than a thousand year to break the cipher.  DES exhibits a strong avalanche effect.  If a small change in either the plaintext or the key, the ciphertext should change markedly.
Advance Encryption Standard  Outline  Origin  The AES Cipher  AES Encryption & Decryption  AES Key Expansion  Implementation Aspect
AES-Origin  Clear a replacement for DES was needed  have theoretical attacks that can break it  have demonstrated exhaustive key search attacks  Can use Triple-DES – but slow, has small blocks  US NIST issued call for ciphers in 1997  15 candidates accepted in Jun 98  5 were shortlisted in Aug-99  Rijndael was selected as the AES in Oct-2000  issued as FIPS PUB 197 standard in Nov-2001
The AES Cipher - Rijndael  Designed by Rijmen-Daemen in Belgium  Has 128/192/256 bit keys, 128 bit data  An iterative rather than Feistel (DES) cipher  processes data as block of 4 columns of 4 bytes  operates on entire data block in every round  Designed to have:  resistance against known attacks  speed and code compactness on many CPUs  design simplicity
The AES Cipher  Block length is limited to 128 bit  The key size can be independently specified to 128, 192 or 256 bits Key size (words/bytes/bits) 4/16/128 6/24/192 8/32/256 Number of rounds 10 12 14 Expanded key size (words/byte) 44/176 52/208 60/240
AES Encryption
The AES Cipher  Key received as input array of 4 rows and Nk columns  Nk = 4,6, or 8, parameter which depends key size  Input key is expanded into an array of 44/52/60 words of 32 bits each  4 different words serve as a key for each round k0 k4 k8 k12 k1 k2 k3 k5 k6 k7 k9 k10 k11 k13 k14 k15 w0 w1 w2 …… w43W42
The AES Cipher  AddRoundKey() – round key is added to the State using XOR operation  MixColumns() – takes all the columns of the State and mixes their data, independently of one another, making use of arithmetic over GF(2^8)  ShiftRows() – processes the State by cyclically shifting the last three rows of the State by different offsets  SubBytes() – uses S-box to perform a byte-by-byte substitution of State  The four stages are as follows: Substitute bytes, Shift rows, Mix Columns , Add Round Key  The tenth round simply leaves out the Mix Columns stage.
The AES Cipher(Round-1) Add round key Substitute bytes Shift rows Mix columns Add Round key Substitute bytes Shift rows Mix columns Add round key Substitute bytes Shift rows Add round key plaintext Cipher text key W[4,7] W[36,39] W[40,43] Round1 Round9
The AES Cipher  Only Add round key makes use of the key  Other three functions are used for diffusion and confusion  Final round consists of only three stages
The AES Structure
Substitute Byte  A simple substitution of each byte  It uses one table of 16x16 bytes containing a permutation of all 256 8-bit values  Each byte of state is replaced by byte indexed by row (left 4-bits) & column (right 4-bits)  S-box constructed using defined transformation of values in GF(28)  Designed to be resistant to all known attacks
