AES

 Advanced Encryption Standard

 It has an input array, state array and a key array
 Aes is a block cipher algorithm.

Input Array:

 It has (4*4) cells

 Each cell = 1 byte/8 bits
 Total = 16 cells
 16*8= 128bits
 = 4 words(size of each word is 32 each)
 Plain Text is represented in the input array
 All the 128 bits will be stored in the input array which contains 8 bits in each cell
8 8 8 8
8 8 8 8
8 8 8 8
8 8 8 8

State Array:
S0 S0 S03 S0
1 2 4
S1 S1 S13 S1
1 2 4
S2 S2 S23 S2
1 2 4
S3 S3 S33 S3
1 2 4

 It is used to store the intermediate states within the rounds.

 Each and every round has additional steps
 Whenever we perform an operation in the additional steps or between the rounds we never bother about
the results we get in each round.
 Results will be stored in the form of 4 words
 S01 first will represent the byte and the second will represent the word

Key Array:
K1 K5 K9 K1
3
K2 K6 K10 K1
4
K3 K7 K11 K1
5
K4 K8 K12 K1
6

 The 4 words are expanded into 44 words

 Here each round we get 4 words and in total we have 10 rounds
 10 Rounds *4 words = 40 words + 4 is the additional round key
 Each column will represent one word and the 4 words will be expanded into 44 words.

 First the 128 bit plain text is sent to the add round key. And the input for this is words that is w1,w2...w4
total 4 words
 We have 10 rounds each round will have 4 words so atlast we have 44 words in total
 So, encryption we convert the plain text to cipher text
 Now coming second part of the diagram. 2nd part is where the decryption occurs.
 Here the cipher text is converted into plain text
 Here also we start with add round key
  No of rounds is 10 rounds for encryption as well as the decryption
In each round we have 4 steps
1.Substitute Bytes
2. Shift Rows (Left circular shift)
3. Mix columns we will not have this step in round 10
4. Add round Key - we will be performing the xor operation between the plain text and the key

THE FOUR STEPS IN EACH ROUND OF PROCESSING

STEP 1: (called SubBytes for byte-by-byte substitution during the forward process) (The corresponding
substitution step used during decryption is called InvSubBytes.)
This step consists of using a 16 × 16 lookup table to find a replacement byte for a given byte in the input state
array.
The entries in the lookup table are created by using the notions of multiplicative inverses in GF(28 ) and bit
scrambling to destroy the bit-level correlations inside each byte.
STEP 2: (called ShiftRows for shifting the rows of the state array during the forward process) (The
corresponding transformation during decryption is denoted InvShiftRows for Inverse Shift-Row
Transformation.)
ˆ The goal of this transformation is to scramble the byte order inside each 128-bit block.
STEP 3: (called MixColumns for mixing up of the bytes in each column separately during the forward process)
(The corresponding transformation during decryption is denoted InvMixColumns and stands for inverse mix
column transformation.) The goal is here is to further scramble up the 128-bit input block.
The shift-rows step along with the mix-column step causes each bit of the ciphertext to depend on every bit of
the plaintext after 10 rounds of processing.
In DES, one bit of plaintext affected roughly 31 bits of ciphertext. But now we want each bit of the plaintext to
affect every bit position of the ciphertext block of 128 bits.
STEP 4: (called AddRoundKey for adding the round key to the output of the previous step during the forward
process) (The corresponding step during decryption is denoted InvAddRoundKey for inverse add round key
transformation.)

2) DATA ENCRYPTION STANDARD

The Data Encryption Standard (DES) (NBS77], a system developed for the U.S. government, was intended for
use by the general public.
1. Background and History
At the start of the 1970s, the IBM team created a symmetric-key cipher block algorithm known as DES
(Data Encryption Standard) Algorithm. The term symmetric key means that the same key is used for
encryption & decryption of plain text or message. The National Institute of Standards and Technology
(NIST) later adopted this algorithm.

