Lecture 3_DES

CS351-Intro to Cyber Security

• Lecture 3: Modern Ciphers (DES)

Page 1: Overview

• Focus on Data Encryption Standard (DES) as a modern cipher for securing messages in cyber security.

Page 2: Cipher Types

• Block Cipher vs Stream Cipher

  • Block Ciphers:

    • Process messages in blocks (64 bits or more).

    • Each block undergoes separate en/decryption.

  • Stream Ciphers:

    • Process messages one bit or byte at a time.

    • Current focus of the course is on block ciphers.

Page 3: Feistel Cipher

• Introduction:

  • Most modern block ciphers operate on the Feistel structure devised by Horst Feistel.

  • Input block is split into two halves.

• Process:

  • Multiple rounds of processing:

    • Substitution is performed on the left half based on a round function of the right half and a subkey.

    • Halves are permuted and swapped.

  • Implements Shannon’s substitution-permutation concept.

Page 4: The Feistel Structure

• Illustration of the class Feistel network with multiple rounds.

  • Structure of Feistel includes:

    • Initial splitting, multiple rounds, function application, and final permutation.

Page 5: Feistel Parameters

• Security Factors:

  • Block Size: Larger sizes enhance security.

  • Key Size: Increased key length improves security.

  • Number of Rounds: More rounds contribute to security.

  • Subkey Generation Algorithm: Complexity increases resistance to cryptanalysis.

  • Speed: Efficient execution of encryption/decryption methods is critical.

Page 6: Data Encryption Standard (DES)

• Recognition:

  • Most popular encryption scheme, especially in financial applications.

  • Referred to as Data Encryption Algorithm (DEA).

• Parameters:

  • Processes plaintext in 64-bit blocks.

  • Uses a 56-bit key.

Pages 7-16: DES Encryption Process

• Overview:

  • DES uses initial permutation, key sub-keys through rounds, and final output permutation.

• Process Details:

  • Initial Permutation rearranges bits before rounds begin.

  • Each round involves key mixing, substitutions through S-boxes, and permuting.

Page 17: S-boxes in DES

• Functionality:

  • Each of the 8 S-boxes maps 6 bits to 4 bits, crucial for the substitution step.

  • Inputs are determined by both current data and key.

Pages 18-24: S-box Usage

• The process includes:

  • Inputting data into the S-boxes.

  • Each S-box returns a specific output based on the applied inputs.

  • Collectively, the outputs from all boxes create a single 32-bit block used in further permutations.

Pages 25-26: DES Key Schedule

• Key Generation:

  • Key scheduling involves the initial permutation to derive subtasks.

  • Process is repeated for 16 rounds to maintain security.

Page 27-28: DES Decryption

• Similar to Encryption:

  • Utilizes the same algorithm but with sub-keys applied in reverse order (K16...K1).

Page 29-32: DES Strength & Solutions

• Weaknesses:

  • 56-bit key is vulnerable; advances in technology shortened expected break time.

• Solutions:

  • Double DES and Triple DES enhance security by applying the encryption process multiple times.

Pages 32-41: Modes of Operation

• Different Modes:

  • Electronic Codebook (ECB): Encrypts data in independent blocks,

  • Cipher Block Chaining (CBC): Links blocks for enhanced security.

  • Cipher Feedback (CFB): Treats data as a stream, allowing feedback.

  • Output Feedback (OFB): Allows stream encryption over unreliable channels.

  • Counter Mode (CTR): Encrypts counter instead of data feedback, suitable for high-speed networks.

Page 42: Conclusion

• DES serves as a foundational learning step for understanding modern cryptography and its applications in cyber security.