Substitute Byte
S-Box Substitution
S-Box Substitution
Substitute Byte Example
Shift Rows  A circular byte shift in each each  1st row is unchanged  2nd row does 1 byte circular shift to left  3rd row does 2 byte circular shift to left  4th row does 3 byte circular shift to left  Decrypt inverts using shifts to right  Since state is processed by columns, this step permutes bytes between the columns
Shift Rows Example
Mix Columns Transformation  Each column is operated on individually  each byte is replaced by a value dependent on all 4 bytes in the column  The Mix Columns transformation of a single column j (0 j 3) of state can be expressed as:  S0 0,j = (2 • s0,j) (3 • s1,j) s2,j s3,j  S0 1,j = s0,j (2 • s1,j) (3 • s2,j) s3,j  S0 2,j = s0,j s1,j (2 • s2,j) (3 • s3,j)  S0 3,j = (3 • s0,j) s1,j s2,j (2 • s3,j)
Mix Columns Transformation
Mix Columns Example
Add Round Key XOR each byte of the round key with its corresponding byte in the state array S0,0 S0,1 S0,2 S0,3 S1,0 S1,1 S1,2 S1,3 S2,0 S2,1 S2,2 S2,3 S3,0 S3,1 S3,2 S3,3 S’0,0 S’0,1 S’0,2 S’0,3 S’1,0 S’1,1 S’1,2 S’1,3 S’2,0 S’2,1 S’2,2 S’2,3 S’3,0 S’3,1 S’3,2 S’3,3 S0,1 S1,1 S2,1 S3,1 S’0,1 S’1,1 S’2,1 S’3,1 R0,0 R0,1 R0,2 R0,3 R1,0 R1,1 R1,2 R1,3 R2,0 R2,1 R2,2 R2,3 R3,0 R3,1 R3,2 R3,3 R0,1 R1,1 R2,1 R3,1 XOR
AES Key Expansion  takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words  start by copying key into first 4 words  then loop creating words that depend on values in previous & 4 places back  in 3 of 4 cases just XOR these together  1st word in 4 has rotate + S-box + XOR round constant on previous, before XOR 4th back
AES Key Expansion
AES Decryption  AES decryption is not identical to encryption since steps done in reverse  but can define an equivalent inverse cipher with steps as for encryption  but using inverses of each step  with a different key schedule
AES Decryption All functions are easily reversible and their inverse form is used in decryption Decryption algorithm is not identical to the encryption algorithm Again, final round consists of only three stages
Implementation Aspect  Can efficiently implement on 8-bit CPU  Byte substitution works on bytes using a table of 256 entries  Shift rows is simple byte shift  Add round key works on byte XOR’s  Mix columns requires matrix multiply in GF(28) which works on byte values, can be simplified to use table lookups & byte XOR’s
Implementation Aspect  Can efficiently implement on 32-bit CPU  redefine steps to use 32-bit words  can pre compute 4 tables of 256-words  then each column in each round can be computed using 4 table lookups + 4 XORs  at a cost of 4Kb to store tables  Designers believe this very efficient implementation was a key factor in its selection as the AES cipher

