跳转至

Block Cipher

Definition

Design Principles

Security:

  • Diffusion: each ciphertext bit should depend on all plaintext bits
  • Confusion: complex relationship between key and cipher texts
  • Key length: should be large to preclude exhaustive key search

Efficiency:

  • Simplicity
  • High rate
  • Suitability for both hardware and software

AES(Advanced Encryption Standard)

SPN(Substitution-permutation network) network

Definition of AES

SPN and:

  1. permutation consists of two linear transformation
  2. all operations are byte oriented
  3. block size is 128 bits
  4. round key is 128 bits, generated by a key schedule.
  5. AES's key can be three lengths:
    1. 128 bits → 10 rounds
    2. 192 bits → 12 rounds
    3. 256 bits → 14 rounds

Plaintext are formed into 4 * 4 bytes block.

Round Operations

  1. Add round Key(Key mixing)

  2. Substitute Bytes

  3. Shift rows

  4. Mix column

$$ \begin{bmatrix}b_0\b_1\b_2\b_3\end{bmatrix} = \begin{bmatrix}2&3&1&1\1&2&3&1\1&1&2&3\3&1&1&2\end{bmatrix} \cdot \begin{bmatrix}a_0\a_1\a_2\a_3\end{bmatrix} $$ (bitwise exclusive or)

Encryption function

image-20221021002159066

Key scheduler

image-20221021002356772

image-20221021002537311

DES(Data Encryption Standard)

Overview

Block size 64 bits, key size 56 bits, 16 rounds of operation

image-20221021002933591

image-20221021003437734

Initial Permutation

Key scheduling algorithm

Component function

image-20221021003631611

Expansion table & Permutation:

S-Box: (Non-linear part)

Problems

  1. Key Space is too small, can be exhausted.
  2. Block size is small: collusion

Save attempts: Multiple DES

Attack on double DES: met in middle

image-20221021003941265

Triple DES: attack takes \(2^{112}\) steps