Triple DES
Algorithm

Uses a block of size 64 bits.

Triple DES comprises of three DES keys, K1,
K2 and K3, each of 56 bits. The encryption
algorithm follows a EDE sequence:
C = E(K3, D(K2, E(K1, P)))

i.e., DES encrypt with K1, DES decrypt with K2,
then DES encrypt with K3.
Triple DES
Applications

The electronic payment industry uses Triple DES
and continues to develop and promulgate
standards based upon it .

Microsoft OneNote and Microsoft Outlook 2007
use Triple DES to password protect user content.
Benefits of using 3DES

With 168-bit key length, it overcomes the
vulnerability to brute-force attack of DEA.

Since it is based on the DES algorithm, it is
very easy to modify existing software to use
Triple DES.
Drawbacks

It has three times as many rounds as DES, is
correspondingly slower.

Uses 64-bit block size. For reasons of both efficiency
and security, a larger block size is desirable.

The National Institute of Standards and Technology
(NIST) issued a call for proposals to develop the
Advanced Encryption Standard (AES) as a replacement
for DES
Advanced Encryption
Standard
About AES

Symmetric block cipher, published in 2001 with a
block length of 128-bits and a key length that can be
128, 192, 256 bits.

NIST selected Rijndael as the proposed AES
algorithm after imposing an evaluation criteria which
included security, computational efficiency, memory
requirements, hardware and software suitability , and
flexibility.
Proposed by Dr. Joan Daemen and Dr. Vincet Rijmen.
The AES Cipher



The input is a single 128 bit block, depicted as a
square matrix of bytes.
This is copied into the State array which is modified
at each stage of encryption and decryption.
After the final stage, the State is copied to an output
matrix.
Input
State array
Output
in0 in4 in8 in12
S00 S01 S02 S03
o0
o4
o8
o12
in1 in5 in9 in13
S10 S11 S12 S13
o1
o5
o9
o13
in2 in6 in10 in14
in3 in7 in11 in15
S20 S21 S22 S23
S30 S31 S32 S33
o2
o3
o6
o7
o10 o14
o11 o15
The AES Cipher




Key received as input array of 4 rows and Nk
columns
Nk = 4,6, or 8, parameter which depends key size
Input key is expanded into an array of 44/52/60
words of 32 bits (4 bytes) each.
4 different words serve as a key for each round
k0
k4 k8
k12
k1
k2
k3
k5 k9 k13
k6 k10 k14
k7 k11 k15
w0 w1 w2
……
w42 w43
The AES Cipher

Number of rounds, Nr, depends on key size and each
round is a repetition of functions that perform a
transformation over State array.

Consists of 4 main functions: one permutation and three
substitutions
Substitute bytes, Shift rows, Mix columns, Add round key

There are 11 rounds and the key is expanded into an array
of forty-four 32-bit words w[i]. Four distinct words are
used for each round.
The AES Cipher

AddRoundKey() – A simple bitwise XOR of the current
block with a portion of the expanded key.

MixColumns() – A substitution that alters each byte in a
column as a function of all of the bytes in the column.

ShiftRows() –A simple permutation that is performed row
by row.

SubBytes() – uses a table referred to as an S-box to
perform a byte-by-byte substitution of State.
The AES Cipher
plaintext
key
W[0,3]
Add round key
Substitute bytes
Add Round key
W[4,7]
key
Round 9
Mix columns
Round 1
Shift rows
Substitute bytes
Substitute bytes
Shift rows
Shift rows
Mix columns
Add round key
Add round key
W[36,39]
Cipher text
W[40,43]
The AES Cipher


Only Add round key makes use of the key.
Other three functions are reversible without
knowledge of the key, hence add no security.

We can view the cipher as an alternating operations of
XOR encryption followed by scrambling of the block,
followed by XOR and so on.

This scheme is both efficient and highly secure.
The AES Inverse Cipher
ciphertext
W[40,43]
Add round key
Inv. Shift rows
Inv. Mix Columns
W[36,39]
key
Round 9
Add round key
Round 1
Inv. Sub bytes
Inv. Shift rows
Inv. Shift rows
Inv. Sub bytes
Inv. Sub bytes
Add round key
Add round key
Inv. Mix columns
W[4,7]
plaintext
W[0,3]
The AES Inverse Cipher




Decryption algorithm uses the expanded key in reverse
order.
All functions are easily reversible and their inverse form
is used in decryption
Decryption algorithm is not identical to the encryption
algorithm. This is a consequence of the particular
structure of AES.
Again, final round consists of only three stages. It is
required to make the cipher reversible.
Applications

Encrypting File System in Windows XP SP1 and later
Windows versions.

Disk encryption, File encryption.

IEEE 802.11i, an amendment to the original IEEE
802.11 standard specifying security mechanisms for
wireless networks, uses AES-128.
Thank you…