More Related Content

PPT
Classification of bacteria
Shyam Mishra
 
PPSX
Intrusion detection system
gaurav koriya
 
PPTX
Block cipher modes of operation
harshit chavda
 
PPTX
Wireless network security
Vishal Agarwal
 
PPTX
UI / UX Design Presentation
Dignitas Digital Pvt. Ltd.
 
PPTX
Encryption algorithms
trilokchandra prakash
 
PPTX
Color Sensor.pptx
RituSachan2
 
PPTX
Cryptography
Shivanand Arur
 
Classification of bacteria
Shyam Mishra
 
Intrusion detection system
gaurav koriya
 
Block cipher modes of operation
harshit chavda
 
Wireless network security
Vishal Agarwal
 
UI / UX Design Presentation
Dignitas Digital Pvt. Ltd.
 
Encryption algorithms
trilokchandra prakash
 
Color Sensor.pptx
RituSachan2
 
Cryptography
Shivanand Arur
 

What's hot (20)

PPTX
Cryptography
subodh pawar
 
PPTX
Cryptography.ppt
Uday Meena
 
PPTX
Cryptography.ppt
kusum sharma
 
PPTX
Public Key Cryptosystem
Devakumar Kp
 
PPT
Symmetric and Asymmetric Encryption.ppt
HassanAli980906
 
PDF
RSA ALGORITHM
Dr. Shashank Shetty
 
PPTX
Cryptography
Sidharth Mohapatra
 
PDF
Introduction to Cryptography
Seema Goel
 
PPT
Fundamentals of cryptography
Hossain Md Shakhawat
 
PPTX
Cryptography
jayashri kolekar
 
PDF
Cryptography
Kalyani Government Engineering College
 
PPTX
Network security and cryptography
Pavithra renu
 
PPTX
Introduction to Cryptography
Md. Afif Al Mamun
 
PPTX
Encryption ppt
Anil Neupane
 
PPTX
Intro to modern cryptography
zahid-mian
 
PPTX
Topic1 substitution transposition-techniques
MdFazleRabbi18
 
PPT
Network security cryptographic hash function
Mijanur Rahman Milon
 
PPTX
Data Encryption Standard (DES)
Haris Ahmed
 
PPTX
Symmetric and asymmetric key
Triad Square InfoSec
 
PPT
Cryptography
gueste4c97e
 
Cryptography
subodh pawar
 
Cryptography.ppt
Uday Meena
 
Cryptography.ppt
kusum sharma
 
Public Key Cryptosystem
Devakumar Kp
 
Symmetric and Asymmetric Encryption.ppt
HassanAli980906
 
RSA ALGORITHM
Dr. Shashank Shetty
 
Cryptography
Sidharth Mohapatra
 
Introduction to Cryptography
Seema Goel
 
Fundamentals of cryptography
Hossain Md Shakhawat
 
Cryptography
jayashri kolekar
 
Cryptography
Kalyani Government Engineering College
 
Network security and cryptography
Pavithra renu
 
Introduction to Cryptography
Md. Afif Al Mamun
 
Encryption ppt
Anil Neupane
 
Intro to modern cryptography
zahid-mian
 
Topic1 substitution transposition-techniques
MdFazleRabbi18
 
Network security cryptographic hash function
Mijanur Rahman Milon
 
Data Encryption Standard (DES)
Haris Ahmed
 
Symmetric and asymmetric key
Triad Square InfoSec
 
Cryptography
gueste4c97e
 
Ad

Viewers also liked (6)

PPTX
Cryptographic algorithms
Anamika Singh
 
PPT
All about email
estefana4
 
PDF
AES-Advanced Encryption Standard
Prince Rachit
 
PPT
E Mail Ppt
kevpatel
 
PPT
Electronic mail
Diwaker Pant
 
PPT
Email ppt
melgade
 
Cryptographic algorithms
Anamika Singh
 
All about email
estefana4
 
AES-Advanced Encryption Standard
Prince Rachit
 
E Mail Ppt
kevpatel
 
Electronic mail
Diwaker Pant
 
Email ppt
melgade
 
Ad

Similar to Cryptographic algorithms (20)

