This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
From this century internet plays a major communication part for the people in their daily lives when there is a demand for internet automatically there will be a security problems form hackers because they want to hack our data for some other use. This type of attacks can be minimized by using encryption standards. Data encryption standard (DES) is used to encrypt and decrypt data at internet protocol layer. The main function of DES algorithm is it turns clear text to cipher text. This paper explains about DES algorithm and And by using some expansions and permutations the algorithm was built by FEDERAL PROCESSING. By using DES encryption algorithm we can assign a key to encrypt the data. If you want to decrypt the data at receiver side you need to have the same key which was used for encryption. By using this method we can minimize the threats from hackers and it has good real time data transmission over large networks. Due to this type of technique only bank costumers' can run their account safely through online, otherwise it is hard to provide security for online banking, ATM's for each and every data transmission who are using networks. There is no need of knowledge about data encryption and decryption to the user. Not only the technology the encryption standards improved security for banking, scientific and military specifications.
There is a need of protecting data in this electronic world otherwise that information could benefit the wrong person or hacker. We need extensive security measures in this present situation. There were many techniques implemented but data encryption is the only leading role in this present computer world. First banking sector uses this encryption standard in order to provide security for account holders. Due to changes in the day to day technology now most of them are using mobile banking. For these types of transmissions the user should provide high security. They have designed an algorithm in such a way that to encrypt the data are decrypt the data we need key.
What is the need of data encryption before we are sending an E-MAIL to friend? Because if data is not encrypted then there is a chance of hacking your information by others, that's why encryption plays an important role in present generation. The back ground of this project is the algorithm is using key to encrypt the data. Depending on the different keys systems we can encrypt and decrypt the data. There is no need of learning this technique by the user this work is done by Encryption Company's.
In my thesis, chapter 2 explains about importance of cryptography and how the people used cryptography in traditional and ancient days. Chapter 3 explains about the different types of operations undertaking in the algorithm. And coming to chapter 4 gives the explanation about research methods about DES standard. And in chapter 5 explains about the detailed function of DES algorithm.
"Cryptography is the study of mathematical techniques related to aspects of information, and data origin authentication". [A. menezes, P. vanoorschot]. Some saw cryptography as a tool, mathematical analyzer, and some other saw as a weapon, because of this brings the downfall of nations when government organizations lost their valuable information, and some of them treat's a perfect and terrifying tool for terrorists, child pornographers and drug dealers. The only one reason behind this is internet has crossed national borders as if more apparent than ever. [Nicls Ferguson and Bruce schneier john willey and sons, 2003].
Cryptography deals with the science of information security. The word cryptography is derived from the Greek word "kryptos", the meaning is hidden. Cryptography is related to the principles of cryptology and cryptanalysis. Cryptography is having some techniques like, merging words with images, microdots and some other ways of hiding storage of information. In present world, cryptography is often associated with scrambling plaintext (ordinary text, sometimes referred to as clear text) into cipher text (a process called encryption), then back again (known as decryption). Individual persons who practice this cryptography field are known as cryptographers.
In traditional days cryptography is used to maintain confidentially for point to point communication. Coming to ancient days they was called as crypt and they
believed as vault constructed underground, that means church underground was signified by crypt, many of them like ST.PAULS, London, Lasting ham priory they believed as crypt in this way.[E.WIGGLESWORTH,1830; P.63]
UN knowingly or differently cryptography was used in wars "for sending a message from government to the officer". They believed that whatever the information they send that should not read by opposed enemies. They used different ways of delivering a message one way is "barbarous shaves a slaves head then they write the data with stain, not very easily obliterated, on his bare crown, and letting the hair grown sufficient to hide what was written". And then they use to send that slave to whom that data or message want to be delivered. [HAZELL, 1870, P.7]
Modern cryptography is having following four objectives:
2.2) Confidentiality: The information is very secret it cannot be understood by any person for whom it was unintended.
2.3) Integrity: without knowing the decryption key the information cannot be altered in memory storage even they cannot send and receive the information to each other.
2.4) Non-repudiation: The sending information cannot deny at the other stages but everyone intention will be in the creation or transmission of the information.
