GYANMANJARI INSTITUTE OF TECHNOLOGY

Bachelor of Engineering | Semester : 7 | Computer Engineering

Information Security
Course Code : 3170720

Prof. Mayank K. Champaneri

Computer Engineering Department
 SYLLABUS

UNIT TITLE
1 INTRODUCTION

2 STREAM CIPHERS AND BLOCK CIPHERS

3 MULTIPLE ENCRYPTION AND TRIPLE DES

4 PUBLIC KEY CRYPTOSYSTEMS WITH APPLICATIONS

5 CRYPTOGRAPHIC HASH FUNCTIONS

6 MESSAGE AUTHENTICATION CODES

7 DIGITAL SIGNATURE

8 KEY MANAGEMENT AND DISTRIBUTION

9 REMOTE USER AUTHENTICATION

 UNIT : 3

MULTIPLE ENCRYPTION AND TRIPLE DES

 Looping 4
 Topics to be covered

▪ Multiple encryption and triple DES

▪ Electronic Code Book Mode
▪ Cipher Block Chaining Mode
▪ Cipher Feedback Mode
▪ Output Feedback Mode
▪ Counter Mode
Block Cipher Modes of Operations
▪ To apply a block cipher in a variety of applications, five "modes of
operation" have been defined.
▪ The five modes are intended to cover a wide variety of
applications of encryption for which a block cipher could be used.
▪ These modes are intended for use with any symmetric block
cipher, including triple DES and AES.
1. Electronic Code Book (ECB)
2. Cipher Block Chaining (CBC)
3. Cipher Feedback (CFB)
4. Output Feedback (OFB)
5. Counter (CTR)
1. Electronic Code Book (ECB)
▪ In ECB Mode Plaintext handled one block at a time and each block
of plaintext is encrypted using the same key.
▪ The term codebook is used because, for a given key, there is a
unique ciphertext for every b-bit block of plaintext.
1. ECB Encryption & Decryption
P1 P2 PN
64-bit 64-bit 64-bit
K K K
Encrypt Encrypt … Encrypt

64-bit 64-bit 64-bit

C1 C2 CN

C1 C2 CN
64-bit 64-bit 64-bit
K K K
Decrypt Decrypt … Decrypt

64-bit 64-bit 64-bit

P1 P2 PN
Electronic Code Book - Cont…
▪ Strength: it’s simple.
▪ Weakness:
o Repetitive information contained in the plaintext may show in
the ciphertext, if aligned with blocks.
o If the message has repetitive elements with a period of
repetition a multiple of b bits, then these elements can be
identified by the analyst.
▪ Typical application:
o Secure transmission of short pieces of information (e.g. a
temporary encryption key)
2. Cipher Block Chaining (CBC)
▪ CBC is a technique in which the same plaintext block, if repeated,
produces different ciphertext blocks.
▪ In this scheme, the input to the encryption algorithm is the XOR of
the current plaintext block and the preceding ciphertext block; the
same key is used for each block.
▪ To produce the first block of ciphertext, an initialization vector
(IV) is XORed with the first block of plaintext.
▪ On decryption, the IV is XORed with the output of the decryption
algorithm to recover the first block of plaintext.
2. CBC - Encryption & Decryption
P1 P2 PN
IV CN-1
K K K
Encrypt Encrypt … Encrypt

C1 C2 CN

C1 C2 CN
K K K
Decrypt Decrypt … Decrypt
IV CN-1

P1 P2 PN
2. Cipher Block Chaining (CBC) – Cont…
▪ Strength: because of the chaining mechanism of CBC, it is an
appropriate mode for encrypting messages of length greater than
b bits
▪ Typical application:
o General-purpose block oriented transmission
o Authentication
3. Cipher Feedback Mode (CFB)
▪ For AES, DES, or any block cipher, encryption is performed on a
block of b bits. In DES, b = 64 and in AES, b = 128.

▪ However, it is possible to convert a block cipher into a stream

cipher, using cipher feedback (CFB) mode, output feedback (OFB)
mode, and counter (CTR) mode.

▪ A stream cipher eliminates the need to pad a message to be an

integral number of blocks.
3. CFB Encryption
CN-1
Shift register Shift register
IV b-s bits | s bits b-s bits | s bits
K K K
Encrypt Encrypt Encrypt

Select Discard
s bits b-s bits
Select Discard
s bits b-s bits
… Select Discard
s bits b-s bits
S bits S bits S bits
P1 P2 PN

C1 C2 CN
S bits S bits S bits
3. CFB Decryption
CN-1
Shift register Shift register
IV b-s bits | s bits b-s bits | s bits
K K K
Encrypt Encrypt Encrypt

Select Discard
s bits b-s bits
Select Discard
s bits b-s bits
… Select Discard
s bits b-s bits

