+ All Categories
Home > Documents > concept2.1.2

concept2.1.2

Date post: 03-Jun-2018
Category:

Documents
Upload: avinashthegreat9
View: 214 times
Download: 0 times
Download Report this document
Share this document with a friend

of 12

Download
Transcript

  • 8/12/2019 concept2.1.2

    1/12

    ENCRYPTION:

    Incryptography,encryptionis the process of encoding messages or information in such a way

    that only authorized parties can read it.[1]

    Encryption doesn't prevent hacking but it reduces the

    likelihood that the hacker will be able to read the data that is encrypted.[2]:374

    In an encryption

    scheme, the message or information, referred to asplaintext,is encrypted using an encryption

    algorithm, turning it into an unreadableciphertext.[2]

    This is usually done with the use of

    anencryption key,which specifies how the message is to be encoded. Any adversary that can see

    the ciphertext should not be able to determine anything about the original message. An

    authorized party, however, is able to decode the ciphertext using a decryption algorithm, that

    usually requires a secret decryption key, that adversaries do not have access to. For technical

    reasons, an encryption scheme usually needs a key-generation algorithm to randomly produce

    keys.

    There are two kinds of encryption,

    1)Symmetric key encryption

    2)public key encryption

    Symmetric key encryption

    InSymmetric-keyschemes,[3]

    the encryption and decryption keys are the same. Thus

    communicating parties must agree on a secret key before they wish to communicate.

    Public key encryption

    Illustration of how a file or document is sent usingPublic key encryption.

    Inpublic-key encryptionschemes, the encryption key is published for anyone to use and encryptmessages. However, only the receiving party has access to the decryption key and is capable of

    reading the encrypted messages.[4]

    Public-key encryption is a relatively recent invention:

    historically, all encryption schemes have been symmetric-key (also called private-key)

    schemes.[2]:478

    One of the earliestpublic key encryptionapplications was calledPretty Good Privacy(PGP). Itwas written in 1991 byPhil Zimmermannand was purchased bySymantecin 2010.

    Working of encryption:

    Encryption has long been used by militaries and governments to facilitate secret communication.

    It is now commonly used in protecting information within many kinds of civilian systems. Forexample, theComputer Security Institutereported that in 2007, 71% of companies surveyed

    utilized encryption for some of their data in transit, and 53% utilized encryption for some of their

    http://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Encryption#cite_note-1http://en.wikipedia.org/wiki/Encryption#cite_note-1http://en.wikipedia.org/wiki/Encryption#cite_note-1http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Encryption#cite_note-3http://en.wikipedia.org/wiki/Encryption#cite_note-3http://en.wikipedia.org/wiki/Encryption#cite_note-3http://en.wikipedia.org/wiki/Public_key_encryptionhttp://en.wikipedia.org/wiki/Public_key_encryptionhttp://en.wikipedia.org/wiki/Public_key_encryptionhttp://en.wikipedia.org/wiki/Public-key_encryptionhttp://en.wikipedia.org/wiki/Public-key_encryptionhttp://en.wikipedia.org/wiki/Public-key_encryptionhttp://en.wikipedia.org/wiki/Encryption#cite_note-4http://en.wikipedia.org/wiki/Encryption#cite_note-4http://en.wikipedia.org/wiki/Encryption#cite_note-4http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Public_key_encryptionhttp://en.wikipedia.org/wiki/Public_key_encryptionhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Phil_Zimmermannhttp://en.wikipedia.org/wiki/Phil_Zimmermannhttp://en.wikipedia.org/wiki/Phil_Zimmermannhttp://en.wikipedia.org/wiki/Symantechttp://en.wikipedia.org/wiki/Symantechttp://en.wikipedia.org/wiki/Symantechttp://en.wikipedia.org/wiki/Computer_Security_Institutehttp://en.wikipedia.org/wiki/Computer_Security_Institutehttp://en.wikipedia.org/wiki/Computer_Security_Institutehttp://en.wikipedia.org/wiki/File:Public_key_encryption_keys.pnghttp://en.wikipedia.org/wiki/Computer_Security_Institutehttp://en.wikipedia.org/wiki/Symantechttp://en.wikipedia.org/wiki/Phil_Zimmermannhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Public_key_encryptionhttp://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-4http://en.wikipedia.org/wiki/Public-key_encryptionhttp://en.wikipedia.org/wiki/Public_key_encryptionhttp://en.wikipedia.org/wiki/Encryption#cite_note-3http://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Encryption#cite_note-Goldreich-2http://en.wikipedia.org/wiki/Encryption#cite_note-1http://en.wikipedia.org/wiki/Cryptography

  • 8/12/2019 concept2.1.2

    2/12

    data in storage.[6]

    Encryption can be used to protect data "at rest", such as files on computers and

    storage devices (e.g.USB flash drives). In recent years there have been numerous reports of

    confidential data such as customers' personal records being exposed through loss or theft oflaptops or backup drives. Encrypting such files at rest helps protect them should physical

    security measures fail.Digital rights managementsystems which prevent unauthorized use or

    reproduction of copyrighted material and protect software againstreverse engineering(seealsocopy protection)is another somewhat different example of using encryption on data atrest.

    [citation needed]

    Encryption is also used to protect data in transit, for example data being transferred

    vianetworks(e.g. the Internet,e-commerce),mobile telephones,wireless microphones,wireless

    intercomsystems,Bluetoothdevices and bankautomatic teller machines.There have beennumerous reports of data in transit being intercepted in recent years.

    [7]Encrypting data in transit

    also helps to secure it as it is often difficult to physically secure all access to networks.[citation

    needed]

    Message verification[edit]

    Encryption, by itself, can protect the confidentiality of messages, but other techniques are stillneeded to protect the integrity and authenticity of a message; for example, verification ofamessage authentication code(MAC) or adigital signature.Standards forcryptographic

    softwareand hardware to perform encryption are widely available, but successfully using

    encryption to ensure security may be a challenging problem. A single slip-up in system design orexecution can allow successful attacks. Sometimes an adversary can obtain unencrypted

    information without directly undoing the encryption. See, e.g.,traffic analysis,TEMPEST,

    orTrojan horse.[citation needed]

    Digital signature and encryption must be applied at message creation time (i.e. on the samedevice it has been composed) to avoid tampering. Otherwise any node between the sender and

    the encryption agent could potentially tamper it. It should be noted that encrypting at the time of

    creation only adds security if the encryption device itself has not been tampered with.