2.5) Authentication: without giving source and destination address the information cannot be transmitted when sender and receiver will confirm their each other's identity then they can share the information together.
Procedures and protocols will full fill some or all of the above objectives are also known as cryptosystems. Cryptosystems are thought to refer the mathematical procedures and computer programs; they also include the regulation of human behavior, such as guessing the password.
The cryptography is dated from about 2000 BC; it is also named as hieroglyphics from Egyptian scientist. This is having complex pictograms; the full meaning for pictograms is which was only known to an elite few. The first user of a modern cipher was by Julius Caesar (100 BC to 44 BC); anyone did not trust his messengers when he was communicating with his officers and governors. Because of this reason, he created a system such as in his messages each character was replaced by a character three positions ahead from in Roman alphabet. ("This was discussed in history of data encryption from internet source").
EXAMPLE: Why blackberry is phasing problem with encryption and decryption.
Due to some security issue's few countries blocked black berry devices in their countries. If from one user want to send E-mail from BLACK BERRY to BLACK BERRY device or to other mobiles it is impossible to read that message by national security force. What is the need of reading that messages by them we might get a doubt but they need to protect their country without any terrorist attacks. For example if this is known to national security force in INDIA at least they try to stop terrorist attack on TAJ KRISHNA HOTEL at DELHI. The reason behind BLACK BERRY issue is no one can decrypt that data. RIM (RESEARCH IN MOTION) designed with power full codes to scramble or encrypt the data. That's why there is no chance of reading or even we doesn't get the transmitter and receiver address through network. But RIM thought that they were keeping customer's information secretly but at same time they didn't realized they were doing harm to country. Some countries like united ARAB is the first country to ban the BLACK BERRY service in his country and some other country's follows same as like that they are ALGERIA, LEBANAN, KUWAIT and SAUDI ARABIA and latest country added to this is INDIA.
RIM'S CEO, MICHAEL LAZARIDIS when he spooked to WALL STREAT JOURNAL he said "this is about the internet. Everything on the internet is encrypted, and this is not a BLACK BERRY only issue if they can't deal with the internet, they should shut it off", ("13 AUGUST 2010, BY DANIEL EMERY TECHNOLOGY REPORTER, BBC NEWS"). The technology used by BLACK BERRY is triple DES nothing but new version from DES and AES means advanced encryption standard.
Using Xilinx software for simulation purpose
Analyzing algorithms by studying technical papers
Doing research by implementing different devices in simulation
2.6) Modern Types of Cryptography
Modern cryptography has begun in the world war2. Cryptography used to help speed up the electronic commerce for digital signatures' cryptography was used. These are used to authenticate electronically and digital signing for transactions like fund transfers, tax returns. [OTA-TCT-606, 1994, P.6]
2.7) Symmetric-key cryptography:
Symmetric key is a class of algorithms for cryptography that is used trivially, it is identical, cryptographic keys are used for both decryption and encryption. The encryption key which is having features related to the decryption key, the keys that may be identical or there is a simple transform to go between the two keys. The keys, that may, represent a shared secret key between two or more parties that can be used to maintain a private information link. The most ancient problem of cryptography is passing a secure communication through an in secure channel. The modern solution for this problem is private key encryption. SHAFI GOLDWASSER & MIHIR BELLARE [JULY 2008].
Other words for symmetric-key encryption are secret-key, shared-key, single key and one-key and it is also known as private-key encryption. The examples of symmetric key encryption are DES, IDEA, AES, etc.
2.8) Public-key cryptography:
Public-key cryptography is used for secret communications of two parties without requiring a secret key for initial exchange. Digital signatures can be created by using public key cryptography. Around the world fundamental and widely used technology is public key cryptography. It enables secured transmission of information through internet source.
For both encryption and decryption it uses two different keys. "This was developed by researchers at Stanford and MIT". (National academy, 1988, p.122). This key requires integrity protection while it is transmitting or it is started. One example for public key is smart cards. Visa smart and credit cards having 140 million card transactions use in European countries and day to day many of them are upgrading to smart cards. "in Europe, Thomson, Bull, Phillips, Siemens and VOEST are prominent in smart card production, with Bull and Phillips garnering 15 percent of their revenue from smart cards and their chips".[National academy, 1988]
Asymmetric key cryptography is known as public key cryptography, public key used for encrypting a message that differs from the key used for decrypting. In this cryptography, user having two pairs of key to cryptograph they are public key and private key. Public is widely distributed and private key is kept secret. Encrypting the message is down by public key and decrypting can only down by private key.
