Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Module 2 - Symmetric Key Cryptography

CSI3002
Applied Cryptography and Network Security Block Ciphers: DES, Triple-DES, AES, Modes of Operation, Stream Cipher
(4 Hours)
By,
Dr.Swetha.N.G.,
Assistant Professor Senior,
Department of Analytics,
School of Computer Science and Engineering,
Vellore Institute of Technology, Vellore.

Email: [email protected] Mobile: 8903580808 Cabin: PRP 217-16

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Process of Evolution Introduction to Cryptography Art of hidden writing

• Human • The art and science of concealing the messages to introduce secrecy
• Formation of groups of information is recognized as cryptography.
• Need for communication
• Pictographical methods • Cryptography is the art and science of keeping messages secure.
• Sign Language
• Natural Language
• Written Form
• Oral Form • Cryptography is the science of using mathematics to encrypt and
• Need for secret communication decrypt data.
• One such modern technique devised to help this is termed as “Cryptography”

Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore. Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 1 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Cryptosystem Breaking Cryptosystem - Cryptanalysis

• A Cryptosystem enables a person to achieve secrecy in communication.
• A cryptosystem is an implementation of cryptographic techniques and their
• While cryptography is the science of securing data, cryptanalysis is
accompanying infrastructure to provide information security services. the science of analyzing and breaking secure communication.
• A cryptosystem is also referred to as a cipher system. • Classical cryptanalysis involves an interesting combination of
analytical reasoning, application of mathematical tools, pattern
• Components of a Cryptosystem
finding, patience, determination, and luck.
• Sender
• Receiver • Cryptanalysts are also called attackers.
• Plain Text/ Clear Text/ Message • Cryptology embraces both cryptography and cryptanalysis.
• Encryption Algorithm/ Cipher
• Cipher Text
• Decryption Algorithm
• Key
• Interceptor Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore. Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore.

Goals and services of Cryptography 1. Confidentiality

• The primary goal of cryptography is to secure important data on the • Ensuring that no one can read the message except the intended
hard disk or as it passes through a medium that may not be secure receiver.
itself. • For example, if Alice has to send a message to Bob, then Bob only
• Usually, that medium is a computer network. (and no other person except for Bob) should be able to read or
• Cryptography can provide the following services: understand the message.
• Confidentiality (secrecy) • Data is kept secret from those without the proper credentials, even
• Integrity (anti-tampering) if that data travels through an insecure medium.
• Authentication
• Non-repudiation

Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore. Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 2 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

2. Authentication 3. Integrity
• The process of proving one's identity. • Assuring the receiver that the received message has not been
• Authentication, which is the process of providing proof of identity of altered in any way from the original.
the sender to the recipient, so that the recipient can be assured that • Integrity, which is the method to ensure that information is not
the person sending the information is who and what he or she claims tampered with during its transit or its storage on the network.
to be. • Any unauthorized person should not be able to tamper with the
• For example, when Bob receives a message from Alice, then he information or change the information during transit.
should be able to establish the identity of Alice and know that the • For example, when Alice sends a message to Bob, then the contents
message was indeed sent by Alice. of the message should not be altered with and should remain the
• Cryptography can help establish identity for authentication same as what Alice has sent.
purposes.
Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore. Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore.

4. Non - Repudiation Types of Cryptography

• A mechanism to prove that the sender has really sent this message. • Symmetric Key Cryptography
• Non−repudiation, which is the method to ensure that information • Asymmetric Key Cryptography
cannot be disowned. • Hash Function
• Once the non−repudiation process is in place, the sender cannot deny
being the originator of the data.
• For example, when Alice sends a message to Bob, then she should not
be able to deny later that she sent the message.

Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore. Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 3 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Types of Cryptography 1. Symmetric Key Cryptography

• Symmetric Key Cryptography • Symmetric Key Cryptography is an encryption system in which the
• Asymmetric Key Cryptography sender and receiver of a message share a single, common key that is
used to encrypt and decrypt the message.
• Hash Function

Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore. Dr.Swetha.N.G., Assistant Professor Senior, SCOPE, VIT, Vellore.

Categories of Traditional Symmetric Key Cipher

Traditional Symmetric A transposition cipher reorders
Symmetric Encryption A substitution cipher
replaces one symbol
Key Cipher symbols.

with another.
• Symmetric encryption, also referred to as conventional encryption or Substitution Cipher Transposition Cipher
single-key encryption.
one-to-one one-to-many
Keyless Transposition
Monoalphabetic Cipher Polyalphabetic Cipher Ciphers

Autokey Cipher Keyed Transposition

Additive Cipher
Ciphers
Playfair Cipher
Multiplicative
Cipher Double Transposition
Vigenère Cipher Ciphers
Caesar Cipher
Hill Cipher

Affine Cipher One Time Pad Cipher

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Rotor CipherAnalytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 4 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Cipher Cipher

Categories of Ciphers Categories of Ciphers

Stream Cipher Block Cipher Stream Cipher Block Cipher
• Stream Cipher
• In a stream cipher, encryption and decryption are done one symbol
(such as a character or a bit) at a time.

• Examples of Stream Cipher:

• Additive Cipher
• Multiplicative Cipher
• Affine Cipher
• Caesar Cipher
• Vigenère Cipher
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Cipher Caesar Cipher

Categories of Ciphers
• Caesar cipher, also known as Caesar's cipher, the shift cipher, Caesar's
Stream Cipher Block Cipher
• Block Cipher code or Caesar shift, is one of the simplest and most widely known
encryption techniques.
• In block Cipher, a group of plaintext symbols of size m (m > 1) are
encrypted together creating a group of ciphertext of the same size. • It is a type of substitution cipher in which each letter in the plaintext
is replaced by a letter some fixed number of positions down the
alphabet.
• This is referred to as the shift.
• Eg: shift=3 implies that, [Caesar Cipher is a shift 3 cipher]

• Examples: Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
• Playfair Cipher Text
• Hill Cipher Cipher D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Text
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 5 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Mathematical Working of Caesar Cipher Mathematical Working of Caesar Cipher

(Contd…) (Contd…)
• Let, • Let,
• p – Plain Text • p – Plain Text
• C – Cipher Text • C – Cipher Text
• k – Shift Key (values from 1 to 25) • k – Shift Key (values from 1 to 25)
Caesar Encryption:
• Encryption: • Encryption:
E(3,p) = (p+3) mod 26
• C => E(k,p) = (p+k) mod 26 • C => E(k,p) = (p+k) mod 26
• Decryption: • Decryption: Caesar Decryption:
• p => D(k,C) = (C-k) mod 26 • p => D(k,C) = (C-k) mod 26 D(3,C) = (C-3) mod 26
Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Text Text
Cipher 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Cipher 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Text Text

Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Text Text
Cipher 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Cipher 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Text Text

• Example 1: • Example 2:
• Use Caesar cipher to encrypt the message “hello” • Use Caesar cipher to decrypt the message “khoor”
• Encryption: • Decryption:
• C => E(3,p) = (p+3) mod 26 • p => D(3,C) = (C-3) mod 26

