Amity Institute of Information

Technology (AIIT)
PG Program
Network Security and Cryptography
Dr. Himanshu Gupta

1
Module - II
 Block Cipher Principal

 A block cipher takes a block of plaintext bits and generates a block of

ciphertext bits, generally of same size. The size of block is fixed in the
given scheme.

 The choice of block size does not directly affect to the strength of
encryption scheme. The strength of cipher depends up on the key
length.

 A block cipher is an encryption method that applies a deterministic

algorithm along with a encryption key to encrypt a block of text, rather
than encrypting one bit at a time as in stream ciphers. For example, a
common block cipher, AES, encrypts 128 bit blocks with a key of
predetermined length: 128, 192, or 256 bits.
Block Cipher Principal
 Data Encryption Standard
 The Data Encryption Standard (DES) is a symmetric-key block cipher
published by the National Institute of Standards and Technology
(NIST). DES was developed by IBM in the 1970s and later standardized
in public by the NSA in 1977.

 The DES algorithm is the most popular security algorithm. It's a

symmetric algorithm, which means that the same keys are used to
encrypt/decrypt sensitive data.

 DES is an implementation of a Feistel Cipher. It uses 16 round Feistel

structure. The block size is 64-bit. Though, key length is 64-bit, DES
has an effective key length of 56 bits, since 8 of the 64 bits of the key
are not used by the encryption algorithm
 Data Encryption Standard
 The Data Encryption Standard (DES) is a symmetric-key block cipher
published by the National Institute of Standards and Technology
(NIST). DES was developed by IBM in the 1970s and later standardized
in public by the NSA in 1977.

 The DES algorithm is the most popular security algorithm. It's a

symmetric algorithm, which means that the same keys are used to
encrypt/decrypt sensitive data.

 DES is an implementation of a Feistel Cipher. It uses 16 round Feistel

structure. The block size is 64-bit. Though, key length is 64-bit, DES
has an effective key length of 56 bits, since 8 of the 64 bits of the key
are not used by the encryption algorithm
Data Encryption Standard
 Data Encryption Standard Operations
DES operations can be described in following steps:
1. In the first step, the 64 bit plain text block is handed over to an initial
Permutation (IP) function.
2. The initial permutation performed on plain text.
3. Next the initial permutation (IP) produces two halves of the permuted
block; says Left Plain Text (LPT) and Right Plain Text (RPT).
4. Now each LPT and RPT to go through 16 rounds of encryption
process.
5. After that, swapping or transposition operation takes place on
Substitution Output.
6. In the end, LPT and RPT are rejoined and a Final Permutation (FP) is
performed on the combined block
7. The result of this process produces 64 bit cipher text.
Data Encryption Standard
 Triple DES

 The original DES symmetric encryption algorithm specified the use of

56-bit keys -- not enough, by 1999, to protect against practical brute
force attacks.
 Triple DES specifies the use of three distinct DES keys, for a total key
length of 168 bits.
 Triple DES runs three times slower than DES, but is much more
secure if used properly. This means that the effective key strength for
Triple DES is actually 168 bits because each of the three keys contains
8 parity bits that are not used during the encryption process.
 The main disadvantage to DES is that it is broken using brute-force
search. However, using 3DES mitigates this issue at the cost of
increasing execution time.
Triple DES
Triple DES
Block Cipher Modes of Operations
CBC Mode
ECB Mode
CFB Mode
OFB Mode
CTR Mode
 Advanced Encryption Standard (AES)

• AES has been adopted by the U.S. government and is now used
worldwide. It supersedes the Data Encryption Standard (DES),
which was published in 1977.
• The algorithm described by AES is a symmetric-key algorithm,
meaning the same key is used for both encrypting and
decrypting the data.
• AES data encryption is a more mathematically efficient and
elegant cryptographic algorithm, but its main strength rests in
the option for various key lengths.
• AES allows you to choose a 128-bit, 192-bit or 256-bit key,
making it exponentially stronger than the 56-bit key of DES.
 Advanced Encryption Standard (AES)

• AES is based on a design principle known as a substitution-

permutation network. It is fast in both software and hardware. Unlike
its predecessor, DES, AES does not use a Feistel network.

• AES has a fixed block size of 128 bits and a key size of 128, 192, or 256
bits, whereas Rijndael can be specified with block and key sizes in any
multiple of 32 bits, with a minimum of 128 bits. The blocksize has a
maximum of 256 bits, but the keysize has no theoretical maximum.

• AES operates on a 4×4 column-major order matrix of bytes, termed the

state . Most AES calculations are done in a special finite field.
 Advanced Encryption Standard (AES)

• The AES cipher is specified as a number of repetitions of

transformation rounds that convert the input plaintext into the final
output of ciphertext.

• The number of cycles of repetition are as follows:- 10 cycles of

repetition for 128 bit key. 12 cycles of repetition for 192 bit key. 14
cycles of repetition for 256 bit key.

• Each round consists of several processing steps, including one that

depends on the encryption key. A set of reverse rounds are applied to
transform ciphertext back into the original plaintext using the same
encryption key.
Advanced Encryption Standard (AES)
 Advanced Encryption Standard (AES) Operations
1. KeyExpansion—round keys are derived from the cipher key using Rijndael's key schedule.

2. Initial Round
AddRoundKey—each byte of the state is combined with the round key using bitwise XOR.

3. Rounds
a) SubBytes—a non-linear substitution step where each byte is replaced with another according to a lookup
table.
b) ShiftRows—a transposition step where each row of the state is shifted cyclically a certain number of steps.
c) MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in
each column.
d) AddRoundKey

4. Final Round (no MixColumns)

1.SubBytes
2.ShiftRows
3.AddRoundKey
Advanced Encryption Standard (AES) Operations
Advanced Encryption Standard (AES)
Public-Key Cryptographic Principle
 RSA Algorithm
 RSA is one of the first public-key cryptosystems and is widely used for
secure data transmission. The acronym RSA is the initial letters of the
surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly
described the algorithm in 1977.

 RSA (Rivest–Shamir–Adleman) is an algorithm used by modern computers

to encrypt and decrypt messages.

 It is an asymmetric cryptographic algorithm. Asymmetric means that there

are two different keys.

 This is also called public key cryptography, because one of the keys can be
given to anyone.
RSA Algorithm
Thank You!