Cryptography Reference
In-Depth Information
The most recent official formal specification of DES is FIPS 46-3 [77]. The
fascinating history of the development of DES is covered well by Levy [117, 118].
The progress of exhaustive key search analysis against DES can be further explored
by reading Diffie and Hellman's original analysis of DES [60], Wiener's blueprint
for a DES exhaustive key search machine [199], Curtin and Dolske's account of
publicly searching for DES keys using distributed techniques [53], the Electronic
Frontier Foundation's breakthrough hardware design [84] (this topic includes a
discussion of the political motivation behind this work), and the dedicated hardware
device COPACOBANA [50]. The latest official NIST specification of Triple DES is
NIST 800-67 [140].
The AES is published as FIPS 197 [78]. A full technical explanation of the design
methodology behind the AES can be found in Daeman and Rijmen [54]. Enrique
Zabala's flash animations of Rijndael (essentially, the AES) [207] are excellent tools
for visualising the AES encryption process. More details about the other block ciphers
that we mentioned in this chapter can be found for IDEA [116], Twofish [171] and
Serpent [24].
Of general relevance to all block ciphers, the modes of operation ECB, CFB,
CBC, CTR and OFB (which we have not discussed) are all described in NIST
Special Publication 800-38A [134] and ISO/IEC 10116 [1]. NIST also has special
publications on CCM mode [135] and XTS mode [144], with more modes of
operation likely to be standardised in the future. Meet-in-the-middle attacks and
differential and linear cryptanalysis are all explained in detail in, for example,
Vaudenay [194]. Several different padding techniques have been standardised,
including in ISO/IEC 9797 [18], with the Wikipedia web portal [202] being a good
place fromwhich to explore current recommendations. The report by Blaze et al. [36]
provided a benchmark for modern symmetric key lengths and the highly informative
web portal by Giry [89] provides expert guidance that can be used to determine
appropriate symmetric algorithm key lengths.
Most of the symmetric encryption algorithms that we mentioned in this
chapter, as well as several of the modes of operation, have implementations in
CrypTool [52]. We highly recommend simulating 1-bit transmission errors in CBC
mode encryption using CrypTool
in order to generate examples supporting the
analysis in Section 4.6.3.
1
. Explain the main benefits of using a stream cipher and illustrate your discussion
by identifying application environments where:
• stream ciphers are appropriate encryption mechanisms;
• stream ciphers are inappropriate encryption mechanisms.
2
. There are now a reasonable range of publicly known stream ciphers. Provide
examples of (and ideally some information about) some publicly known stream
