Professional Documents
Culture Documents
Block Cipher Design Priciples
Block Cipher Design Priciples
Block Cipher Design Priciples
Unit 2
INTRODUCTION
Block ciphers:
• Encrypts a block of plaintext as a whole to
produce same sized ciphertext.
• Typical block sizes are 64 or 128 bits
• Most of the ciphers are block ciphers.
• If the message is large modes of operations
are used.
Introduction contd..
Stream ciphers:
• Stream ciphers process messages a bit or byte
at a time when en/decrypting
Block cipher basic principles
General condition in creating secure block
ciphers:
1. The block size has to be large
2. The key space (then key length) must be large
Block cipher basic principles contd..
General principles in designing secure block ciphers :
Diffusion:
• Diffusion hides the relationship b/w ciphertext and
plaintext.
• The goal is to spread the information from the plaintext
over the entire ciphertext so that changes in plaintext
affect many parts in ciphertext.
Confusion:
• Confusion hides the relationship b/w ciphertext and key.
• The dependence of the ciphertext on the plaintext should
be complex enough so that enemy can’t find the rules
Block cipher basic principles contd..
Block cipher basic principles contd..
The Feistel structure: processing in rounds
• Block ciphers are designed with many rounds
where basic round accomplishes the core
function f for basic confusion and diffusion.
• The input of a round is the output of the
previous round and a subkey which is
generated by a key-schedule algorithm.
• The decryption is a reverse process where the
sub-keys are handled in the reverse order
Block cipher basic principles contd..
Feistel cipher design principles:
Block cipher design principles
1. Number of rounds
2. Design of function F
3. S-box design
Block cipher design principles
1. Number of Rounds
• The greater the number of rounds, the more
difficult it is to perform cryptanalysis, even for
a relatively weak F.
– Key: K
– Plaintext: P = P1 P2…PN-1PN
– Ciphertext: C = C1C2…CN
• Encryption
• Ci = EK(Pi), 1≤i≤N
• Decryption
• Pi = DK(Ci), 1≤i≤N
1. Electronic Codebook (ECB) Mode contd..
• If the plaintext length is greater than b-bits, then
the plaintext is divided into b-bit blocks.
• Suppose if the last block is not equal to block size,
then remaining bits are padded.
Error Propagation
• A single bit error in transmission can create
errors in several in the corresponding block.
• The error does not have any effect on the other
blocks
Applications
– Secured Transmission of Encryption Keys.
Example:
1 Electronic Codebook (ECB) Mode contd..
Decryption
• Key: K
• Ciphertext: C=C1C2…CN
• Padded plaintext: P=P1P2…PN
• P1=DK(C1) ⊕ IV
• Pi= DK(Ci) ⊕ Ci-1= Ci-1⊕Pi⊕Ci-1
2. Cipher block chaining (CBC) mode contd…
Note:
• In CFB mode, encipherment and decipherment
use the encryption function of the underlying
block cipher.