Beruflich Dokumente
Kultur Dokumente
Presented by:
Secret-key Public-key
(Single-key) (Two-key)
Cryptography Cryptography
•A conventional •Each user is provided
Cryptographic system with key material of one’s
relies on use of a single own with a private
piece of private and component & a public
component
necessarily secret key.
•The private component
•Key is known to sender & must be kept secret for
receiver, but to no others. secure communication.
Secret-key Cryptography
ASSUMPTION:-
An enemy cryptanalyst has knowledge
of the entire mechanism used to
perform encryption, except for the secret key.
Requirement of Secrecy
continued…
Attacks employed by enemy cryptanalyst:
Ciphertext-only attack
Access to part or all of the ciphertext
Known-plaintext attack
Knowledge of some ciphertext:-plaintext pairs formed
with the actual secret key
Chosen-plaintext attack
Submit any chosen plaintext message and receive in
return the correct ciphertext for the actual secret key.
Chosen-ciphertext attack
Choose an arbitrary ciphertext and find the correct result
for its decryption.
Information theoretic
approach
• In Shannon model of cryptography (published in
Shannon’s 1949 landmark paper on information-
theoretic approach to secrecy systems)
ASSUMPTION:-
1. Enemy cryptanalyst has unlimited time & computing
power.
2. But the enemy is presumably restricted to ciphertext-
only attack.
• The secrecy of the system is said to be broken when
decryption is performed successfully, obtaining a
unique solution to the cryptogram
Information theoretic
approach (continued…)
Let X = {X1, X2, …, XN} ->N-bit plaintext message,
Y = {Y1, Y2, …,YN} ->N-bit cryptogram
Practicability of Cipher
For a cipher to be of practical value
1. It must be difficult to be broken by enemy cryptanalyst.
2. It must be easy to encrypt & decrypt with knowledge of
secret key.
Substitution cipher
Each letter of plaintext is replaced by a fixed substitute.
For plaintext X = {x1,x2,x3,x4,…)
ciphertext Y ={y1,y2,y3,y4,,…)
={f(x1),f(x2),f(x3),f(x4),….}
Transposition cipher
•The plaintext is
divided into groups
of fixed period d &
the same
permutation is
applied to each
group.
•The particular
permutation rule
being determined
by the secret key.
Data Encryption Standard
(DES)
It is the most widely used secret-key cryptalgorithm.
It operates on 64-bit plaintext and uses 56-bit key.
The overall procedure can be given as
P-1{F[P(X)]}
where, X->plaintext
P->certain permutation
F->certain transposition & substitution
F is obtained by cascading a certain function f, with each
stage of cascade referred as around.
There are 16 rounds employed here.
How DES works?
DES operates on 64-bit of data. Each block of 64 bits is
divided into two blocks of 32 bits each, a left half block L
and a right half R.
M = 0123456789ABCDEF
M = 0000 0001 0010 0011 0100 0101 0110 0111
LET
57 49 41 33 25 17 9 K = 00010011 00110100 01010111 01111001
1 58 50 42 34 26 18
10011011 10111100 11011111 11110001
10 2 59 51 43 25 27
19 11 3 60 52 44 36 The 56-bit permutation:
63 55 47 39 31 23 15 K+ = 1111000 0110011 0010101 0101111
7 62 54 46 38 30 22
0101010 1011001 1001111 0001111
14 6 61 53 45 37 29
21 13 5 28 20 12 4 From the permuted key K+, we get
Iteration 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Number
Number of 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Left Shifts
C0 = 1111000011001100101010101111
D0 = 0101010101100110011110001111
C1 = 1110000110011001010101011111
D1 = 1010101011001100111100011110
C2 = 1100001100110010101010111111
D2 = 0101010110011001111000111101 and so on upto C16 & D16.
Key Computation
continued…
We now form the keys Kn, for 1<=n<=16, by applying the following
permutation table to each of the concatenated pairs CnDn.
30 40 51 45 33 48 Similarly,
44 49 39 56 34 53 K2 = 011110 011010 111011 011001
46 42 50 36 29 32
110110 111100 100111 100101
58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
M = 0000 0001 0010 0011 0100 0101 0110 0111
62 54 46 38 30 22 14 6
1000 1001 1010 1011 1100 1101 1110 1111
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1 IP = 1100 1100 0000 0000 1100 1100 1111 1111
59 51 43 35 27 19 11 3 1111 0000 1010 1010 1111 0000 1010 1010
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
Next divide the permuted block IP into a left half L0 of 32 bits, and a
right half R0 of 32bits.
L0 = 1100 1100 0000 0000 1100 1100 1111 1111
Ln = Rn-1
Rn = Ln-1 f(Rn-1, Kn)
For n = 1, we have
Kn E(Rn-1)
We now use each group of six bits as addresses in tables called "S boxes".
Each group of six bits will give us an address in a different S box. Located at
that address will be a 4 bit number.
This 4 bit number will replace the original 6 bits.
The net result is that the eight groups of 6 bits are transformed into eight
groups of 4 bits (the 4-bit outputs from the S boxes) for 32 bits total.
Encoding Data
continued…
S1 Box
Column number
R
o 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
w 0 14 4 13 1 3 15 11 8 3 10 6 12 5 9 0 7
n
u 1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
m
b 2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
e 3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
r
f = P(S)
The permutation P is defined in the following table. P yields a 32-bit output from a
32-bit input by permuting the bits of the input block.
P
16 7 20 21
29 12 28 17
From
1 15 23 26
5 18 31 10 S = 0101 1100 1000 0010 1011 0101 1001 0111
2 8 24 14 f = 0010 0011 0100 1010 1010 1001 1011 1011
32 27 3 9
19 13 30 6
22 11 4 25
Encoding Data
continued…
R1 = L0 f(R0, K1)
Encryption
lets use the message "6" .
C = Pe % n = 65 % 133
= 7776 % 133 = 62
Decryption
P = Cd % n = 6265 % 133 = 6
Digital Signature:
A hybrid approach