Communication Security

Prepared by:

Eng / Islam Amin Ellabban

Eng / Mostafa Mamdouh Mostafa
Eng / Haytham Mohamed Bahgat
Eng / Zakaria Zakaria Hassan

U n d e r su p e rv isio n o f:
P ro f. D r/ F a w zy Ib ra h im
 Security

C I A
Confidential Integrity Authenticati
ity on
Example to solve the Enciphering
Algorithm using Key length 128 bits :

Number of trails to solve = 2 128 = 10 38 trails

( Operations )

Supercomputer Speed = 10 12 Operations / Second = 1

Tera Operations

Time required = 10 38 / 10 12 = 10 26 second = 10 26 / 10 7

Second = 10 19 years
 Types of Cipher
Systems
1.Stream Cipher System
2.Block Cipher System
3.Public Key Cipher System

1 . Stream Cipher System

(K)
Key
Enciphering Sequence Deciphering
Algorithm Algorithm
Cipher Key
Sequence Sequence Plain
+ +

Plain •K length 2128 – 1 1038 bit

2 . Block Cipher System

m1 Memory C1
… less …
mL Device Cn

Transform each block of plain data into another block of cipher data
(C) under the control of the secret key.

3 . Public Key Cipher System

Have 2 ways:

Alic (C) Bob

A PKB SKB B
e
(M) Enc. Dec. (M)

Alic (C) Bob

A SKA PKB SKB PKA B
e
(M) Enc. Dec. (M)
ØBecause of our project here we will discuss the Block Cipher Systems Specially the
AES Algorithm (Advance Encryption Standard).

1 . AES ( Advanced Encryption Standard )

-The Advanced Encryption Standard (AES) was published by National Institute

of Standards and Technology (NIST) in 2001.
-
-AES is a symmetric block cipher that is intended to replace DES as the approved
standard for a wide range of applications.
-
-The two researchers who developed and submitted Rijndael for the AES are both
cryptographers are Dr. Joan Daemen & Dr. Vincent Rijmen = (Rijndael) From
Belgium.
-
-Ultimately, AES is intended to replace Triple DES, but this process will take a
number of years.
 AES ( Advanced Encryption Standard ) ( Cont .)

Rijndael was designed to have the following characteristics:

•Resistance against all known attacks.

•
•Speed and code compactness on a wide range of platforms.
•
•Design simplicity.
A number of AES parameters depend on the key length:
•
Key size 4/16/128 6/24/192 8/32/256
(words /bytes /bits)
Plain text block size 4/16/128 4/16/128 4/16/128
(words /bytes /bits)
Number of rounds 10 12 14

Round key size 4/16/128 4/16/128 4/16/128

(words /bytes /bits)
Expanded key size 44/176 52/208 60/240
(words /bytes)
 AES (Advanced Encryption Standard)
(Cont.)
• AES Block Diagram
•
Plain Text 128 Plain Text 128
bits Key bits

Add round key w [0, 3] Add round key

Substitute bytes Expand Key Inverse Substitute bytes

Shift rows Inverse Shift rows

Round

Round
Mix Columns Inverse Mix Columns
1

Add round key w [4, 7] Add round key

.. ..
.. ..
. .
 Substitute bytes Inverse Substitute bytes

Shift rows Inverse Shift rows

Round 2
Round 9

Mix columns Inverse Mix Columns

w [36, 39]
Add round key Add round key

Substitute bytes Inverse Substitute bytes

Round 10

Round 1
Shift rows Inverse Shift rows

Add round key w [40, 43] Add round key

Cipher Text 128 Cipher Text 128

bitsEncryptio bitsDecryptio
 AES (Advanced Encryption Standard)
(Cont.)
Four different stages are used (One of permutation and three of substitution)
•

• Substitute bytes: Uses an S-box to perform a byte by byte substitution of

block.
• Shift rows: A simple permutation.
• Mix columns: A substitution that makes use of arithmetic over GF (28).
• Add round key: A simple bitwise XOR of the current block with a portion
of the expanded key.

1.Around Key Block:

Plain Text 128 Key 128 bits

bits
+

Add round key

 AES (Advanced Encryption Standard)
(Cont.)

• 2. Substitute Bytes Block:

• Substitute each byte by another byte.
A) Put 128 bit block from Add round key block in the following form
•

• AR0 AR4 AR8 AR12

A) AR1 AR5 AR9 AR13
B) AR2 AR6 AR10 AR14
C) AR3 AR7 AR11 AR15
D) Substitute each byte by the coefficient form from S-Box: Each square have
1 byte which consists of 2 Hexadecimal numbers the first number on
the left is the Row and another Hexadecimal number is the Column in
S-BOX.
•

•
 AES (Advanced Encryption Standard)
(Cont.)

Ø Example:
•

Using S-Box
E for Row & A for
Column

Using Inverse S-Box

8 for Row & 7 for
Column
 AES (Advanced Encryption Standard)
(Cont.)

Ø S-BOX:
•
 AES (Advanced Encryption Standard)
(Cont.)

