Information Security

 Symmetric Encryptions… Cont

Prepared by : Dr. Abualkishik

 Outlines

• Triple DES,
• AES Algorithm

Prepared by : Dr. Abualkishik

DES Review

Prepared by : Dr. Abualkishik

DES Review

Prepared by : Dr. Abualkishik

break DES - Exhaustive key search
• The simpler method is to try to decrypt the block with all the
possible keys. The information we have on the clear text will
allow us to recognize the right key and to stop the search. In
average, we will have to try 36'028'797'018'963'968 (36
millions of billions) of keys. Knowing that a common modern
PC can check about one to two millions keys each second, this
represents a work time of about 600 to 1200 years for a single
machine.
 break DES -A dedicated machine
• An exhaustive search is quite time consuming for a single PC,
but it is possible to do better. In 1998, the EFF (Electronic
Frontier Fundation has built a dedicated machine in order to
show to the world that DES is not (or no more) a secure
algorithm. Deep Crack, that's the name of the machine, costs
$200'000 and is built with 1536 dedicated chips. Deep Crack is
able to recover a key with the help of an exhaustive search in 4
days in average, checking 92 billions of keys each second.

• Deep Crack decrypted a DES-encrypted message after

only 56 hours of work, winning $10,000
break DES -A huge cluster of computers
• One needs not even a lot of money to break DES. Volunteers
which are ready to donate their machine's idle time and the
Internet are sufficient. In January 1999, Distributed.Net, an
organization specialized in collecting and managing computer's
idle time, broke a DES key in 23 hours! More than 100'000
computers (from the slowest PC to the most powerful
multiprocessors machines) have received and done a little part
of the work; this allowed a rate of 250'000'000'000 keys being
checked every second.
 Triple DES (TDES)

Encryption
1st (K1)

Decryption
(K2)
2nd

Encryption
3 rd
K3 Or (K1)

Prepared by : Dr. Abualkishik

 T-DES or 3-DES

• The standards define three keying options:

 Keying option 1: All three keys are independent.
 Keying option 2: K1 and K2 are independent, and K3 = K1.
 Keying option 3: All three keys are identical, i.e. K1 = K2 = K3.

• Keying option 1 is the strongest, with 3 × 56 = 168 independent key bits.

• Keying option 2 provides less security, with 2 × 56 = 112 key bits. This
option is stronger than simply DES encrypting twice, e.g. with K 1 and K2,
because it protects against . meet-in-the-middle attacks

• Keying option 3 is equivalent to DES, with only 56 key bits. This option
provides backward compatibility with DES, because the first and second
DES operations cancel out. It is no longer recommended by the National
Institute of Standards and Technology (NIST), and is not supported by
ISO/IEC 18033-3.
Prepared by : Dr. Abualkishik
DES vs T-DES

• DES is less secure than triple DES.

• Triple DES is much slower than DES.

• DES is within the range of brute force attack. but triple

DES is not in the range of brute force attack.

Prepared by : Dr. Abualkishik

• Problem Statement:
TDES :slow and more
secure.
DES :Fast and less secure.

• Suggestion:
 Finding a new algorithm Fast and more secure

Prepared by : Dr. Abualkishik

Advanced Encryption Standard (AES)
 AES Algorithm
• Advanced Encryption Standard (AES) is the latest data
security standard adopted worldwide in most of the public and
private sector for secure data communications and data storage
purposes.

• Based on a competition won by Rijmen and Daemen

(Rijndael) from Belgium.

• The AES algorithm is a symmetric key algorithm, standardized

by the National Institute of Science and Technology (NIST).
Effective in May -26- 2002

Prepared by : Dr. Abualkishik

 AES

• AES is an iterated symmetric block cipher, which means that:

 AES works by repeating the same defined steps multiple times.

 AES is a secret key encryption algorithm.
 AES operates on a fixed number of bytes.
 AES as well as most encryption algorithms is reversible. This
means that almost the same steps are performed to complete
both encryption and decryption in reverse order
 AES algorithm operates on bytes, which makes it simpler to
implement and explain.

Prepared by : Dr. Abualkishik

AES

Prepared by : Dr. Abualkishik

terms
• Block: AES is a block cipher. This means that the number of bytes
that it encrypts is fixed. AES can currently encrypt blocks of 16
bytes at a time; no other block sizes are presently a part of the AES
standard. If the bytes being encrypted are larger than the specified
block then AES is executed concurrently. This also means that AES
has to encrypt a minimum of 16 bytes. If the plain text is smaller
than 16 bytes then it must be padded. Simply said the block is a
reference to the bytes that are processed by the algorithm.

• State: Defines the current condition (state) of the block. That is the
block of bytes that are currently being worked on. The state starts
off being equal to the block, however it changes as each round of
the algorithms executes. Plainly said this is the block in progress.

• XOR: Refers to the bitwise operator Exclusive OR.

• HEX: Defines a notation of numbers in base 16. This simply

means that; the highest number that can be represented in a single
digit is 15, rather than the usual 9 in the decimal (base 10) system.

