| Size: 1079 Comment:  | Size: 4099 Comment:  | 
| Deletions are marked like this. | Additions are marked like this. | 
| Line 11: | Line 11: | 
| It seems reasonable then that DES using key K1 has a range of X and using key K2 has a range of Y where X and Y are different and the symmetric difference is non-empty [[latex2($\left( X \bigtriangleup Y \neq \emptyset \right)$)]]. This is actually true so that [[latex2($E_{K1}(E_{K2}(P) \neq E_{K3}(P)$)]] | It seems reasonable then that DES using key K1 has a range of X and using key K2 has a range of Y where X and Y are different and the symmetric difference is non-empty <<latex($\left( X \bigtriangleup Y \neq \emptyset \right)$)>>. This is actually true so that <<latex($E_{K1}(E_{K2}(P) \neq E_{K3}(P)$)>> | 
| Line 13: | Line 13: | 
| Using two keys doesn't do much good either though because we can use a meet in the middle attack. While DES requires effort on the order of 2^54 Double DES requires only effort on the order of 2^56. This type of attack works on any block cipher. So we go to 3DES. | Using two keys doesn't do much good either though because we can use a meet in the middle attack. While DES requires effort on the order of 2^54^ Double DES requires only effort on the order of 2^56^. This type of attack works on any block cipher. So we go to 3DES. | 
| Line 15: | Line 15: | 
| Cost of attack on 3DES which uses two keys [[latex2($E_{K1}(D_{K2}(E_{K1})))$)]] is [[latex($2^112$)]]. | Cost of attack on 3DES which uses two keys <<latex($E_{K1}(D_{K2}(E_{K1})))$)>> is <<latex($2^{112}$)>>. It is worth noting that some applications (PHP and S/MIME) have gone to 3KEY 3DES for extra protection. | 
| Line 19: | Line 21: | 
| Blowfish has the following characteristics: * '''Fast''': On a 32-bit processor at a rate of 18 Clock Cycles per byte. * '''Compact''': Runs in less than 5K of memory. * '''Simple''': Ok, its simple. * '''Variable secure''': Key length is variable 32 to 448 bits. * Block length is 64-bit. The algorithm works as follows where <<latex($F[a,b,c,d] = (S_{1,a} + S_{2,b}) \oplus S_{3,c})+S_{4,d}$)>> and each S is an S-box substitution. attachment:BlowFishDiagram.jpg Note that the S-Boxes in Blowfish are key dependent and that both sides are operated on in each round. | |
| Line 20: | Line 36: | 
| * Block cipher suitable for hardware or software, * Fast word oriented operations * Adaptable to processors of different word lengths 16,'''32''',64 * Variable number of rounds 0..'''12'''..255 * Variable Key length 0..'''16'''..255 bytes * Simple * Low memory requirement (suitable for smart cards etc.) * High security * ''Datat-dependent rotations'' Used in BSAFE, JSAFE and S/MAIL. | |
| Line 23: | Line 51: | 
| See book for list. | |
| Line 25: | Line 55: | 
| Review Questions | See review questions. = Review Questions = '''What is triple encryption?''' On input you encrypt once and route the output to the input (most likely with a new key) to the input again and repeat once more so that you have encrypted the plaintext three times. '''What is a meet-in-the-middle attack?''' If you have a plaintext, ciphertext pair you can encrypt the plain text and decrypt the ciphertext to see if the intermediate (or middle) ciphertexts match. If they do, you have possible found the two keys. '''How many keys are used in triple encryption?''' 3DES uses only two keys See above. '''Why is the middle portion of 3DES a decryption rather than an encryption.''' To make it compatible with single DES. '''What is the key size for Blowfish?''' Variable 32 to 448 bits. '''What primative operations are used in Blowfish?''' Addition of words modulo 2^32 Bitwise XOR. '''What common mathematical constants are used in RC5?''' * e - the natural base of logarithms * The golden ratio: <<latex($\phi = \frac{1+\sqrt{5}}{2}$)>>. '''What primitive operations are used in RC5?''' * Addition modulo 2^w * XOR * Left circular rotations. '''List important design considerations for a stream cipher.''' * A long period for the pseudorandom byte generator * The pseudorandom byte generator should approximate the uniform distribution * The seed value is the key and it should be long to provide security ~128 bit just like in block ciphers. '''Why is it not desirable to reuse a stream cipher key?''' If you have two ciphertexts are XOR'd together the result is the XOR of the two plaintexts. With enough ciphertexts you can start to reveal the plain text of each ciphertext. '''What primitive operations are used in RC4?''' Permutation and swap I think. It doesn't really say! | 
Symmetric Block Ciphers
Triple DES
First some stats to think about:
Single DES uses a 56 bit key. So the number of keys is 2^56.
