symmetric cryptosystems symmetric cryptosystems 20/10/2015 | pag. 2
TRANSCRIPT
Symmetric Cryptosystems
Symmetric Cryptosystems21/04/23 | pag. 2
Block Ciphers:Classical examples
Symmetric Cryptosystems21/04/23 | pag. 3
• Affine Cipher
• Affine Linear and Linear Cipher
• Vigenère
• Hill
Block Ciphers:Remark
Secure block ciphers must not be (affine) linear or easy to approximate by linear functions!!!
Cryptography 21/04/23 | pag. 4
Remark
Cryptography 21/04/23 | pag. 5
Implementation of a (non-linear!) substitution often occurs through a look-up table, called S-box.
Block Ciphers:Advanced examples
Symmetric Cryptosystems21/04/23 | pag. 6
• DES – Feistel Cipher
• AES – Rijndael
DES:Feistel Cipher
Cryptography 21/04/23 | pag. 7
An iterated block cipher is a block cipher involving the sequential repetition of an internal function called rounds.
an iterated block cipher
DES:Feistel Cipher
Cryptography 21/04/23 | pag. 8
DES:Feistel Cipher
Cryptography 21/04/23 | pag. 9
DES:Algorithm
Cryptography 21/04/23 | pag. 10
DES:Algorithm
Cryptography 21/04/23 | pag. 11
DES:Algorithm
Cryptography 21/04/23 | pag. 12
DES:Algorithm
Cryptography 21/04/23 | pag. 13
DES:Algorithm
Cryptography 21/04/23 | pag. 14
DES:Algorithm
Cryptography 21/04/23 | pag. 15
DES:Algorithm
Cryptography 21/04/23 | pag. 16
DES:Algorithm
Cryptography 21/04/23 | pag. 17
DES:Algorithm
Cryptography 21/04/23 | pag. 18
DES:S-Boxes
Cryptography 21/04/23 | pag. 19
DES:Algorithm
Cryptography 21/04/23 | pag. 20
DES:Algorithm
Cryptography 21/04/23 | pag. 21
DES:Algorithm
Cryptography 21/04/23 | pag. 22
DES:Algorithm
Cryptography 21/04/23 | pag. 23
Roundnumber
Number ofleft
rotations
1 1
2 1
3 2
4 2
5 2
6 2
7 2
8 2
9 1
10 2
11 2
12 2
13 2
14 2
15 2
16 1
DES:Algorithm
Cryptography 21/04/23 | pag. 24
DES:Algorithm
Cryptography 21/04/23 | pag. 25
DES:Algorithm
Cryptography 21/04/23 | pag. 26
AES:Rijndael Cipher
Cryptography 21/04/23 | pag. 27
We again need some algebra first!
Intermezzo:Polynomials over Rings
Cryptography 21/04/23 | pag. 28
Example:Polynomials over Rings
Cryptography 21/04/23 | pag. 29
Intermezzo:Polynomials over Rings
Cryptography 21/04/23 | pag. 30
Example:Polynomials over Rings
Cryptography 21/04/23 | pag. 31
Intermezzo:Polynomials over Fields
Cryptography 21/04/23 | pag. 32
Intermezzo:Polynomials over Fields
Cryptography 21/04/23 | pag. 33
Intermezzo:Polynomials over Fields
Cryptography 21/04/23 | pag. 34
Intermezzo:Polynomials over Fields
Cryptography 21/04/23 | pag. 35
Example:Polynomials over Fields
Cryptography 21/04/23 | pag. 36
Intermezzo:Polynomials over Fields
Cryptography 21/04/23 | pag. 37
Intermezzo:Polynomials over Fields
Cryptography 21/04/23 | pag. 38
Example:Polynomials over Fields
Cryptography 21/04/23 | pag. 39
Intermezzo:Finite Fields
• Let R be a ring. If there is a least positive integer n such that nr=0 for all r in R, then we say that R has characteristic n and write char(R)=n. When no such integer exists, we set char(R)=0.
• Let F be a field with char(F)>0, then char(F) is prime.
• Any finite field F has char(F)=p, where p is prime.
• Let F be a finite field, where char(F)=p, then |F|=pn , with n a strictly positive integer.
Cryptography 21/04/23 | pag. 40
Intermezzo:Construction of Finite Fields
Cryptography 21/04/23 | pag. 41
Hence we can also denote it by GF(p). Note that char(GF(p))=p.
Intermezzo:Construction of Finite Fields
Cryptography 21/04/23 | pag. 42
Intermezzo:Construction of Finite Fields
Cryptography 21/04/23 | pag. 43
2
Intermezzo:Construction of Finite Fields
Cryptography 21/04/23 | pag. 44
Intermezzo:Construction of Finite Fields
Cryptography 21/04/23 | pag. 45
For every prime p and positive integer n there is an irreducible polynomial of degree n in Zp[x] !
Intermezzo:Construction of Finite Fields
Theorem
Let p be a prime and f(x) an irreducible polynomial of degree n in Zp[x]. Then
Zp[x]/ < f(x) > (or Zp[x] mod f(x) ) is a field with pn elements.
ProofAs we can choose as coset representatives polynomials of the form a0 + a1x + a2x2 + ... + an-1xn-1 , we get a ring of order pn. As in Zn we use the analogue of the Extended Euclidean algorithm to find the inverse of an element.Let g(x) be a coset representative of a non-zero element of the ring. Since f(x) is irreducible it is not divisible by any lower degree polynomial and so the gcd(g(x), f(x)) = 1. Then by the analogue of the Extended Euclidean algorithm 1 = a(x)g(x) + b(x)f(x) for some polynomials a(x), b(x). Then a(x) is a coset representative for the inverse of g(x).
Cryptography 21/04/23 | pag. 46
Example:Construction of Finite Fields
Cryptography 21/04/23 | pag. 47
Example:Construction of Finite Fields
Cryptography 21/04/23 | pag. 48
Intermezzo:Construction of Finite Fields
Cryptography 21/04/23 | pag. 49
Conclusion: For every prime p and positive integer n the field GF(pn) exists!