PDF
DES (Data Encryption Standard) Algorithm
SamEhlinger
 
PPT
ch03_block_ciphers_nemo (2) (1).ppt
MrsPrabhaBV
 
PPT
AES (2).ppt
RobinRohit2
 
PPT
AES Cryptosystem
هيثم فرج
 
PPTX
information security lecture 7 & 8 .pptx
NasirAli233814
 
PPTX
Stream Ciphers and Block Ciphers in Security.pptx
Vivekananda Gn
 
PPTX
Data Encryption standard in cryptography
NithyasriA2
 
PPT
Network Security Lec4
Federal Urdu University
 
PPTX
Block Cipher.cryptography_miu_year5.pptx
HodaAhmedBekhitAhmed
 
PDF
Chapter 3-block-cipher-des1
Shiraz316
 
PDF
chap3.pdf
NickySanthosh1
 
PPTX
AES.pptx
RizwanBasha12
 
PDF
Network security cs5
Infinity Tech Solutions
 
PPT
Cryptography Symmetric Key Algorithm (CSE)
SoumyaBhattacharyya14
 
PPT
AESbnhgfdrtfyuiiukyjtdrertutuyjhgfhgsrtrygh.ppt
muskanindikar
 
PPT
CR 05 - Advanced Encryption Standard.ppt
ssuseraaf866
 
PPT
AES.ppt
ssuser6602e0
 
PPTX
694 lecture1aes
Ankur Human
 
PPT
Advanced Encryption System - Network and Security.ppt
VimalAadhithan
 
PPTX
data ebncryption standard with example.pptx
ajajkhan16
 
DES (Data Encryption Standard) Algorithm
SamEhlinger
 
ch03_block_ciphers_nemo (2) (1).ppt
MrsPrabhaBV
 
AES (2).ppt
RobinRohit2
 
AES Cryptosystem
هيثم فرج
 
information security lecture 7 & 8 .pptx
NasirAli233814
 
Stream Ciphers and Block Ciphers in Security.pptx
Vivekananda Gn
 
Data Encryption standard in cryptography
NithyasriA2
 
Network Security Lec4
Federal Urdu University
 
Block Cipher.cryptography_miu_year5.pptx
HodaAhmedBekhitAhmed
 
Chapter 3-block-cipher-des1
Shiraz316
 
chap3.pdf
NickySanthosh1
 
AES.pptx
RizwanBasha12
 
Network security cs5
Infinity Tech Solutions
 
Cryptography Symmetric Key Algorithm (CSE)
SoumyaBhattacharyya14
 
AESbnhgfdrtfyuiiukyjtdrertutuyjhgfhgsrtrygh.ppt
muskanindikar
 
CR 05 - Advanced Encryption Standard.ppt
ssuseraaf866
 
AES.ppt
ssuser6602e0
 
694 lecture1aes
Ankur Human
 
Advanced Encryption System - Network and Security.ppt
VimalAadhithan
 
data ebncryption standard with example.pptx
ajajkhan16
 

Recently uploaded (20)

PDF
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PPTX
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PDF
Level 2 – IBM Data and AI Fundamentals (1)_v1.1.PDF
KSRIHARISASANKA
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PPTX
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
PDF
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
Nitin Shelake
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PPTX
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
PPTX
Artificial Intelligence
dikshendrasarpate2
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PDF
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PPT
Project quality management in manufacturing
BarMusaTetik
 
PPTX
6ME3A-Unit-II-Sensors and Actuators_Handouts.pptx
anukaranugi
 
PPTX
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
PPTX
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
PPT
Total quality management ppt for engineering students
juleeyadav818
 
PDF
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
Sustainable Sites - Green Building Construction
mhdumerali
 
Level 2 – IBM Data and AI Fundamentals (1)_v1.1.PDF
KSRIHARISASANKA
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
Nitin Shelake
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
Artificial Intelligence
dikshendrasarpate2
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
Project quality management in manufacturing
BarMusaTetik
 
6ME3A-Unit-II-Sensors and Actuators_Handouts.pptx
anukaranugi
 
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
Total quality management ppt for engineering students
juleeyadav818
 