    Encryption algorithms are of different types

    1) RSA algorithm2) DES algorithm3) AES algorithm

    RSA algorithm :

    RSAis acryptosystem,which is known as one of the first practicablepublic-keycryptosystemsand is widely used for secure data transmission. In such a cryptosystem,

    theencryption keyis public and differs from thedecryption keywhich is kept secret. In RSA,

    this asymmetry is based on the practical difficulty offactoringthe product of two largeprime

    numbers,thefactoring problem.RSA stands forRon Rivest,Adi ShamirandLeonard Adleman,who first publicly described the algorithm in 1977.Clifford Cocks,an English mathematician,

    had developed an equivalent system in 1973, but it wasn'tdeclassifieduntil 1997.[1]

    A user of RSA creates and then publishes theproductof two largeprime numbers,along with an

    auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use thepublic key to encrypt a message, but with currently published methods, if the public key is large

    enough, only someone with knowledge of the prime factors can feasibly decode the

    http://en.wikipedia.org/wiki/Encryption#cite_note-6http://en.wikipedia.org/wiki/Encryption#cite_note-6http://en.wikipedia.org/wiki/USB_flash_driveshttp://en.wikipedia.org/wiki/USB_flash_driveshttp://en.wikipedia.org/wiki/USB_flash_driveshttp://en.wikipedia.org/wiki/Digital_rights_managementhttp://en.wikipedia.org/wiki/Digital_rights_managementhttp://en.wikipedia.org/wiki/Digital_rights_managementhttp://en.wikipedia.org/wiki/Reverse_engineeringhttp://en.wikipedia.org/wiki/Reverse_engineeringhttp://en.wikipedia.org/wiki/Reverse_engineeringhttp://en.wikipedia.org/wiki/Copy_protectionhttp://en.wikipedia.org/wiki/Copy_protectionhttp://en.wikipedia.org/wiki/Copy_protectionhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/E-commercehttp://en.wikipedia.org/wiki/E-commercehttp://en.wikipedia.org/wiki/E-commercehttp://en.wikipedia.org/wiki/Mobile_telephonehttp://en.wikipedia.org/wiki/Mobile_telephonehttp://en.wikipedia.org/wiki/Mobile_telephonehttp://en.wikipedia.org/wiki/Wireless_microphonehttp://en.wikipedia.org/wiki/Wireless_microphonehttp://en.wikipedia.org/wiki/Wireless_microphonehttp://en.wikipedia.org/wiki/Wireless_intercomhttp://en.wikipedia.org/wiki/Wireless_intercomhttp://en.wikipedia.org/wiki/Wireless_intercomhttp://en.wikipedia.org/wiki/Wireless_intercomhttp://en.wikipedia.org/wiki/Bluetoothhttp://en.wikipedia.org/wiki/Bluetoothhttp://en.wikipedia.org/wiki/Bluetoothhttp://en.wikipedia.org/wiki/Automatic_teller_machinehttp://en.wikipedia.org/wiki/Automatic_teller_machinehttp://en.wikipedia.org/wiki/Automatic_teller_machinehttp://en.wikipedia.org/wiki/Encryption#cite_note-7http://en.wikipedia.org/wiki/Encryption#cite_note-7http://en.wikipedia.org/wiki/Encryption#cite_note-7http://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/w/index.php?title=Encryption&action=edit&section=5http://en.wikipedia.org/w/index.php?title=Encryption&action=edit&section=5http://en.wikipedia.org/w/index.php?title=Encryption&action=edit&section=5http://en.wikipedia.org/wiki/Message_authentication_codehttp://en.wikipedia.org/wiki/Message_authentication_codehttp://en.wikipedia.org/wiki/Message_authentication_codehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Cryptographic_softwarehttp://en.wikipedia.org/wiki/Cryptographic_softwarehttp://en.wikipedia.org/wiki/Cryptographic_softwarehttp://en.wikipedia.org/wiki/Cryptographic_softwarehttp://en.wikipedia.org/wiki/Traffic_analysishttp://en.wikipedia.org/wiki/Traffic_analysishttp://en.wikipedia.org/wiki/Traffic_analysishttp://en.wikipedia.org/wiki/TEMPESThttp://en.wikipedia.org/wiki/TEMPESThttp://en.wikipedia.org/wiki/TEMPESThttp://en.wikipedia.org/wiki/Trojan_horse_(computing)http://en.wikipedia.org/wiki/Trojan_horse_(computing)http://en.wikipedia.org/wiki/Trojan_horse_(computing)http://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Encryption_keyhttp://en.wikipedia.org/wiki/Encryption_keyhttp://en.wikipedia.org/wiki/Encryption_keyhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Factorizationhttp://en.wikipedia.org/wiki/Factorizationhttp://en.wikipedia.org/wiki/Factorizationhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Factoring_problemhttp://en.wikipedia.org/wiki/Factoring_problemhttp://en.wikipedia.org/wiki/Factoring_problemhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Clifford_Cockshttp://en.wikipedia.org/wiki/Clifford_Cockshttp://en.wikipedia.org/wiki/Clifford_Cockshttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-1http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-1http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-1http://en.wikipedia.org/wiki/Product_(mathematics)http://en.wikipedia.org/wiki/Product_(mathematics)http://en.wikipedia.org/wiki/Product_(mathematics)http://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Product_(mathematics)http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-1http://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Clifford_Cockshttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Factoring_problemhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Factorizationhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Encryption_keyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Trojan_horse_(computing)http://en.wikipedia.org/wiki/TEMPESThttp://en.wikipedia.org/wiki/Traffic_analysishttp://en.wikipedia.org/wiki/Cryptographic_softwarehttp://en.wikipedia.org/wiki/Cryptographic_softwarehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Message_authentication_codehttp://en.wikipedia.org/w/index.php?title=Encryption&action=edit&section=5http://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Encryption#cite_note-7http://en.wikipedia.org/wiki/Automatic_teller_machinehttp://en.wikipedia.org/wiki/Bluetoothhttp://en.wikipedia.org/wiki/Wireless_intercomhttp://en.wikipedia.org/wiki/Wireless_intercomhttp://en.wikipedia.org/wiki/Wireless_microphonehttp://en.wikipedia.org/wiki/Mobile_telephonehttp://en.wikipedia.org/wiki/E-commercehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Copy_protectionhttp://en.wikipedia.org/wiki/Reverse_engineeringhttp://en.wikipedia.org/wiki/Digital_rights_managementhttp://en.wikipedia.org/wiki/USB_flash_driveshttp://en.wikipedia.org/wiki/Encryption#cite_note-6

  • 8/12/2019 concept2.1.2

    3/12

    message.[2]

    Breaking RSAencryptionis known as theRSA problem.It is an open question

    whether it is as hard as the factoring problem.

