No matter what I do, I always think, as long as my energy allows me, I will first serve my country. — Pavlov, Selected Works
This article has been included in my GitHub, welcome everyone to participate in star and issues.
Github.com/midou-tech/…
Point attention, do not get lost!!
After the last issue of stream cipher, we will strike while the iron is hot to see how the block cipher is one thing?
In some common cipher systems, block cipher still plays an important role in maintaining system security. Like stream cipher, block cipher has many problems that need our attention.
What is a block cipher? Grouping As the name implies, grouping is the encryption of plaintext messages into groups. That is, the encryptor can only process one group of data of a specific length at a time. We also call the number of bits per packet the packet length.
Clunk clunk! Here we go!
In the case of block ciphers, it finishes the encryption process once it has processed a block, so there is no need to track the progress of encryption by internal state. In contrast, for stream ciphers, it is the continuous encryption of a data stream, so the memory elements in it need to be encrypted to record the state inside the encryptor.
Block password:
Block cipher, is the plaintext message encoding representation of the number sequence X0, X1… , xi,… And divide them into n groups x = (x0, x1… , xn-1), each group with length N is in the key k = (k0, k1… Under the control of kt-1, the output digit sequence y = (y0, y1… , YM-1), its encryption function E: Vn× K→ Vm, Vn and Vm are n and M-dimensional vector space respectively, and K is the key space.
As can be seen in the figure, a plaintext group with length N is input, and a ciphertext with length M is output after the encryptor. However, in general, m=n is adopted. If n>m is encountered, it indicates that there is data compression in data encryption, and if n<m, there is data expansion in data encryption.
Here are some simple ways to design block ciphers.
Substitution:
If both plaintext and ciphertext are n bits long, then each plaintext grouping has 2 to the n possible values.
In order to ensure that the ciphertext obtained after encryption can be restored to plaintext by decryption operation, each plaintext group should generate a unique ciphertext group. Such transformation is called reversible, and the reversible transformation from plaintext group to ciphertext group is called substitution.
Let’s take n=4 as an example, to see how block cipher to base encryption?
For the substitution structure with a block length of 4, we can give the ciphertext after the substitution according to the substitution table.
However, there are still some problems to be considered in the practical application of this substitution structure.
If the grouping length is too small, such as n = 4, the system is equivalent to classical substitution ciphers and is easily breached by statistical analysis of plaintext.
This weakness is not inherent in the substitution structure, but simply because the grouping length is too small. If the packet length n is large enough and there can be any reversible substitution from plaintext to ciphertext, the statistical properties of plaintext will not be too obvious, so that the use of substitution structure is not easy to be broken.
Feistel structure:
Feistel, basically make every new contact with cryptography partners the most headache part of the, don’t be afraid, don’t be afraid, today dragon uncle with you detail Feistel structure.
For many block ciphers, their structure is essentially based on a structure called Feistel networks. Feistel proposes the use of product ciphers to obtain simple substitution ciphers, with the aim of making the resulting cipher stronger than the result produced by each basic cryptosystem.
Product password: Use two or more basic passwords in sequence.
Let’s look at the real feistel structure.
The figure above shows the n round structure of feistel, but in fact, each round is the same operation. Next we analyze what exactly is done in a round.
- Feistel encryption 1 round of iterative process
– Plaintext 2W bits, divided into two parts of equal length
– The i-th wheel key is derived from the initial key K
– Generally, the keys for each wheel are different and different from K
-f is called the round function (same for every round)
In each round, a left and right operation is performed and the result is passed on to the next round.
Take a look at our feistel decryption process.
- Feistel Decryption 1 round iterative process
– Decrypted data is exchanged left and right
– The decryption process uses the key in the reverse order from the encryption process
Decryption, like encryption, requires the operation of left and right message groups and passing the results to the next round.
Through the encryption and decryption of feistel structure, we can find that the ciphertext of the plaintext message after encryption can be restored to the original plaintext by decryption algorithm, that is, the encryption algorithm is reversible.
Block cipher is widely used. It is easy to construct pseudo-random number generator, stream cipher, message authentication code (MAC) and hash function, etc. It can also become the core component of message authentication technology, data integrity mechanism, entity authentication protocol and single-key digital signature system.
In practical application, block cipher may put forward many requirements, such as security, operation speed, storage (program length, data packet length, cache size), implementation platform (hardware, software, chip), operation mode and so on. These require a proper trade-off with security requirements.
Today first and everyone said here, the next phase, this should be in accordance with the plan to talk about THE DES algorithm, but THE DES algorithm in the previous we have said, and do not understand the small partner can turn back and have a look, the link to everyone, please enjoy the attack! Talk about the DES algorithm in cryptography