SYMMETRIC KEY ALGORITHM

Data Encryption Standard (DES) 

The Data Encryption Standard (DES) is a symmetric key block cipher that encrypts data in 64-bit blocks using a 56-bit key. It was developed in the 1970s and adopted as a federal standard in 1977. DES is now considered insecure due to its relatively short key length, but it played a significant role in the history of cryptography.

Components of DES:

1. Block Size: 64 bits
2. Key Size: 56 bits (often represented as a 64-bit key with 8 bits used for parity)
3. Rounds: 16 rounds of the Feistel structure
4. Initial Permutation (IP): An initial permutation applied to the plaintext before encryption begins
5. Final Permutation (FP): A final permutation applied to the output of the 16th round

Encryption Process:

1. Initial Permutation (IP):
   • The 64-bit plaintext block is permuted according to a fixed table. This permutation rearranges the bits to spread them out more evenly.
2. Round Function (Feistel Structure):
   • The permuted plaintext is divided into two 32-bit halves: L0(left half) and R0(right half).
   • For each of the 16 rounds i:
     • Compute L_{i} = R_{i-1}.
     • Compute R_{i} = L_{i-1} ⊕ F(R_{i-1}, K_{i})​, where F is the round function and K_i is the round key.
3. Round Function F:
   • Expansion (E): The 32-bit right half is expanded to 48 bits using an expansion permutation.
   • Key Mixing: The expanded right half is XORed with the 48-bit round key K_i.
   • Substitution (S-Boxes): The 48-bit result is divided into eight 6-bit blocks. Each block is passed through a different 6-to-4-bit substitution box (S-box), producing a 32-bit output.
   • Permutation (P): The 32-bit result from the S-boxes is permuted again to produce the final 32-bit output of the round function FFF.
4. Final Permutation (FP):
   • After the 16th round, the left and right halves are swapped and concatenated.
   • The final permutation is applied to produce the 64-bit ciphertext.

Decryption Process:

• The decryption process is identical to encryption but with the round keys applied in reverse order.

3DES

Triple Data Encryption Standard (3DES or TDES) is a symmetric-key block cipher, which is an extension of the original Data Encryption Standard (DES). It was developed to provide a higher level of security than DES by applying the DES cipher algorithm three times to each data block. Here’s an in-depth look at 3DES in the context of security:

How 3DES Works

3DES enhances the security of DES by applying the DES algorithm three times with either two or three different keys:

1. Encryption: Encrypt the plaintext using the first key.
2. Decryption: Decrypt the output of step 1 using the second key.
3. Encryption: Encrypt the output of step 2 using the third key (which can be the same as the first key in a 2-key configuration).

This process is often represented as: C=Ek3(Dk2(Ek1(P)))C = E_{k3}(D_{k2}(E_{k1}(P)))C=Ek3​(Dk2​(Ek1​(P))) where PPP is the plaintext, CCC is the ciphertext, EEE is encryption, DDD is decryption, and k1,k2,k3k1, k2, k3k1,k2,k3 are the encryption keys.

Keying Options

1. Two-Key 3DES (2TDEA):

   • Uses two keys (k1 and k2) where k3=k1k3 = k1k3=k1.
   • Provides 112 bits of security.

2. Three-Key 3DES (3TDEA):

   • Uses three independent keys (k1, k2, and k3).
   • Provides 168 bits of security but is typically considered to offer around 112 bits of effective security due to meet-in-the-middle attacks.

Security Strength

3DES was designed to address the vulnerabilities of DES, primarily its short key length of 56 bits. By using multiple keys and applying DES three times, 3DES significantly increases the key space, making brute-force attacks more challenging. However, it still has some weaknesses:

1. Key Length: Although it uses longer keys than DES, the effective security is around 112 bits, which is lower than modern standards.
2. Performance: 3DES is slower compared to modern ciphers like AES due to its multiple rounds of DES operations.
3. Vulnerability to Meet-in-the-Middle Attacks: These attacks can effectively reduce the strength of 3DES to 112 bits.