Cryptography Reference
In-Depth Information
easy as solving a crossword puzzle or playing Hangman.
2.2.1 DES and Modern Ciphers
There are many different encryption functions that do a good job of
scrambling information into white noise. One of the once practical
and secure encryption algorithms still in use today is the Data En-
cryption Standard (DES) developed by IBM in the 1970s. The system
uses only 56 bits of key information to encrypt 64-bit blocks of data.
Today, the number of the bits in the key is considered too small be-
cause some computer scientists have assembled computers that can
try all 2 55 possible keys in about 48 hours.[Fou98] Newer machines
can search all of the keys even faster.
One of the newest and most efficient replacement for DES is the
Advanced Encryption Standard, an algorithmchosen by the U.S. gov-
ernment after a long, open contest. The algorithm, Rijndael, came
from Joan Daemen and Vincent Rijmen, and narrowly defeated four
other highly qualified finalists. 2 [DR00, DR01]
The basic design of most modern ciphers like DES and Rijndael
was inspired, in part, by some other work of Claude Shannon in
which he proposed that encryption consists of two different and
complementary actions: confusion and diffusion. Confusion con-
sists of scrambling up a message or modifying it in some non-linear
way. The one-time pad system above confuses each letter. Diffusion
involves taking one part of the message and modifying another part
so that each part of the final message depends on many other parts
of the message. There is no diffusion in the one-time pad example
because the total randomness of the key made it unnecessary.
DES consists of sixteen alternating rounds of confusion and dif-
fusion. There are 64 bits that are encrypted in each block of data.
These are split into two 32-bit halves. First, one half is confused by
passingitthroughwhatiscalledan“S-box.”Thisisreallyjustaran-
dom function that is preset to scramble the data in an optimal way.
Then these results are combinedwith the key bits and used to scram-
ble the other half. This is the diffusion because one half of the data
is affecting the other half. This pattern of alternating rounds is often
called a Feistel network .
The alternating rounds would not be necessary if a different S-
box were used for each 64-bit block of the message. Then the cipher
would be the equivalent of a one-time pad. But that would be inef-
ficient because a large file would need a correspondingly large set of
2 Daemen and Rijmen suggest pronouncing the name: ”Reign Dahl”, ”Rain Doll”, or
”Rhine Dahl”.
Search WWH ::




Custom Search