Plain Numeric E(3,p) = (p+3) mod 26 Numerical Value Cipher Text (C) Cipher Numeric D(3,C) = (C-3) mod 26 Numerical Value Plain Text (p)
Text (p) al Eq of p of the process Text (C) al Eq of C of the process
h 7 E(3,7) = (7+3) mod 26 = 10 mod 26 10 k k 10 D(3,10) = (10-3) mod 26 = 7 mod 26 7 h
e 4 E(3,4) = (4+3) mod 26 = 7 mod 26 7 h h 7 D(3,7) = (7-3) mod 26 = 4 mod 26 4 e
l 11 E(3,11) = (11+3) mod 26 = 14 mod 26 14 o o 14 D(3,14) = (14-3) mod 26 = 11 mod 26 11 l
l 11 E(3,11) = (11+3) mod 26 = 14 mod 26 14 o o 14 D(3,14) = (14-3) mod 26 = 11 mod 26 11 l
o 14 E(3,14) = (14+3) mod 26 = 17 mod 26 17 r r 17 D(3,17) = (17-3) mod 26 = 14 mod 26 14 o

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 6 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Text
Caesar Cipher / Additive Cipher Cipher
Text
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

• Caesar Cipher is a specific case of additive Cipher where shift key=3. • Example 3:
• Use Additive cipher with key = 15 to encrypt the message “hello”
• Encryption:
• C => E(k,p) = (p+k) mod 26
Plain Numeric E(15,p) = (p+15) mod 26 Numerical Value Cipher Text (C)
Text (p) al Eq of p of the process
h 7 E(15,7) = (7+15) mod 26 = 22 mod 26 22 w
e 4 E(15,4) = (4+15) mod 26 = 19 mod 26 19 t
l 11 E(15,11) = (11+15) mod 26 = 26 mod 26 0 a
l 11 E(15,11) = (11+15) mod 26 = 26 mod 26 0 a
o 14 E(15,14) = (14+15) mod 26 = 29 mod 26 3 d

Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Text
Cipher 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Vigenère Cipher
Text

• Example 4: • Vigenère Cipher is a method of encrypting and decrypting alphabetic

text.
• Use Additive cipher with key = 15 to decrypt the message “wtaad”
• It uses a simple form of polyalphabetic substitution.
• Decryption:
• p => D(k,C) = (C-k) mod 26 • A polyalphabetic cipher is any cipher based on substitution, using
multiple substitution alphabets.
Cipher Numeric D(15,C) = (C-15) mod 26 Numerical Value Plain Text (p)
Text (C) al Eq of C of the process
Encryption
w 22 D(15,22) = (22-15) mod 26 = 7 mod 26 7 h Ei = (Pi + Ki) mod 26
t 19 D(15,19) = (19-15) mod 26 = 4 mod 26 4 e
Decryption
a 0 D(15,0) = (0-15) mod 26 = -15 mod 26 11 l
(-15+26 = 11) Di = (Ei - Ki) mod 26
a 0 D(15,0) = (0-15) mod 26 = -15 mod 26 11 l
d 3 D(15,3) = (3-15) mod 26 = -12 mod 26 14 o

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 7 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Vigenère Cipher Vigenère Cipher - Encryption

Plain Text: geeks for geeks Keyword: ayush
• Each letter is represented by a number modulo 26.
Plain G E E K S F O R G E E K S
Text
6 4 4 10 18 5 14 17 6 4 4 10 18
Keywo A Y U S H A Y U S H A Y U
rd
Plain Text: geeksforgeeks 0 24 20 18 7 0 24 20 18 7 0 24 20
28 mod 26 28 mod 26 38 mod 26 37 mod 26 34 mod 26 38 mod 26
Cipher 6 24 25 5 24 11 4
Keyword: ayush Text 2 2 12 11 8 12

G C Y C Z F M L Y L E I M

Vigenère Cipher - Decryption Playfair Cipher

Cipher Text: GCYCZFMLYLEIM Keyword: ayush
• The Playfair cipher or Playfair square or Wheatstone-Playfair cipher
Cipher G C Y C Z F M L Y L E I M
is a manual symmetric encryption technique and was the first literal
Text digram substitution cipher.
6 2 24 2 25 5 12 11 24 11 4 8 12
• The scheme was invented in 1854 by Charles Wheatstone, but bears
Keywo A Y U S H A Y U S H A Y U
rd
the name of Lord Playfair for promoting its use.
0 24 20 18 7 0 24 20 18 7 0 24 20
Plain 6 2-24=-22 4 2-18=-16 18 5 12-24=-12 11-20=-9 6 4 4 8-24=-16 12-20=-8
Text 4 10 14 17 10 18
G E E K S F O R G E E K S

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 8 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Playfair Cipher Playfair Cipher - Key Key Phrase: Cryptography

• The technique encrypts pairs of letters (bigrams or digrams), instead • The Playfair cipher uses a 5 by 5 table C R Y P T

of single letters as in the simple substitution cipher. containing a key word or phrase.
O G A H B
• To generate the key table,
• The Playfair is thus significantly harder to break since the frequency • First fill in the spaces in the 5X5 table D E F I/J K
analysis used for simple substitution ciphers does not work with it. with the letters of the keyword
(dropping any duplicate letters). L M N Q S
• It was used for tactical purposes by British forces in the Second Boer • Then fill the remaining spaces with the
War and in World War I and for the same purpose by the British and U V W X Z
rest of the letters of the alphabet in
Australians during World War II. order (usually omitting "J" or "Q" to
reduce the alphabet to fit; other
versions put both "I" and "J" in the same
space).

Key Phrase: Juice

Playfair Cipher - Key Key Phrase: Cryptography
Playfair Cipher - Key I/J U C E A

• The Playfair cipher uses a 5 by 5 table C R Y P T • The Playfair cipher uses a 5 by 5 table B D F G H
containing a key word or phrase. containing a key word or phrase. K L M N O
O G A H B
• To generate the key table, • To generate the key table,
P Q R S T
• First fill in the spaces in the 5X5 table D E F I/J K • First fill in the spaces in the 5X5 table
with the letters of the keyword with the letters of the keyword V W X Y Z
(dropping any duplicate letters). L M N Q S (dropping any duplicate letters).
• Then fill the remaining spaces with the • Then fill the remaining spaces with the
U V W X Z
rest of the letters of the alphabet in rest of the letters of the alphabet in J U I C E
order (usually omitting "J" or "Q" to order (usually omitting "J" or "Q" to
reduce the alphabet to fit; other reduce the alphabet to fit; other A B D F G
versions put both "I" and "J" in the same versions put both "I" and "J" in the same
space). How will you build the key cipher if space). H K L M N
the key phrase is “JUICE” ? O P R S T

V W X Y Z/Q

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 9 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Playfair Cipher - Key Preparing the Plain Text

