Introduction to 3DES: Introduction | Saylor Academy

Introduction

Data Encryption Standard (DES) is the block cipher which takes a fixed-length string of plaintext bits and transforms it through a series of complicated operations into another cipher text bit string of the same length. It is a symmetric encryption technique which means both sender and receiver use a shared key to encrypt and/or decrypt the data as shown in the below Figure 1.1: The problem of this technique is that if the key is known to others the entire conversation is compromised. The 3DES block size is 64 bits and also uses a key to customize the transformation, so that decryption can only be performed by those who know the particular key used to encrypt. The key basically consists of 64 bits however, only 56-bits of these are actually used by the algorithm. Eight bits are used solely for checking parity, and thereafter discarded. Hence the "effective key length is 56-bits" and it is always quoted. Every 8th bit of the selected key is discarded i.e., positions 8, 16, 24, 32, 40, 48, 56, 64 are removed from the 64-bit key leaving behind only the 56-bit key.

Figure 1.1: Conversion of Secret key

Figure 1.1: Conversion of Secret key

History of DES

DES algorithm used for encryption of the electronic data. It was developed in the early 1970s at IBM and based on an earlier design by Horst Feistel, the algorithm submitted to the National Bureau of Standards (NBS) to propose a candidate for the protection of sensitive unclassified electronic government data. It is now taken as unsecured cause of its small size and a brute force attack is possible in it. In January 1999 distributed .net and the Electronic Frontier Foundation (EFF) collaborated to publicly break a DES key in 22 hours and 15 minutes. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. In recent years, the cipher has been superseded by the Advanced Encryption Standard (AES).

Cryptography

Cryptography means data secure, it helps to ensure data privacy, maintain data integrity, authenticate communicating parties, and prevent repudiation.

Figure 1.2: Key schedules for Encryption and Decryption

Figure 1.2: Key schedules for Encryption and Decryption

The above Figure 1.2: as shown in key schedule for encryption and decryption algorithm which generates the sub keys. Initially, 56 bits of the key are selected from the initial 64 by Permuted Choice 1 (PC-1) and the remaining eight bits are either discarded or used as parity check bits. The 56 bits are divided into two 28 bit halves; each half is treated separately. In successive rounds, both halves are rotated left by one and two bits (specified for each round), and then 48 sub key bits are selected by Permuted Choice 2 (PC-2) i.e. 24 bits from the left half and 24 from the right. The rotations (denoted by "<<<") mean that a different set of bits is used in each sub key, each bit is used in approximately 14 out of the 16 sub keys.

Cryptography Goals

This section explains the five main goals behind using Cryptography. Every security system must provide a bundle of security functions that can assure the secrecy of the system.

These functions are usually referred to as the goals of the security system. These goals can be listed under the following five main categories:

Authentication: Authentication means before sending and receiving data using the system, the receiver and sender identity should be verified.
Secrecy or Confidentiality: In this function is how most people identify a secure system. It means only the authenticated people are able to interpret the message or content and no one else.
Integrity: Integrity means that the content of the communicated data is assured to be free from any type of modification between the end points (sender and receiver). The basic form of integrity is packet check sum in IPv4 packets.
Non-Repudiation: In this function implies that neither the sender nor the receiver can falsely deny that they have sent a certain message.
Service Reliability and Availability: Since secure systems usually get attacked by intruders, which may affect their availability and type of service to their users.

Advantages

DES has been around a long time (since 1977), even no real weaknesses have been found: the most efficient attack is still brute force.
DES is an official United States Government standard; the Government is required to re-certify, DES every five years and ask it be replaced if necessary. DES has been re- certified in 1983, 1987, and 1992.
DES is also an ANSI and ISO standard. Since DES was designed to run on 1977 hardware, it is fast in hardware and relatively fast in software.