    Key generation[edit]

    RSA involves apublic keyand aprivate key.The public key can be known by everyone and is

    used for encrypting messages. Messages encrypted with the public key can only be decrypted ina reasonable amount of time using the private key. The keys for the RSA algorithm are generated

    the following way:

    1. Choose two distinctprime numberspand q.2. For security purposes, the integerspand qshould be chosen at random, and should be of

    similar bit-length. Prime integers can be efficiently found using aprimality test.

    3.Compute n=pq. nis used as themodulusfor both the public and private keys. Its length,

    usually expressed in bits, is thekey length.

    4.Compute (n) = (p)(q) = (p 1)(q 1), where isEuler's totient function.

    5.Choose an integer esuch that 1 < e< (n) andgcd(e, (n)) = 1; i.e., eand (n) arecoprime.

    eis released as the public key exponent. ehaving a shortbit-lengthand smallHamming weightresults in more efficient

    encryptionmost commonly216

    + 1 = 65,537. However, much smaller values

    of e(such as 3) have been shown to be less secure in some settings.[5]

    6.Determine das de1(mod (n)); i.e., dis themultiplicative inverseof e(modulo (n)).

    This is more clearly stated as: solve for dgiven de 1 (mod (n)) This is often computed using theextended Euclidean algorithm.Using the

    pseudocode in theModular integerssection, inputs aand ncorrespond to eand (n),

    respectively.

    dis kept as the private key exponent.Thepublic keyconsists of the modulus nand the public (or encryption) exponent e.

    Theprivate keyconsists of the modulus nand the private (or decryption) exponent d, which

    must be kept secret.p, q, and (n) must also be kept secret because they can be used tocalculate d.

    An alternative, used byPKCS#1,is to choose dmatching de 1 (mod )with =lcm(p 1,q 1), where lcm is theleast common multiple.Using instead of (n)

    allows more choices for d. can also be defined using theCarmichael function,(n).

    http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2http://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/RSA_problemhttp://en.wikipedia.org/wiki/RSA_problemhttp://en.wikipedia.org/wiki/RSA_problemhttp://en.wikipedia.org/w/index.php?title=RSA_(cryptosystem)&action=edit&section=3http://en.wikipedia.org/w/index.php?title=RSA_(cryptosystem)&action=edit&section=3http://en.wikipedia.org/w/index.php?title=RSA_(cryptosystem)&action=edit&section=3http://en.wikipedia.org/wiki/Private_keyhttp://en.wikipedia.org/wiki/Private_keyhttp://en.wikipedia.org/wiki/Private_keyhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Primality_testhttp://en.wikipedia.org/wiki/Primality_testhttp://en.wikipedia.org/wiki/Primality_testhttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Euler%27s_totient_functionhttp://en.wikipedia.org/wiki/Euler%27s_totient_functionhttp://en.wikipedia.org/wiki/Euler%27s_totient_functionhttp://en.wikipedia.org/wiki/Greatest_common_divisorhttp://en.wikipedia.org/wiki/Greatest_common_divisorhttp://en.wikipedia.org/wiki/Greatest_common_divisorhttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Bit-lengthhttp://en.wikipedia.org/wiki/Bit-lengthhttp://en.wikipedia.org/wiki/Bit-lengthhttp://en.wikipedia.org/wiki/Hamming_weighthttp://en.wikipedia.org/wiki/Hamming_weighthttp://en.wikipedia.org/wiki/Hamming_weighthttp://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-Boneh-5http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-Boneh-5http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-Boneh-5http://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Extended_Euclidean_algorithmhttp://en.wikipedia.org/wiki/Extended_Euclidean_algorithmhttp://en.wikipedia.org/wiki/Extended_Euclidean_algorithmhttp://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/Least_common_multiplehttp://en.wikipedia.org/wiki/Least_common_multiplehttp://en.wikipedia.org/wiki/Least_common_multiplehttp://en.wikipedia.org/wiki/Carmichael_functionhttp://en.wikipedia.org/wiki/Carmichael_functionhttp://en.wikipedia.org/wiki/Carmichael_functionhttp://en.wikipedia.org/wiki/Carmichael_functionhttp://en.wikipedia.org/wiki/Least_common_multiplehttp://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/Extended_Euclidean_algorithmhttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-Boneh-5http://en.wikipedia.org/wiki/Hamming_weighthttp://en.wikipedia.org/wiki/Bit-lengthhttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Greatest_common_divisorhttp://en.wikipedia.org/wiki/Euler%27s_totient_functionhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Primality_testhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Private_keyhttp://en.wikipedia.org/w/index.php?title=RSA_(cryptosystem)&action=edit&section=3http://en.wikipedia.org/wiki/RSA_problemhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2

  • 8/12/2019 concept2.1.2

    4/12

    TheANSI X9.31standard prescribes,IEEE 1363describes, andPKCS#1allows,thatpand qmatch additional requirements: beingstrong primes,and being different

    enough thatFermat factorizationfails.

    2)DES algorithm:

    The Data Encryption Standard(DES,/diis/or/dz/)is a previouslypredominantsymmetric-key algorithmfor theencryptionof electronic data. It was highly

    influential in the advancement of moderncryptographyin the academic world. Developed in theearly 1970s atIBMand based on an earlier design byHorst Feistel,the algorithm was submitted

    to theNational Bureau of Standards(NBS) following the agency's invitation to propose a

    candidate for the protection of sensitive, unclassified electronic government data. In 1976, after

    consultation with theNational Security Agency(NSA), the NBS eventually selected a slightlymodified version, which was published as an officialFederal Information Processing

    Standard(FIPS) for theUnited Statesin 1977. The publication of an NSA-approved encryption

    standard simultaneously resulted in its quick international adoption and widespread academic

    scrutiny. Controversies arose out ofclassifieddesign elements, a relatively shortkey lengthofthesymmetric-keyblock cipherdesign, and the involvement of the NSA, nourishing suspicions

    about abackdoor.The intense academic scrutiny the algorithm received over time led to themodern understanding of block ciphers and theircryptanalysis.

    DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key

    size being too small; in January, 1999,distributed.netand theElectronic Frontier

    Foundationcollaborated to publicly break a DES key in 22 hours and 15 minutes

    (seechronology). There are also some analytical results which demonstrate theoreticalweaknesses in the cipher, although they are infeasible to mount in practice. The algorithm is

    believed to be practically secure in the form ofTriple DES,although there are theoretical attacks.

    In recent years, the cipher has been superseded by theAdvanced Encryption Standard(AES).Furthermore, DES has been withdrawn as a standard by theNational Institute of Standards and

    Technology(formerly the National Bureau of Standards).

    Some documentation makes a distinction between DES as a standard and DES as an algorithm,

    referring to the algorithm as the DEA(Data Encryption Algorithm).

    HISTORY OF DES :

    The origins of DES go back to the early 1970s. In 1972, after concluding a study on the US

    government'scomputer securityneeds, the US standards body NBS (National Bureau of

    Standards)now namedNIST(National Institute of Standards and Technology)identified a

    need for a government-wide standard for encrypting unclassified, sensitive

    information.[1]

    Accordingly, on 15 May 1973, after consulting with the NSA, NBS solicitedproposals for a cipher that would meet rigorous design criteria. None of the submissions,

    however, turned out to be suitable. A second request was issued on 27 August 1974. Thistime,IBMsubmitted a candidate which was deemed acceptablea cipher developed during the

    period 19731974 based on an earlier algorithm,Horst Feistel'sLucifercipher. The team at IBM

    involved in cipher design and analysis included Feistel,Walter Tuchman,Don Coppersmith,

    Alan Konheim, Carl Meyer, Mike Matyas,Roy Adler,Edna Grossman,Bill Notz, Lynn Smith,andBryant Tuckerman.

    http://en.wikipedia.org/w/index.php?title=ANSI_X9.31&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=ANSI_X9.31&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=ANSI_X9.31&action=edit&redlink=1http://en.wikipedia.org/wiki/P1363http://en.wikipedia.org/wiki/P1363http://en.wikipedia.org/wiki/P1363http://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/Strong_primehttp://en.wikipedia.org/wiki/Strong_primehttp://en.wikipedia.org/wiki/Fermat_factorizationhttp://en.wikipedia.org/wiki/Fermat_factorizationhttp://en.wikipedia.org/wiki/Fermat_factorizationhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/IBMhttp://en.wikipedia.org/wiki/IBMhttp://en.wikipedia.org/wiki/IBMhttp://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/National_Bureau_of_Standardshttp://en.wikipedia.org/wiki/National_Bureau_of_Standardshttp://en.wikipedia.org/wiki/National_Bureau_of_Standardshttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/United_Stateshttp://en.wikipedia.org/wiki/United_Stateshttp://en.wikipedia.org/wiki/United_Stateshttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/Backdoor_(computing)http://en.wikipedia.org/wiki/Backdoor_(computing)http://en.wikipedia.org/wiki/Backdoor_(computing)http://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Distributed.nethttp://en.wikipedia.org/wiki/Distributed.nethttp://en.wikipedia.org/wiki/Distributed.nethttp://en.wikipedia.org/wiki/Electronic_Frontier_Foundationhttp://en.wikipedia.org/wiki/Electronic_Frontier_Foundationhttp://en.wikipedia.org/wiki/Electronic_Frontier_Foundationhttp://en.wikipedia.org/wiki/Electronic_Frontier_Foundationhttp://en.wikipedia.org/wiki/Data_Encryption_Standard#Chronologyhttp://en.wikipedia.org/wiki/Data_Encryption_Standard#Chronologyhttp://en.wikipedia.org/wiki/Data_Encryption_Standard#Chronologyhttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Advanced_Encryption_Standardhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standardhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standardhttp://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technologyhttp://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technologyhttp://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technologyhttp://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-1http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-1http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-1http://en.wikipedia.org/wiki/International_Business_Machineshttp://en.wikipedia.org/wiki/International_Business_Machineshttp://en.wikipedia.org/wiki/International_Business_Machineshttp://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/Lucifer_(cipher)http://en.wikipedia.org/wiki/Lucifer_(cipher)http://en.wikipedia.org/wiki/Lucifer_(cipher)http://en.wikipedia.org/wiki/Walter_Tuchmanhttp://en.wikipedia.org/wiki/Walter_Tuchmanhttp://en.wikipedia.org/wiki/Walter_Tuchmanhttp://en.wikipedia.org/wiki/Don_Coppersmithhttp://en.wikipedia.org/wiki/Don_Coppersmithhttp://en.wikipedia.org/wiki/Don_Coppersmithhttp://en.wikipedia.org/wiki/Roy_Adlerhttp://en.wikipedia.org/wiki/Roy_Adlerhttp://en.wikipedia.org/wiki/Roy_Adlerhttp://en.wikipedia.org/wiki/Edna_Grossmanhttp://en.wikipedia.org/wiki/Edna_Grossmanhttp://en.wikipedia.org/wiki/Edna_Grossmanhttp://en.wikipedia.org/wiki/Bryant_Tuckermanhttp://en.wikipedia.org/wiki/Bryant_Tuckermanhttp://en.wikipedia.org/wiki/Bryant_Tuckermanhttp://en.wikipedia.org/wiki/Bryant_Tuckermanhttp://en.wikipedia.org/wiki/Edna_Grossmanhttp://en.wikipedia.org/wiki/Roy_Adlerhttp://en.wikipedia.org/wiki/Don_Coppersmithhttp://en.wikipedia.org/wiki/Walter_Tuchmanhttp://en.wikipedia.org/wiki/Lucifer_(cipher)http://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/International_Business_Machineshttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-1http://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technologyhttp://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technologyhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standardhttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Data_Encryption_Standard#Chronologyhttp://en.wikipedia.org/wiki/Electronic_Frontier_Foundationhttp://en.wikipedia.org/wiki/Electronic_Frontier_Foundationhttp://en.wikipedia.org/wiki/Distributed.nethttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Backdoor_(computing)http://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/United_Stateshttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/National_Bureau_of_Standardshttp://en.wikipedia.org/wiki/Horst_Feistelhttp://en.wikipedia.org/wiki/IBMhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_English#Keyhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Help:IPA_for_Englishhttp://en.wikipedia.org/wiki/Fermat_factorizationhttp://en.wikipedia.org/wiki/Strong_primehttp://en.wikipedia.org/wiki/PKCS1http://en.wikipedia.org/wiki/P1363http://en.wikipedia.org/w/index.php?title=ANSI_X9.31&action=edit&redlink=1

