NET3106 – Network Security

Lecturer:
Houshyar Honar Pajooh
Room Number : AE-3-28 (University Building - East)
Email: houshyarh@sunway.edu.my

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 NET3106 – Network Security
WEEK (4)
Block Ciphers and the Data Encryption Standard

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Stream Cipher (1 of 2)
• Encrypts a digital data stream one bit or one byte at a time
• Examples:
• Autokeyed Vigenère cipher
• Vernam cipher
• In the ideal case, a one-time pad version of the Vernam cipher would
be used, in which the keystream is as long as the plaintext bit stream
• If the cryptographic keystream is random, then this cipher is
unbreakable by any means other than acquiring the keystream
• Keystream must be provided to both users in advance via
some independent and secure channel
• This introduces insurmountable logistical problems if the
intended data traffic is very large

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Stream Cipher (2 of 2)
• For practical reasons the bit-stream generator must be
implemented as an algorithmic procedure so that the
cryptographic bit stream can be produced by both users
• It must be computationally impractical to predict future
portions of the bit stream based on previous portions of
the bit stream
• The two users need only share the generating key and each
can produce the keystream

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Block Cipher
• A block of plaintext is treated as a whole and used to produce
a ciphertext block of equal length
• Typically a block size of 64 or 128 bits is used
• As with a stream cipher, the two users share a symmetric
encryption key
• The majority of network-based symmetric cryptographic
applications make use of block ciphers

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Stream Cipher and Block Cipher

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 General n-bit-n-bit Block Substitution
(shown with n = 4)

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Plaintext Ciphertext Ciphertext Plaintext
0000 1110 0000 1110
0001 0100 0001 0011

Encryption 0010 1101 0010 0100

0011 0001 0011 1000
and
0100 0010 0100 0001
Decryption
0101 1111 0101 1100
Tables for 0110 1011 0110 1010
Substitution 0111 1000 0111 1111
Cipher of 1000 0011 1000 0111
Previous 1001 1010 1001 1101
Figure 1010 0110 1010 1001
1011 1100 1011 0110
1100 0101 1100 1011
1101 1001 1101 0010
1110 0000 1110 0000
1111 0111 1111 0101

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Feistel Cipher
• Feistel proposed the use of a cipher that alternates substitutions and permutations

• Substitutions
• Each plaintext element or group of elements is uniquely replaced by a corresponding
ciphertext element or group of elements
• Permutation
• No elements are added or deleted or replaced in the sequence, rather the order in which
the elements appear in the sequence is changed

• Is a practical application of a proposal by Claude Shannon to develop a product cipher that

alternates confusion and diffusion functions
• Is the structure used by many significant symmetric block ciphers currently in use

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Diffusion and Confusion
• Terms introduced by Claude Shannon to capture the two basic building blocks for any cryptographic system
• Shannon’s concern was to thwart cryptanalysis based on statistical analysis

• Diffusion
• The statistical structure of the plaintext is dissipated into long-range statistics of the ciphertext
• This is achieved by having each plaintext digit affect the value of many ciphertext digits
• Confusion
• Seeks to make the relationship between the statistics of the ciphertext and the value of the encryption
key as complex as possible
• Even if the attacker can get some handle on the statistics of the ciphertext, the way in which the key
was used to produce that ciphertext is so complex as to make it difficult to deduce the key

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Feistel Encryption
and Decryption
(16 rounds)

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Feistel Cipher Design Features (1 of 2)
• Block size
• Larger block sizes mean greater security but reduced encryption/decryption
speed for a given algorithm
• Key size
• Larger key size means greater security but may decrease
encryption/decryption speeds
• Number of rounds
• The essence of the Feistel cipher is that a single round offers inadequate
security but that multiple rounds offer increasing security
• Subkey generation algorithm
• Greater complexity in this algorithm should lead to greater difficulty of
cryptanalysis
Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Feistel Cipher Design Features (2 of 2)
• Round function F
• Greater complexity generally means greater resistance to cryptanalysis
• Fast software encryption/decryption
• In many cases, encrypting is embedded in applications or utility functions in
such a way as to preclude a hardware implementation; accordingly, the speed
of execution of the algorithm becomes a concern
• Ease of analysis
• If the algorithm can be concisely and clearly explained, it is easier to analyze
that algorithm for cryptanalytic vulnerabilities and therefore develop a higher
level of assurance as to its strength