Disadvantages

The 56 bit key size is the biggest defect of DES and the chips to perform one million of DES encrypt or decrypt operations a second are available (in 1993).
Hardware implementations of DES are very fast.
DES was not designed for software and hence runs relatively slowly.
In a new technology it is improving a lot of possibility to break the encrypted code, so AES is preferred than DES.

Objectives

Provide functionality to store a file in an encrypted format which can only be accessed by providing the correct password.
Modify the system to make the directories password protected.
To review a short history of DES and define the basic structures.
To describe the building block elements of DES.
To describe the round keys generation process and to analyze data encryption standard.

Motivation

Security Secures data from being accessed by any malicious user.
Privacy Ensure that private data is not accessed by other users.
Reliability Only responsible users are provided to access these data.
Resource sharing Many users can use the same system and still can work independently

AES (Advanced Encryption Standard)

AES is a new cryptographic algorithm that can be used to protect electronic data. Specifically, AES is an iterative, symmetric-key block cipher that can use keys of 128, 192, and 256 bits, and encrypts and decrypts data in blocks of 128 bits (16 bytes). A Public-key ciphers, can use a pair of keys, symmetric key ciphers use the same key to encrypt and decrypt data. The new AES will certainly become the de facto standard for encrypting all forms of electronic information, replacing DES. AES-encrypted data is unbreakable in the sense that known cryptanalysis attack can decrypt the AES cipher text without using a brute-force search through all possible 256 bit keys. Security is no longer an afterthought in anyone's software design and development process. It will greatly increase the reliability and safety of your software systems. DES is a block cipher, as shown in below Figure 1.3.

Figure 1.3: Encryption and decryption with DES

COURSE INTRODUCTION

Course Syllabus

Unit 1: Introduction to Cryptography

Unit 1 Learning Objectives

1.1: Introduction to Encryption and Computational Security

Key Concepts of Cryptography

How Cryptography Works

Key Terms for Network Security

1.2: Block Ciphers vs. Stream Ciphers

Overview

More on Stream Ciphers

1.3: Substitution Cipher

Basic Techniques

Python Exercise

1.4: Transposition Cipher

Basic Techniques

1.5: Random Numbers

The Basics of PRNGs

Python Example

1.6: Perfect Secrecy and the One-Time Pad

Perfect Secrecy a La Shannon

The Main Idea behind the One-Time Pad

More on the One-Time Pad

Unit 1 Assessment

Unit 1 Assessment

Unit 2: Hash Functions

Unit 2 Learning Objectives

2.1: What Is a Hash Function?

Overview

One Way Functions

Hash Functions

Python Exercise

2.2: Collision Resistance

The Importance of Collision Resistance

The Vulnerabilities of MD5

2.3: Merkle-Damgard Construction

Overview

Recipes for Hash Functions

2.4: SHA (Secure Hash Algorithm)

Overview

The Security of SHA

Python Exercise

2.5: Application: Blockchain

Introduction to Blockchain

Proof of Work

Python Exercise

Unit 2 Assessment

Unit 2 Assessment

Unit 3: Symmetric Encryption

Unit 3 Learning Objectives

3.1: Introduction to Symmetric Encryption

Key Concepts

3.2: Feistel Cipher

Combining Transposition and Substitution

The Elegance of the Feistel Cipher

3.3: Data Encryption Standard (DES)

Overview

Applying the Feistel Cipher

3.4: Advanced Encryption Standard (AES)

Beyond DES

Python Implementations

3.5: Triple DES (3DES)

Introduction to 3DES

Contrasting 3DES with AES

A Performance Comparison of DES, AES, and DES

Unit 3 Assessment

Unit 3 Assessment

Unit 4: Asymmetric Encryption

Unit 4 Learning Objectives

4.1: Asymmetric Cryptosystems

Introduction to Public Key Cryptography

4.2: The RSA Cryptosystem

The RSA Cryptosystem

4.3: Integer Factorization

Prime Factorization

Factoring Techniques

Python Exercise

4.4: Congruences Modulo n

Modular Arithmetic

More Immersion into Congruences modulo n