2. Overview of the DES Algorithm

 The DES algorithm is a careful and complex combination of two fundamental building blocks of
encryption: substitution and transposition.
  It will convert plain text to cipher text
 Des comes under block cipher algorithm
 The algorithm derives its strength from repeated application of these two techniques, one on top
of the other, for a total of 16 cycles.
 The sheer complexity of tracing a single bit through 16 iterations of substitutions and
transpositions has so far stopped researchers in the public from identifying more than a handful
of general properties of the algorithm.
 It has totally 16 rounds
 Plain text size 64bits
 Key size =48 bits (from 64 bits 16 bits are removed )
 That is 8 bits are removed for parity
 8 bits are removed for rearrangement
 So totally 16 bits are removed so key size = 48
 In each and every round 4 steps are performed

1.Dividing bits into 2 parts -32 bit each

2. Bit shuffling

3. Non linear substitutions

4. Exclusive OR operations

3. Fundamental Concepts of DES

3.1 Confusion and Diffusion; Substitution and Permutation

Confusion is the act of creating ciphertext so that its corresponding plaintext is no apparent. Substitution
is the basic tool for confusion; here, we substitute one element of ciphertext for an element of plaintext
in some regular manner. Substitution is also the point at which a key is typically introduced in the
process. Single substitutions can be fairly easy to break, so strong encryption algorithms often employ
several different substitutions

Diffusion is the act of spreading the effect of a change in the plaintext throughout the resulting
ciphertext. With poor diffusion, a change to one bit in the plaintext result In a change to only one bit in
the ciphertext.
 Substitution is sometimes represented by so-called S-boxes, which are nothing other than table-driven
substitutions. Diffusion can be accomplished by permutations, or "P-boxes." .a line entering an S-box
from the top undergoes a substitution in the box. Then it is sent to another S-box in the line below by
permutation of the order in some way; this permutation is represented by the lines spreading out at many
angles.

3.2 Details of the Encryption Algorithm

The basis of the DES is two different ciphers, applied alternately. Shannon noted that two weak but
complementary ciphers can be made more secure by being applied together (called the "product" of the
two ciphers) alternately, in a structure called a product cipher.

After initialization, the DES algorithm operates on blocks of data. It splits a data block in half, scrambles
each half independently, combines the key with one half, and swaps the two halves. This process is
repeated 16 times. It is an iterative algorithm using just table lookups and simple bit operations.

DES ALGORITHM:

Initial key with 64bits, are sent to PC1 and in PC1 8 Parity bits are to be removed from every 8th position
64=[8*8] i.e 56
64-8 = 56

Then apply the left circular shift after dividing 56 bits into 2 parts: co and Do each having 28 bits.
28 bits to co and 28 bits to Do
Then perform the left circular shift
Shift will be getting the C1 and D1 has the result
Left Circular Shift is moving the bits based on round number
For rounds 1,2,9,16 is 1 bit shift
For the other rounds it is 2 bit shift
This happens in each and every round

In PC2 Now the C1 and D1 are combined to form 56bits again

And permuted choice 2 is applied
56 bits are rearranged and permuted and 48 bits among them are selected and remaining are eliminated.This 8
bits are removed for rearrangement.
This 48 bit is sent has a key for round 1

The input for round 1 will be the plain text and the initial permutation (rearrangement of bits) the 64bit key and
the 48 bit key is sent as an input for round 1 and a 64bit output is generated from round 1. And that is given as
an input to round 2 with the 48 bits pc2.
These steps are carried throughout the 16 rounds.

And after round 16 you will again get a 64 bit key. On this 64 bit key u will be applying the final
permutation.then we’ll be getting the cipher text.

Details of Each Cycle of the Algorithm

Each cycle of the algorithm is really four separate operations. First, a right halr expanded from 32 bits to 48.
Then, it is combined with a form of the key. The result o this operation is then substituted for another result and
condensed to 32 bits at the same time. The 32 bits are permuted and then combined with the left half to yield a
ne right half.

3.3 Expansion Permutation

Each right half is expanded from 32 to 48 bits by means of the expansion permutation. The expansion permutes
the order of the bits and also repeats certain bits. The expansion has two purposes: to make the intermediate
halves of the ciphertext comparable in size to the key and to provide a longer result that can later be
compressed.
For each 4-bit block, the first and fourth bits are duplicated, while the second and third are used only once. This
table shows to which output position(s) the input bits move. Since this is an expansion per mutation, some bits
move to more than one position.