  • 8/12/2019 concept2.1.2

    5/12

    The algorithm as a standard:

    Despite the criticisms, DES was approved as a federal standard in November 1976, and

    published on 15 January 1977 asFIPSPUB 46, authorized for use on all unclassified data. It was

    subsequently reaffirmed as the standard in 1983, 1988 (revised as FIPS-46-1), 1993 (FIPS-46-2),and again in 1999 (FIPS-46-3), the latter prescribing "Triple DES"(see below). On 26 May

    2002, DES was finally superseded by the Advanced Encryption Standard (AES), followingapublic competition.On 19 May 2005, FIPS 46-3 was officially withdrawn, butNISThasapprovedTriple DESthrough the year 2030 for sensitive government information.

    [13]

    The algorithm is also specified in ANSI X3.92,[14]

    NIST SP 800-67[13]

    and ISO/IEC 18033-

    3[15]

    (as a component ofTDEA).

    Another theoretical attack, linear cryptanalysis, was published in 1994, but it was abrute force

    attackin 1998 that demonstrated that DES could be attacked very practically, and highlighted the

    need for a replacement algorithm. These and other methods ofcryptanalysisare discussed inmore detail later in this article.

    The introduction of DES is considered to have been a catalyst for the academic study of

    cryptography, particularly of methods to crack block ciphers. According to a NIST retrospective

    about DES,

    The DES can be said to have "jump started" the nonmilitary study and development of

    encryption algorithms. In the 1970s there were very few cryptographers, except for those

    in military or intelligence organizations, and little academic study of cryptography. There

    are now many active academic cryptologists, mathematics departments with strong

    programs in cryptography, and commercial information security companies and

    consultants. A generation of cryptanalysts has cut its teeth analyzing (that is trying to

    "crack") the DES algorithm. In the words of cryptographerBruce Schneier,[16]

    "DES didmore to galvanize the field of cryptanalysis than anything else. Now there was an

    algorithm to study." An astonishing share of the open literature in cryptography in the

    1970s and 1980s dealt with the DES, and the DES is the standard against which every

    symmetric key algorithm since has been compared.

    http://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standardhttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-SP800-67-13http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-SP800-67-13http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-SP800-67-13http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-14http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-14http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-14http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-SP800-67-13http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-SP800-67-13http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-15http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-15http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-15http://en.wikipedia.org/wiki/TDEAhttp://en.wikipedia.org/wiki/TDEAhttp://en.wikipedia.org/wiki/TDEAhttp://en.wikipedia.org/wiki/Brute_force_attackhttp://en.wikipedia.org/wiki/Brute_force_attackhttp://en.wikipedia.org/wiki/Brute_force_attackhttp://en.wikipedia.org/wiki/Brute_force_attackhttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Bruce_Schneierhttp://en.wikipedia.org/wiki/Bruce_Schneierhttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-16http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-16http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-16http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-16http://en.wikipedia.org/wiki/Bruce_Schneierhttp://en.wikipedia.org/wiki/Cryptanalysishttp://en.wikipedia.org/wiki/Brute_force_attackhttp://en.wikipedia.org/wiki/Brute_force_attackhttp://en.wikipedia.org/wiki/TDEAhttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-15http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-SP800-67-13http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-14http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-SP800-67-13http://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/NISThttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/Triple_DEShttp://en.wikipedia.org/wiki/Federal_Information_Processing_Standard

  • 8/12/2019 concept2.1.2

    6/12

    Description:

    Figure 1The overall Feistel structure of DES

    For brevity, the following description omits the exact transformations and permutations

    which specify the algorithm; for reference, the details can be found inDES supplementary

    material.

    DES is the archetypalblock cipheranalgorithmthat takes a fixed-length stringofplaintextbits and transforms it through a series of complicated operations into

    anotherciphertextbitstring of the same length. In the case of DES, theblock sizeis 64 bits.

    DES also uses akeyto customize the transformation, so that decryption can supposedly only

    be performed by those who know the particular key used to encrypt. The key ostensiblyconsists of 64 bits; however, only 56 of these are actually used by the algorithm. Eight bits

    are used solely for checkingparity,and are thereafter discarded. Hence the effectivekey

    lengthis 56 bits, and it is always quoted as such.

    The key is nominally stored or transmitted as 8bytes,each with odd parity. According toANSI X3.92-1981, section 3.5:

    One bit in each 8-bit byte of theKEYmay be utilized for error detection in key

    generation, distribution, and storage. Bits 8, 16,..., 64 are for use in ensuring that each

    byte is of odd parity.

    Like other block ciphers, DES by itself is not a secure means of encryption but must instead

    be used in amode of operation.FIPS-81 specifies several modes for use with

    DES.[20]

    Further comments on the usage of DES are contained in FIPS-74.[21]

    Decryption uses the same structure as encryption but with the keys used in reverse order.(This has the advantage that the same hardware or software can be used in both directions.)