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Feistel Example

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Data Encryption Standard (DES)
• Issued in 1977 by the National Bureau of Standards (now NIST) as Federal
Information Processing Standard 46
• Was the most widely used encryption scheme until the introduction of the
Advanced Encryption Standard (AES) in 2001
• Algorithm itself is referred to as the Data Encryption Algorithm (DEA)
• Data are encrypted in 64-bit blocks using a 56-bit key
• The algorithm transforms 64-bit input in a series of steps into a 64-bit output
• The same steps, with the same key, are used to reverse the encryption

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 General Depiction of DES
Encryption Algorithm

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Table 4.2 DES
Example

Note: DES subkeys are shown as eight 6-bit values in hex format

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Table 4.3 Avalanche
Effect in DES:
Change in Plaintext

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Table 4.4
Avalanche
Effect in DES:
Change in Key

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Table 4.5 Average Time Required for Exhaustive Key
Search
Time Required
Key Size Number of Time Required at 109 at 1013
(bits) Cipher Alternative Keys Decryptions/s Decryptions/s
56 DES 256 ≈ 7.2 × 1016 255 ns = 1.125 years 1 hour

128 AES 2128 ≈ 3.4 × 1038 2127 ns = 5.3 × 1021 years 5.3 × 1017 years

168 Triple DES 2168 ≈ 3.7 × 1050 2167 ns = 5.8 × 1033 years 5.8 × 1029 years

192 AES 2192 ≈ 6.3 × 1057 2191 ns = 9.8 × 1040 years 9.8 × 1036 years

256 AES 2256 ≈ 1.2 × 1077 2255 ns = 1.8 × 1060 years 1.8 × 1056 years

26 characters Monoalphabetic 2! = 4 × 1026 2 × 1026 ns = 6.3 × 109 6.3 × 106 years

(permutation) years

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Strength of DES
• Timing attacks
• One in which information about the key or the plaintext is
obtained by observing how long it takes a given implementation
to perform decryptions on various ciphertexts
• Exploits the fact that an encryption or decryption algorithm
often takes slightly different amounts of time on different inputs
• So far it appears unlikely that this technique will ever be
successful against DES or more powerful symmetric ciphers such
as triple DES and AES

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Block Cipher Design Principles: Number of
Rounds
• The greater the number of rounds, the more difficult it is to perform
cryptanalysis
• In general, the criterion should be that the number of rounds is chosen
so that known cryptanalytic efforts require greater effort than a simple
brute-force key search attack
• If DES had 15 or fewer rounds, differential cryptanalysis would require
less effort than a brute-force key search

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Block Cipher Design Principles: Design of Function F
• The heart of a Feistel block cipher is the function F
• The more nonlinear F, the more difficult any type of cryptanalysis will be
• The SAC and BIC criteria appear to strengthen the effectiveness of the confusion function

The algorithm should have good avalanche properties

• Strict avalanche criterion (SAC)

• States that any output bit j of an S-box should change with probability 1/2 when any single input bit i is
inverted for all i , j
• Bit independence criterion (BIC)
• States that output bits j and k should change independently when any single input bit i is inverted for all
i , j , and k

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Block Cipher Design Principles: Key Schedule
Algorithm
• With any Feistel block cipher, the key is used to generate one subkey for each
round
• In general, we would like to select subkeys to maximize the difficulty of deducing
individual subkeys and the difficulty of working back to the main key
• It is suggested that, at a minimum, the key schedule should guarantee
key/ciphertext Strict Avalanche Criterion and Bit Independence Criterion

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 Summary
• Explain the concept of the avalanche effect
• Discuss the cryptographic strength of DES
• Summarize the principal block cipher design principles
• Understand the distinction between stream ciphers and block ciphers
• Present an overview of the Feistel cipher and explain how decryption is the
inverse of encryption
• Present an overview of Data Encryption Standard (DES)

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE
 01010001
&
01000001

Sunway University | NET3106 Network Security | Houshyar Honar Pajooh | Aug 2022
SENSITIVE