• Remove any non-alphabetic characters, such as spaces or punctuation
• The key can be written in the top marks.
rows of the table, from left to right, • “Hello World” ➔ “helloworld”
or in some other pattern, such as a • Split the prepared message into pairs of letters (digram)
spiral beginning in the upper-left- he ll ow or ld
hand corner and ending in the • If the digraph contains identical consecutive letters, add a dummy
center. character “X” between the letters.
• The keyword together with the he lx lo wo rl d
conventions for filling in the 5 by 5
table constitute the cipher key. • If a digraph is left with no pair at the end, insert a dummy character “X” at
the end.
he lx lo wo rl dx

Playfair Encryption Rules Playfair Decryption Rules

• For each digram in the prepared plain text, apply the following rules, • The process involves reversing the operations applied during encryption.
• If both letters in the pair are in the same row of the key square, we • For each digram in the given cipher text, apply the following rules,
replace each letter with the letter to its right (wrapping around if • When both letters in a pair are located in the same row of the key square,
necessary). we replace each letter with the letter to its left, considering wrapping
around if necessary.
• If both letters in the pair are in the same column of the key square, • Similarly, suppose both letters in the pair are situated in the same column
we replace each letter with the letter below it (wrapping around if of the key square. In that case, we replace each letter with the letter
necessary). above it, also considering wrapping around if necessary.
• If the letters are in different rows and columns, we form a rectangle • When the letters are in different rows and columns, we form a rectangle
with the pair and replace each letter with the letter at the using the letter pair and replace each letter with the letter at the
rectangle’s opposite corner.
rectangle’s opposite corner (moving only left or right).

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 10 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Step 2: Preparation of Plain Text

Example 1
Hello World !!!
• Perform both encryption and decryption of the plain text “Hello
World !!!” using Playfair Cipher method. Use “Security” as its key
HE LL OW OR LD
phrase for encryption.
Step 1: Building of Key Cipher
HE LX LO WO RL D
S E C U R

I/J T Y A B
HE LX LO WO RL DX
D F G H K

L M N O P
The plain text contains 6 digram with letter “X” as a dummy.
Q V W X Z

Step 3: Applying Encryption Rules Step 3: Applying Encryption Rules

Digram 1: HE Digram 2: LX

S E C U R S E C U R S E C U R S E C U R

I/J T Y A B I/J T Y A B I/J T Y A B I/J T Y A B

D F G H K D F G H K D F G H K D F G H K

L M N O P L M N O P L M N O P L M N O P

Q V W X Z Q V W X Z Q V W X Z Q V W X Z

Encrypted Digram 1: FU Encrypted Diagram 2: OQ

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 11 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Step 3: Applying Encryption Rules Step 3: Applying Encryption Rules

Digram 3: LO Digram 4: WO

S E C U R S E C U R S E C U R S E C U R

I/J T Y A B I/J T Y A B I/J T Y A B I/J T Y A B

D F G H K D F G H K D F G H K D F G H K

L M N O P L M N O P L M N O P L M N O P

Q V W X Z Q V W X Z Q V W X Z Q V W X Z

Encrypted Diagram 3: MP Encrypted Diagram 4: XN

Step 3: Applying Encryption Rules Step 3: Applying Encryption Rules

Digram 5: RL Digram 6: DX

S E C U R S E C U R S E C U R S E C U R

I/J T Y A B I/J T Y A B I/J T Y A B I/J T Y A B

D F G H K D F G H K D F G H K D F G H K

L M N O P L M N O P L M N O P L M N O P

Q V W X Z Q V W X Z Q V W X Z Q V W X Z

Encrypted Diagram 5: SP Encrypted Digram 6: HQ

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 12 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Step 4: Applying Decryption Rules

At the end of encryption we get the following cipher text,
Cipher Text Digram 1: FU
Plain Text :HE LX LO WO RL DX
Cipher Text :FU OQ MP XN SP HQ S E C U R S E C U R

I/J T Y A B I/J T Y A B
Now we start the decryption process !!!
D F G H K D F G H K

L M N O P L M N O P

Q V W X Z Q V W X Z

Decrypted Digram 1: HE

Step 4: Applying Decryption Rules Step 4: Applying Decryption Rules

Cipher Text Digram 2: OQ Cipher Text Digram 3: MP

S E C U R S E C U R S E C U R S E C U R

I/J T Y A B I/J T Y A B I/J T Y A B I/J T Y A B

D F G H K D F G H K D F G H K D F G H K

L M N O P L M N O P L M N O P L M N O P

Q V W X Z Q V W X Z Q V W X Z Q V W X Z

Decrypted Digram 2: LX Decrypted Digram 3: LO

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 13 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Step 4: Applying Decryption Rules Step 4: Applying Decryption Rules

Cipher Text Digram 4: XN Cipher Text Digram 5: SP

S E C U R S E C U R S E C U R S E C U R

I/J T Y A B I/J T Y A B I/J T Y A B I/J T Y A B

D F G H K D F G H K D F G H K D F G H K

L M N O P L M N O P L M N O P L M N O P

Q V W X Z Q V W X Z Q V W X Z Q V W X Z

Decrypted Digram 4: WO Decrypted Digram 5: RL

Step 4: Applying Decryption Rules

At the end of decryption we get the following cipher text,
Cipher Text Digram 6: HQ
Cipher Text :FU OQ MP XN SP HQ
S E C U R S E C U R
Plain Text :HE LX LO WO RL DX
I/J T Y A B I/J T Y A B
Remove the dummy letters “X”
D F G H K D F G H K

L M N O P L M N O P
We get the plain text “HELLOWORLD”
Q V W X Z Q V W X Z

Decrypted Digram 6: DX

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 14 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Advantages of Playfair Cipher Disadvantages of Playfair Cipher

• Stronger Encryption • Key distribution
• Polygram Substitution • Limited Key Storage space
• Simplicity • Vulnerability to known plain text attacks
• Lack of perfect secrecy

Hill Cipher
• In classical cryptography, the Hill cipher is a polygraphic substitution
Hill Cipher
cipher based on linear algebra.
• Each letter is represented by a number modulo 26.
• Invented by Lester S. Hill in 1929, it was the first polygraphic cipher
in which it was practical (though barely) to operate on more than
three symbols at once.
• The following discussion assumes an elementary knowledge of
matrices.
• To encrypt a message, each block of n letters (considered as an n-
component vector) is multiplied by an invertible n × n matrix, against
modulus 26.
• To decrypt the message, each block is multiplied by the inverse of
the matrix used for encryption.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 15 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Example 1 – Hill Cipher Example 1 - Encryption

Key Plain Text

• Encrypt and Decrypt the message ‘ACT’ (n=3). The key is 6 24 1 0 0 ∗ 6 + 2 ∗ 24 + (1 ∗ 19)
‘GYBNQKURP’. 13 16 10 ∗ 2 = 0 ∗ 13 + 2 ∗ 16 + 19 ∗ 10
20 17 15 19 0 ∗ 20 + 2 ∗ 17 + 19 ∗ 15