    Structure of DES algorithm:

    The algorithm's overall structure is shown in Figure 1: there are 16 identical stages of

    processing, termedrounds. There is also an initial and finalpermutation,termedIPandFP,

    which areinverses(IP "undoes" the action of FP, and vice versa). IP and FP have no

    http://en.wikipedia.org/wiki/File:DES-main-network.pnghttp://en.wikipedia.org/wiki/DES_supplementary_materialhttp://en.wikipedia.org/wiki/DES_supplementary_materialhttp://en.wikipedia.org/wiki/DES_supplementary_materialhttp://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Parity_bithttp://en.wikipedia.org/wiki/Parity_bithttp://en.wikipedia.org/wiki/Parity_bithttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Bytehttp://en.wikipedia.org/wiki/Bytehttp://en.wikipedia.org/wiki/Bytehttp://en.wikipedia.org/wiki/Block_cipher_mode_of_operationhttp://en.wikipedia.org/wiki/Block_cipher_mode_of_operationhttp://en.wikipedia.org/wiki/Block_cipher_mode_of_operationhttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-20http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-20http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-20http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-21http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-21http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-21http://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Inverse_(function)http://en.wikipedia.org/wiki/Inverse_(function)http://en.wikipedia.org/wiki/Inverse_(function)http://en.wikipedia.org/wiki/Inverse_(function)http://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-21http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-20http://en.wikipedia.org/wiki/Block_cipher_mode_of_operationhttp://en.wikipedia.org/wiki/Bytehttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Key_lengthhttp://en.wikipedia.org/wiki/Parity_bithttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Block_cipherhttp://en.wikipedia.org/wiki/DES_supplementary_materialhttp://en.wikipedia.org/wiki/DES_supplementary_materialhttp://en.wikipedia.org/wiki/File:DES-main-network.png

  • 8/12/2019 concept2.1.2

    7/12

    cryptographic significance, but were included in order to facilitate loading blocks in and out

    of mid-1970s 8-bit based hardware.[22]

    Before the main rounds, the block is divided into two 32-bit halves and processed

    alternately; this criss-crossing is known as theFeistel scheme.The Feistel structure ensuresthat decryption and encryption are very similar processesthe only difference is that the

    subkeys are applied in the reverse order when decrypting. The rest of the algorithm isidentical. This greatly simplifies implementation, particularly in hardware, as there is noneed for separate encryption and decryption algorithms.

    The symbol denotes theexclusive-OR(XOR) operation. TheF-functionscrambles half ablock together with some of the key. The output from the F-function is then combined with

    the other half of the block, and the halves are swapped before the next round. After the finalround, the halves are swapped; this is a feature of the Feistel structure which makes

    encryption and decryption similar processes.

    The Feistel (F) function

    The F-function, depicted in Figure 2, operates on half a block (32 bits) at a time and consists

    of four stages:

    Figure 2The Feistel function (F-function) of DES

    1. Expansionthe 32-bit half-block is expanded to 48 bits using the expansionpermutation, denotedEin the diagram, by duplicating half of the bits. The outputconsists of eight 6-bit (8 * 6 = 48 bits) pieces, each containing a copy of 4

    corresponding input bits, plus a copy of the immediately adjacent bit from each of

    the input pieces to either side.

    2. Key mixingthe result is combined with asubkeyusing an XOR operation. 16 48-bit subkeysone for each roundare derived from the main key using thekey

    schedule(described below).

    3. Substitutionafter mixing in the subkey, the block is divided into eight 6-bit piecesbefore processing by theS-boxes,orsubstitution boxes. Each of the eight S-boxes

    replaces its six input bits with four output bits according to a non-linear

    transformation, provided in the form of alookup table.The S-boxes provide the coreof the security of DESwithout them, the cipher would be linear, and trivially

    breakable.

    4. Permutationfinally, the 32 outputs from the S-boxes are rearranged according toa fixedpermutation,theP-box. This is designed so that, after permutation, each S-

    box's output bits are spread across 4 different S boxes in the next round.

    http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-22http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-22http://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-22http://en.wikipedia.org/wiki/Feistel_schemehttp://en.wikipedia.org/wiki/Feistel_schemehttp://en.wikipedia.org/wiki/Feistel_schemehttp://en.wikipedia.org/wiki/XORhttp://en.wikipedia.org/wiki/XORhttp://en.wikipedia.org/wiki/XORhttp://en.wikipedia.org/wiki/File:DES-f-function.pnghttp://en.wikipedia.org/wiki/Key_schedulehttp://en.wikipedia.org/wiki/Key_schedulehttp://en.wikipedia.org/wiki/Key_schedulehttp://en.wikipedia.org/wiki/Key_schedulehttp://en.wikipedia.org/wiki/Substitution_boxhttp://en.wikipedia.org/wiki/Substitution_boxhttp://en.wikipedia.org/wiki/Substitution_boxhttp://en.wikipedia.org/wiki/Lookup_tablehttp://en.wikipedia.org/wiki/Lookup_tablehttp://en.wikipedia.org/wiki/Lookup_tablehttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Lookup_tablehttp://en.wikipedia.org/wiki/Substitution_boxhttp://en.wikipedia.org/wiki/Key_schedulehttp://en.wikipedia.org/wiki/Key_schedulehttp://en.wikipedia.org/wiki/File:DES-f-function.pnghttp://en.wikipedia.org/wiki/XORhttp://en.wikipedia.org/wiki/Feistel_schemehttp://en.wikipedia.org/wiki/Data_Encryption_Standard#cite_note-22

  • 8/12/2019 concept2.1.2

    8/12

    The alternation of substitution from the S-boxes, and permutation of bits from the P-box and

    E-expansion provides so-called "confusion and diffusion" respectively, a concept identified

    byClaude Shannonin the 1940s as a n

    Key schedule:

    Figure 3 illustrates the key schedulefor encryption the algorithm which generates the

    subkeys. Initially, 56 bits of the key are selected from the initial 64 byPermuted Choice1(PC-1)the remaining eight bits are either discarded or used asparitycheck bits. The 56

    bits are then divided into two 28-bit halves; each half is thereafter treated separately. In

    successive rounds, both halves are rotated left by one or two bits (specified for each round),

    and then 48 subkey bits are selected byPermuted Choice 2(PC-2)24 bits from the lefthalf, and 24 from the right. The rotations (denoted by "

  • 8/12/2019 concept2.1.2

    9/12

    fifteen competing designs were presented and evaluated, before the Rijndael cipher was selected

    as the most suitable (seeAdvanced Encryption Standard processfor more details).

    AES became effective as a federal government standard on May 26, 2002 after approval by

    theSecretary of Commerce.AES is included in the ISO/IEC 18033-3 standard. AES is availablein many different encryption packages, and is the first publicly accessible and

    opencipherapproved by theNational Security Agency(NSA) fortop secretinformation whenused in an NSA approved cryptographic module (seeSecurity of AES,below).

