Professional Documents
Culture Documents
Aes and Des
Aes and Des
Input Array:
State Array:
S0 S0 S03 S0
1 2 4
S1 S1 S13 S1
1 2 4
S2 S2 S23 S2
1 2 4
S3 S3 S33 S3
1 2 4
Key Array:
K1 K5 K9 K1
3
K2 K6 K10 K1
4
K3 K7 K11 K1
5
K4 K8 K12 K1
6
First the 128 bit plain text is sent to the add round key. And the input for this is words that is w1,w2...w4
total 4 words
We have 10 rounds each round will have 4 words so atlast we have 44 words in total
So, encryption we convert the plain text to cipher text
Now coming second part of the diagram. 2nd part is where the decryption occurs.
Here the cipher text is converted into plain text
Here also we start with add round key
No of rounds is 10 rounds for encryption as well as the decryption
In each round we have 4 steps
1.Substitute Bytes
2. Shift Rows (Left circular shift)
3. Mix columns we will not have this step in round 10
4. Add round Key - we will be performing the xor operation between the plain text and the key
STEP 1: (called SubBytes for byte-by-byte substitution during the forward process) (The corresponding
substitution step used during decryption is called InvSubBytes.)
This step consists of using a 16 × 16 lookup table to find a replacement byte for a given byte in the input state
array.
The entries in the lookup table are created by using the notions of multiplicative inverses in GF(28 ) and bit
scrambling to destroy the bit-level correlations inside each byte.
STEP 2: (called ShiftRows for shifting the rows of the state array during the forward process) (The
corresponding transformation during decryption is denoted InvShiftRows for Inverse Shift-Row
Transformation.)
The goal of this transformation is to scramble the byte order inside each 128-bit block.
STEP 3: (called MixColumns for mixing up of the bytes in each column separately during the forward process)
(The corresponding transformation during decryption is denoted InvMixColumns and stands for inverse mix
column transformation.) The goal is here is to further scramble up the 128-bit input block.
The shift-rows step along with the mix-column step causes each bit of the ciphertext to depend on every bit of
the plaintext after 10 rounds of processing.
In DES, one bit of plaintext affected roughly 31 bits of ciphertext. But now we want each bit of the plaintext to
affect every bit position of the ciphertext block of 128 bits.
STEP 4: (called AddRoundKey for adding the round key to the output of the previous step during the forward
process) (The corresponding step during decryption is denoted InvAddRoundKey for inverse add round key
transformation.)
The Data Encryption Standard (DES) (NBS77], a system developed for the U.S. government, was intended for
use by the general public.
1. Background and History
At the start of the 1970s, the IBM team created a symmetric-key cipher block algorithm known as DES
(Data Encryption Standard) Algorithm. The term symmetric key means that the same key is used for
encryption & decryption of plain text or message. The National Institute of Standards and Technology
(NIST) later adopted this algorithm.
2. Bit shuffling
4. Exclusive OR operations
Confusion is the act of creating ciphertext so that its corresponding plaintext is no apparent. Substitution
is the basic tool for confusion; here, we substitute one element of ciphertext for an element of plaintext
in some regular manner. Substitution is also the point at which a key is typically introduced in the
process. Single substitutions can be fairly easy to break, so strong encryption algorithms often employ
several different substitutions
Diffusion is the act of spreading the effect of a change in the plaintext throughout the resulting
ciphertext. With poor diffusion, a change to one bit in the plaintext result In a change to only one bit in
the ciphertext.
Substitution is sometimes represented by so-called S-boxes, which are nothing other than table-driven
substitutions. Diffusion can be accomplished by permutations, or "P-boxes." .a line entering an S-box
from the top undergoes a substitution in the box. Then it is sent to another S-box in the line below by
permutation of the order in some way; this permutation is represented by the lines spreading out at many
angles.
The basis of the DES is two different ciphers, applied alternately. Shannon noted that two weak but
complementary ciphers can be made more secure by being applied together (called the "product" of the
two ciphers) alternately, in a structure called a product cipher.