The key cryptography is mathematically related; actually private key cannot be derived from public key.
Examples for public key cryptography are [Diffie Hellman, RSA, etc.
2.9) Types of Ciphers
Ciphers are classified into two:
2.9.1) Block Cipher:
It is, a modern embodiment of Alberti's polyalphabetic cipher block ciphers are taken as input as block of plaintext and a key, and output as a block of cipher text of the same size. The messages are almost all longer than a single block; some method of knitting together successive blocks is required. Some has been developed, with better security in one or another aspect
2.9.2) Stream Cipher:
It is in contrast to the 'block' type, Key material can be created arbitrarily long stream, the plaintext is combined with bit-by-bit or character-by-character, and this is like one time pad. In this cipher creation is based on output stream on an internal state cipher operates as been changed. Using the secret key material internal state is set up.
Modes of Operation
3.1) ECB (Electronic Code Book):
First data is divided in to 32 bit blocks and these blocks are encrypted at a time. Transmission occurs when the data is transmitted through phone lines or network transmission. Mainly these errors will affect the blocks and this leads to undetected. Electron code book is the weakest node among all other nodes because security will not be provided through algorithm.
Figure 1: Electron Code Book
3.2) CBC (Cipher Block Chaining):
In CBS mode operation, each and every block of ECB cipher text encrypted is X-OR ed by block of next plaintext to be encrypted, this all blocks are dependent on other previous blocks. That means in order to find a plaintext for a particular block, we need to know is cipher text is a key; it is used for previous block. First block of encryption has none other than pervious cipher text, because of these reason plain text is X-OR ed with the 64 bit number is called as Initialization Vector, or IV for short. If a data transmission is down over a network or phone line and if transmission error occurred, then there will be an error carried out to all subsequent blocks hence each and every block is dependent upon the last. In most common cases bits are modified in transit error will occurred all of the bits in changed block, and followed by corresponding bits. This type of errors does not propagate to further. This type of operation is more secured than ECB because of adding extra XOR step for one more layer of encryption process.
3.3) CFB (Cipher Feedback):
CFB blocks of plaintext are less than 64 bits long and it can be encrypted. Special technique is used to handle files and their size is not a perfect multiple of 8 bytes, however this mode removes the necessity bits and by adding dummy bytes to end of the file before encrypting. Actually plaintext itself is not passed into the DES algorithm, but merely X-OR ed with an output block from it, in the following manner: The Shift Register is known as 64 bit block and it is used as input plain text for DES. It is initially set to arbitrary value, and
Encrypted by DES algorithm. The extra component is passed through the cipher text it is called as M box, cipher text which simply selects the left most M bits, where M indicates the number of bits in the block to encrypt. The real plaintext is X-OR ed with given value,
And the final output is cipher text. Finally fed back of cipher text are Shift Register, and the plain text seed for the encrypted next block. An error in one subsequent block occurred during transmission in CBC mode. CFB mode is similar to CBC and it is very secure, and it is slower than ECB due to complexity.
3.4) OFB (Output Feedback):
OFB is similar to CFB mode, but except one condition that cipher text output of DES is fed back into the Shift Register, rather than the actual final cipher text. The initial value is set to shift Register, and it is passed by DES algorithm. The DES algorithm output is passed through the M box and fed back into next block to prepare Shift Register. The real plain text is X-OR ed with the given value and the result will be final cipher text. Main point in this CFB and CBC, an error transmission in one block will not be affect subsequent blocks because once the recipient has the initial Shift Register value; it will continue to generate new Shift Register plaintext inputs without any further data input. However, this mode of operation is less secure than CFB mode because only the real cipher text and DES cipher text output is needed to find the plaintext of the most recent block. Knowledge of the key is not required.