3.4 Key Transformation

 the 64-bit key immediately becomes a 56-bit key by deletion of every eighth bit.
 At each step in the cycle, the key is split into two 28-bit halves, the halves are shifted left by a specified
number of digits, the halves are then pasted together again, and 48 of these 56 bits are permuted to use
as a key during this cycle.
 Next, the key for the cycle is combined by an exclusive OR function with the expanded right half. That
result moves into the S-boxes we are about to describe.
 At each cycle, the halves of the key are independently shifted left circularly by a specified number of bit
positions.
3.5 S-Boxes
 Substitutions are performed by eight S-boxes.
 An S-box is a permuted choice function by which six bits of data are replaced by four bits.
 The 48-bit input is divided into eight 6-bit blocks, identified as B,B,... B; block B, is operated on by S-
box S.
 The S-boxes are substitutions based on a table of 4 rows and 16 columns
3.6 P-Boxes
After an S-box substitution, all 32 bits of a result are permuted by a straight permutation, P. Eight bits are shown
on each row. For example, bit l of the output of the substitution moves to bit 9, and bit 10 moves to position 16.
3.7 Initial and Final Permutations
The DES algorithm begins with an initial permutation that reorders the 64 bits of each input block. At the
conclusion of the l6 substitution-permutation rounds, the DES algorithm finishes with afinal permutation (or
inverse initial permutation).
3.8 Complete DES
Now we can put all the pieces back together. First, the key is reduced to 56 bits. Then, a block of 64 data bits is
permuted by the initial permutation. Following are 16 cycles in which the key is shifted and permuted, half of
the data block is transformed with the substitution and permutation functions, and the result is combined with
the remaining half of the data block. After the last cycle, the data block is permuted with the final permutation.
3.9 Decryption of the DES

3.10 Weaknesses of the DES

The DES algorithm also has known weaknesses, but these weaknesses are not believed to be serious
limitations of the algorithm's effectiveness.

Complements:
The first known weakness concerns complements. ) If a message is encrypted with a particular key, the
complement of that encryption will be the encryption of the complement message under the compliment
key.

Weak Keys:
A second known weakness concerns choice of keys, Because the initial key is split into two halves and
the two halves are independently shifted circularly, if the value being shifted is all 0s or all Is, then the
key used for encryption in each cycle is the same as for all other cycles. Remember that the difference
between encryption and decryption is that the key shifts are applied in reverse.

Semiweak Keys:
A third difficulty is similar: Specific pairs of keys have identical decryption. That is, there are two
different keys, k, and k,, for which c= DES(p, k;) and c = DES(p, k). This similarity implies that k, can
decrypt a message encrypted under k. These so-called semiweak keys.

Design Weaknesses:
 In another analysis of the DES, shows that the expansion permutation repeats the first and fourth bits of
every 4-bit series, crossing bits from neighboring 4-bit series. This analysis further indicates that in S-
box S4, one can derive the last three output bits the same way as the first by complementing some of the
input bits. Of course, this small weakness raises the question of whether there are similar weaknesses in
other S-boxes or in pairs of S-boxes.

Key Clustering:
Finally, the researchers in [DES84] investigate a phenomenon called "key clustering." They seek to
determine whether two different keys can generate the same ciphertext from the same plaintext, that is,
two keys can produce the same encryption. The semi weak keys are key clusters.

Security of the DES:

The cryptanalytic attacks described here have not exposed any significant, exploitable vulnerabilities in
the design of DES. But the weakness of the 56-bit key is now apparent. Although the amount of
computing power or time needed is still significant enough to deter casual DES key browsing, a
dedicated adversary could succeed against a specific DES ciphertext of significant interest.

4. Double and Triple DES

The DES algorithm is fixed for a 56-bit key

4.1 Double DES

 To address the discomfort, some researchers suggest using a double encryption for greater
secrecy. The double encryption works in the following way. Take two keys, k, and kz, and
perform two encryptions, one on top of the other: E(k,, E(k,m). In theory, this approach should
multiply the difficulty of breaking the encryption, just as two locks are harder to pick than one.
Unfortunately, that assumption is false.

 Merkle and Hellman [MERSI] showed that two encryptions are no better than one. The basis of
their argument is that the cryptanalyst works plaintext and ciphertext toward each other. The
analyst needs two pairs of plaintext (call them P, and P) and corresponding ciphertext, C, and C;,
but not the keys used to encrypt them. The analyst computes and saves P, encrypted under each
possible key. The analyst then tries decrypting C with a single key and looking for a match in the
saved Ps. A match is a possible pair of double keys, so the analyst checks the match with P2 and
C2.

 Thus the double encryption doubles the work for the attacker.

4.2 Triple DES

However, a simple trick does indeed enhance the security of DES. Using three keys adds significant strength.
The so-called triple DES procedure is C= E(k3, E(kz, E(k, m))). That is, encrypt with one key, decrypt with the
second, and encrypt with a third. This process gives a strength equivalent to a l12-bit key (because the double
DES attack defeats the strength of one of the three keys). That is, you encrypt with one key, decrypt with the
second and encrypt with the first again. This version requires only two keys.