67
𝐺 𝑌 𝐵 6 24 1 = 222 𝑚𝑜𝑑 26
Key = 𝑁 𝑄 𝐾 = 13 16 10 319
𝑈 𝑅 𝑃 20 17 15
15 Encrypted Text = POH
0 = 14
𝑃𝑙𝑎𝑖𝑛 𝑇𝑒𝑥𝑡 = 2 7
19

Example 1 - Decryption Matrix Modular Inverse (3X3)

15 • Find the Modular inverse of a the given matrix.
Text to be decrypted = 14 6 24 1
7 A= 13 16 10
20 17 15
Step 1: Find the |A| mod 26
Decryption = Cipher Text * Modular inverse of the key

|A|=6(240-170)-24(195-200)+1(221-320)
= 420+120-99
= 441
|A| mod 26 = 25

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 16 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

6 24 1
A= 13 16 10
Matrix Modular Inverse (3X3) 20 17 15
Matrix Modular Inverse (3X3)
Step 2: Find the minors of the matrix. Step 3: Find the Cofactor matrix
16 10 13 10 13 16
𝐴11 = = 70 𝐴12 = = −5 𝐴13 = = −99
17 15 20 15 20 17 +(70) −(−5) +(−99) 70 5 −99
CoF(A)= −(343) +(70) −(−378) = −343 70 378
24 1 6 1 6 24 +(224) −(47) +(−216) 224 −47 −216
𝐴21 = = 343 𝐴22 = = 70 𝐴23 = = −378
17 15 20 15 20 17

24 1 6 1 6 24
𝐴31 = = 224 𝐴32 = = 47 𝐴33 = = −216
16 10 13 10 13 16

Matrix Modular Inverse (3X3) Matrix Modular Inverse (3X3)

Step 4: Find the adjoint matrix Adj(A) Step 5: A-1 = (Multiplicative Inverse of |A| mod 26 in Z26)*Adj(A)
Multiplicative Inverse of |A| mod 26
70 5 −99 70 −343 224
𝐴𝑑𝑗 𝐴 = 𝑇𝑟𝑎𝑛𝑠𝑝𝑜𝑠𝑒 𝑜𝑓 −343 70 378 = 5 70 −47 q r1 r2 r t1 t2 t
1 26 25 1 0 1 -1
224 −47 −216 −99 378 −216
25 25 1 0 1 -1 26
1 0 -1 26

Multiplicative inverse of 25 in Z26 = -1 = -1+26 = 25

70 −343 224 8 5 10
𝐴−1 = 25 5 70 −47 𝑚𝑜𝑑 26 = 21 8 21
−99 378 −216 21 12 8

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 17 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Inverse of a Matrix Matrix Modular

Decryption
(2X2) Inverse (2 X 2)
Modular Inverse Key CT
8 5 10 15 8 ∗ 15 + 5 ∗ 14 + (10 ∗ 7) 2 1
Find the inverse of .
21 8 21 ∗ 14 = 21 ∗ 15 + 8 ∗ 14 + (21 ∗ 7) 7 4
|A|=(4*2)-(1*7)=1 mod 26 = 1
21 12 8 7 21 ∗ 15 + 12 ∗ 14 + (8 ∗ 7)
--------------------------------------------
260 Multiplicative inverse of 1 in Z26 = 1
= 574 𝑚𝑜𝑑 26 ----------------------------------------------
539 4 −1
Adj A =
−7 2
0 ----------------------------------------------
= 2 = "𝐴𝐶𝑇" 4 −1
A-1=
19 −7 2
PT

Hill Cipher Block vs Stream Ciphers

Two complications exist in picking the encrypting matrix: • Block ciphers process messages in
1. Not all matrices have an inverse (see invertible matrix). The matrix will blocks, each of which is then
have an inverse if and only if its determinant is not zero. en/decrypted
2. The determinant of the encrypting matrix must not have any common • Like a substitution on very big characters
factors with the modular base. • 64-bits or more
For our example key matrix: • Stream ciphers process messages a bit
or byte at a time when en/decrypting
• Many current ciphers are block ciphers
• better analyzed
• So, modulo 26, the determinant is 25. Since this has no common factors with 26, this • broader range of applications
matrix can be used for the Hill cipher.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of

Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 18 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Data Encryption Standard (DES) DES - Overview

• The Data Encryption Standard (DES) is a symmetric-key block cipher • DES is a block cipher, as shown below
published by the National Institute of Standards and Technology (NIST).
• Feistel Cipher
History:
• In 1973, NIST published a request for proposals for a national symmetric-
key cryptosystem.
• A proposal from IBM, a modification of a project called Lucifer, was
accepted as DES.
• DES was published in the Federal Register in March 1975 as a draft of the
Federal Information Processing Standard (FIPS).
Encryption and decryption with DES
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

1.Initial and Final Permutations

DES Structure General structure of DES • Input: 64 Bits
• Output: 64 Bits
• The encryption process is made of
two permutations (P-boxes), which • It is a Straight D/P Box.
we call initial and final permutations, • It performs keyless straight
and sixteen Feistel rounds.
permutation.

Topics to be discussed: • The initial and Final permutations

1. Initial and Final Permutations are inverses of each other.
2. Rounds
3. Cipher and Reverse Cipher
4. Key Generation
5. Examples 58th input becomes the 1st output

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 19 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

1.Initial and Final Permutations – Example 1 1.Initial and Final Permutations – Example 2
• Find the output of the initial permutation box when the input is given • Find the output of the final permutation box when the input is given
in hexadecimal as: in hexadecimal as:
0000 0000 0000 0010 ……. 0001
0000000000000000
0000000010000000
• Solution: 0000000000000000
0000000000000010
• Only bit 15 and bit 64 are 1s; the other bits are 0s. • Solution:
• In the final permutation, bit 15 becomes bit 63 and bit 64 becomes • Bit 25 and 63 are only 1’s.
bit 25. • From the Final permutation table,
• The result is • Bit 25 -> Bit 64
• Bit 63 -> Bit 15
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

1.Initial and Final Permutations 2.Rounds

• DES uses 16 rounds. Each round of DES is a Feistel cipher.

The initial and final permutations are

straight P-boxes that are inverses
of each other.
They have no cryptography significance in DES.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 20 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

2.1 DES Function 2.1.1 Expansion P-box

• The heart of DES is the DES • Input: 32 Bits Output: 48 Bits
function.
• The DES function applies a 48-bit
key to the rightmost 32 bits to
produce a 32-bit output.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

2.1.2 Whitener (XOR) 2.1.3 S Boxes

• DES uses the XOR operation on the expanded • The S-boxes do the real mixing (confusion).
right section and the round key. • DES uses 8 S-boxes, each with a 6-bit input and
• Note that both the right section and the key a 4-bit output.
are 48-bits in length. • The below table shows the permutation for S-
• Also note that the round key is used only in box 1.
this operation. • For the rest of the boxes see the textbook.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 21 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

2.1.3 S Boxes – Example 1 2.1.3 S Boxes – Example 2

• The input to S-box 1 is 100011. What is the output? • The input to S-box 8 is 000000. What is the output?