After initialization, the DES algorithm operates on blocks of data. It splits a data block in half, scrambles
each half independently, combines the key with one half, and swaps the two halves. This process is
repeated 16 times. It is an iterative algorithm using just table lookups and simple bit operations.
DES ALGORITHM:
Initial key with 64bits, are sent to PC1 and in PC1 8 Parity bits are to be removed from every 8th position
64=[8*8] i.e 56
64-8 = 56
Then apply the left circular shift after dividing 56 bits into 2 parts: co and Do each having 28 bits.
28 bits to co and 28 bits to Do
Then perform the left circular shift
Shift will be getting the C1 and D1 has the result
Left Circular Shift is moving the bits based on round number
For rounds 1,2,9,16 is 1 bit shift
For the other rounds it is 2 bit shift
This happens in each and every round
The input for round 1 will be the plain text and the initial permutation (rearrangement of bits) the 64bit key and
the 48 bit key is sent as an input for round 1 and a 64bit output is generated from round 1. And that is given as
an input to round 2 with the 48 bits pc2.
These steps are carried throughout the 16 rounds.
And after round 16 you will again get a 64 bit key. On this 64 bit key u will be applying the final
permutation.then we’ll be getting the cipher text.
The DES algorithm also has known weaknesses, but these weaknesses are not believed to be serious
limitations of the algorithm's effectiveness.
Complements:
The first known weakness concerns complements. ) If a message is encrypted with a particular key, the
complement of that encryption will be the encryption of the complement message under the compliment
key.
Weak Keys:
A second known weakness concerns choice of keys, Because the initial key is split into two halves and
the two halves are independently shifted circularly, if the value being shifted is all 0s or all Is, then the
key used for encryption in each cycle is the same as for all other cycles. Remember that the difference
between encryption and decryption is that the key shifts are applied in reverse.
Semiweak Keys:
A third difficulty is similar: Specific pairs of keys have identical decryption. That is, there are two
different keys, k, and k,, for which c= DES(p, k;) and c = DES(p, k). This similarity implies that k, can
decrypt a message encrypted under k. These so-called semiweak keys.
Design Weaknesses:
In another analysis of the DES, shows that the expansion permutation repeats the first and fourth bits of
every 4-bit series, crossing bits from neighboring 4-bit series. This analysis further indicates that in S-
box S4, one can derive the last three output bits the same way as the first by complementing some of the
input bits. Of course, this small weakness raises the question of whether there are similar weaknesses in
other S-boxes or in pairs of S-boxes.
Key Clustering:
Finally, the researchers in [DES84] investigate a phenomenon called "key clustering." They seek to
determine whether two different keys can generate the same ciphertext from the same plaintext, that is,
two keys can produce the same encryption. The semi weak keys are key clusters.
To address the discomfort, some researchers suggest using a double encryption for greater
secrecy. The double encryption works in the following way. Take two keys, k, and kz, and
perform two encryptions, one on top of the other: E(k,, E(k,m). In theory, this approach should
multiply the difficulty of breaking the encryption, just as two locks are harder to pick than one.
Unfortunately, that assumption is false.
Merkle and Hellman [MERSI] showed that two encryptions are no better than one. The basis of
their argument is that the cryptanalyst works plaintext and ciphertext toward each other. The
analyst needs two pairs of plaintext (call them P, and P) and corresponding ciphertext, C, and C;,
but not the keys used to encrypt them. The analyst computes and saves P, encrypted under each
possible key. The analyst then tries decrypting C with a single key and looking for a match in the
saved Ps. A match is a possible pair of double keys, so the analyst checks the match with P2 and
C2.
Thus the double encryption doubles the work for the attacker.
However, a simple trick does indeed enhance the security of DES. Using three keys adds significant strength.
The so-called triple DES procedure is C= E(k3, E(kz, E(k, m))). That is, encrypt with one key, decrypt with the
second, and encrypt with a third. This process gives a strength equivalent to a l12-bit key (because the double
DES attack defeats the strength of one of the three keys). That is, you encrypt with one key, decrypt with the
second and encrypt with the first again. This version requires only two keys.