Figure 4: Output Feedback
FIPS (Federal information processing standards) this mandates to give secretary of commerce and helped in improving computer and telecommunications systems. REF: "FIPS PUB 46-3, Reaffirmed 1999 October 25". This paper explains about data encryption algorithm which was used for to protect sensitive data. Protecting the data while transmitting through network is quite impossible than the data present in storage device. By reading this paper I understand how the algorithm work's for real time implementation and by using algorithm it makes clear to me how many input's I can assign to generate output.
WHAT IS NEED FOR GOING TO NEW ALGORITHMS?
During second world war out dated algorithms were developed but most of them like non classified government and commercial users didn't have confidence that these algorithms will offer a reasonable level of security. "THE DES PAST AND FUTURE, MILES E.SMID AND DENNIS K.BRANSTAD, NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY, P.P-59". To protect unclassified data NBS developed des to high quality. DES is secure as long as key is not known to hacker. There is a need of introducing new algorithm because if one algorithm is used widely then it becomes attractive target to the attacker.
How the mail application is used for DES. If user want to sign up with p.c he can sign in when he is having pass word that pass word is stored in the memory when we want to sign up again the same password should be enter. When he login second time that pass word should match with the first time stored password which was stored in the memory.
Life of des:
When the computers was invented by scientists they doesn't have any idea about the need of security for computer data, slowly when the hackers started attacking for governments and military's data storage then the ICST( Institute of computer sciences and technology had planned to design a standard from that idea only the birth of DES has taken.[MILES E. SMID].
There were two reasons for acceptance of DES algorithm they are algorithm that doesn't show any weakness for the user unless if the correct key was found by him. And the other is no other algorithm was designed up to the mark and government and private sector was happy with this technique because this approved as an degree of security.
How the DES makes easier:
American bankers use DES technique in order to provide security for financial matters to their customers. By introducing the automatic teller machines (ATM) It makes easier to customers to withdraw the money where ever we want and also by giving the personal identification number to the customers to use while transaction. Due to this implementation daily "U.S Banks collectively transfers more than 400 billion dollars daily". [MILES E. SMID & DENNIS K. BRANSTAD].
Description of the DES algorithm
DES algorithm which repeats the same function is called feistel cipher algorithm. The core of the algorithm is function F because it takes secret key. At final stage of the function F is X-OR ed with other half of the message and the result is updated for each round.
"IN CRYPTOGRAPHY MORE RANDOM MEANS HARDER TO BREAK". Too many rounds would be time consuming. Here time is constraint for real time system. In my project DES algorithm supports up to sixteen rounds function.
Summary of the some technical characteristics of the DES algorithm are the block consist of 64 bits it is plain text and it is converted to 64 bit cipher text block through set of some algorithm iterations.
Number of cycles
Technical characteristics of DES device
From the fig 5 illustrates the flow diagram for DES algorithm. At the initial state 64 bit plain text is given as input and it is given to initial permutation the plain text is permuted in to a new 64 bit block. To make it easier the permuted block is split in to two half's one is left half and another is right half each consists of 32 bits blocks. These blocks go through 16 iterations at the final state after completing all permutations the final result is combined and the new 64 bit blocks is permuted at the final output.
To provide symmetry between encryption and decryption it is our best choice to make last permutation as inverse permutation.
Figure 5: DES algorithm
DISCRPTION ABOUT FUNCTION:
Round function is calculated by separate operation. From fig 6 the input R is expanded from 32 bits here I want to expand those 32 bits to 48 bits because according to the algorithm the given key is 48 bit size. So now the input and key is the same size and then these is XOR- ed to get the output. The result is fed in to the set of 8 s tables each s table takes an 6 bit chunk but I need to get 4 bit output. Here the function of the s- box is it converts 6- bit chunk input to 4- bit output. The output comes from s-block is 8*4 = 32 bits. Which we have got the right output same as input by using expansion table.
Figure 6: Round function f in encryption from FIPS PUB 46-2
From the table we can see 16*4 = 64 elements between 0 to 15, and then 6 bit input is a code for one of ( 2 ^6= 64 bits) i.e. 4 bit positions are sent to output.