Solution: Solution:
• If we write the first and the sixth bits together, we get 11 in binary, • If we write the first and the sixth bits together, we get 00 in binary,
which is 3 in decimal. which is 0 in decimal.
• The remaining bits are 0001 in binary, which is 1 in decimal. • The remaining bits are 0000 in binary, which is 0 in decimal.
• We look for the value in row 3, column 1, in (S-box 1). • We look for the value in row 1, column 1, in (S-box 1).
• The result is 12 in decimal, which in binary is 1100. • The result is 13 in decimal, which in binary is 1101.
• So the input 100011 yields the output 1100. • So the input 000000 yields the output 1101.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

3. Cipher and Reverse

2.1.4 Straight P Box
Cipher
• Input: 32 Bit Output: 32 Bit • Using mixers and swappers, we
can create the cipher and reverse
cipher, each having 16 rounds.
Straight permutation table First Approach
• To achieve this goal, one
approach is to make the last
round (round 16) different from
the others;
• It has only a mixer and no
swapper.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 22 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

3. Cipher and Reverse Cipher 4. Key Generation

• Using mixers and swappers, we can create the cipher and reverse • The round-key
cipher, each having 16 rounds. generator creates
sixteen 48-bit keys out
of a 56-bit cipher key.
Alternative Approach
• We can make all 16 rounds the same by including one swapper to the
16th round and add an extra swapper after that
• (two swappers cancel the effect of each other).

DES Algorithm – Refer Book

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

4.1 Parity Drop 4.2 Compression D Box

• The bits which are multiples of 8 are dropped. • It changes 56 bits into 48 bits.
• 8,16,24,…..,64

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 23 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

5. DES Example 5.DES Example

We choose a random plaintext block and a random key, and determine
what the ciphertext block would be (all in hexadecimal):

Trace of Data:

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

5. DES Example DES Analysis

• Let us see how Bob, at the destination, can decipher the ciphertext • Critics have used a strong magnifier to analyze DES.
received from Alice using the same key. • Tests have been done to measure the strength of some desired
• Trace of Data properties in a block cipher.

Topics discussed in this section:

1. Properties
2. Design Criteria
3. DES weakness

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 24 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

DES Analysis - Properties DES Analysis – Properties – Avalanche Effect

• Two desired properties of a block cipher are the avalanche effect and the • To check the avalanche effect in DES, let us encrypt two plaintext
completeness.
blocks (with the same key) that differ only in one bit and observe the
differences in the number of bits in each round.
1. Avalanche Effect:
• It means a small change in the plaintext (or key) should create a
significant change in the cipher text.
• DES has been proved strong regarding this property.

2. Completeness effect:
• Completeness effect means that each bit of the ciphertext needs to
depend on many bits on the plaintext.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

DES Analysis – Design DES Analysis – Weakness

S-Boxes • During the last few years critics have found some weaknesses in DES.
• The design provides confusion and diffusion of bits from each round
to the next. Weaknesses in Cipher Design
P-Boxes 1. Weaknesses in S-boxes
• They provide diffusion of bits. 2. Weaknesses in P-boxes
Number of Rounds 3. Weaknesses in Key
• DES uses sixteen rounds of Feistel ciphers.
• The ciphertext is thoroughly a random function of plaintext and
ciphertext.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 25 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Weaknesses in S-boxes Weaknesses in P-boxes

• In S box-4, last 3 bits can be derived in the same way as 1st bit . • Designers does not provide clear ideology behind initial and final
• Two specifically chosen inputs to an S box array can create same permutations.
output. • In Exp-P box the 1st and 4th bits of every 4 bit series are repeated.
• It is possible to obtain same output in a single round by changing bits
in only 3 neighboring S boxes.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Weaknesses in Key Weaknesses in Key – Weak Keys

• The most serious weakness of DES
is its key size. (56 bits)
• To do a brute force attack, the
adversary needs to check 256
combinations of key.
1. Computer with 1 processor – we
need 2000 years to do a brute
force attack.
2. Computer with 1 million parallel
chips – 20 hours to do a brute
force attack.
3. 3500 computers in a network –
120 days to break the key.
4. 42000 members in a network –
10 days.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 26 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Weaknesses in Key – Weak Keys Weaknesses in Key – Weak Keys

• Let us try the first weak key in the Table to encrypt a block two times. • Double encryption and decryption with a weak key
• After two encryptions with the same key the original plaintext block is
created.
• Note that we have used the encryption algorithm two times, not one
encryption followed by another decryption.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Weaknesses in Key – Semi Weak Keys Weaknesses in Key – Semi Weak Keys

Semi Weak Keys only

create two distinct
round keys !!!

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 27 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Weaknesses in Key – Possible Weak Keys Weaknesses in Key – Key Complement

• There are 48 keys that are called possible weak keys. • In the domain of 256 definitely half of the keys are complement to
• A possible weak key is a key that creates only 4 distinct round keys. each other.
• The possibility of choosing a weak key or a semi weak key or a • A key complement is obtained by inverting 0’s to 1’s and 1’s to 0’s.
possible weak is only 8.8x10-16. [Impossible]
• This reduces the brute force combination to exactly half the size.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Weaknesses in Key – Key Clustering Triple DES

• Two or more keys give rise to the same cipher text for the given • To improve the security of DES, triple DES (3DES) was proposed.
plain text. • This uses three stages of DES for encryption and decryption.
• Each pair of Semi Weak keys is a key cluster. • Two versions of triple DES are in use today:
• Triple DES with two keys
• Triple DES with three keys

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 28 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

1. Triple DES with Two Keys 2. Triple DES with Three Keys
• In triple DES with two keys, there • In triple DES with two keys, there
are only two keys: k1 and k2. are three keys: k1, k2 and k3.
• The first and the third stages use • The first and the third stages use
k1; the second stage uses k2. k1; the second stage uses k2.
• A message encrypted with single • Compatibility with single DES is
DES with key k can be decrypted provided by letting k1 = k and
with triple DES if k1= k2 = k. setting k2 and k3 to the same
• Usecase: Banking Industry arbitrary key chosen by the
receiver.
• Usecase: PGP
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Advanced Encryption Standard (AES) AES - Criteria

• The Advanced Encryption Standard (AES) is a symmetric-key block • Criteria for selecting AES fell into 3 categories – (3 Rounds of
cipher published by the National Institute of Standards and conference was conducted by NIST for AES selection),
Technology (NIST) in December 2001. 1. Security
• AES is considered to be the replacement for DES. • Main concentration was on security.
• NIST demanded 128 bit Key.
• Topics discussed in this section: • Resistance towards cryptanalysis attacks
1. Criteria 2. Cost
2. Rounds • Computational Efficiency
3. Data Units • Storage requirements
4. Structure of Each Round 3. Implementation
• Flexibility (Implemented in any platform)
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 29 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES - Rounds AES - Data Units

