Добавил:
Upload Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
inf_bezopasnost_wpoor_33__33__33.docx
Скачиваний:
0
Добавлен:
01.03.2025
Размер:
497.59 Кб
Скачать

10. Symmetric cryptosystem. Des

DES is a block cipher; it encrypts data in 64-bit blocks. A 64-bit block of plaintext goes in one end

of the algorithm and a 64-bit block of ciphertext comes out the other end. DES is a symmetric

algorithm: The same algorithm and key are used for both encryption and decryption

The key length is 56 bits.

Outline of the Algorithm

DES operates on a 64-bit block of plaintext. After an initial permutation, the block is broken into a right half and a left half, each 32 bits long. Then there are 16 rounds of identical operations, called

Function f, in which the data are combined with the key. After the sixteenth round, the right and left halves are joined, and a final permutation finishes off the

algorithm.

In each round the key bits are shifted, and then 48 bits are selected from the 56 bits

of the key. The right half of the data is expanded to 48 bits via an expansion permutation, combined

with 48 bits of a shifted and permuted key via an XOR, sent through 8 S-boxes producing 32 new bits, and permuted again. These four operations make up Function f. The output of Function f is then combined with the left half via another XOR. The result of these operations becomes the new right

half; the old right half becomes the new left half. These operations are repeated 16 times, making 16 rounds of DES. If Bi is the result of the ith iteration, Li and Ri are the left and right halves of Bi, Ki is the 48-bit key

for round i, and f is the function that does all the substituting and permuting and XORing with the

key(by scheme)

Decrypting DES

With DES it is possible to use the same function to encrypt or decrypt a block. The only difference is

that the keys must be used in the reverse order. That is, if the encryption keys for each round areK1

K2 K3,...,K16 then the decryption keys are K16 K15 K14, ..., K1. The algorithm that generates the key

used for each round is circular as well. The key shift is a right shift and the number of positions

shifted is 0,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1.

11. Symmetric cryptosystem. 3des

In cryptography, Triple DES is the common name for the Triple Data Encryption Algorithm (TDEA or Triple DEA) block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.

The original DES cipher's key size of 56 bits was generally sufficient when that algorithm was designed, but the availability of increasing computational power made brute-force attacks feasible. Triple DES provides a relatively simple method of increasing the key size of DES to protect against such attacks, without the need to design a completely new block cipher algorithm.

Algorithm

Triple DES uses a "key bundle" which comprises three DES keys, K1, K2 and K3, each of 56 bits (excluding parity bits). The encryption algorithm is:

ciphertext = EK3(DK2(EK1(plaintext)))

I.e., DES encrypt with K1, DES decrypt with K2, then DES encrypt with K3.

Decryption is the reverse:

plaintext = DK1(EK2(DK3(ciphertext)))

I.e., decrypt with K3encrypt with K2, then decrypt with K1.

Each triple encryption encrypts one block of 64 bits of data.

In each case the middle operation is the reverse of the first and last. This improves the strength of the algorithm when using keying option 2, and provides backward compatibilitywith DES with keying option 3.

Keying options

The standards define three keying options:

  • Keying option 1: All three keys are independent.

  • Keying option 2: K1 and K2 are independent, and K3 = K1.

  • Keying option 3: All three keys are identical, i.e. K1 = K2 = K3.

Keying option 1 is the strongest, with 3 × 56 = 168 independent key bits.

Keying option 2 provides less security, with 2 × 56 = 112 key bits. This option is stronger than simply DES encrypting twice, e.g. with K1 and K2, because it protects against meet-in-the-middle attacks.

Соседние файлы в предмете [НЕСОРТИРОВАННОЕ]