Professional Documents
Culture Documents
Block Ciphers DES and TwoFish
Block Ciphers DES and TwoFish
TwoFish
(CS-452)
Week 3
Li = Ri–1
Developed in 1974 by IBM and the U.S. government to set a standard that
everyone could use to securely communicate with each other
The same steps, with the same key, are used to reverse the encryption
Use of DES has flourished, especially in financial applications
IP-1(IP(M)) = M
Output:
M58 M50 M42 M34 M26 M18 M10 M2
M60 M52 M44 M36 M28 M20 M12 M4
M62 M54 M46 M38 M30 M22 M14 M6
M64 M56 M48 M40 M32 M24 M16 M8
M57 M49 M41 M33 M25 M17 M9 M1
M59 M51 M43 M35 M27 M19 M11 M3
M61 M53 M45 M37 M29 M21 M13 M5
M63 M55 M47 M39 M31 M23 M15 M7
IP-1(IP(M)) = M
Output:
M1 M2 M3 M4 M5 M6 M7 M8
M9 M10 M11 M12 M13 M14 M15 M16
M17 M18 M19 M20 M21 M22 M23 M24
M25 M26 M27 M28 M29 M30 M31 M32
M33 M34 M35 M34 M35 M36 M37 M38
M41 M42 M43 M44 M45 M46 M47 M48
M49 M50 M51 M52 M53 M54 M55 M56
M57 M58 M59 M60 M61 M62 M63 M64
The first and last bits of the input to Si form a 2-bit binary number to select
one of 4 substitutions defined by the four rows (0, 1, 2, 3) in the table for Si
The middle 4 bits select one of 16 columns (0-15)
E.g. in S1, input 011001
The design of the round function focuses on the design of S-boxes and on the
permutation P
No output bit of any S-box should be too close a linear function of the input bits
Each row of an S-box should include all 16 possible output bit combinations
The design of the round function focuses on the design of S-boxes and on the
permutation P
The design of the round function focuses on the design of S-boxes and on
the permutation P
The design of the round function focuses on the design of S-boxes and on the
permutation P
Two output bits from each S-box affect middle bits of the next round
and the other two affect end bits
The four output bits from each S-box affect six different S-boxes on
the next round.
Expanded
Permutation (E)
32
.
.
.
.
16 rounds .
.
P1:
00000000 00000000
00000000 00000000
00000000 00000000
00000000 00000000
P2:
10000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000
Key K:
0000001 1001011 0100100 1100010 0011100 0011000 0011100
0110010
CPSC-452 Cryptography 53/71
Avalanche Effect
One plaintext P:
Two keys:
K1
1110010 1111011 1101111 0011000 0011101
0000100 0110001 1101110
K2
0110010 1111011 1101111 0011000 0011101
0000100 0110001 1101110
In 1998, Electronic Frontier Foundation (EFF) had broken a DES encryption using
a computer (“Deep Crack”) built for less than $250K. The attack took less than 3
days.
CPSC-452 Cryptography 55/71
Strength of DES – Key Size
EFF “Deep Crack” Consisted of 1,186 custom chips designed to try different
DES keys:
❖ Encrypt P for all 256 keys. Store the result in a table and then sort the table
❖ Decrypt C with 256 keys and check the result against the table for a match
❖ If a match occurs, then test the two resulting keys against some more known
plaintext-ciphertext pairs
CPSC-452 Cryptography 59/71
Triple-DES with Two-Keys
An obvious counter to the meet-in-the-middle attack is to use three stages of
encryption with 3 different keys ➔ requiring key length 168-bits
Three times slower to run
A cryptoanalytic technique developed by Eli Biham and Adi Shamir in late 1980s
Basic Idea: Assumes a linear relationship between the plaintext, key, and the
ciphertext and tries to derive the key based on it