Prepared by : Dr. Abualkishik

 AES Algorithm

• AES is a Block cipher with a block length of 128 bits.

• The Cipher Key for the AES algorithm is a sequence of

128, 192 or 256 bits.

Prepared by : Dr. Abualkishik

 AES Algorithm Description
• KeyExpansion
(round keys are derived from the cipher key using Rijndael's key
schedule)
• Initial Round
 AddRoundKey—each byte of the state is combined with the round key
using bitwise xor
• Rounds
1. SubBytes (a non-linear substitution step where each byte is replaced
with another according to a lookup table.)
2. ShiftRows (a transposition step where each row of the state is shifted
cyclically a certain number of steps.)
3. MixColumns (a mixing operation which operates on the columns of
the state, combining the four bytes in each column.)
4. AddRoundKey

Prepared by : Dr. Abualkishik

 AES Algorithm Description
• Final Round (no MixColumns)
1. SubBytes
2. ShiftRows
3. AddRoundKey

Prepared by : Dr. Abualkishik

• Initial Round
AddRoundKey(State,key)

• The round transformation is composed of four different transformations. In pseudo C

notation
Round(State,RoundKey)
{
ByteSub(State);
ShiftRow(State);
MixColumn(State);
AddRoundKey(State,RoundKey);
}

• The final round of the cipher is slightly different. It is defined by:

FinalRound(State,RoundKey)
{
ByteSub(State) ;
ShiftRow(State) ;
AddRoundKey(State,RoundKey);
} Prepared by : Dr. Abualkishik
 Transformation Rounds
• An iteration of the above steps is called a round. The amount of rounds of the
algorithm depends on the key size.

Key Size (bits) Key Size (Bytes) Block Size (bytes) Rounds
128 16 16 10
192 24 16 12
256 36 16 14

Prepared by : Dr. Abualkishik

 Key Expanded
• Each time the Add Round Key function is called a different part of
the expanded key is XORed against the state. In order for this to
work the Expanded Key must be large enough so that it can provide
key material for every time the Add Round Key function is
executed. The Add Round Key function gets called for each round as
well as one extra time at the beginning of the algorithm. There fore
the size of the expanded key will always be equal to:
16 * (number of rounds + 1).

• The 16 in the above function is actually the size of the block in

bytes. This provides key material for every byte in the block during
every round +1

128 bits
192 bits
256 bits Prepared by : Dr. Abualkishik
Prepared by : Dr. Abualkishik
AddRoundKey

• AES has the notion of a word. A word consists of four bytes,

that is 32 bits. Therefore, each column of the state array is a
word, as is each row.

• Each round uses four different words from the expanded key
array.
16 Byte => 4 x 4 array

word = 4 Byte

44 words = 44 x 4
= 176 byte
Prepared by : Dr. Abualkishik
• Each column in the state matrix is XORed with a different
word.

Block size = 16 Byte

Prepared by : Dr. Abualkishik

 AES (Add Round Key)
• Add Round Key
Each of the 16 bytes of the state is XORed against each of the 16 bytes of a portion of
the expanded key for the current round. The Expanded Key bytes are never reused. So
once the first 16 bytes are XORed against the first 16 bytes of the expanded key then
the expanded key bytes 1-16 are never used again. The next time the Add Round Key
function is called bytes 17-32 are XORed against the state.

•The first time Add Round Key gets executed

•The second time Add Round Key is executed

((And so on for each round of execution))

Prepared by : Dr. Abualkishik
Prepared by : Dr. Abualkishik
 Substitution Byte (Subbyte)

• It is a byte-wise lookup process that returns a 4-

byte word in which each byte is the result of
applying the Rijndael S-box. Designed to be
resistant to all known attacks

• Simple substitution of each byte using one table

of 16x16 bytes containing a permutation of all
256 8-bit values

• S-box is constructed using a transformation of the

values in GF(28)

Prepared by : Dr. Abualkishik

Example
 AES (Sub-bytes)
• Sub-Bytes
(During encryption each value of the state is replaced with the
corresponding SBOX value)
• eg. byte {95} is replaced by row 9 col 5 byte
• which is the value {2A}

S-Box

Prepared by : Dr. Abualkishik

Prepared by : Dr. Abualkishik
 AES (Shift Row)

• a circular byte shift in each row

• 1st row is unchanged
• 2nd row does 1 byte circular shift to left
• 3rd row does 2 byte circular shift to left
• 4th row does 3 byte circular shift to left
• decrypt does shifts to right
• since state is processed by columns, this step permutes bytes
between the columns

Prepared by : Dr. Abualkishik

 AES (Shift Row)
• Shift Row
Arranges the state in a matrix and then performs a circular shift
for each row.

