UNIT-2

Stream ciphers
and block ciphers

Cryptography and Network Security (3161606)

 Unit-2
 Stream ciphers and block ciphers
 Block Cipher structure
 Data Encryption standard (DES)
 Design principles of block cipher
 AES with structure
 AES Transformation functions
 Key expansion

Unit-2 2
 Stream Cipher
 A stream cipher is one that encrypts a digital data stream one bit
or one byte at a time.
 Examples of classical stream ciphers are Autokeyed Vigenère
cipher ,A5/1, RC4 and Vernam cipher.

Unit-2 3
 Block Cipher
 A block cipher is one in which a block of plaintext is treated as a
whole and used to produce a ciphertext block of equal length.
 Typically, a block size of 64 or 128 bits is used.
 Examples are Feistel Cipher, DES, Triple DES and AES

Unit-2 4
 Diffusion and Confusion
 Diffusion hides the relationship between the ciphertext and the
plaintext.
 This is achieved by having each plaintext digit affect the value of
many ciphertext digits.
 Confusion hides the relationship between the ciphertext and the
key.
 This is achieved by the use of a complex substitution algorithm.

Unit-2 5
 Plaintext (2w bits)
Feistel Cipher Structure
L0 w bits w bits R0 Or Block Cipher Structure
Round 1
K1
F

L1 R1

Round i
Ki
F

Li Ri

Round n
Kn
Ln Rn
F
Ln+1 Rn+1
Ln Rn

Ciphertext (2w bits)

 Feistel Cipher Structure
 Input plaintext block of length 2w bits
 key K = n bits , Sub-keys: K1, K2, …, Kn (Derived from K)
 All rounds have the same structure.
 A substitution is performed by taking exclusive-OR on left half(Li)
of the data and the output of round function F which has inputs
right half(Ri) and sub key ki.
 A permutation is performed that consists of interchange of two
halves of data.
 This structure is called Substitution-Permutation Network (SPN)

Unit-2 7
 Feistel Network Factors
 Block size: Common block size of 64-bit. However, the new
algorithms uses a 128-bit, 256-bit block size.
 Key size: Key sizes of 64 bits or less are now widely considered to
be insufficient, These days at least 128 bit, more better, e.g. 192 or
256 bit
 Number of rounds: A typical size is 16 rounds.
 Round function F: Again, greater complexity generally means
greater resistance to cryptanalysis.
 Subkey generation algorithm: Greater complexity in this
algorithm should lead to greater difficulty of cryptanalysis.

Unit-2 8
Feistel Encryption & Decryption
 Prove that o/p of first round
of Decryption is equal to 32-
bit swap of i/p of 16th round of
Encryption
 LD1=RE15 & RD1=LE15
 On Encryption Side:
𝐿𝐸 16=𝑅 𝐸 1 5
𝑅𝐸16 =𝐿 𝐸1 5 ⊕ 𝐹 (𝑅𝐸15 , 𝐾 1 6 )
 On Decryption Side:
𝐿𝐷 1=𝑅𝐷 0=𝐿𝐸 16 =𝑅𝐸15
𝑅𝐷1= 𝐿 𝐷0 ⊕ 𝐹 ( 𝑅 𝐷 0 , 𝐾 16 )
¿ 𝑅𝐸16 ⊕ 𝐹 ( 𝑅𝐸15 , 𝐾 16 )
¿[ 𝐿𝐸 ¿ ¿15 ⊕ 𝐹 ( 𝑅𝐸15 , 𝐾 16 ) ]  ⊕ 𝐹 ( 𝑅𝐸15 , 𝐾 16 ) ¿
XOR Associativity Property
 Data Encryption Standard (DES)
 Type: Block Cipher
 Block Size : 64-bit
 Key Size: 64-bit, with only 56-bit effective
 Number of Rounds: 16

Unit-2 10
64-bit plaintext 64-bit key

Initial Permutation Permuted choice 1

64 56
K1 48 56
Round 1 Permuted choice 2 Left circular shift
64 56
K2 48 56
Round 2 Permuted choice 2 Left circular shift

K16 48 56
Round 16 Permuted choice 2 Left circular shift

32-bit swap
64
Inverse
Initial Permutation
DES Encryption
64-bit ciphertext
Algorithm
 DES Encryption Algorithm (Cont…)
 First, the 64-bit plaintext passes through an initial permutation
(IP) that rearranges the bits to produce the permuted input.
 This is followed by a phase consisting of sixteen rounds of the
same function, which involves both permutation and substitution
functions.
 Finally, the preoutput is passed through a permutation that is the
inverse of the initial permutation function, to produce the 64-bit
ciphertext.
 The 56-bit key is passed through a permutation function.
 For each of the sixteen rounds, a subkey (Ki) is produced by the
combination of a left circular shift and a permutation.