C1 C2 CN
S bits S bits S bits

P1 P2 PN
S bits S bits S bits
CFB Mode
▪ The input to the encryption function is a b-bit shift register that is
initially set to some initialization vector (IV).
▪ The leftmost (most significant) s bits of the output of the
encryption function are XORed with the first segment of plaintext
P1 to produce the first unit of ciphertext C1 , which is then
transmitted.
▪ In addition, the contents of the shift register are shifted left by s
bits, and C1 is placed in the rightmost (least significant) s bits of
the shift register.
▪ For decryption, the same scheme is used, except that the received
ciphertext unit is XORed with the output of the encryption
function to produce the plaintext unit.
CFB Mode – Cont…
4. Output Feedback Mode (OFB)
▪ The output feedback (OFB) mode is similar in structure to that of CFB.
▪ For OFB, the output of the encryption function is fed back to become the
input for encrypting the next block of plaintext.
▪ In CFB, the output of the XOR unit is fed back to become input for
encrypting the next block.
▪ The other difference is that the OFB mode operates on full blocks of
plaintext and ciphertext, whereas CFB operates on an s-bit subset.
▪ Nonce: A time-varying value that has at most a negligible chance of
repeating, for example, a random value that is generated anew for each
use, a timestamp, a sequence number, or some combination of these.
4. OFB Encryption

Nonce
K K K
Encrypt Encrypt … Encrypt

P1 P2 PN

C1 C2 CN
4. OFB Decryption

Nonce
K K K
Encrypt Encrypt … Encrypt

C1 C2 CN

P1 P2 PN
OFB Mode
▪ Each bit in the ciphertext is independent of the previous bit or
bits.
▪ This avoids error propagation
▪ Pre-compute of forward cipher is possible
5. Counter Mode (CTR)
▪ Counter (CTR) mode has increased recently with applications to
ATM (asynchronous transfer mode) network security and IP sec (IP
security).
▪ A counter equal to the plaintext block size is used.
▪ The counter value must be different for each plaintext block that is
encrypted.
▪ Typically, the counter is initialized to some value and then
incremented by 1 for each subsequent block
5. CTR Encryption

Counter 1 Counter 2 Counter N

K K K
Encrypt Encrypt … Encrypt

P1 P2 PN

C1 C2 CN
5. CTR Decryption

Counter 1 Counter 2 Counter N

K K K
Encrypt Encrypt … Encrypt

C1 C2 CN

P1 P2 PN
Advantages of the CTR Mode
▪ Strengths:
o Needs only the encryption algorithm
o Random access to encrypted data blocks
o blocks can be processed (encrypted or decrypted) in parallel
o Simple; fast encryption/decryption

▪ Counter must be
o Must be unknown and unpredictable
o pseudo-randomness in the key stream is a goal
Summary of all modes
Operation Description Type of
Mode Result
ECB Each n-bit block is encrypted Block Cipher
independently with same key
CBC Same as ECB, but each block is XORed Block Cipher
with previous cipher text
CFB Each s-bit block is XORed with s-bit key Stream Cipher
which is part of previous cipher text
OFB Same as CFB, but the shift register is Stream Cipher
updated by the previous s-bit key
CTR Same as OFB, but a counter is used Stream Cipher
instead of nonce
Multiple Encryption
▪ Given the potential vulnerability of DES to a brute-force attack,
there has been considerable interest in finding an alternative.
▪ One approach is to design a completely new algorithm, of which
AES is a prime example.
▪ Another alternative, which would preserve the existing investment
in software and equipment, is to use multiple encryption with
DES and multiple keys.
Double DES

C=E(K2,E(K1, P))

X = E(K1, P) = D(K2, C)

P=D(K1,D(K2, C))
Meet in the Middle Attack
▪ This attack involves encryption from one end, decryption from the
other and matching the results in the middle.

▪ Suppose cryptanalyst knows P and corresponding C.

▪ Now, the aim is to obtain the values of K1 and K2.

Meet in the Middle Attack Step-1
▪ For all possible values (256) of key K1, the cryptanalyst would
encrypt the P by performing E(K1,P).
▪ The cryptanalyst would store output in a table.

Possible Keys P Table of

(Key = K1) Cipher Text
00
01
Encrypt
10
11
Cryptanalyst encryption operation
Meet in the Middle Attack Step-2
▪ Cryptanalyst decrypt the known C with all possible values of K2.
▪ In each case cryptanalyst will compare the resulting value with the
all values in the table of ciphertext.

Possible Keys C Table of

(Key = K2) Cipher Text
00
01 For each
10 Decrypt result do a
11 table look up

Cryptanalyst decryption operation

Triple DES

C=E(K1,D(K2, E(K1,P)))

P=D(K1,E(K2, D(K1,C)))
THANK YOU