Word
• AES is a non-Feistel cipher that encrypts Bit
• Atomic Unit • 4 bytes
and decrypts a data block of 128 bits. • Value 0 or 1 • 8*4= 32 Bits
• Lowercase ‘b’ • Bold lowercase w
Byte
Cipher • 8 bits
Cipher Key Round Key Number of Key
• Bold Lowercase ‘b’
Size Size Rounds
128/192/ Block
128 Bits 128 Bits 10 256 • 4 Words
• 8*4*4= 128 Bits
192 Bits 128 Bits 12 • Row Matrix
256 Bits 128 Bits 14
State
• 4 Words
• 8*4*4= 128 Bits
No.of Round Keys = Nr + 1 • S or T
• 4X4 Matrix
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

AES - Data Units AES - Data Units

Block-to-state and state-to-block transformation
Changing plaintext to state

17

17

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Text ➔ 0 to 25 ➔ Hex
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 30 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES - Structure of Each Round

Encryption Site
AES - Substitution
• Each round except the last round uses 4
transformations.
•
•
Sub Bytes
Shift Rows
• AES, like DES, uses substitution. AES uses two invertible
• Mix Columns transformations.
• Add Round Key
• All 4 transformations are invertible. (Non Feistel SubBytes
Cipher)
• Pre-Round uses only 1 transformation – Add Round • The first transformation, SubBytes, is used at the encryption site.
Key.
• Last Round uses only 3 transformations. • To substitute a byte, we interpret the byte as two hexadecimal digits.
• Sub Bytes
• Shift Rows
• Add Round Key
• Left Digit – Row
Decryption Site • Right Digit – Column
• Inverse of the transformations are used.
• Inv Sub Byte
• Inv Shift Rows The SubBytes operation involves 16 independent byte-
• Inv Mix Column
• Add Round Key (Self Invertible) to-byte transformations.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

AES - SubByte AES – InvSub Byte

Inv

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 31 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES – Permutation
AES – Permutation
• InvShiftRows
• Another transformation found in a round is shifting, which permutes • In the decryption, the transformation is called InvShiftRows and the
the bytes. shifting is to the right.
Shift Rows • Figure shows how a state is transformed using ShiftRows
• In the encryption, the transformation is called Shift Rows. transformation. The figure also shows that InvShiftRows
transformation creates the original state.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

AES – Mixing AES – Mixing

• We need an interbyte transformation that changes the bits inside a • AES defines a transformation called as MixColumns to achieve this
byte, based on the bits inside the neighboring bytes. goal.
• We need to mix bytes to provide diffusion at the bit level. • The inverse transformation is called as InvMixColumn.
Mixing bytes using matrix multiplication
• Constant matrices used by MixColumns and InvMixColumns

GF(28)

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 32 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES – Mixing AES – Mixing

MixColumns InvMixColumns
• The MixColumns transformation operates at the column level; • The InvMixColumns transformation is basically the same as the
• It transforms each column of the state to a new column. MixColumns transformation.
• Inverse of the constant matrix is used here.
Bytes → Polynomials
GF(28)
Coefficients : GF(2) The MixColumns and InvMixColumns transformations
Multiplication: GF(28)
are inverses of each other.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

AES – Mixing AES – Key Adding

• Figure shows how a state is transformed using the MixColumns AddRoundKey
transformation. • AddRoundKey (Selfinvertible) proceeds one column at a time.
• The figure also shows that the InvMixColumns transformation creates • AddRoundKey adds a round key word with each state column matrix.
the original one.
• The operation in AddRoundKey is matrix addition.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 33 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES – Key Expansion AES – Key Expansion

• To create round keys for each round, AES uses a key-expansion • If the number of rounds is Nr , the key-expansion routine creates Nr+1
process. 128-bit round keys from one single 128-bit cipher key.
• If the number of rounds is Nr , the key-expansion routine creates Nr+1
128-bit round keys from one single 128-bit cipher key.

Topics discussed in this section:

1. Key Expansion in AES-128
2. Key Expansion in AES-192 and AES-256

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Key Expansion in AES-128

RotWord Key Expansion in AES-128
• Rotate Word
• Word -> Array of 4 Bytes
• Shift Left is performed. • Table shows how the keys for each round are calculated assuming
that the 128-bit cipher key agreed upon by Alice and Bob is (24 75 A2
SubWord B3 34 75 56 88 31 E2 12 00 13 AA 54 87)16.
• Substitute Word
• SubByte transformation
applied only to 4 bytes.

RCon
• Round Constant
• 4 Byte value

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 34 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Key Expansion in AES-128 Key Expansion in AES-128

• The two sets of round keys can be created from two cipher keys that
are different only in one bit. • The concept of weak keys, as we discussed for DES, does not apply to
AES.
• Assume that all bits in the cipher key are 0s. The following shows the
words for some rounds:

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Key Expansion in AES-192 and AES-256 AES- CIPHERS

AES-192: • AES uses four types of transformations for encryption and decryption.
• The words are generated in groups of 6
• In the standard, the encryption algorithm is referred to as the cipher
• The cipher key creates first six words (w0 to w6)
and the decryption algorithm as the inverse cipher.
• If i mod 6 ≠ 0, wi = wi-1+wi-6, otherwise wi = t+wi-6.

AES-256: • Topics discussed in this section:

• The words are generated in groups of 8 1. Original Design
• The cipher key creates first eight words (w0 to w7)
2. Alternative Design
• If i mod 8 ≠ 0, wi = wi-1+wi-8, otherwise wi = t+wi-8.
• If i mod 4 = 0, but i mod 8 ≠ 0 , then wi = subword(wi-1)+wi-8

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 35 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES- Original Design

AES – Alternative Design

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

AES- Alternative Design

AES - Example
• The following shows the ciphertext block created from a plaintext
block using a randomly selected cipher key.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 36 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES - Example AES - Example

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

AES Example AES- Examples

• shows the state entries in one round, round 7,

• One may be curious to see the result of encryption when the

plaintext is made of all 0s. Using the cipher key in this Example yields
the ciphertext.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 37 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

AES- Examples AES- Examples

• Let us check the avalanche effect • The following shows the effect of using a cipher key in which all bits
• We changed only one bit in the last byte. are 0s.
• The result clearly shows the effect of diffusion and confusion.
• Changing a single bit in the plaintext has affected many bits in the
ciphertext.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Block Cipher Operations 1. Electronic Codebook

• Plaintext is handled one block at a
time and each block of plaintext is
• There are a number of different ways to apply a block cipher to encrypted using the same key.
plaintext.
• The term codebook is used because,
• Electronic Codebook (ECB) for a given key, there is a unique
• Cipher Block Chaining (CBC) ciphertext for every b-bit block of
• Cipher Feedback (CFB) plaintext.
• Output Feedback (OFB) • For a message longer than b bits,
• Counter (CTR) the procedure is simply to break
the message into b-bit blocks,
• Mode of operation is a technique for enhancing the effect of a padding the last block if necessary.
cryptographic algorithm or adapting the algorithm for an application,
such as applying a block cipher to a sequence of data blocks or a data • Decryption is performed one block
at a time, always using the same key.
stream.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 38 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