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 

Cryptographic algorithms

  • 1. CRYPTOGRAPHIC ALGORITHMS (DES AND AES) BY- ANAMIKA SINGH ,B.TECH. VIIth sem
  • 2. What is Encryption  Transform information such that its true meaning is hidden  Requires “special knowledge” to retrieve the information  Examples  AES, 3DES, RC4, ROT-13, …
  • 3. Types of Encryption Schemes Ciphers Classical Modern Rotor Machines Substitution Public KeyTransposition Secret Key BlockStream Steganography
  • 4. Symmetric Encryption Terms  Alice Bob Plain text Plain textCipher text Key Key Encryption Algorithm Decryption Algorithm
  • 5. Data Encryption Standard  OUTLINE  History  Encryption  Key-generation  Decryption  Strength of DES
  • 6. History  DES is a 64 bit block cipher which means that it encrypts data 64 bits at a time.  In 1971, IBM developed an algorithm, named LUCIFER which operates on a block of 64 bits, using a 128-bit key  Walter Tuchman, an IBM researcher, refined LUCIFER and reduced the key size to 56-bit, to fit on a chip.  In 1977, the results of Tuchman’s project of IBM was adopted as the Data Encryption Standard by NSA (NIST).  AES is an important algorithm and was originally meant to replace DES
  • 7. A Simplified DES Algorithm  Key words  Substitution is simply a mapping of one value to another  Permutation is a reordering of the bit positions for each of the inputs.  techniques are used a number of times in iterations called rounds  S-boxes are basically non-linear substitution tables where either the output is smaller than the input or vice versa
  • 8. A Simplified DES Algorithm  DES expects two inputs the plaintext to be encrypted and the secret key(64 bit block cipher, key size used is 56 bits)  Initial permutation rearranging the bits to form the “permuted input”.  followed by 16 iteration of the same function substitution and permutation.  Finally, the pre output is passed through a permutation which is simply the inverse of the initial permutation
  • 11. Initial Permutation  IP 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7  IP-1 40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
  • 12. Expansion 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 45 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 9 13 30 6 22 11 4 25  E  P ExpansionExpansion
  • 17. Key Generation D0C0 Input Key Permuted Choice One (PC-1) Permuted Choice Two (PC-2) Schedule of Left Shifts Di-1Ci-1 DiCi ▪ ▪ ▪ ▪ ▪ ▪ Key i
  • 18. Key Generation 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 30 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 Input key 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 26 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4 PC-1
  • 19. Key Generation 14 17 11 24 1 5 3 28 15 6 21 10 23 19 12 4 26 8 16 7 27 20 13 2 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 PC-2 RN 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Bits 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1 Schedule of Line Shift
  • 20. Strength  Criticism  Reduction in key size of 72 bits  Too short to withstand with brute-force attack  S-boxes were classified.  Weak points enable NSA to decipher without key.  56-bit keys have 256 = 7.2 x 1016 values  Brute force search looks hard.  A machine performing one DES encryption per microsecond would take more than a thousand year to break the cipher.  DES exhibits a strong avalanche effect.  If a small change in either the plaintext or the key, the ciphertext should change markedly.
  • 21. Advance Encryption Standard  Outline  Origin  The AES Cipher  AES Encryption & Decryption  AES Key Expansion  Implementation Aspect
  • 22. AES-Origin  Clear a replacement for DES was needed  have theoretical attacks that can break it  have demonstrated exhaustive key search attacks  Can use Triple-DES – but slow, has small blocks  US NIST issued call for ciphers in 1997  15 candidates accepted in Jun 98  5 were shortlisted in Aug-99  Rijndael was selected as the AES in Oct-2000  issued as FIPS PUB 197 standard in Nov-2001
  • 23. The AES Cipher - Rijndael  Designed by Rijmen-Daemen in Belgium  Has 128/192/256 bit keys, 128 bit data  An iterative rather than Feistel (DES) cipher  processes data as block of 4 columns of 4 bytes  operates on entire data block in every round  Designed to have:  resistance against known attacks  speed and code compactness on many CPUs  design simplicity
