Block cipher
A block encryption (also block cipher or block cipher called in English ) is a deterministic encryption method in which a plaintext fixed length mapped to a fixed length cipher. The exact transformation is determined by a key.
In contrast to a stream cipher, a block cipher to encrypt a single block. To encrypt data longer an operating mode is used, which determines how the block cipher is applied. Block ciphers are but for example also used as building blocks for the construction of cryptographic hash functions.
Operation
All modern block ciphers such as AES or DES are designed as iterated block ciphers, which means that the processing of the input is done in several rounds that have the same structure. To this end, several round keys are usually derived from the key. When encrypting two objectives can be distinguished: Through confusion of correlation between ciphertext and key should be made as complex as possible. Diffusion to distribute the information in one place of the plaintext block over the entire ciphertext block; at the end to each bit of the ciphertext block from each bit of the plaintext block depend. Therefore, a round often consists of a substitution phase (often from S-boxes constructed ), which depends on the round key and to ensure confusion, and a permutation that guarantees good diffusion.
History
Lucifer is acknowledged as the first civil usable block cipher, it was developed by IBM based on Horst Feistels cryptographic work in 1971. A revised version of Lucifer was the National Bureau of Standards ( NBS ) in the USA (from which the National Institute of Standards and Technology, NIST emerged 1988) adopted and declared the DES (Data Encryption Standard ), after changes from NBS itself and the NSA had been made to the algorithm. The DES was introduced to the public in 1976 and found a widespread application.
The DES was replaced because of his in the meantime to short key length of 56 bits and its resulting weakness for brute- force attacks with today's technology, in 2001 after a five-year tender stage by the AES (Advanced Encryption Standard). The selection process of the AES is considered by many worldwide cryptographers because of its open design as exemplary. The algorithm of the AES was designed by Joan Daemen and Vincent Rijmen under the name Rijndael.
Definition
A block cipher is a function that maps a plaintext to a ciphertext c k, s with the key as a parameter. For any key, the map is injective, as a condition that the decryption function exists, the re- calculated at each ciphertext to plaintext.
Most, and the encryption and decryption functions are bijective then for each key from S. Today we also used mostly Bitblockchiffren that operate on blocks of b bits.
A bijective mapping from to is a permutation of elements. Consequently, there is an extremely large number ( ) of different pictures.
Due to the key of a block cipher is exactly one selected from the possible bijective mappings. Since the key block ciphers typical length is much less than bits, only a small portion of all possible images is captured by the totality of all the keys. With a block size of 8 bits, a 1684 -bit key would be necessary to realize all permutations.
Design principles
Product cipher
The difficulty of developing a block cipher is to find a mathematically unique reversible transform, which is the cryptographic requirements, and can be implemented with little effort. For this reason, we restrict ourselves mostly to a multiple execution of substitutions and permutations, which one tries to obtain a complex encryption function as possible. The permutation may be implemented with a relatively simple structure. Product code is a label for an encryption function, which is composed of combinations of substitution and permutation.
Feistelchiffre
Feistelchiffre, also referred to as Feistelnetzwerk is a general structure that can be realized with block ciphers. Horst Feistel, who worked at IBM in 1970 at the Lucifer cipher, is considered the inventor. A plaintext block is divided into two halves and processed in several rounds. In each round, the output of a dependent round keys round function of the other part is added to the part. Feistelnetzwerke allow decoding without an inverse function of mathematical encryption function is required. The Feistelchiffre served as the basis of various ciphers such as DES, Twofish and Blowfish.
Substitution permutation network
A substitution - permutation network (SPN) is a series of rounds of the same construction. In each round, the key is first added to the input, an S-box is applied and mixed the result with a permutation.
The best-known designed according to the principle SPN block cipher is AES.
Cryptographic modes of operation
A cryptographic operation mode determines how the encryption of multiple plaintext blocks takes place by defining, in what type of encryption algorithm applied to the data stream. Depending on the needs of the application will vary the error rate and security. The international standard ISO 10116 defines block-based encryption algorithms four different operating modes: Electronic Code Book ( ECB), Cipher Block Chaining ( CBC), Cipher Feedback ( CFB) and Output Feedback ( OFB ).
Well-known block ciphers
Some well known block ciphers are: