Block Cipher Modes of Operation

DATA ENCRYPTION STANDARD (DES) ALGORITHM

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the
National Institute of Standards and Technology (NIST).

DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block
size is 64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since
8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits
only). General Structure of DES is depicted in the following illustration:
 DES Structure

Since DES is based on the Feistel Cipher, all that is required to specify DES is:

 Round function
 Key schedule
 Any additional processing − Initial and final permutation
Initial and Final Permutation
The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses
of each other. They have no cryptography significance in DES. The initial and final
permutations are shown as follows:

Initial Permutation
 Final Permutation
Details of one round in DES

One Round in DES

Round Function (F):

The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the
rightmost 32 bits to produce a 32-bit output.
 Round function

 Expansion Permutation Box − Since right input is 32-bit and round key is a 48-bit,
we first need to expand right input to 48 bits. Permutation logic is graphically
depicted in the following illustration

Expansion Permutation

 The graphically depicted permutation logic is generally described as table in DES

specification illustrated as shown:

Expansion Permutation Table

  XOR (Whitener). − After the expansion permutation, DES does XOR operation on
the expanded right section and the round key. The round key is used only in this
operation.

 Substitution Boxes. − The S-boxes carry out the real mixing (confusion). DES uses
8 S-boxes, each with a 6-bit input and a 4-bit output. Refer the following illustration

Substitution

The S-box rule is illustrated below

S-box rule

 There are a total of eight S-box tables. The output of all eight s-boxes is then
combined in to 32-bit section.
S-boxes
  Straight Permutation − The 32-bit output of S-boxes is then subjected to the
straight permutation with rule shown in the following illustration:

Permutation Table

Key Generation
The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of
key generation is depicted in the following illustration

Key Generation
ADVANCED ENCRYPTION STANDARD (AES) ALGORITHM
The more popular and widely adopted symmetric encryption algorithm likely to be
encountered nowadays is the Advanced Encryption Standard (AES). It is found at least six
time faster than triple DES.
A replacement for DES was needed as its key size was too small. With increasing computing
power, it was considered vulnerable against exhaustive key search attack. Triple DES was
designed to overcome this drawback but it was found slow.
The features of AES are as follows:
 Symmetric key symmetric block cipher 
 128-bit data, 128/192/256-bit keys
 Stronger and faster than Triple-DES
 Provide full specification and design details 
 Software implementable in C and Java

Operation of AES
AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation
network. It comprises of a series of linked operations, some of which involve replacing inputs
by specific outputs (substitutions) and others involve shuffling bits around (permutations).
Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats
the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and
four rows for processing as a matrix: Unlike DES, the number of rounds in AES is variable
and depends on the length of the key.
AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit
keys. Each of these rounds uses a different 128-bit round key, which is calculated from the
original AES key. The schematic of AES structure is given in the following illustration:

AES Structure
Encryption Process
Here, we restrict to description of a typical round of AES encryption. Each round comprises
of four sub-processes. The first-round process is depicted below:
 One round in AES
Byte Substitution (Sub Bytes)
The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The
result is in a matrix of four rows and four columns.
This stage (known as Sub Bytes) is simply a table lookup using a 16 × 16 matrix of byte
values called an s-box.
This matrix consists of all the possible combinations of (16× 16 = 256).
However, the s-box is not just a random permutation of these values and there is a well
defined method for creating the s-box tables.

Shift rows
Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’ are
reinserted on the right side of row. Shift is carried out as follows:
 First row is not shifted
 Second row is shifted one (byte) position to the left
 Third row is shifted two positions to the left 
 Fourth row is shifted three positions to the left 
 The result is a new matrix consisting of the same 16 bytes but shifted with respect to
each other
Mix Columns
Each column of four bytes is now transformed using a special mathematical function. This
function takes as input the four bytes of one column and outputs four completely new bytes,
which replace the original column. The result is another new matrix consisting of 16 new
bytes. It should be noted that this step is not performed in the last round.

Add round key

The 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128 bits of
the round key. If this is the last round then the output is the cipher text. Otherwise, the
resulting 128 bits are interpreted as 16 bytes and we begin another similar round.

Decryption Process
The process of decryption of an AES cipher text is similar to the encryption process in
thereverse order. Each round consists of the four processes conducted in the reverse order:
 Add round key
 Mix columns
 Shift rows
 Byte substitution
Since sub-processes in each round are in reverse manner, unlike for a Feistel Cipher, the
encryption and decryption algorithms needs to be separately implemented, although they are
very closely related