Block cipher

   

Encryption
Decryption

In cryptography, a block cipher is a type of symmetric key cipher which operates on groups of bits of a fixed length, termed blocks. This is in contrast to stream ciphers which encrypt each bit of the plaintext individually before moving on to the next.

Generalities

A block cipher consists of two paired algorithms, one for encryption, E, and another for decryption, E-1. Both algorithms accept two inputs: an Nb-bit input block and a Nk-bit key (cryptography), yielding an Nb-bit output block. For any particular key, decryption is the inverse function of encryption, so that

<math>E_k^{-1}(E_k(m))=m<math>

for any block m and key k.

For each key k, Ek is a permutation of all possible input blocks, one of a possible <math>(2^{N_b})!<math>. The number of possible keys, however, is usually a lot smaller than this (<math>2^{N_k}<<{(2^{N_b})!}<math>).

The block size, Nb, is typically 64 or 128 bits, although some ciphers have a variable block size. To encrypt a longer message than this, one of several modes of operation is used; each mode has different characteristics in regard to error propagation, ease of random access and vulnerability to certain types of attack. Typical key sizes (Nk) include 40, 56, 64, 80, 128, 192 and 256 bits. As of 2004, 80-bits are normally taken as the minimum needed to prevent brute force attacks.

Iterated block ciphers

Most block ciphers are constructed by composing several simpler functions — an iterated block cipher (see also product cipher). Each iteration is termed a round, and there are rarely less than 4 or more than 64 of them. Many block ciphers can be categorised as Feistel networks, or more generally as substitution-permutation networks. Arithmetic operations, logical operations (especially XOR), S-boxes and various permutations are all frequently used as components.


History

Lucifer is generally considered to be the first civilian block cipher, developed at IBM in the 1970s based on work done by Horst Feistel. A revised version of the algorithm was adopted as a US government FIPS standard, the Data Encryption Standard (DES). It was chosen by the US National Bureau of Standards (NBS) after a public invitation for submissions and some internal changes by NBS (and, potentially, the NSA). DES was publicly released in 1976 and has been widely used.

DES was designed, among other things, to resist a certain cryptanalytic attack known to the NSA and rediscovered by IBM, though unknown publicly until rediscovered again and published by Eli Biham and Adi Shamir in the late 1980s. The technique is called differential cryptanalysis and remains one of the few general attacks against block ciphers; linear cryptanalysis is another, but may have been unknown even to NSA, prior to its publication by Mitsuru Matsui. DES prompted a large amount of other work and publications in cryptography and cryptanalysis in the open community and it inspired many new cipher designs.

DES has a block size of 64 bits and a key size of 56 bits. 64-bit blocks became common in block cipher designs after DES. Key length depended on several factors, including government regulation. Many observers in the 1970s commented that the 56-bit key length used for DES was too short. As time went on, its inadequacy became apparent, especially after a special purpose machine designed to break DES was demonstrated in 1998 by the Electronic Frontier Foundation. A varient of DES, 3DES, triple-encrypts blocks with (usually) two different keys, resulting in a 112-bit key length. It was widely adopted as a replacement and is still (2004) considered secure.

DES has been superseded as a Federal Standard by the Advanced Encryption Standard (AES), adopted by National Institute of Standards and Technology (NIST) in 2001 after a 5-year public competition. The cipher was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, and submitted under the name Rijndael. (See AES page for pronunciation.) AES has a block size of 128 bits and three possible key sizes, 128, 192 and 256 bits. The US Government permits the use of AES to protect classified information in systems aproved by NSA.

Cryptanalysis

In addition to linear and differential cryptanalysis, there is a growing catalog of attacks: truncated and partial differential cryptanalysis, slide attacks, boomerang attacks, square and integral attacks, the XSL attack, impossible differential cryptanalysis and algebraic attacks. For a new block cipher design to have any credibility, it must demonstrate evidence of security against known attacks.

List of block ciphers

3-Way, AES, Blowfish, Camellia, CAST-128, CAST-256, CMEA, DEAL, DES, DES-X, FEAL, GDES, GOST, IDEA, Iraqi block cipher, KASUMI, Khafre, KHAZAD, Khufu, LOKI89/91, LOKI97, Lucifer, MAGENTA, MARS, MISTY1, MMB, RC2, Red Pike, S-1, SAFER, Serpent, SHARK, Skipjack, Square, TEA, Triple DES, Twofish, RC5, RC6, XTEA.

See also

External links


Block ciphers Edit (http://www.mywiseowl.com/index.php?title=Template:Block_ciphers&action=edit)
Algorithms: 3-Way | AES | Akelarre | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | DEAL | DES | DES-X | FEAL | FROG | G-DES | GOST | ICE | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SEED | Serpent | SHACAL | SHARK | Skipjack | Square | TEA | Triple DES | Twofish | XTEA
Design: Feistel network | Key schedule | Product cipher | S-box | SPN   Attacks: Brute force | Linear / Differential cryptanalysis | Mod n | XSL   Standardisation: AES process | CRYPTREC | NESSIE   Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key

de:Blockchiffre

Retrieved from "http://www.mywiseowl.com/articles/Block_cipher"

This page has been accessed 1114 times. This page was last modified 21:22, 18 Nov 2004. All text is available under the terms of the GNU Free Documentation License (see Copyrights for details).