ISS_Unit_2
ISS_Unit_2
A block cipher encrypts data in fixed-size blocks usually 64 or 128 bits at a time.
The encryption algorithm processes each block of data separately using the cryptographic
key to transform the plaintext into the ciphertext.
The strength of the cipher depends upon the key length. However, any size of the block is
acceptable. The following aspects can be kept in mind while selecting the size of a block:
How it Works:
2. Encryption: The plaintext is combined with the keystream using a bitwise operation
(usually XOR). For example, if the plaintext is P and the keystream is K, the
ciphertext C is produced as: [ C = P \oplus K ]
Advantages:
Speed: Stream ciphers are generally faster than block ciphers, especially for small
amounts of data.
Memory E iciency: They can be more memory-e icient since they do not require
the entire block of data to be processed at once.
Disadvantages:
Error Propagation: An error in the ciphertext a ects only the corresponding bit in
the plaintext.
Security Concerns: If the same keystream is used for multiple messages (key
reuse), it can lead to vulnerabilities.
The Fiestel cipher is a structure used in the design of symmetric key block ciphers. The
Fiestel structure is characterized by its use of a series of rounds, where each round
consists of a series of operations that transform the input data.
1. Block Size: The plaintext is divided into two halves, typically referred to as the left
half (L) and the right half (R). Each half is usually of equal size.
2. Key: A key schedule is used to derive subkeys from the main key. These subkeys are
used in each round of the cipher.
3. Rounds: The Fiestel cipher operates through multiple rounds (often 16 or more).
Each round consists of the following steps:
Round Function (F): A function that takes the right half (R) and a subkey as
input and produces an output. This function typically includes non-linear
operations, such as substitutions and permutations, to provide confusion
and di usion.
XOR Operation: The output of the round function is XORed with the left half
(L).
Swapping: After the XOR operation, the left and right halves are swapped for
the next round.
4. Final Round: After the last round, the final left and right halves are combined to
produce the ciphertext.
It refers to the phenomenon where a small change in the input (such as flipping a single bit)
results in a significant and unpredictable change in the output (ciphertext).
Ideally, changing one bit of the plaintext or the key should change approximately half of the
bits in the ciphertext.
Security: The avalanche e ect enhances security by making it di icult for an attacker to
predict how changes in the plaintext or key will a ect the ciphertext.
Strength of DES
1. Key Length: DES uses a 56-bit key, In practice, DES is vulnerable to brute-force
attacks, where an attacker tries all possible keys until the correct one is found.
3. Structure: DES employs a Feistel structure, which allows for the same algorithm to
be used for both encryption and decryption. While this structure provides some
security benefits, the overall strength of DES is limited by its key length and block
size.
1. Key Length
DES: Uses a fixed key length of 56 bits. Although it can be extended to 112 or 168
bits through a method called Triple DES (3DES), the original DES is limited to 56 bits.
AES: Supports multiple key lengths: 128 bits, 192 bits, and 256 bits. This flexibility
allows AES to provide a higher level of security.
2. Block Size
DES: Operates on 64-bit blocks of data. This relatively small block size makes it
more susceptible to certain types of attacks, such as birthday attacks.
AES: Operates on 128-bit blocks of data. The larger block size enhances security
and e iciency, especially for modern applications.
3. Algorithm Structure
DES: Utilizes a Feistel structure, which divides the data block into two halves
and processes them through multiple rounds (16 rounds). The same algorithm is
used for both encryption and decryption, with the order of the subkeys reversed
during decryption.
4. Number of Rounds
5. Security
DES: Considered insecure for most applications today due to its short key length. It
is vulnerable to brute-force attacks, and in 1998, DES was successfully broken
in a matter of days using distributed computing.
AES: Considered highly secure and is widely used in various applications, including
government and financial systems. As of now, no practical attacks have been found
against AES that can break it in a reasonable time frame.
6. Performance
DES: Generally slower than AES due to its structure and the number of rounds.
The 64-bit block size can also lead to ine iciencies in processing larger data sets.
Block ciphers, such as AES and DES, encrypt data in fixed-size blocks (e.g., 128 bits for
AES). However, many applications require the encryption of data that is larger than the
block size or that is not a multiple of the block size. To address this, various modes of
operation have been developed.
Advantages:
Simple to implement.
Disadvantages:
Advantages:
Provides better security than ECB by ensuring that identical plaintext blocks
will encrypt to di erent ciphertexts.
Disadvantages:
Requires an IV, which must be unique and random for each encryption
session.
Advantages:
Disadvantages:
Not parallelizable.
Description: Similar to CFB, but instead of using the previous ciphertext block, it
uses the output of the encryption of the previous block (the keystream) to XOR
with the plaintext.
Advantages:
Errors do not propagate; an error in one block does not a ect others.
Can be parallelized.
Disadvantages:
Requires an IV.
Advantages:
If the same key and counter are reused, it can lead to security issues.
Confusion :
refers to making the relationship between the plaintext (the original message) and
the ciphertext (the encrypted message) as complex and intricate as possible.
so that even if an attacker knows the ciphertext, they cannot easily deduce the key
or the plaintext.
Complexity: The encryption process should be complex enough that small changes
in the key result in significant changes in the ciphertext.
Di usion
The goal of di usion is to ensure that changes in the plaintext (or the key) a ect many bits
of the ciphertext, making it di icult for an attacker to infer any information about the
plaintext from the ciphertext.
Bit Mixing: The encryption process should mix the bits of the plaintext thoroughly so
that each bit of the ciphertext is influenced by multiple bits of the plaintext.
Avalanche e ect : A change in a single bit of the plaintext should ideally change
about half of the bits in the ciphertext. This property helps to obscure patterns in the
plaintext.