COMP 1631
Fall 2006
Block Ciphers:
Workhorses of Cryptography
Basic Scenario
Two communicating parties:
insecure channel
Alice
Bob
Attacker
Information Security Services
Communicating parties may require:
 secrecy
- attacker listening cannot gain any
useful information from the communication
 authentication - communicating parties are
ensured to be who/what they claim to be
 integrity - data cannot be modified by attacker
without detection
 non-repudiation - Alice and Bob cannot deny
transmission/receipt of certain data
Terminology
Cryptography is the study of mathematical
techniques used to provide information security
Cryptanalysis is the study of techniques used
to thwart (break) cryptographic techniques
Cryptology is the field which encompasses
both cryptography and cryptanalysis
Cryptographic Primitives
The basic cryptographic “building blocks” used
to provide these information security services
are called primitives
EXAMPLES:
symmetric-key ciphers (block ciphers)
 public-key ciphers
 digital signatures
 cryptographic hash functions

Using Ciphers for Secrecy
A cipher is an encryption/decryption algorithm,
parameterized by keys
ke
plaintext (p)
encryption
algorithm
kd
ciphertext (c)
Attacker
decryption
algorithm
plaintext (p)
Categories of Ciphers
 Symmetric-key
 ke= kd
 the
(or they are easily derived from each other)
key is known only to Alice and Bob
 Public-key
 the
 ke
Ciphers
(Asymmetric) Ciphers
recipient (Bob) has a key pair (ke, kd)
(the public key) is widely distributed
- on Bob’s Web page, in a directory, etc
 kd
(the private key) is known only to Bob
Advantages/Disadvantages
 Symmetric-key
ciphers
 Alice
and Bob must establish a shared key (key
distribution problem)
 very fast (used for bulk encryption)
 Public-key
 solves
ciphers
key distribution problem
 slow (approximately 1/1000 speed of symmetrickey ciphers)
Hybrid Approach
Suppose Alice has a large file she wants to
encrypt and send to Bob
1. Alice randomly generates a key (k) to be used in a
symmetric-key cipher
2. Alice encrypts k with Bob’s public key and sends
it to Bob
3. Bob decrypts k using his private key
4. Alice and Bob communicate using k and an
agreed-upon symmetric-key cipher
Block Ciphers
 Block
ciphers are an important class of
symmetric-key ciphers
 A block cipher maps N bits to N bits (plaintext
to ciphertext) and is parameterized by a key
N
is called the block size
 typical
 name
block sizes: 64 bits, 128 bits
comes from fixed-length nature of input
(as compared to stream ciphers, which encrypt
their input as a continuous stream)
Block Cipher Architectures
Two fundamental block cipher architectures:
 Substitution-Permutation
 Feistel
Networks (SPNs)
Networks
Both
encrypt a plaintext through a series of
weaker steps called rounds
Feistel
networks modify only half the input to
each round (simplifies decryption process),
whereas SPNs modify the entire input
S-Boxes and Subkeys
 An
nn s-box is a mapping from n bits to n
bits that can be inverted (so two different
inputs must map to two different outputs)
 The
subkeys (round keys) are typically derived
from k via a key-scheduling algorithm

k is sometimes called the master key
The Linear Transformation
 In
its simplest form, a linear transformation is
simply a permutation (shuffling) of bits (hence
the name substitution-permutation network)
 In
general, a applying a linear transformation
means multiplying the input (an N-bit vector)
by a binary N  N matrix