The number of bits in a block is 64 so any block can be mapped to one of 2^64 different blocks.
It seems reasonable then that DES using key K1 has a range of X and using key K2 has a range of Y where X and Y are different and the symmetric difference is non-empty <<latex($\left( X \bigtriangleup Y \neq \emptyset \right)$)>>. This is actually true so that <<latex($E_{K1}(E_{K2}(P) \neq E_{K3}(P)$)>>
Using two keys doesn't do much good either though because we can use a meet in the middle attack. While DES requires effort on the order of 254 Double DES requires only effort on the order of 256. This type of attack works on any block cipher. So we go to 3DES.
Cost of attack on 3DES which uses two keys <<latex($E_{K1}(D_{K2}(E_{K1})))$)>> is <<latex($2^{112}$)>>.
It is worth noting that some applications (PHP and S/MIME) have gone to 3KEY 3DES for extra protection.
Blowfish
Blowfish has the following characteristics:
- Fast: On a 32-bit processor at a rate of 18 Clock Cycles per byte. 
- Compact: Runs in less than 5K of memory. 
- Simple: Ok, its simple. 
- Variable secure: Key length is variable 32 to 448 bits. 
- Block length is 64-bit.
The algorithm works as follows where <<latex($F[a,b,c,d] = (S_{1,a} + S_{2,b}) \oplus S_{3,c})+S_{4,d}$)>> and each S is an S-box substitution.
attachment:BlowFishDiagram.jpg
Note that the S-Boxes in Blowfish are key dependent and that both sides are operated on in each round.
RC5
- Block cipher suitable for hardware or software,
- Fast word oriented operations
- Adaptable to processors of different word lengths 16,32,64 
- Variable number of rounds 0..12..255 
- Variable Key length 0..16..255 bytes 
- Simple
- Low memory requirement (suitable for smart cards etc.)
- High security
- Datat-dependent rotations 
Used in BSAFE, JSAFE and S/MAIL.
Characteristics of Advanced Symmetric Block Ciphers
See book for list.
RC4 Stream Cipher
See review questions.
Review Questions
What is triple encryption?
On input you encrypt once and route the output to the input (most likely with a new key) to the input again and repeat once more so that you have encrypted the plaintext three times.
What is a meet-in-the-middle attack?
If you have a plaintext, ciphertext pair you can encrypt the plain text and decrypt the ciphertext to see if the intermediate (or middle) ciphertexts match. If they do, you have possible found the two keys.
How many keys are used in triple encryption?
3DES uses only two keys See above.
Why is the middle portion of 3DES a decryption rather than an encryption.
To make it compatible with single DES.
What is the key size for Blowfish?
Variable 32 to 448 bits.
What primative operations are used in Blowfish?
Addition of words modulo 2^32 Bitwise XOR.
What common mathematical constants are used in RC5?
- e - the natural base of logarithms
- The golden ratio: <<latex($\phi = \frac{1+\sqrt{5}}{2}$)>>. 
What primitive operations are used in RC5?
- Addition modulo 2^w
- XOR
- Left circular rotations.
List important design considerations for a stream cipher.
- A long period for the pseudorandom byte generator
- The pseudorandom byte generator should approximate the uniform distribution
- The seed value is the key and it should be long to provide security ~128 bit just like in block ciphers.
Why is it not desirable to reuse a stream cipher key?
If you have two ciphertexts are XOR'd together the result is the XOR of the two plaintexts. With enough ciphertexts you can start to reveal the plain text of each ciphertext.
What primitive operations are used in RC4?
Permutation and swap I think. It doesn't really say!
