Lecture 3_DES

CS351-Intro to Cyber Security

  • Lecture 3: Modern Ciphers (DES)

Page 1: Overview

  • Focus on Data Encryption Standard (DES) as a modern cipher for securing messages in cyber security.

Page 2: Cipher Types

  • Block Cipher vs Stream Cipher

    • Block Ciphers:

      • Process messages in blocks (64 bits or more).

      • Each block undergoes separate en/decryption.

    • Stream Ciphers:

      • Process messages one bit or byte at a time.

      • Current focus of the course is on block ciphers.

Page 3: Feistel Cipher

  • Introduction:

    • Most modern block ciphers operate on the Feistel structure devised by Horst Feistel.

    • Input block is split into two halves.

  • Process:

    • Multiple rounds of processing:

      • Substitution is performed on the left half based on a round function of the right half and a subkey.

      • Halves are permuted and swapped.

    • Implements Shannon’s substitution-permutation concept.

Page 4: The Feistel Structure

  • Illustration of the class Feistel network with multiple rounds.

    • Structure of Feistel includes:

      • Initial splitting, multiple rounds, function application, and final permutation.

Page 5: Feistel Parameters

  • Security Factors:

    • Block Size: Larger sizes enhance security.

    • Key Size: Increased key length improves security.

    • Number of Rounds: More rounds contribute to security.

    • Subkey Generation Algorithm: Complexity increases resistance to cryptanalysis.

    • Speed: Efficient execution of encryption/decryption methods is critical.

Page 6: Data Encryption Standard (DES)

  • Recognition:

    • Most popular encryption scheme, especially in financial applications.

    • Referred to as Data Encryption Algorithm (DEA).

  • Parameters:

    • Processes plaintext in 64-bit blocks.

    • Uses a 56-bit key.

Pages 7-16: DES Encryption Process

  • Overview:

    • DES uses initial permutation, key sub-keys through rounds, and final output permutation.

  • Process Details:

    • Initial Permutation rearranges bits before rounds begin.

    • Each round involves key mixing, substitutions through S-boxes, and permuting.

Page 17: S-boxes in DES

  • Functionality:

    • Each of the 8 S-boxes maps 6 bits to 4 bits, crucial for the substitution step.

    • Inputs are determined by both current data and key.

Pages 18-24: S-box Usage

  • The process includes:

    • Inputting data into the S-boxes.

    • Each S-box returns a specific output based on the applied inputs.

    • Collectively, the outputs from all boxes create a single 32-bit block used in further permutations.

Pages 25-26: DES Key Schedule

  • Key Generation:

    • Key scheduling involves the initial permutation to derive subtasks.

    • Process is repeated for 16 rounds to maintain security.

Page 27-28: DES Decryption

  • Similar to Encryption:

    • Utilizes the same algorithm but with sub-keys applied in reverse order (K16...K1).

Page 29-32: DES Strength & Solutions

  • Weaknesses:

    • 56-bit key is vulnerable; advances in technology shortened expected break time.

  • Solutions:

    • Double DES and Triple DES enhance security by applying the encryption process multiple times.

Pages 32-41: Modes of Operation

  • Different Modes:

    • Electronic Codebook (ECB): Encrypts data in independent blocks,

    • Cipher Block Chaining (CBC): Links blocks for enhanced security.

    • Cipher Feedback (CFB): Treats data as a stream, allowing feedback.

    • Output Feedback (OFB): Allows stream encryption over unreliable channels.

    • Counter Mode (CTR): Encrypts counter instead of data feedback, suitable for high-speed networks.

Page 42: Conclusion

  • DES serves as a foundational learning step for understanding modern cryptography and its applications in cyber security.