Table 1: Example of S-table from FIPS PUB 46-3
The following equation describes one round operation at encryption:
A n+1 = Bn
Bn+1 = An xor f(Bn, kn)
Where kn is a permutation of the secret key at time n. Calculation of the round function f is illustrated. Decryption goes in a very similar and symmetric way. The easiest way to explain this is going backwards:
B n =ALn+1
An = Bn+1 xor f(An+1, kn)
For example, this is the case at end of encryption and the beginning of decryption:
n = 15 - last encrypt cycle
A16 = B15;
B16 = A15 xor f(B15,k15);
n = 15 - first decrypt cycle
B15 = A16 = B15;
A15 = B16 xor f(A16,k15)
= A15 xor f(B15,k15) xor f(B15,k15)
= A15 ;
Where n = 0ï‚¼15 is the number of cycle
Here encryption is flipped at the end of procedure because by this method we can use same scheme for encryption and decryption the main advantage by doing this is it is convenient for hardware implementation, so there is no need of extra space.
The S-box stands for substitution box. In cryptography, an S-box is a basic component of symmetric key algorithms which performs substitution. In block ciphers, they are typically used to obscure the relationship between the Key and the ciphertext. In many cases, the S-boxes are carefully chosen to resist cryptanalysis. In this DES algorithm S-box takes 48-bits as input from add key function in which 48-bits from expansion function are x-ored with 48-bit key and gives out 32-bits as output to the permutation function.
In general, an S-box takes some number of input bits, m, and transforms them into some number of output bits, n: an mÃ-n S-box can be implemented as a lookup table with 2m words of n bits each. Fixed tables are normally used, as in the Data Encryption Standard (DES), but in some ciphers the tables are generated dynamically from the key; e.g. the Blowfish and the Twofish encryption algorithms. Bruce Schneier describes IDEA's modular multiplication step as a key-dependent S-box.
The 8 S-boxes of DES were the subject of intense study for many years out of a concern that a backdoor a vulnerability known only to its designers might have been planted in the cipher. The S-box design criteria were eventually published after the public rediscovery of differential cryptanalysis, showing that they had been carefully tuned to increase resistance against this specific attack.
Other research had already indicated that even small modifications to an S-box could significantly weaken DES. There has been a great deal of research into the design of good S-boxes, and much more is understood about their use in block ciphers than when DES was released.
The different properties of S-box are:
The choice of the primitive functions S1,...,S8 is critical to the strength of an encipherment resulting from the algorithm. Specified below is the recommended set of functions, describing S1,...,S8 in the same way they are described in the algorithm.
Each of the unique selection functions S1,S2,...,S8, takes a 6-bit block as input and yields a 4-bit block as output and is illustrated by using a table containing the recommended S1. If S1 is the function defined in this table and B is a block of 6 bits,
then S1(B) is determined as follows: The first and last bits of B represent in base 2 a number in the range 0 to 3. Let that number be i. The middle 4 bits of B represent in base 2 a number in the range
0 to 15. Let that number be j. Look up in the table
the number in the i'th row and j'th column. It is a number in the range 0 to 15 and is uniquely represented by a 4 bit block. That block is t
for input 011011 the row is 01, that is row 1, and the column is determined by 1101, that is column 13. In row 1 column 13 appears 5 so that the output is 0101.
Table 3: S1 Primitive Function from FIPS -46-3
The permutation function P yields a 32-bit output from a 32-bit input by permuting the bits of the input block. Such a function is defined by the following table:
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
Table 4 Permutation Function FROM FIPS 46-3
h The output P(L) for the function P defined by this table is obtained from the input L by taking the 16th bit of L as the first bit of P(L), the 7th bit as the second bit of P(L), and so on until the 25th bit of L is taken as the 32nd bit of P(L).
This model is used to arrange the bits from permutation function so that these can be used in the calculation of the function used in the 16 iterations. This block is the last block of the Block top model of the DES top-level model.
e output S1(B) of S1 for the input B. For example,
The input given in the form of binary digits 0"s and 1"s the key should be from 0 to 63 because I choose 64 bit data encryption standard. In the 64 bit we use 56 bits only because remaining 8 bits are assigned to error correction bits. TDEA is one type of key these are referred to as key bundle and it consists three DES keys. By using this type of key only authorized users can encrypt data. This topic will concentrate on the design of key schedule, which involves a key rotation component and the permutation PC2. Together these provide for a diffusion of dependency of cipher text bits in key bits.
