plaintext ciphertext

encryption algorithm decryption algorithm

plaintext

Round 1

Round 2

Round N

XYWJLRAM block of ciphertext

••••••

• Horst Feistel (IBM) invented the basic algorithm in 1973.

• Feistel ciphers use symmetric block encryption relying upon product transformations.

HI Mom S block of plaintext Key

f

+

f

+

f

+

subkey1

subkey2

subkeyN

•••

f some function

+ exclusive OR (bitwise)

• Encryption & decryption use the same algorithm.

DESData Encryption Standard - an algorithm selected by the National Institute ofStandards Technology for the encryption of non-classified data.

The current DES algorithm was adopted by the U.S. Nat. Bureau of Standards in 1977.Block size: ____ bitsKey size: ____ bits + 8-bit parity16-round Feistel encryption

(preceded by one permutation and followed by the permutation’s inverse)

SubkeysThe key (56-bits) is split in two and each half is rotated left by 1 or 2 bits. The resultingtwo 28-bit values index into a table to produce a 48-bit subkey. The rotated values are alsoforwarded to compute the next subkey.

f function1) input to f is expanded from 32 to 48 bits via table lookup2) 48-bit value from (1) is XORed with subkey3) 48-bit value from (2) is partitioned into eight 6-bit values4) 6-bit values from (3) are separated into outside 2 bits and center 4 bits (outside bits select row and inside bits select column from S-box table)5) eight S-box lookup values (each 4 bits long) are concatenated

The DES cipher substitutes via eight different S-boxes; two are below.

Brute Force

• 1977 - brute force attacks might be possible in the future [Diffie & Hellman IEEE Computer, June]

Time to Produce All Possible Encodings

Key Size (in bits) Number of Keys (1 encrypt./s) (106 encrypt./s)

32 232 ≈ 4.3 X 109 36 min. 2 msec.

56 256 ≈ 7.2 X 1016 1142 years 10 hr.

128 2128 ≈ 3.4 X 1038 5.4 X 1024 years 5.4 X 1018 years

26-char permutation 26! ≈ 4 X 1026 6.4 X 1012 years 6.4 X 106 years

• 1997 - a distributed collection of 3500 research computers discover DES key in ___ months

• 1998 - Electronic Frontier Foundation builds ___________________________________.

REF: www.tropsoft.com/strongenc/des.htm

• 1999 - Net uses DES Cracker plus 100,000 PCs to crack DES in under ______________.

______ - 1979 • also called triple DES • use two keys and three DES encryptions cipher = Ekey1( Dkey2( Ekey1( plaintext ) ) )• 3DES has an effective key size of 112 bits.

• developed by Bruce Schneier• compact, efficient, algorithm w/ key of 128 bits

• International Data Encryption Algorithm • developers from Swiss Federal Institute of Technology• 128-bit key, but differs from DES in round function and subkey generation.

______ - 1991

___________ - 1993

• Advanced Encryption Standard• selected algorithm: Rijndael • a product cipher using key sizes of 128, 192 and 256 bits (128-bit block size).

______ - 1999

• developed by Ron Rivest• efficient algorithm with variable length keys

______ - 1994

Advantages • only one key to generate • relatively well-tested and established algorithms• cipher algorithms are efficient

• potentially large number of keys

Disadvantages

• ______________________________ (How can this be accomplished securely?)

number of private keys

number of communicators 2 3 4 5 6 n