DES (Data Encryption Standards/Algorithm)
DES was adopted in 1977 by NIST
(National Institute of Science & Technology).
In the above figure the plain text
is 64-bits in length and the key is 56-bits in length.
Now the left hand side of the
figure shows that the processing of plain text can process in three phases-
i.
Phase :
The
64-bit plain text passes through an initial permutation that rearranges the
bits to produce the permuted input.
ii.
Phase :
This
phase consists of 16 iteration of the same function.
iii.
Phase :
The
output of 16th iteration consists of 64-bits. That is a combination
of inputted plain text and the key.
The right hand portion of the
figure shows the use of 56-bit key.
It has two steps-
i.
The key is passed through a permutation function.
ii.
For each iteration, a sub key Ki is
produced by the combination of a left circular shift and permutation.
Now we can examine the algorithm
for a single iteration-
i.
The 64-bit permuted input passes through 16 iteration
producing an intermediate 64-bit value at the conclusion of each iteration.
ii.
The left & right halves of each 64-bit values are
treated as separate 32-bit quantities and get labelled left (L) and right (R).
iii.
The overall processing for each iteration is in terms
of equation-
i.e.:
Li
= Ri-1
Ri
= Li-1 XOR F(Ri-1
, Ki)
Where XOR shows bitwise X-OR function so the
left hand output of an iteration (Li) is simply equal to the right
hand input to that iteration (Ri-1).
And right hand output Ri
is the Exclusive OR of Li-1 and a complex function F(Ri-1 ,
Ki)
This complex function F(Ri-1 ,
Ki) involves both permutation and substitution operation. The
substitution operations which are represented as tables called S-Boxes.
The
Decryption process with DES is same as follows:-
i.
Now the cipher text will be treated as input of DES
algorithm.
ii.
Keys Ki will be used in reverse order,
means K16 will be used for first iteration and K15 is for
second iteration and so on until K1 is used for last iteration.
Triple DES
(TDES):
It was first proposed by Tuchman and first used in
1985.
It follows two processes –
i.
TDES uses three key pairs and three execution of DES
algorithm.
ii.
The function follows an encrypt-decrypt-encrypt (EDE)
sequence.
Ex:
So we have
equation of Encryption
C= EK3
[DK2[EK1[P]]]
Where
C=Cipher
Text
P=Plain
Text
EK[X]=
Encryption of X using key K
DK[X]=
Decryption of X using key K
And
equation of Decryption
P= DK1
[EK2[DK3[C]]]
If the
encryption is done only for second level with tow set of keys K1 & K2 then this type of encryption
scheme is known as double DES and when these encryption are done in three level
then this encryption scheme is known as triple DES which uses three set of
keys.
There is no
cryptographic significance to the use of decryption for the second stage of
encryption with three different keys. TDES has an effective key length of 168
bits. FIPS (Federal Information Processing standards) also allows for the use
of two keys in TDES with K1=K3. This provides a key length of 112 bits.
FIPS
includes the following guidelines for TDES –
i.)
Original DES algorithm which uses a 56 bit key length
is permitted under the standards of legacy systems only.
ii.)
Govt. Organisations are encouraged transaction to
TDES.
iii.)
It is very complex to crack 168 bit key cipher text
with the help of any brute-force attack.
Advantages of TDES –
i.
The concept of TDES is based on DES algorithm.
ii.
It is having 168 bit key length so it overcomes the
vulnerability to brute-force attack of DES.
Disadvantages of TDES –
i.
TDES has three time of iteration (rounds) of 16 so it is
very time consuming and slower.
ii.
It follows 64 bit block size as an input so it can be
more efficient if the block size is increased.
0 comments:
Post a Comment