Ø Inverse S-BOX:
•
 AES (Advanced Encryption Standard)
(Cont.)
• 3. Shift Rows:
•
As it is (without any
• shift)
• One byte shift left
•
Two bytes shift left
•

•
Three bytes shift
left
•

• The Inverse shift row transformation performs the circular shift in the
opposite direction for each of the last three rows, with a one byte circular
right shift for the second row, and so on.
•
 AES (Advanced Encryption Standard)
(Cont.)
• 4. Mix Column:
• This transformation can be defined by the following matrix
multiplication on state:
•

•
 AES (Advanced Encryption Standard)
(Cont.)

Ø AES Key Expansion:

•

W0 K0 K1 K2 K3
 AES (Advanced Encryption Standard)
(Cont.)

Ø Example to get the value of (g):

• Suppose that the round key for round 8 is (W32 , W33 , W34 , and W35 ):
•

• EA D2 73 21 B5 8D BA D2 31 2B F5 60 7F 8D 29 2F
•

• Then the first 4 bytes (first column) of the round key for round 9 are
calculated as follows:
•

•
 2 . D E S ( D a ta E n cry p tio n S ta n d a rd )
Issued by Federal Information Processing Standard (FIPS) as a publication 46
January 15, 1977.
•
It designed to encipher and decipher blocks of data consisting of 64 bits under
control of 64 bit key.

Procedure of enciphering includes:

•Initial permutation of the plain data block of 64 bits.

•Complex key dependent computation of 16 iterations.
•Inverse initial permutation.
DES Block Diagram :
Key Schedule Calculations:
Permuted Choice:

Selects 56 bits and permuted those (8 bits in positions 8, 16, 24, 32, 40, 48, 56, 64 one for
parity.

check … Odd parity = 1, and Even parity = 0) (parity check for each byte as we have 8 bytes).

For Permuted Choice 1 we delete the parity check, so we will have 56 bits only.
•
For Permuted Choice 2 we put 56 bits except the following numbers (9, 18, 22, 25, 35, 38, 43,
54), so we will have 48 bits only.

Permuted Choice 1   Permuted Choice 2

(56 bits) (48 bits)

27 49 41 33 25 17 9   14 17 11 24 1 5

1 58 50 42 34 26 18   3 28 15 6 21 10

10 2 59 51 43 35 27   23 19 12 4 26 8

19 11 3 60 52 44 36   16 7 27 20 13 2

63 55 47 39 31 23 15   41 52 31 37 47 55

7 62 54 46 38 30 22   30 40 51 45 33 48

14 6 61 53 45 37 29   44 49 39 56 34 53

21 13 5 28 20 12 4   46 42 50 36 29 32
Number of Left Shifts in Iterations:
• Iteration Number of Left
• Number
1 Shifts
1
• 2 1
•
3 2
•
4 2
•
5 2
•
• 6 2
• 7 2
• 8 2
• 9 1
• 10 2
• 11 2
• 12 2
• 13 2
• 14 2
• 15 2
• 16 1
•
•
Initial Permutation (IP) & Inverse Initial permutation (IP-1 ):
Initial Permutation (IP) Inverse Initial Permutation (IP-1 )

58 50 42 34 26 18 10 2 40 8 48 16 56 24 64 32
60 52 44 36 28 20 12 4 39 7 47 15 55 23 63 31
62 54 46 38 30 22 14 6 38 6 46 14 54 22 62 30
64 56 48 40 32 24 16 8 37 5 45 13 53 21 61 29
57 49 41 33 25 17 9 1 36 4 44 12 52 20 60 28
59 51 43 35 27 19 11 3 35 3 43 11 51 19 59 27
61 53 45 37 29 21 13 5 34 2 42 10 50 18 58 26
63 55 47 39 31 23 15 7 33 1 41 9 49 17 57 25
•Calculations of f (R, K):

•Expansion (E): increase the 32 bits to 48 bits by repeating some bits:

E bit-selection Table
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
Permutation P: permute of 32 bits:
•
• Permutation 32
bits
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25

Substitution Box (S):

•
•
• Column Number
Row 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
• No .
•
•
• 0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
• 1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

Example:
10 1101
First two bits are Row & the other 4 bits are Column.
10 = 2 & 1101 = 13
So the hex number is 10 which describe in 4 bits as 1010
Disadvantages:
•
•Key length of DES = 56 bits + 8 bits parity = 64 bits (small Block size).
•Number of trails to deduce this key = 264 = 1020 trails
•Key length is not enough.
•Require key > 64 bits, so we make to triple DES.
•Slow in software.
 3 . Triple DES ( Data Encryption Standard )

In each DES Block the key change

16 times in all iterations.

Key length = 3 X 56 = 168 bits

Number of trails = 2168 = 1051

trails
 DES vs AES
  DES AES
Data Encryption Standard Advanced Encryption Standard

Issued by In 1977 by the National Bureau of

• • In November 2001 by National Institute  
Standards
of Standard and Technology (NIST)

Key length •for DES 64 bits (56 bits + 6 parity •128 bits / 192 bits / 256 bits

check)
•for Triple DES 168 bits (3 X 56 bits)

Input Data Block • 64 bits • 128 bits

Implementation • Hardware / Software • Hardware / Software

Speed • Slower in software • Faster in software

Security •Less secure •More secure and used in high speed
•will decrease in use application
•used in American military •will increase in use

Designers • USA Cryptographers Dr. Joan Daemen & Dr. Vincent Rijmen =
•

(Rijndael)
From Belgium