Encryption Algorithms

Encryption Algorithms:-

Their are Symmetric Block Cipher Algorithms

1. DES (Data Encryption Standard)
2. 3DES (Triple DES)
3. AES (Advanced Encryption Standard)

Data Encryption Standard (DES):-

The main standard for encrypting data was a symmetric algorithm known as the Data Encryption Standard (DES). However, this has now been replaced by a new standard known as the Advanced Encryption Standard (AES) which we will look at later.

 DES is a 64 bit block cipher which means that it encrypts data 64 bits at a time. This is contrasted to a stream cipher in which only one bit at a time (or sometimes small groups of bits such as a byte) is encrypted. 

History:-

DES was the result of a research project set up by International Business Machines (IBM) Corporation in the late 1960’s which resulted in a cipher known as LUCIFER. In the early 1970’s it was decided to commercialize LUCIFER and a number of significant changes were introduced. IBM was not the only one involved in these changes as they sought technical advice from the National Security Agency (NSA) (other outside consultants were involved but it is likely that the NSA were the major contributors from a technical point of view). The altered version of LUCIFER was put forward as a proposal for the new national encryption standard requested by the National Bureau of Standards (NBS)3 . It was finally adopted in 1977 as the Data Encryption Standard- DES . Some of the changes made to LUCIFER have been the subject of much controversy even to the present day. The most notable of these was the key size. 

LUCIFER used a key size of 128 bits however this was reduced to 56 bits for DES. Even though DES actually accepts a 64 bit key as input, the remaining eight bits are used for parity checking and have no effect on DES’s security. Outsiders were convinced that the 56 bit key was an easy target for a brute force attack4 due to its extremely small size. The need for the parity checking scheme was also questioned without satisfying answers. 

working:-

DES (and most of the other major symmetric ciphers) is based on a cipher known as the 

Feistel block cipher. It consists of a number of rounds where each round contains bit-shuffling, non- linear substitutions (S-boxes) and exclusive OR operations. 

As with most encryption schemes, DES expects two inputs - the plaintext to be encrypted and the secret key. The manner in which the plaintext is accepted, and the key arrangement used for encryption and decryption, both determine the type of cipher it is. 

DES is therefore a symmetric, 64 bit block cipher as it uses the same key for both encryption and decryption and only operates on 64 bit blocks of data at a time5 (be they plaintext or ciphertext). 

The key size used is 56 bits, however a 64 bit (or eight-byte) key is actually input. The least significant bit of each byte is either used for parity (odd for DES) or set arbitrarily and does not increase the security in any way. All blocks are numbered from left to right which makes the eight bit of each byte the parity bit.

Once a plain-text message is received to be encrypted, it is arranged into 64 bit blocks 

required for input. If the number of bits in the message is not evenly divisible by 64, then the last block will be padded. Multiple permutations and substitutions are incorporated 

throughout in order to increase the difficulty of performing a cryptanalysis on the cipher.

AES (ADVANCED ENCRYPTION ALGORITHM):-

AES is a block cipher with a block length of 128 bits. 
AES allows for three different key lengths: 128, 192, or 256 bits. 
Most of our discussion will assume that the key length is 128 bits.  
Encryption consists of 

• 10 rounds of processing for 128-bit keys, 

• 12 rounds for 192-bit keys, 

• 14 rounds for 256-bit keys.  

Except for the last round in each case, all other rounds are identical.  Each round of processing includes one single-byte base substitution step,  a row- wise permutation step, a column-wise mixing step, and the addition of  the  round  key.  The order in which  these four steps are executed is different for encryption  and decryption. 
• To appreciate the processing steps used in a single round, it is best to think of a 128-bit block as consisting of a 4 × 4 matrix of bytes, arranged as follows: 

Therefore, the first four bytes of a 128-bit input block occupy the first column in the 4 × 4 matrix of bytes. The next four bytes occupy the second column, and so on.

The 4×4 matrix of bytes shown above is referred to as the state array in AES.

The algorithm begins with an Add round key stage followed by 9 rounds of four stages and a tenth round of three stages. 
This applies for both encryption and decryption with the exception that each stage of a round the decryption algorithm is the inverse of its counterpart in the encryption algorithm. 
The four stages are as follows: 1. Substitute bytes 2. Shift rows 3. Mix Columns 4. Add 
Round Key.

Substitute Bytes:-

•This stage (known as Sub Bytes) is simply a table lookup using a 16 × 16 matrix of byte values called an s-box. 
•This matrix consists of all the possible combinations of an 8 bit sequence (28 = 16 × 16 = 256). 
•However, the s-box is not just a random permutation of these values and there is a well defined method for creating the s-box tables. 
•The designers of Rijndael showed how this was done unlike the s-boxes in DES for which no rationale was given. Our concern will be how state is effected in each round. 
•For this particular round each byte is mapped into a new byte in the following way: the leftmost nibble of the byte is used to specify a particular row of the s-box and the rightmost nibble specifies a column. 
•For example, the byte {95} (curly brackets represent hex values in FIPS PUB 197) selects row 9 column 5 which turns out to contain the value {2A}. 
• This is then used to update the state matrix. 

Shift Row Transformation:-

• This stage (known as Shift Rows) is shown in figure below. 
• Simple permutation an nothing more. 
• It works as follow: – The first row of state is not altered. – The second row is shifted 1 bytes to the left in a circular manner. – The third row is shifted 2 bytes to the left in a circular manner. – The fourth row is shifted 3 bytes to the left in a circular manner. 

MIX COLUMN TRANSFORMATION:-

• This stage (known as Mix Column) is basically a substitution 

• Each column is operated on individually. Each byte of a column is mapped into a new value that is a function of all four bytes in the column. 

• The transformation can be determined by the following matrix multiplication on state 

• Each element of the product matrix is the sum of products of elements of one row and one column. 

ADD ROUND KEY TRANSFORMATION:- 

• In this stage (known as Add Round Key) the 128 bits of state are bitwise XORed with the 128 bits of the round key. 
• The operation is viewed as a column wise operation between the 4 bytes of a state column and one word of the round key. 
• This transformation is as simple as possible which helps in efficiency but it also effects every bit of state. 
• The AES key expansion algorithm takes as input a 4-word key and produces a linear array of 44 words. Each round uses 4 of these words as shown in figure. 
• Each word contains 32 bytes which means each subkey is 128 bits long. Figure 7 show pseudocode for generating the expanded key from the actual key.