1. Electronic Codebook (Contd…) Advantages of using ECB

• Significant Characteristic of ECB • Parallel encryption of blocks of bits is possible, thus it is a faster way
• Same b-bit block of plaintext appears more than once in the message, it always of encryption.
produces the same ciphertext.
• The ECB mode should be used only to secure messages shorter than a • Simple way of the block cipher.
single block of underlying cipher.
• Because in most of the cases messages are longer than the encryption block mode,
this mode has a minimum practical value. Disadvantages of using ECB
• For lengthy messages, the ECB mode may not be secure.
• If the message is highly structured, it may be possible for a cryptanalyst to • Prone to cryptanalysis since there is a direct relationship between
exploit these regularities. plaintext and ciphertext.
• Starting and Ending with the same text.
• Same text repeating multiple times in the plain text.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Properties for evaluating and constructing block cipher 2. Cipher Block

modes Chaining Mode (CBC)
• These properties are applied to modes superior to ECB. • To overcome the security deficiencies of
• Overhead: ECB, we would like a technique in
• The additional operations for the encryption and decryption operation when which the same plaintext block, if
compared to encrypting and decrypting in the ECB mode.
repeated, produces different ciphertext
blocks.
• Error recovery: • Input to the encryption algorithm is the
• The property that an error in the ith ciphertext block is inherited by only a few XOR of the current plaintext block and
plaintext blocks after which the mode resynchronizes. the preceding ciphertext block.
• Error propagation: • The same key is used for each block.
• The property that an error in the ith ciphertext block is inherited by the ith and all • Therefore, repeating patterns of b bits
subsequent plaintext blocks. are not exposed.
• Diffusion: • For decryption, each cipher block is
passed through the decryption
• How the plaintext statistics are reflected in the ciphertext. algorithm.
• Security: • The result is XORed with the preceding
• Whether or not the ciphertext blocks leak information about the plaintext blocks. ciphertext block to produce the
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of plaintext block. Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 39 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

2. Cipher Block Chaining Mode (CBC) (Contd…) Advantages of CBC

• CBC works well for input greater than b bits.
• CBC is a good authentication mechanism.
• The IV (Initialization Vector) is a data block that is the same size as • Better resistive nature towards cryptanalysis than ECB.
the cipher block.
• The IV must be known to both the sender and receiver but be Disadvantages of CBC
unpredictable by a third party.
• For maximum security, the IV should be protected against • Parallel encryption is not possible since every encryption requires a
unauthorized changes. previous cipher.
• This could be done by sending the IV using ECB encryption.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

3. Cipher Feedback Mode

(CFB) Advantages of CFB
• This mode is used to convert a • Since, there is some data loss due to the use of shift register, thus it is
block cipher into stream cipher. difficult for applying cryptanalysis.
• Rather than blocks of b bits, the
plaintext is divided into segments Disadvantages of CFB
of s bits.
• We get segments of Cipher Text of • The drawbacks of CFB are the same as those of CBC mode.
length s bits.
• Both block losses and concurrent encryption of several blocks are
not supported by the encryption.
• Decryption, however, is parallelizable and loss-tolerant.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 40 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

4. Output Feedback
Mode (OFB)
Advantages of OFB
• Operation is similar to that • In the case of CFB, a single bit error in a block is propagated to all
of CFB mode. subsequent blocks.
• Nonce value is already • This problem is solved by OFB as it is free from bit errors in the
known. plaintext block.

Disadvantages of OFB
• The drawback of OFB is that, because to its operational modes, it
is more susceptible to a message stream modification attack
than CFB.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

5. Counter Mode (CTR)

Advantages of CTR
• A counter equal to the
plaintext block size is used.
• Hardware efficiency
• The counter value must be • Parallel processing is possible.
different for each plaintext • Software efficiency
block that is encrypted. • As parallelization is possible, aggressive pipelining takes place internally which
reduces the time for completion.
• Typically, the counter is • Preprocessing
initialized to some value and • The execution of the underlying encryption algorithm does not depend on input of
the plaintext or ciphertext.
then incremented by 1 for
each subsequent block • Random access
• The ith block of plaintext or ciphertext can be processed in random-access fashion.
(modulo 2b, where b is the • Simplicity
block size). • No decryption algorithm is used.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 41 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Disadvantages of CTR Comparison of Block Cipher Operations

• The fact that CTR mode requires a synchronous counter at both the
transmitter and the receiver is a severe drawback.
• The recovery of plaintext is erroneous when synchronization is lost.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

RC4 RC4 Block Diagram

• RC4 is a stream cipher that was designed in 1984 by Ronald Rivest for
Data Security.
• Uses:
• SSL/TLS
• IEEE802.11 wireless LAN standard
• RC4 is a byte-oriented stream cipher in which a byte (8 bits) of a
plaintext is exclusive-ored with a byte of key to produce a byte of a
ciphertext.
• Key: Variable length : 1 to 256 bytes
• State Vector: 256 Bytes

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 42 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

RC4 Idea of RC4

• RC4 algorithm contains 2 functions internally,

• Key Scheduling Algorithm (KSA)
• Used to generate the state array S.
• Pseudo Random Generation Algorithm (PRGA)
• Generates the Key Stream
• XOR key stream with the data to generate encrypted stream

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

2. Pseudo Random Generator Algorithm

1. Key Scheduling Algorithm (KSA)
(PRGA)
Initialization
• The keys in the key stream, the k’s, are generated,
S[i] one by one.
Index 0 1 2 3 4 …………….. 254 255 • First, the state is permuted based on the values of
Position
state elements and the values of two individual
Value 0 1 2 3 4 …………….. 254 255
variables, i and j.
K[i] Key= [1 2 2 2] • Second, the values of two state elements in
Permutation positions i and j are used to define the index of the
Index 0 1 2 3 4 5 ……… 254 255
Position state element that serves as k.
Value 1 2 2 2 1 2 ……… 2 2 • The following code is repeated for each byte of the
plaintext to create a new key element in the key
stream.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 43 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

RC4 Example of RC4 Encryption

Overall
Working • Simplified form of RC4 is used for the purposes of illustration.
• Plain Text: 4 Bytes [1 2 2 2]
• Key: 4 Bytes [1 2 3 6]
• State Vector: 8 Bytes

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Permutation 1. Key Scheduling

Encryption: Position 0 1 2 3 4 5 6 7
Algorithm (KSA)
1. Key Scheduling Algorithm (KSA) S