The key scheduling in DES algorithm is responsible for forming the sixteen 48-bit sub-keys used in the rounds of the encryption procedure. This function is important since if the same key is used on successive rounds, it can weaken the resulting algorithm. In detail, the 64-bit key is permuted by PC1. This permutation performs two functions: first it strips the eight parity bits out, and then distributes the remaining 56-bits over two 28-bit halves. Subsequently for each round, each 28-bit register is rotated left either one or two places. After the shift, the 28-bit vectors are permuted by PC2 to form sub-key for that round. This permutation can be written in terms of which S-box each bit is directed to.
Abstract Level Synthesis
Data encryption operation is conceived as a separate block because encryption and decryption process takes place in same algorithm. And the DES top level block consists of two blocks, one is key schedule generator and another is message permutation unit.
In the fig 7 this is the explanation for key schedule generator. Actually total bits should be 64 bits but originally at the input block there is only 56 bit key because the remaining 8 bits are allotted for error correction and parity check bits. When the permutation is done for 56 bits then these bits are converted to key permutation and these 56 bits are divided in to two parts. First 28 bits shift to right side and second 28 bits shift to left side. These bits are placed in to the shift registers. Encipher- decipher depends up on the counter value then the registers shift simultaneously by one or two bits and encipher decipher decides whether the bit should shift left side or right side. After completion of shifting bits the values of the registers are combined together to give a new 56 bit key. This block called as permutation choise2 and again
This key is converted in to new 48 bit key and this cycle repeats up to 16 rounds because data encryption standard is a 16 round FEISTEL cipher algorithm.
Figure7 : Key Generator Block. E_D signal sets Enciphering or Deciphering from FIPS 46-3
Here there is a another controversy in symmetry shifting, because it is 28 bit chunk it can shift in two ways like it can shift half of the key first or it shifts 2ï‚´1 + 13ï‚´2 = 28 bits overall. Although the final key is same as first key and by using last key in encryption we can do decryption process.
5.5 DES Design
Figure 8: DES Schematic Diagram
The different modules used in the DES design are as shown in the figure 8. The data _in is used to give the plain text that is to be enciphered. The key _in is used to give the 64-bit key. Depending on function _select we perform either encryption or decryption. The data loaded only when the ld data is enabled. The reset is used to reset everything. The data _out is used to take ciphered text as output and we get this output only when the des _out_rdy is enabled.
6.1) SOFTWEAR IMPLEMENTATION:
I used Xilinx software to show my simulation results by using the vhdl technology. I used Xilinx website to download the Xilinx ISE software it is the 30 days free software. And in real time, test engineer use to test the device by connecting the heard wear device to the P.C and by running the VHDL code in Xilinx software. He can test the code and he can debug that code in to the device or chip.
In order to provide a secure transmission between data networks the Xilinx industries designed heard ware implementation for the networks using FPGA technology. And depending on the usage of elements also output varies. In this algorithm it uses 16 round DES. It means each block in the DES goes 16 iterations.
TESTING AND SIMULATION RESULTS:
I tested the code using Xilinx soft ware, and also I tested by using different elements that present in Xilinx software. But finally I got the proper simulation results for the SPARTAN3E FAMILY and the device I used is XC3S100E. This result shows the high data rate for encryption technique. To this implementation I used some mathematical representation of data encryption standard.
The simulation results I shown for the data encryption if the input key is given and the same output is shown at the result end. From the below simulation result it is
Showing that the input key is [0123456789ABCDEF] and the output is shown as same like that because it is the symmetric key encryption. And the output is [0123456789ABCDEF] it is the 64 bit cipher.
TOOLS IMPLEMENTATION IN XILINX SOFTWEAR:
To view the results in the Xilinx software there will be two models one is implementation and another is simulation model. In implementation model we can view the RTL schematic diagram by using this model. A test engineer can analyze the schematic for his design. The schematic shows the pre-optimized design in terms of multipliers, counters, AND gates and OR gates. This was the independent for the targeted Xilinx device. By viewing this schematic test engineer can discover design issues in the design process. And the clocking requirements and pin assignments are the other important parameters influencing on implementation model.[---------].
And the other model is simulation model