Prepared by : Dr. Abualkishik

AES Encryption

1 5 9 13 1 5 9 13
2 6 10 14 6 10 14 2
3 7 11 15 11 15 3 7
4 8 12 16 16 4 8 12

Prepared by : Dr. Abualkishik

AES Decryption

1 5 9 13 1 5 9 13
2 6 10 14 6 10 14 2
3 7 11 15 11 15 3 7
4 8 12 16 16 4 8 12

Prepared by : Dr. Abualkishik

Prepared by : Dr. Abualkishik
 AES (Mix Columns)
The Mix-Columns step

Prepared by : Dr. Abualkishik

 AES (Mix Columns)
16 byte State Multiplication Matrix

Details about
b1 b5 b9 b13 2311 Mix Column
b2 b6 b10 b14 1231 will be in
b3 b7 b11 b15 1123
b4 b8 b12 b16 3112 Tutorial

a1 = (b1 * 2) XOR (b2*3) XOR (b3*1) XOR (b4*1)

a2 = (b1 * 1) XOR (b2*2) XOR (b3*3) XOR (b4*1)
a3 = (b1 * 1) XOR (b2*1) XOR (b3*2) XOR (b4*3)
a4 = (b1 * 3) XOR (b2*1) XOR (b3*1) XOR (b4*2)
And so on

a1 a5 a9 a13
a2 a6 a10 a14
a3 a7 a11 a15
a4 a8 a12 a16

Prepared by : Dr. Abualkishik

AES (Mix Column) Decryption

16 byte State Multiplication Matrix

b1 b5 b9 b13 0E 0B 0D 09
b2 b6 b10 b14 09 0E 0B 0D
b3 b7 b11 b15 0D 09 0E 0B
b4 b8 b12 b16 0B 0D 09 0E

a1 = (b1 * 0E) XOR (b2*0B) XOR (b3*0D) XOR (b4*09)

a2 = (b1 * 09) XOR (b2*0E) XOR (b3*0B) XOR (b4*0D)
a3 = (b1 * 0D) XOR (b2*09) XOR (b3*0E) XOR (b4*0B)
a4 = (b1 * 0B) XOR (b2*0D) XOR (b3*09) XOR (b4*0E)
And so on

a1 a5 a9 a13
a2 a6 a10 a14
a3 a7 a11 a15
a4 a8 a12 a16

Prepared by : Dr. Abualkishik

Prepared by : Dr. Abualkishik
 AES (Round Key Addition)
• Round key addition

Prepared by : Dr. Abualkishik

AES Encryption

• AES encryption cipher using a 16 byte key.

Prepared by : Dr. Abualkishik

AES Decryption
• AES decryption cipher using a 16 byte key.

Prepared by : Dr. Abualkishik

Prepared by : Dr. Abualkishik
Mix Column Example
AES (Mix Columns) Example
16 byte State Multiplication Matrix

2311 A1 b5 b9 b13
1231 D3 b6 b10 b14 x1 x5 x9 x13
1123 03 b7 b11 b15 x2 x6 x10 x14
3112 01 b8 b12 b16
x3 x7 x11 x15
x4 x8 x12 x16

x1 = (02 * A1 ) XOR (03 * D3) XOR (01 * 03) XOR (01 * 01)

Rule of Multiplication by 02
a 1-bit left removed and 0 is added on the right followed by a conditional bitwise
XOR with (0001 1011) ( 1B) If the leftmost bit of the original value (before the
shift) is 1

Prepared by : Dr. Abualkishik

 AES (Mix Columns)
x1 = (02 * A1 ) XOR (03 * D3) XOR (01 * 03) XOR (01 * 01)
(02 * A1 ) (03 * D3) = (01 * (01 * 01)
(02* D3) XOR (01 * D3) 03)

1010 0001 (10 * 1101 0011) XOR (1 * 1101 0011)

1010 0110
0100 0010 XOR
XOR 0001 1011
0001 1011 ---------------
--------------- 1011 1101 XOR 1101 0011
0101 1001 0100 1101 0000 0011 0000 0001
0101 1001 0000 0011
0110 1110 0011 0111 0000 0001
---------------- 0000 0010 ----------------
0011 0111 -------------- 0000 0010
0011 0101
3 5 Prepared by : Dr. Abualkishik
 7-6 ANALYSIS OF AES

This section is a brief review of the three characteristics

of AES.

Topics discussed in this section:

7.6.1 Security
7.6.2 Implementation
7.6.3 Simplicity and Cost

Prepared by : Dr. Abualkishik

 Security

AES was designed after DES. Most of the known attacks

on DES were already tested on AES.
Brute-Force Attack
AES is definitely more secure than DES due to the
larger-size key.
Statistical Attacks
Numerous tests have failed to do statistical analysis of
the ciphertext.

Differential and Linear Attacks

There are no differential and linear attacks on AES as
yet.
Prepared by : Dr. Abualkishik
 Implementation

AES can be implemented in software, hardware, and

firmware. The implementation can use table lookup
process or routines that use a well-defined algebraic
structure.

Prepared by : Dr. Abualkishik

 Simplicity and Cost

The algorithms used in AES are so simple that they can

be easily implemented using cheap processors and a
minimum amount of memory.

7.53

Prepared by : Dr. Abualkishik

Q&A