Unit-2 12
 DES Single Round

Unit-2 13
32-bits 32-bits 28-bits 28-bits
𝐿𝑖 − 1 𝑅𝑖 − 1 𝐶 𝑖 −1 𝐷𝑖 − 1

Expansion/ permutation Left Shift Left Shift

(E table) (S) (S)
48
Ki Permutation/
XOR compression
48
48 (Permuted choice 2)

Substitution/choice
(S-box)
32
Permutation
(P)
32

XOR

𝐿𝑖 𝑅𝑖 𝐶𝑖 𝐷𝑖
 DES Single Round (Cont…)
1. Key Transformation
• Permutation of selection of sub-key from original key
2. Expansion Permutation (E-table)
• Right half is expanded from 32-bits to 48-bits
3. S-box Substitution
• Accepts 48-bits from XOR operation and produce 32-bits using
8 substitution boxes (each S-boxes has a 6-bit i/p and 4-bit
o/p).
4. P-Box Permutation
5. XOR and Swap

Unit-2 15
 Role of S-box

Unit-2 16
 Role of S-box (Cont…)
 The outer two bits of each group select one row of an S-box.
 Inner four bits selects one column of an S-box.

S-box 1
 Example:
Input 0 1 1 0 0 1 Output 1 0 0 1

Row Column

Unit-2 17
 Avalanche Effect
 Desirable property of any encryption algorithm is that a change in
one bit of the plaintext or of the key should produce a change in
many bits of cipher text.
 DES performs strong avalanche effect.

 Although the two plaintext blocks differ only in the rightmost bit,
the ciphertext blocks differ in 29 bits.
 This means that changing approximately 1.5 % of the plaintext
creates a change of approximately 45 % in the ciphertext.
Unit-2 18
 AES (Advanced Encryption Standard)
 The Rijndael proposal for AES defined a cipher in which the block length
and the key length can be independently specified to be 128, 192, or 256
bits.
Key size (words/ bytes/ bits) 4/16/128 6/24/192 8/32/256
Block size (words/ bytes/ bits) 4/16/128 4/16/128 4/16/128
Round key size (words/ bytes/ bits) 4/16/128 4/16/128 4/16/128
Number of Rounds 10 12 14

 AES designed to have characteristics

1. Resistance against all known attacks
2. Speed and code compactness on a wide range of platforms
3. Design simplicity

Unit-2 19
 AES (Advanced Encryption Standard)

Plaintext (128 bits)

AES Key (128-256 bits)

Ciphertext (128 bits)

Unit-2 20
 AES Structure
Initialization
1. Expand 16-byte key to get
the actual key block to be
used.
2. Initialize 16-byte plaintext
block called as state.
3. XOR the state with the key
block.

For each round

1. Apply S-box
2. Rotate rows of state
3. Mix columns
4. Add Round key: XOR the
state with key block.
 Data Units in AES

Unit-2 22
 Block to State & State to Block

Unit-2 23
 Plain Text to State

Unit-2 24
 AES Structure
 The first N-1 rounds consist of four distinct transformation
functions.

• The 16 input bytes are substituted using an S-

SubBytes
box

• Each of the four rows of the matrix is shifted

ShiftRows
to the left

• Each column of four bytes is now transformed

MixColumns
using a special mathematical function.
• The 16 bytes of the matrix are now considered as
AddRoundKey 128 bits and are XORed to the 128 bits of the
round key.

Unit-2 25
 SubByte Transformation
 The forward substitute byte transformation, called SubBytes, is a
simple table lookup

Unit-2 26
 ShiftRows
 The first row of State is not altered.
 For the second row, a 1-byte circular left shift is performed.
 For the third row, a 2-byte circular left shift is performed.
 For the fourth row, a 3-byte circular left shift is performed.

Unit-2 27
 MixColumns
 Each byte of a column is mapped into a new value that is a
function of all four bytes in that column.

Unit-2 28
 AddRoundKey
 In the forward add round key transformation, the 128 bits of State
are bitwise XORed with the 128 bits of the round key.

State Round Key

Unit-2 29
 AES Overall Structure

Unit-2 30
 AES Key Expansion
 The AES key expansion algorithm takes as
input a four-word (16-byte) key and produces
a linear array of 44 words (176 bytes).
 Each added word w[i] depends on the
immediately preceding word, w[i - 1].
 In three out of four cases, a simple XOR is
used.
 Key Expansion Example

Unit-2 32