Unit 2: Cryptography

Que 1. What are streams and block cipher in Cryptography? Distinguish between Stream and block cipher

Stream Cipher:

• Stream cipher is a type of encryption algorithm that operates on individual bits or bytes of plaintext and produces a corresponding stream of ciphertext.
• It encrypts and decrypts data bit-by-bit or byte-by-byte.
• It uses a key to generate a keystream, which is then combined with the plaintext using XOR operation to produce the ciphertext.
• Stream ciphers are generally faster in encryption and decryption compared to block ciphers.
• Examples of stream ciphers include RC4, ChaCha20, and A5/1.

Block Cipher:

• Block cipher is a type of encryption algorithm that operates on fixed-size blocks of plaintext and produces corresponding blocks of ciphertext.
• It encrypts and decrypts data in fixed-size blocks, typically 64 bits or more.
• It uses a key to determine the encryption and decryption transformations for each block of plaintext.
• Block ciphers can handle larger amounts of data and provide better security than stream ciphers.
• Examples of block ciphers include AES (Advanced Encryption Standard), DES (Data Encryption Standard), Blowfish, and 3DES.

Parameters	Block Cipher	Stream Cipher
Definition	Block Cipher is the kind of encryption that converts plaintext by taking each block individually.	Stream cipher is the kind of encryption that converts plaintext by taking one byte of the plaintext at a time.
Principle	It uses both diffusion and confusion principles for the conversion (used later in encryption).	Only the confusion principle is used by Stream Cipher for the conversion.
Decryption	In Block cipher, reverse encryption or decryption is more difficult than stream cipher since more bits are combined to be encrypted in this scenario.	In a stream cipher, XOR is used for encryption that can quickly converted back to plain text.
Implementation	Feistel Cipher is the most popular block cipher implementation.	Vernam Cipher is the main implementation of Stream Cipher.
Implementation	Feistel Cipher is the most popular block cipher implementation.	Vernam Cipher is the main implementation of Stream Cipher.
Conversion of Bits	Since a block cipher converts blocks at once, it converts more significant bits than a stream cipher, which can convert 64 bits or more.	However, in stream cipher, only 8 bits can be transformed simultaneously.
Reversibility	It is difficult to reverse encrypted text.	It uses XOR encryption, which is easily reversed to the plain text.
Confusion and Diffusion	Block Cipher uses both confusion and diffusion.	Stream cipher relies on confusion only.
Algorithm modes used	ECB (Electronic Code Book) CBC (Cipher Block Chaining)	CFB (Cipher Feedback) OFB (Output Feedback)
Complexity	Simple design	Complex comparatively
No of bits used	64 Bits or more	8 Bits

Also Check: Unit 5: Cryptography

Que 2. Explain DES algorithm in Cryptography with steps and diagram

1. The Data Encryption Standard (DES) is a symmetric encryption algorithm used to secure
   sensitive data. DES is a block cipher algorithm, which means it encrypts data in fixed-size
   blocks.
2. 64 bit Plain Text is passed through DES algorithm and using 56bit key 64 bit Cipher text is
   obtain.

Algorithm of DES algorithm:

Key Generation: The 64-bit secret key is used to generate 16 subkeys of 48 bits each.

Initial Permutation (IP): The 64-bit plaintext block is permuted according to a fixed permutation table.

Encryption Rounds: The plaintext block is divided into two 32-bit halves, and a series of 16 encryption rounds are performed on these halves using the subkeys generated in step 1. Each round consists of the following steps:

• Expansion: The right half is expanded from 32 bits to 48 bits using a fixed permutation table.
• Substitution: Each 6-bit segment of the expanded half is substituted using one of eight fixed substitution boxes (S-boxes).
• Permutation: The 32-bit output from the S-boxes is permuted using a fixed permutation table.
• XOR: The permuted output is XORed with the left half of the plaintext.
• Swap: The left and right halves are swapped.

Final Permutation (FP): The left and right halves are concatenated and permuted according to a fixed permutation table to produce the ciphertext.

Decryption: The same process as encryption is repeated in reverse, using the subkeys in reverse order.

Also Check : Unit 6: Cryptography

Que 3. Explain IDEA Algorithm in Cryptography

IDEA (International Data Encryption Algorithm) is a symmetric encryption algorithm widely
used for securing data.

