复旦大学：《密码学基础》课程教学资源（课件讲稿）03 Modern Block Ciphers

密码学基础(03) Modern Block Ciphers 復大辱软件学院 LiJT

LiJT 1 密码学基础（03） Modern Block Ciphers

Outline-Modern Block Ciphers now look at modern block ciphers one of the most widely used types of cryptographic algorithms provide confidentiallauthentication services focus on DES (Data Encryption Standard) to illustrate block cipher design principles 復大辱软件学院 LiST

LiJT 2 Outline-Modern Block Ciphers • now look at modern block ciphers • one of the most widely used types of cryptographic algorithms • provide confidential/authentication services • focus on DES (Data Encryption Standard) • to illustrate block cipher design principles

ef Review: Symmetric Cipher Model Secret key shared by Secret key shared by sender and recipient sender and recipient Transmitted ciphertext Plaintext Plaintext Input Encryption algorithm Decryption algorithm output (e.g, DES) (reverse of encryption algorithm) 3 復大辱软件学院 LiST

LiJT 3 Review: Symmetric Cipher Model

Review Monoalphabetic Cipher Playfair Vigenere Cipher 復大辱软件学院 LiJT

LiJT 4 Review • Monoalphabetic Cipher • Playfair • Vigenère Cipher

o Review: Product Ciphers ciphers using substitutions or transpositions are not secure because of language characteristics hence consider using several ciphers in succession to make harder but 'o substitutions make a more complex substitution two transpositions make more complex transposition but a substitution followed by a transposition makes a new much harder cipher this is bridge from classical to modern ciphers 復大辱软件学院 LiJT

LiJT 5 Review: Product Ciphers • ciphers using substitutions or transpositions are not secure because of language characteristics • hence consider using several ciphers in succession to make harder, but: – two substitutions make a more complex substitution – two transpositions make more complex transposition – but a substitution followed by a transposition makes a new much harder cipher • this is bridge from classical to modern ciphers

ota Block vs Stream Ciphers block ciphers process messages in blocks each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process messages a bit or byte at a time when en/decrypting many current ciphers are block ciphers broader range of applications 復大辱软件学院 LiJT

LiJT 6 Block vs Stream Ciphers • block ciphers process messages in blocks, each of which is then en/decrypted • like a substitution on very big characters – 64-bits or more • stream ciphers process messages a bit or byte at a time when en/decrypting • many current ciphers are block ciphers • broader range of applications

Block Cipher Principles most symmetric block ciphers are based on a Feistel Cipher structure needed since must be able to decrypt ciphertext to recover messages efficientl block ciphers look like an extremely large substitution would need table of 264 entries for a 64-bit block instead create from smaller building blocks using idea of a product cipher 復大辱软件学院 LiJT

LiJT 7 Block Cipher Principles • most symmetric block ciphers are based on a Feistel Cipher Structure • needed since must be able to decrypt ciphertext to recover messages efficiently • block ciphers look like an extremely large substitution • would need table of 264 entries for a 64-bit block • instead create from smaller building blocks • using idea of a product cipher

Ideal Block Cipher 4-Bit Input 4 to 16 Decoder 8910 12131415 23456789101112131415 16 to 4 Encoder 4-Bit Output 8 復大辱软件学院 LiJT

LiJT 8 Ideal Block Cipher

Ideal Block Cipher Plaintext Ciphertext Ciphertext Plaintext 0000 1110 0000 1110 0001 0100 0001 0011 0010 1101 0010 0100 0011 0001 1000 0100 0010 0100 0001 0101 1111 0101 1100 0110 1011 0110 1010 011l 1000 0111 l111 1000 0011 1000 0111 1001 1010 1001 1101 1010 0110 1010 1001 1011 1100 1011 0110 1100 0101 1100 1011 1101 1001 1101 0010 1110 0000 1110 0000 1111 0111 0101 1、I一

LiJT 9 Ideal Block Cipher

a Ideal Block Cipher->Feistel Feistel proposed We can approximate the ideal block cipher by product cipher Develop a block cipher with a key length of k bits and a block length of n bits, allowing a total of 2 possible transformation Rather than 2n 復大辱软件学院 LiST

LiJT 10 Ideal Block Cipher->Feistel • Feistel proposed – We can approximate the ideal block cipher by product cipher; – Develop a block cipher with a key length of k bits and a block length of n bits, allowing a total of 2k possible transformation – Rather than 2n!