Information Security

Dr. Irfan Yousuf

Department of Computer Science (New Campus)
UET, Lahore
(Week 4: September 23 - 27, 2024 )
Outline

•Block Cipher
•Fiestel Structure
Confusion vs. Diffusion
•Claude Shannon in his classic 1949 paper,
Communication theory of secrecy systems,
introduced the concepts of confusion and diffusion.

• To this day, these are the guiding principles for the

design of cryptographic algorithms.
Confusion
•Confusion means that each binary digit (bit) of the
ciphertext should depend on several parts of the key,
obscuring the connections between the two.
•The property of confusion hides the relationship
between the ciphertext and the key.
•The confusion technique keeps the relationship
between the encrypted text's statistics and the
encryption key's value as complex as possible.
Diffusion
•Diffusion means that the output bits should depend
on the input bits in a very complex way. In a cipher
with good diffusion, if one bit of the plaintext is
changed, then the ciphertext should change
completely.

•The purpose of diffusion is to hide the statistical

relationship between the ciphertext and the plain
text.
Confusion vs. Diffusion
•Confusion: To make the statistical relationship
between the cipher text and the value of the
encryption key as complex as possible to thwart
attempts to discover the key. It is achieved through
substitution.

•Diffusion: To make the statistical relationship

between the plaintext and ciphertext as complex as
possible to thwart attempts to discover the key. It is
achieved through transposition (permutation).
Block Cipher
•A block cipher is a method of encrypting data in
blocks to produce ciphertext using a cryptographic
key and algorithm.

•The block cipher processes fixed-size blocks

simultaneously, as opposed to a stream cipher, which
encrypts data one bit at a time.

• Most modern block ciphers are designed to encrypt

data in fixed-size blocks of either 64 or 128 bits.
Block Cipher vs. Stream Cipher
•Block and stream ciphers are two ways that you can
encrypt data. Also known as bulk ciphers, they’re
two categories of symmetric encryption algorithms.
•Encrypting information in chunks. A block cipher
breaks down plaintext messages into fixed-size
blocks before converting them into ciphertext using a
key.
•Encrypting information bit-by-bit. A stream cipher
breaks a plaintext message down into single bits,
which then are converted individually into ciphertext
using key bits.
Block Cipher vs. Stream Cipher
Block Cipher: Hill Cipher
Block Cipher: Hill Cipher

Plain Text = P = ACT

Key = K = GYBNQKURP

The plaintext and key are written as matrices / vectors.

Block Cipher: Hill Cipher

Ciphertext = POH
Block Cipher: Hill Cipher
To decrypt the message, we turn the ciphertext back into
a plain text, then simply multiply by the inverse matrix of
the key matrix.
Block Cipher: Hill Cipher
To decrypt the message, we turn the ciphertext back into
a plain text, then simply multiply by the inverse matrix of
the key matrix.
Hill Cipher
• The Hill Cipher was invented by Lester S. Hill in 1929,
and like the other Digraphic Ciphers it acts on groups
of letters.

• Unlike the others though it is extendable to work on

different sized blocks of letters.

• So, technically it is a polygraphic substitution cipher,

as it can work on digraphs, trigraphs (3 letter blocks)
or theoretically any sized blocks.
Hill Cipher: Encryption
Hill Cipher: Encryption
Encrypt the plaintext message “attack" using the keyword
CDDG and a 2 x 2 matrix.
Hill Cipher: Encryption
Encrypt the plaintext message short example using the
keyword hill and a 2 x 2 matrix.

Ciphertext = APADJTFTWLFJ
TFTWLFJ
Hill Cipher: Decryption
Hill Cipher: Decryption
In general, to find the inverse of the key matrix, we perform
the calculation below, where K is the key matrix, d is the
determinant of the key matrix and adj(K) is the adjugate
matrix of K.
Hill Cipher: Decryption
Step 1 - Find the Multiplicative Inverse of the Determinant

So, the multiplicative inverse of the determinant (i.e., 15)

modulo 26 is 7.
Hill Cipher: Decryption
Step 2 - Find the Adjugate Matrix

we need to add 26 to the negative values to get a number

between 0 and 25. (modulo 26)
Hill Cipher: Decryption
Step 3 - Multiply the Multiplicative Inverse of the
Determinant by the Adjugate Matrix
Hill Cipher: Decryption
Ciphertext = APADJTFTWLFJ
Block Cipher: Hill Cipher
Hill Cipher: Decryption

Decrypt the ciphertext message “FKMFIO" using the keyword

CDDG.
Block Cipher
Block Cipher
Feistel Structure
•In cryptography, a Feistel cipher is a symmetric
structure used in the construction of block ciphers, it
is also commonly known as a Feistel network or
structure.
•A large proportion of block ciphers use the scheme
such as DES.
•In a Feistel cipher, encryption and decryption are
very similar operations, and both consist of
iteratively running a function called a "round
function" a fixed number of times.
Feistel Structure
•Feistel cipher structure encrypts plain text in several
rounds, where it applies substitution and
transposition to the data.