    Description of the cipher

    AES is based on a design principle known as a substitution-permutation network, and is fast in

    both software and hardware.[8]

    Unlike its predecessor DES, AES does not use aFeistel network.

    AES is a variant of Rijndael which has a fixedblock sizeof 128bits,and akey sizeof 128, 192,

    or 256 bits. By contrast, the Rijndael specificationper seis specified with block and key sizesthat may be any multiple of 32 bits, both with a minimum of 128 and a maximum of 256 bits.

    AES operates on a 44column-major ordermatrix of bytes, termed thestate, although some

    versions of Rijndael have a larger block size and have additional columns in the state. Most AEScalculations are done in a specialfinite field.

    The key size used for an AES cipher specifies the number of repetitions of transformation rounds

    that convert the input, called the plaintext, into the final output, called the ciphertext. The

    number of cycles of repetition are as follows:

    10 cycles of repetition for 128-bit keys. 12 cycles of repetition for 192-bit keys. 14 cycles of repetition for 256-bit keys.Each round consists of several processing steps, each containing four similar but different stages,

    including one that depends on the encryption key itself. A set of reverse rounds are applied to

    transform ciphertext back into the original plaintext using the same encryption key.

    High-level description of the algorithm

    1. KeyExpansionround keys are derived from the cipher key usingRijndael's keyschedule.AES requires a separate 128-bit round key block for each round plus one more.

    2. InitialRound1.AddRoundKeyeach byte of the state is combined with a block of the round key

    using bitwise xor.

    3. Rounds1.SubBytesa non-linear substitution step where each byte is replaced with another

    according to alookup table.

    2.ShiftRowsa transposition step where the last three rows of the state are shiftedcyclically a certain number of steps.

    3.MixColumnsa mixing operation which operates on the columns of the state,combining the four bytes in each column.

    http://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_processhttp://en.wikipedia.org/wiki/United_States_Secretary_of_Commercehttp://en.wikipedia.org/wiki/United_States_Secretary_of_Commercehttp://en.wikipedia.org/wiki/United_States_Secretary_of_Commercehttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Securityhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Securityhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Securityhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-8http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-8http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-8http://en.wikipedia.org/wiki/Feistel_networkhttp://en.wikipedia.org/wiki/Feistel_networkhttp://en.wikipedia.org/wiki/Feistel_networkhttp://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Bithttp://en.wikipedia.org/wiki/Bithttp://en.wikipedia.org/wiki/Bithttp://en.wikipedia.org/wiki/Key_sizehttp://en.wikipedia.org/wiki/Key_sizehttp://en.wikipedia.org/wiki/Key_sizehttp://en.wikipedia.org/wiki/Column-major_orderhttp://en.wikipedia.org/wiki/Column-major_orderhttp://en.wikipedia.org/wiki/Column-major_orderhttp://en.wikipedia.org/wiki/Finite_field_arithmetichttp://en.wikipedia.org/wiki/Finite_field_arithmetichttp://en.wikipedia.org/wiki/Finite_field_arithmetichttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Rijndael_S-boxhttp://en.wikipedia.org/wiki/Rijndael_S-boxhttp://en.wikipedia.org/wiki/Rijndael_S-boxhttp://en.wikipedia.org/wiki/Rijndael_S-boxhttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Finite_field_arithmetichttp://en.wikipedia.org/wiki/Column-major_orderhttp://en.wikipedia.org/wiki/Key_sizehttp://en.wikipedia.org/wiki/Bithttp://en.wikipedia.org/wiki/Block_size_(cryptography)http://en.wikipedia.org/wiki/Feistel_networkhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-8http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Securityhttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/National_Security_Agencyhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/United_States_Secretary_of_Commercehttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard_process

  • 8/12/2019 concept2.1.2

    10/12

    4.AddRoundKey4. Final Round (no MixColumns)

    1.SubBytes2.ShiftRows3.AddRoundKey.

    The SubBytes step

    In the SubBytes step, each byte in the state is replaced with its entry in a fixed 8-bit lookup

    table, S; bij= S(aij).

    In the SubBytes step, each byte in thestatematrix is replaced with a SubByte using an8-bitsubstitution box,theRijndael S-box.This operation provides the non-linearity in thecipher.

    The S-box used is derived from themultiplicative inverseoverGF(28), known to have good non-

    linearity properties. To avoid attacks based on simple algebraic properties, the S-box is

    constructed by combining the inverse function with an invertibleaffine transformation.The S-

    box is also chosen to avoid any fixed points (and so is aderangement), i.e., , and alsoany opposite fixed points, i.e., . While performing the decryption, Inverse

    SubBytes step is used, which requires first taking the affine transformation and then finding the

    multiplicative inverse (just reversing the steps used in SubBytes step).

    The ShiftRows step

    In the ShiftRows step, bytes in each row of the state are shifted cyclically to the left. The number

    of places each byte is shifted differs for each row.

    The ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row bya certainoffset.For AES, the first row is left unchanged. Each byte of the second row is shifted

    one to the left. Similarly, the third and fourth rows are shifted by offsets of two and three

    respectively. For blocks of sizes 128 bits and 192 bits, the shifting pattern is the same. Row n isshifted left circular by n-1 bytes. In this way, each column of the output state of

    theShiftRows step is composed of bytes from each column of the input state. (Rijndael variants

    with a larger block size have slightly different offsets). For a 256-bit block, the first row is

    unchanged and the shifting for the second, third and fourth row is 1 byte, 3 bytes and 4 bytesrespectivelythis change only applies for the Rijndael cipher when used with a 256-bit block, as