K
0
1
1
2
2
3
3
6
4
1
5
2
6
3
7
6
Initialization Initialization
i=0 j= 0+s[0]+k[0] mod 8
j= (0 + 0 + 1) mod 8 = 1 Swap(s[0],s[1]) ➔ S [1 0 2 3 4 5 6 7]
S[i] i=1 j= 1+s[1]+k[1] mod 8
Index 0 1 2 3 4 5 6 7 j= (1 + 0 + 2) mod 8 = 3 Swap(s[1],s[3]) ➔ S [1 3 2 0 4 5 6 7]
Position i=2 j= 3+s[2]+k[2] mod 8
Value 0 1 2 3 4 5 6 7 j= (3 + 2 + 3) mod 8 = 0 Swap(s[2],s[0]) ➔ S [2 3 1 0 4 5 6 7]
i=3 j= 0+s[3]+k[3] mod 8
K[i] Key= [1 2 3 6] j= (0 + 0 + 6) mod 8 = 6 Swap(s[3],s[6]) ➔ S [2 3 1 6 4 5 0 7]
Permutation i=4 j= 6+s[4]+k[4] mod 8 Permutation
Index 0 1 2 3 4 5 6 7 j= (6 + 4 + 1) mod 8 = 3 Swap(s[4],s[3]) ➔ S [2 3 1 4 6 5 0 7]
Position i=5 j= 3+s[5]+k[5] mod 8
Value 1 2 3 6 1 2 3 6 j= (3 + 5 + 2) mod 8 = 2 Swap(s[5],s[2]) ➔ S [2 3 5 4 6 1 0 7]
i=6 j= 2+s[6]+k[6] mod 8
j= (2 + 0 + 3) mod 8 = 5 Swap(s[6],s[5]) ➔ S [2 3 5 4 6 0 1 7]
i=7 j= 5+s[7]+k[7] mod 8
j= (5 + 7 + 6) mod 8 = 2 Swap(s[7],s[2]) ➔ S [2 3 7 4 6 0 1 5]
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 44 of 45
 Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore.

Position 0 1 2 3 4 5 6 7
S 2 3 7 4 6 0 1 5 2. Pseudo Random Decryption:
K 1 2 3 6 1 2 3 6 Generator
P [1] i=0 ; j=0
i= 1; j= (0+s[1]) = 3 PT = 0 0 0 1
Algorithm (PRGA) 1. Key Scheduling Algorithm (KSA)
Initialization
Swap (S[1], S[3]) ➔ S [2 4 7 3 6 0 1 5] K = 0101
K= S[(S[1]+S[3]) mod 8] = S[(4+3) mod 8] = S[7] = 5 XOR = 0 1 0 0 ➔ 4
P[2] i=1 ; j=3 S[i]
i= 2; j= (3+s[2]) = 10 mod 8 = 2 PT = 0 0 1 0
Index 0 1 2 3 4 5 6 7
Swap (S[2], S[2]) ➔ S [2 4 7 3 6 0 1 5] K = 0001
K= S[(S[2]+S[2]) mod 8] = S[(7+7) mod 8] = S[6] = 1 XOR = 0 0 1 1 ➔ 3 Position
P[2] i=2 ; j=2 Value 0 1 2 3 4 5 6 7
i= 3; j= (2+s[3]) = 5 PT = 0 0 1 0
Swap (S[3], S[5]) ➔ S [2 4 7 0 6 3 1 5] K = 0000 K[i] Key= [1 2 3 6]
K= S[(S[3]+S[5]) mod 8] = S[(0+3) mod 8] = S[3] = 0 XOR = 0 0 1 0 ➔ 2 Permutation
P[2]
Index 0 1 2 3 4 5 6 7
i=3 ; j=5
i= 4; j= (5+s[4]) = 3 PT = 0 0 1 0 Position
Swap (S[4], S[3]) ➔ S [2 4 7 6 0 3 1 5] K = 0001 Value 1 2 3 6 1 2 3 6
K= S[(S[4]+S[3]) mod 8] = S[(0+6) mod 8] = S[6] = 1 XOR = 0 0 1 1 ➔ 3
CT → [4 3 2 3]

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Position 0 1 2 3 4 5 6 7
Permutation 1. Key Scheduling S 2 3 7 4 6 0 1 5 2. Pseudo Random
Position 0 1 2 3 4 5 6 7
Algorithm (KSA) K 1 2 3 6 1 2 3 6 Generator
S 0 1 2 3 4 5 6 7
K
CT [4] i=0 ; j=0 Algorithm (PRGA)
1 2 3 6 1 2 3 6 Initialization i= 1; j= (0+s[1]) = 3 CT = 0 1 0 0
i=0 j= 0+s[0]+k[0] mod 8 Swap (S[1], S[3]) ➔ S [2 4 7 3 6 0 1 5] K = 0101
j= (0 + 0 + 1) mod 8 = 1 Swap(s[0],s[1]) ➔ S [1 0 2 3 4 5 6 7] K= S[(S[1]+S[3]) mod 8] = S[(4+3) mod 8] = S[7] = 5 XOR = 0 0 0 1 ➔ 1
CT [3] i=1 ; j=3
i=1 j= 1+s[1]+k[1] mod 8
j= (1 + 0 + 2) mod 8 = 3 Swap(s[1],s[3]) ➔ S [1 3 2 0 4 5 6 7] i= 2; j= (3+s[2]) = 10 mod 8 = 2 CT = 0 0 1 1
Swap (S[2], S[2]) ➔ S [2 4 7 3 6 0 1 5] K = 0001
i=2 j= 3+s[2]+k[2] mod 8 K= S[(S[2]+S[2]) mod 8] = S[(7+7) mod 8] = S[6] = 1 XOR = 0 0 1 0 ➔ 2
j= (3 + 2 + 3) mod 8 = 0 Swap(s[2],s[0]) ➔ S [2 3 1 0 4 5 6 7]
CT [2] i=2 ; j=2
i=3 j= 0+s[3]+k[3] mod 8 i= 3; j= (2+s[3]) = 5 CT = 0 0 1 0
j= (0 + 0 + 6) mod 8 = 6 Swap(s[3],s[6]) ➔ S [2 3 1 6 4 5 0 7] Swap (S[3], S[5]) ➔ S [2 4 7 0 6 3 1 5] K = 0000
i=4 j= 6+s[4]+k[4] mod 8 Permutation K= S[(S[3]+S[5]) mod 8] = S[(0+3) mod 8] = S[3] = 0 XOR = 0 0 1 0 ➔ 2
j= (6 + 4 + 1) mod 8 = 3 Swap(s[4],s[3]) ➔ S [2 3 1 4 6 5 0 7] CT [3] i=3 ; j=5
i=5 j= 3+s[5]+k[5] mod 8 i= 4; j= (5+s[4]) = 3 PT = 0 0 1 1 C
j= (3 + 5 + 2) mod 8 = 2 Swap(s[5],s[2]) ➔ S [2 3 5 4 6 1 0 7] Swap (S[4], S[3]) ➔ S [2 4 7 6 0 3 1 5] K = 0001
K= S[(S[4]+S[3]) mod 8] = S[(0+6) mod 8] = S[6] = 1 XOR = 0 0 1 0 ➔ 2 P C
i=6 j= 2+s[6]+k[6] mod 8 P
j= (2 + 0 + 3) mod 8 = 5 Swap(s[6],s[5]) ➔ S [2 3 5 4 6 0 1 7] CT → [1 2 2 2]
i=7 j= 5+s[7]+k[7] mod 8
j= (5 + 7 + 6) mod 8 = 2 Swap(s[7],s[2]) ➔ S [2 3 7 4 6 0 1 5]
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, SCOPE, VIT, Vellore. Page 45 of 45