•Each round uses a different key for encryption, and

that same key is used for the decryption process.
Feistel Structure
Feistel Structure: Encryption Steps
Feistel Structure: Encryption Steps
Feistel Structure
•In a Feistel structure, the encryption function is a key
component responsible for transforming one half of
the input data (typically referred to as the "right"
half) based on the other half (the "left" half) and a
round key.

•The primary purpose of the encryption function is to

introduce confusion and diffusion, two essential
properties in cryptographic systems.
Feistel Structure: Cryptography Function
• Logical Operations: Logical operations such as AND, OR
and especially XOR are most common components of
secret-key ciphers and are clearly small and fast in any
software or hardware system. However, we cannot
expect much security of them.

• Arithmetic Operations: Arithmetic operations such as

additions, subtractions and sometimes multiplications
are also commonly used in software-oriented ciphers
because they can be carried out by one instruction on
many processors and fairly contribute to their security.
Feistel Structure: Cryptography Function
• Shift Operations: Shift operations, especially rotate-
shifting, are frequently used in designing secret-key
ciphers. They indirectly improve data diffusion, and in
hardware they are obviously cheap and fast if the
number of shift counts is fixed.

• Lookup Tables: In software, efficiency of look-up tables

strongly depends on memory access speed. In early
microprocessors, memory access was much more
expensive than register access, while many recent
processors can read from and write to memory in one
cycle (or often less than one cycle due to parallel
processing) under certain conditions.
Feistel Structure: Encryption Example
• Plain text: A
• Total rounds: 3
• Keys: 5, 7, 2
• Encryption Function: AND operation
Feistel Structure: Encryption Example
• Get the Binary of plaintext: A = 65 =0100 0001
• L0 = 0100
• R0 = 0001
Round 1:
AND R0 with K1 (K1=5=0101): 0001
L0 XOR (AND R0 with K1) = 0101

L1 = 0001
R1 = 0101
Feistel Structure: Decryption
Decryption in a Feistel cipher is performed in a similar
manner to encryption but with a key schedule in reverse
order.
Feistel Structure: Decryption Example
• Cipher text = 0100 0101 (=69 = E)
• Keys: 2, 7, 5
• Encryption Function = AND operation
Feistel Structure: Exercise
• Using Feistel Block Cipher Encryption technique with
two rounds, encrypt the following plaintext.
• Plaintext: 1001 0011
• K1 : 1110
• K2 : 1011
• F is defined as follows: AND operation
Feistel Structure: Exercise
• Step 1: Split the Plaintext
• Split the plaintext into two halves
Feistel Structure: Exercise
• Round 1:
Feistel Structure: Exercise
• Round 2:
Feistel Structure: Exercise
• Combine the halves
Key Schedule
•A key schedule is an algorithm that calculates all the
round keys from the master key in cryptography
algorithms.
•Generating round keys from the master key in a
Feistel cipher typically involves using a key schedule
algorithm.
•The key schedule algorithm takes the master key as
input and generates a set of round keys, one for each
round of the Feistel cipher.
Key Schedule
•The round keys are derived from the master key
through a series of operations, including
permutations, substitutions, and bit shifts, to ensure
that each round key is unique and contributes to the
security of the encryption.
Key Schedule Methods
•Simple Key Expansion: This basic method involves
duplicating the master key to create multiple round
keys. Each round key is simply a copy of a portion of
the master key, ensuring that each round uses a
different part of the key. However, this method is not
very secure and is susceptible to various attacks.
•Round Key Derivation: In this method, each round
key is derived from the master key using a specific
function or operation. This function can involve bit
permutations, bitwise operations (e.g., XOR, AND,
OR), and mathematical operations. Examples include
the key schedule in DES (Data Encryption Standard)
and its variants.
Key Schedule Methods
•Subkey Generation: Subkey generation methods
involve creating round keys from the master key by
dividing the key into smaller subkeys and applying
various transformations to each subkey. These
transformations can include substitution,
permutation, and rotation operations. Subkey
generation methods are often used in modern block
ciphers like AES (Advanced Encryption Standard).
Key Schedule Methods
•Cryptographic Hash Functions: Some ciphers use
cryptographic hash functions to generate round keys.
The master key is used as the input to a hash
function, and the resulting hash value is split into
round keys. This method enhances security and
unpredictability, as hash functions are designed to
produce unique outputs for different inputs.
Key Schedule Methods
•Key Whitening: Key whitening is a method where
the master key is combined with additional random
or derived key material before being used as a round
key. This additional key material is often referred to
as a "whitening key." Whitening helps protect against
certain types of attacks and adds an extra layer of
security.
•Feistel Key Mixing: In some Feistel ciphers, a mixing
function is applied to the master key to create round
keys. The mixing function can involve a combination
of bitwise operations and mathematical operations.
The result is used as a round key.
Summary
• Block Cipher
• Feistel Network