    http://en.wikipedia.org/wiki/Substitution_boxhttp://en.wikipedia.org/wiki/Substitution_boxhttp://en.wikipedia.org/wiki/Substitution_boxhttp://en.wikipedia.org/wiki/Rijndael_S-boxhttp://en.wikipedia.org/wiki/Rijndael_S-boxhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Multiplicative_inversehttp://en.wikipedia.org/wiki/Multiplicative_inversehttp://en.wikipedia.org/wiki/Multiplicative_inversehttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/Affine_transformationhttp://en.wikipedia.org/wiki/Affine_transformationhttp://en.wikipedia.org/wiki/Derangementhttp://en.wikipedia.org/wiki/Derangementhttp://en.wikipedia.org/wiki/Offset_(computer_science)http://en.wikipedia.org/wiki/Offset_(computer_science)http://en.wikipedia.org/wiki/Offset_(computer_science)http://en.wikipedia.org/wiki/File:AES-ShiftRows.svghttp://en.wikipedia.org/wiki/File:AES-SubBytes.svghttp://en.wikipedia.org/wiki/File:AES-ShiftRows.svghttp://en.wikipedia.org/wiki/File:AES-SubBytes.svghttp://en.wikipedia.org/wiki/File:AES-ShiftRows.svghttp://en.wikipedia.org/wiki/File:AES-SubBytes.svghttp://en.wikipedia.org/wiki/File:AES-ShiftRows.svghttp://en.wikipedia.org/wiki/File:AES-SubBytes.svghttp://en.wikipedia.org/wiki/File:AES-ShiftRows.svghttp://en.wikipedia.org/wiki/File:AES-SubBytes.svghttp://en.wikipedia.org/wiki/File:AES-ShiftRows.svghttp://en.wikipedia.org/wiki/File:AES-SubBytes.svghttp://en.wikipedia.org/wiki/Offset_(computer_science)http://en.wikipedia.org/wiki/Derangementhttp://en.wikipedia.org/wiki/Affine_transformationhttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/Multiplicative_inversehttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Rijndael_S-boxhttp://en.wikipedia.org/wiki/Substitution_box

  • 8/12/2019 concept2.1.2

    11/12

    AES does not use 256-bit blocks. The importance of this step is to avoid the columns being

    linearly independent, in which case, AES degenerates into four independent block ciphers.

    The MixColumns step

    In the MixColumns step, each column of the state is multiplied with a fixed polynomial c(x).

    In the MixColumns step, the four bytes of each column of the state are combined using an

    invertiblelinear transformation.TheMixColumns function takes four bytes as input and outputs

    four bytes, where each input byte affects all four output bytes. Together

    withShiftRows, MixColumns providesdiffusionin the cipher.

    During this operation, each column is multiplied by a fixed matrix:

    Matrix multiplication is composed of multiplication and addition of the entries, and here themultiplication operation can be defined as this: multiplication by 1 means no change,

    multiplication by 2 means shifting to the left, and multiplication by 3 means shifting to the

    left and then performingXORwith the initial unshifted value. After shifting, aconditionalXORwith 0x1B should be performed if the shifted value is larger than 0xFF.

    (These are special cases of the usual multiplication in GF(28).) Addition is simply XOR.

    In more general sense, each column is treated as a polynomial over GF(28) and is then

    multiplied modulo x4+1 with a fixed polynomial c(x) = 0x03 x

    3+ x

    2+ x + 0x02. The

    coefficients are displayed in theirhexadecimalequivalent of the binary representation of bit

    polynomials from GF(2)[x]. The MixColumns step can also be viewed as a multiplication by

    the shown particularMDS matrixin thefinite fieldGF(28). This process is described further

    in the articleRijndael mix columns.

    The AddRoundKey step

    http://en.wikipedia.org/wiki/Linear_transformationhttp://en.wikipedia.org/wiki/Linear_transformationhttp://en.wikipedia.org/wiki/Linear_transformationhttp://en.wikipedia.org/wiki/Diffusion_(cryptography)http://en.wikipedia.org/wiki/Diffusion_(cryptography)http://en.wikipedia.org/wiki/Diffusion_(cryptography)http://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Hexadecimalhttp://en.wikipedia.org/wiki/Hexadecimalhttp://en.wikipedia.org/wiki/Hexadecimalhttp://en.wikipedia.org/wiki/MDS_matrixhttp://en.wikipedia.org/wiki/MDS_matrixhttp://en.wikipedia.org/wiki/MDS_matrixhttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/Rijndael_mix_columnshttp://en.wikipedia.org/wiki/Rijndael_mix_columnshttp://en.wikipedia.org/wiki/Rijndael_mix_columnshttp://en.wikipedia.org/wiki/File:AES-AddRoundKey.svghttp://en.wikipedia.org/wiki/File:AES-MixColumns.svghttp://en.wikipedia.org/wiki/File:AES-AddRoundKey.svghttp://en.wikipedia.org/wiki/File:AES-MixColumns.svghttp://en.wikipedia.org/wiki/File:AES-AddRoundKey.svghttp://en.wikipedia.org/wiki/File:AES-MixColumns.svghttp://en.wikipedia.org/wiki/Rijndael_mix_columnshttp://en.wikipedia.org/wiki/Finite_fieldhttp://en.wikipedia.org/wiki/MDS_matrixhttp://en.wikipedia.org/wiki/Hexadecimalhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Diffusion_(cryptography)http://en.wikipedia.org/wiki/Linear_transformation

  • 8/12/2019 concept2.1.2

    12/12

    In the AddRoundKey step, each byte of the state is combined with a byte of the round

    subkey using theXORoperation ().

    In the AddRoundKey step, the subkey is combined with the state. For each round, a subkey

    is derived from the mainkeyusingRijndael's key schedule;each subkey is the same size as

    the state. The subkey is added by combining each byte of the state with the correspondingbyte of the subkey using bitwiseXOR.

    Optimization of the cipher

    On systems with 32-bit or larger words, it is possible to speed up execution of this cipher by

    combining the SubBytes and ShiftRowssteps with the MixColumns step by transforming

    them into a sequence of table lookups. This requires four 256-entry 32-bit tables, and utilizes

    a total of four kilobytes (4096 bytes) of memoryone kilobyte for each table. A round canthen be done with 16 table lookups and 12 32-bit exclusive-or operations, followed by four

    32-bit exclusive-or operations in the AddRoundKey step.[9]

    If the resulting four-kilobyte table size is too large for a given target platform, the table

    lookup operation can be performed with a single 256-entry 32-bit (i.e. 1 kilobyte) table bythe use of circular rotates.

    Using a byte-oriented approach, it is possible to combine the SubBytes, ShiftRows,

    and MixColumnssteps into a single round operation.

    In our project we have developed our own algorithm for a symmetric key encryption.

    http://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-9http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-9http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-9http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#cite_note-9http://en.wikipedia.org/wiki/Exclusive_orhttp://en.wikipedia.org/wiki/Rijndael_key_schedulehttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Exclusive_or