  • 24. The AES Cipher  Block length is limited to 128 bit  The key size can be independently specified to 128, 192 or 256 bits Key size (words/bytes/bits) 4/16/128 6/24/192 8/32/256 Number of rounds 10 12 14 Expanded key size (words/byte) 44/176 52/208 60/240
  • 26. The AES Cipher  Key received as input array of 4 rows and Nk columns  Nk = 4,6, or 8, parameter which depends key size  Input key is expanded into an array of 44/52/60 words of 32 bits each  4 different words serve as a key for each round k0 k4 k8 k12 k1 k2 k3 k5 k6 k7 k9 k10 k11 k13 k14 k15 w0 w1 w2 …… w43W42
  • 27. The AES Cipher  AddRoundKey() – round key is added to the State using XOR operation  MixColumns() – takes all the columns of the State and mixes their data, independently of one another, making use of arithmetic over GF(2^8)  ShiftRows() – processes the State by cyclically shifting the last three rows of the State by different offsets  SubBytes() – uses S-box to perform a byte-by-byte substitution of State  The four stages are as follows: Substitute bytes, Shift rows, Mix Columns , Add Round Key  The tenth round simply leaves out the Mix Columns stage.
  • 28. The AES Cipher(Round-1) Add round key Substitute bytes Shift rows Mix columns Add Round key Substitute bytes Shift rows Mix columns Add round key Substitute bytes Shift rows Add round key plaintext Cipher text key W[4,7] W[36,39] W[40,43] Round1 Round9
  • 29. The AES Cipher  Only Add round key makes use of the key  Other three functions are used for diffusion and confusion  Final round consists of only three stages
  • 31. Substitute Byte  A simple substitution of each byte  It uses one table of 16x16 bytes containing a permutation of all 256 8-bit values  Each byte of state is replaced by byte indexed by row (left 4-bits) & column (right 4-bits)  S-box constructed using defined transformation of values in GF(28)  Designed to be resistant to all known attacks
  • 36. Shift Rows  A circular byte shift in each each  1st row is unchanged  2nd row does 1 byte circular shift to left  3rd row does 2 byte circular shift to left  4th row does 3 byte circular shift to left  Decrypt inverts using shifts to right  Since state is processed by columns, this step permutes bytes between the columns
  • 38. Mix Columns Transformation  Each column is operated on individually  each byte is replaced by a value dependent on all 4 bytes in the column  The Mix Columns transformation of a single column j (0 j 3) of state can be expressed as:  S0 0,j = (2 • s0,j) (3 • s1,j) s2,j s3,j  S0 1,j = s0,j (2 • s1,j) (3 • s2,j) s3,j  S0 2,j = s0,j s1,j (2 • s2,j) (3 • s3,j)  S0 3,j = (3 • s0,j) s1,j s2,j (2 • s3,j)
  • 41. Add Round Key XOR each byte of the round key with its corresponding byte in the state array S0,0 S0,1 S0,2 S0,3 S1,0 S1,1 S1,2 S1,3 S2,0 S2,1 S2,2 S2,3 S3,0 S3,1 S3,2 S3,3 S’0,0 S’0,1 S’0,2 S’0,3 S’1,0 S’1,1 S’1,2 S’1,3 S’2,0 S’2,1 S’2,2 S’2,3 S’3,0 S’3,1 S’3,2 S’3,3 S0,1 S1,1 S2,1 S3,1 S’0,1 S’1,1 S’2,1 S’3,1 R0,0 R0,1 R0,2 R0,3 R1,0 R1,1 R1,2 R1,3 R2,0 R2,1 R2,2 R2,3 R3,0 R3,1 R3,2 R3,3 R0,1 R1,1 R2,1 R3,1 XOR
  • 42. AES Key Expansion  takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words  start by copying key into first 4 words  then loop creating words that depend on values in previous & 4 places back  in 3 of 4 cases just XOR these together  1st word in 4 has rotate + S-box + XOR round constant on previous, before XOR 4th back
  • 44. AES Decryption  AES decryption is not identical to encryption since steps done in reverse  but can define an equivalent inverse cipher with steps as for encryption  but using inverses of each step  with a different key schedule
  • 45. AES Decryption All functions are easily reversible and their inverse form is used in decryption Decryption algorithm is not identical to the encryption algorithm Again, final round consists of only three stages
  • 46. Implementation Aspect  Can efficiently implement on 8-bit CPU  Byte substitution works on bytes using a table of 256 entries  Shift rows is simple byte shift  Add round key works on byte XOR’s  Mix columns requires matrix multiply in GF(28) which works on byte values, can be simplified to use table lookups & byte XOR’s
  • 47. Implementation Aspect  Can efficiently implement on 32-bit CPU  redefine steps to use 32-bit words  can pre compute 4 tables of 256-words  then each column in each round can be computed using 4 table lookups + 4 XORs  at a cost of 4Kb to store tables  Designers believe this very efficient implementation was a key factor in its selection as the AES cipher