Chapter 3
1. DES (Data Encryption Standard) (p. 72)
Encrypted in 64-bit blocks using 56-bit key.
Considerable controversy over design
Key size: LUCIFER 128 bits -> DES 56 bits
S-boxes: design criteria are classified
DES Encryption:
Figure 3.7 (p. 74)
Left-Hand Side(Plaintext side):
(1). Initial Permutation (IP): Table 3.2(a) (p. 76)
Rearranges th bits to produce permuted input.
重新排列plaintext的順序。
(2). 16 Rounds:
Permutation and Substitution with key
依據key排列、替換plaintext,反覆16次。
(3). 32-bit Swap:
swap left and right halves of the output to produce
the preoutput.
將round的64-bits output分成左右各32bits,然後交換
產生preoutput。
(4). Inverse of the Initial Permutation (IP-1): Table 3.2(b)
反置換preoutput以產生64-bits的ciphertext。
Right-Hand Side(Key side):
(1). Permuted choice 1: Table 3.4(b) (p. 80)
重新排列key的順序。
(2). 16 Rounds:
先做左循環位移(left circular shift) (Table 3.4d),
再將結果重新排列(Permuted choice 2)得到Ki。
(Table 3.4c)
Single Round of DES Algotithm:
Figure 3.8 (p. 77)
Left-Hand Side(Plaintext generation):
(1). uses two 32-bit L & R halves.
將plaintext分成left與right兩部份,各為32bits
(2). L與R的output formula如下:
Li = R(i–1)
Ri = L(i–1) ⊕ F(R(i–1), Ki)
(3). Calculation of F(R, k): Figure 3.9 (p. 78)
a). Expansion Permutation(E Table): Table 3.2(c)
利用Expansion Permutation將R從32bits轉成48bits。
b). XOR:
將expansion的結果與Ki做XOR運算。
c). Substitution choice(S-box): Table 3.3 (p. 79)
將48-bits分成8個box,每個box為6 to 4 bits
的transfer,利用S-box輸出32bits result。
For single box:
I). 用input的first及last bits組成一個二進位數,
依此選擇box's row。
II).用input中間4 bits選擇box's column。
ex:
for S1, input is 011011
row = 01 = 1
column = 1101 = 13
so, 011011 → S1 → 0101(5)
d). Permutation Fucntion(p): Table 3.2(d)
依表重新排列bits得到F function output。
Right-Hand Side(Key generation):
(1). Every eighth bit is ignored: Table 3.4a (p. 80)
所有8的倍數的bit都捨棄,產生一組56 bits的key,
(2). Permuted choice 1: Table 3.4(b)
將key分解成C(i-1)與D(i-1)兩個部份,各為28 bits
(3). Left Cycle Shifts: Table 3.4(d)
依據round number,每次將C與D做不同bits的shift,
產生Ci以及Di(下個round的C、D)。
(4). Permuted choice 2: Table 3.4(c)
將C(i-1)及D(i-1)合併並依表產生一組48 bits的Ki。
DES Decryption:
方式與encryption相同,只是key的順序顛倒,由K16反推回K1。
2. The Avalanche Effect(雪崩效應) (p. 80)
Def: A small change in either the plaintext or the key should produce
a significant change in the ciphertext.
plaintext或key的細微改變會導致ciphertext有明顯的變化。
3. Strength of DES – Key Size
(1). 56-bit keys have 2^56 = 7.2 x 10^16 values.
(2). brute force search looks hard.
4. Block Cipher Design Principles (p. 86)
(1). Number of rounds:
The greater the number of rounds, the more difficult it is to
perform cryptanalysis.
(2). Design of function F
(3). S-Box design
(4). Key schedule
5. Mode of operation
(1). Electronic Codebook Mode(ECB) (p. 90):
Figure 3.11 (p. 92)
The plaintext is handled 64 bits at a time and each block of plaintext
is encrypted using the same key.
使用同一把key對每個block作加解密。
Ideal for a short amount of data but may not be secure for
lengthy messages.
Main use is sending a few blocks of data.
Drawbacks:
a). Repetitions in message may show in ciphertext.
b). Weakness due to encrypted message blocks being independent
(2). Cipher Block Chaining Mode(CBC) (p. 91):
The input to the cipher is the XOR of the current plaintext block and
the preceding ciphertext block; the same key is used for each block.
每個block的cipher input都是plaintext以及上個block的ciphertext
的XOR.
Ci = Ek[C(i-1) ⊕ Pi]
Pi = Dk[Ci] ⊕ C(i-1)
Advantages:
Each ciphertext block depends on all message blocks.
Disadvantages:
A change in the message affects all ciphertext blocks after
the change as well as the original block
Initialization vector(IV) is XORed with the first block of plaintext,
knowns to sender and receiver.
IV must be protected as well as the key.
Usually sending IV using ECB encryption.
At end of message, handle possible last short block.
message結尾可能需要加入部分無意義的block。
(3). Cipher FeedBack Mode(CFB) (p. 94)
Figure 3.13(p. 95)
To convert DES into a stream cipher.
a). 將ciphertext往左位移s bits,然後與K做encrypt。
b). 選取左邊s個bits與plaintext做XOR運算產生ciphertext。
c). 將下個block的shift regisiter的content往左位移s bits,接著將得到
的ciphertext傳入。
Decryption:
Using the same scheme, except that the received ciphertext unit
is XORed with the output of the encryption function to produce
the plaintext unit.
Drawbacks:
a). limitation is need to stall while do block encryption after every
n-bits.
需到等一個block完成才能進行下一個block。
b). Bit errors in transmission propogate for several blocks after
the error.
當bit出錯時,error將會影響接下來的block.
(4). Output FeedBack Mode(OFB) (p. 94)
Figure 3.14(p. 96)
Similar in structure to that of CFB, except that the output of the
encyption functoin that is fed back to the shift register in OFB.
跟CFB不同之處在於傳入shift register的bits並沒有與plaintext做
XOR運算。
Uses: stream encryption over noisy channels.
Advantage: the bit errors in transmission do not propagate.
Message stream modification attack (p. 97):
Complementing a bit in the ciphertext complements the
corresponding bit in the recovered plaintext.
完成加密的同時也了解了plaintext。
(5). Counter Mode(CTR) (p. 97)
Figure 3.15
利用counter與K做enrcypt,然後再與plaintext做XOR。
Uses: high-speed network encryptions.
Limitation: must ensure never reuse key/counter values, otherwise
could break.
Advantages:
a). Hardware efficiency
Can do parallel encryption / decryption on multiple blocks.
b). Software efficiency
Processors that support parallel features can be effectively
utilized for parallel encryption / decryption
c). Preprocessing
The output of encryption boxes can be calculated in advance.
可以事先做加密,等plaintext(或ciphertext)來的時候馬上就可
做XOR運算。
d). Random access
Any ith block of plaintext or ciphertext can be processed in
random-access fashion.
可以隨即針對某個block加密或解密。
e). Provable security
As secure as other modes.
可證明安全度與其他modes相似。
f). Simplicity
Implements only encryption algorithm, and not the decryption
algorithm.
只需存放加密演算法,不需額外的解密方式。
留言列表
文章集錦 (3)