• IDEA is a block cipher algorithm that operates on fixed-size blocks of data.
• It uses a block size of 64 bits and a key size of 128 bits.
• The algorithm consists of several rounds of operations, typically 8 to 16 rounds depending on the key length.
• Here are the steps involved in IDEA encryption
  • IDEA is a block cipher algorithm that operates on fixed-size blocks of data.
  • It uses a block size of 64 bits and a key size of 128 bits.
  • The algorithm consists of several rounds of operations, typically 8 to 16 rounds
    depending on the key length.
  • Here are the steps involved in IDEA encryption

• IDEA also supports decryption using the same steps, but with the round subkeys used
  in reverse order.

Round Operations of IDEA algorithm
Step1: Multiply * P1 and K1
Step2: Add * P2 and K2
Step3: Add * P3 and K3
Step4: Multiply * P4 and K4
Step5: XOR step1 and step3
Step6: XOR step2 and step4
Step7: Multiply * step5 with K5
Step8: Add * step6 and step7
Step9: Multiply * step8 with K6
Step10: Add * step7 and step9
Step11: XOR step1 and step9
Step12: XOR step3 and step9
Step13: XOR step2 and step10
Step14: XOR step4 and step10

Also Read: How to Become a Salesforce Developer in 2023

Que 4. What are Electronic Code Book (ECB) Algorithm Mode and Cipher Block
Chaining (CBC)? Explain

Electronic Code Book (ECB) and Cipher Block Chaining (CBC) are two modes of operation in block cipher algorithms. They determine how the plaintext is divided into blocks and encrypted using the key.

Electronic Code Book (ECB) Algorithm Mode:

• In ECB mode, the plaintext is divided into fixed-size blocks (usually 64 or 128 bits).
• Each block is encrypted independently using the same encryption key.
• The same plaintext block will always produce the same ciphertext block.
• ECB mode is simple and easy to implement but is considered less secure because identical plaintext blocks will result in identical ciphertext blocks, which can be exploited by attackers

Cipher Block Chaining (CBC) Algorithm Mode:

• In CBC mode, each plaintext block is XORed with the previous ciphertext block before encryption.
• The first block is XORed with an initialization vector (IV) instead of a previous ciphertext block.
• This XOR operation introduces randomness and dependencies between blocks, making it more secure than ECB mode.
• CBC mode ensures that identical plaintext blocks do not produce identical ciphertext blocks.
• To decrypt, each ciphertext block is decrypted and XORed with the previous ciphertext block or IV.

Also Check : Unit 3: Cryptography

Que 5. Explain Blowfish algorithm in detail.

Operations: (Blowfish encrypts 64-bit block with a variable-length key)

1) Subkey Generation: This process covert the key up to 448 bit long to subkeys totaling 7168 bits
2) Data Encryption : This process involves the iteration of a simple function 16 times. Each round contains a key-dependent permutation and key and data substitution

• Blowfish is a very fast algorithm which takes 64 bit input as plaintext and generates 64 bit output ciphertext
• It uses the concept of P-array which uses 32 bit subkeys and there are 18 P arrays P1 to P18
• Blowfish Algorithm runs 16 times i.e. 16 rounds

Processes:

1. Subkey Generation:

• Key Size is variable but blowfish algorithm generates very large sub-keys . The key size is in the range of 32 bits to 448 bits or 14 words.
• Concept of P-array consists of 18, 32 bit sub-keys
• There are 4 S-boxes containing 256 entries of 32 bits
• P-array is initialized first then four s boxes with fixed string
• Then P-arryas are XORed with subkeys ie from P1 to P18 . Once the sub keys are generated the encryption process begins

Data encryption and decryption:

• We use the P arrays and S boxes during this process

Algorithm for encryption of 64 bit block

1. Divide Plain text into two blocks Left Plain text(LP) and (Right plain text(RP) of equal sizes. Thus both LP and RP will consist of 32 bit each
2. For i=1 to 16
   LP = LP ⊕ Pi
   RP = f(LP) ⊕ RP
   Swap LP ,RP
   • RP = RP ⊕ P17
   • LP = LP ⊕ P18
   • Concatenate LP and RP back into Plain text to get ciphertext CT

Also Check : Unit 4: Cryptography

Que 6. Explain RC4 and RC5 algorithm in Cryptography

RC4:

• RC4 (Rivest Cipher 4) is a symmetric key stream cipher algorithm
• It uses a variable-length key ranging from 1 to 256 bytes.

Steps:

1. Initialize the S-box based on the provided key.
2. Perform key scheduling to manipulate the S-box based on the key.
3. Set up index pointers i and j.
4. Generate a pseudo-random keystream by swapping S-box elements, generating
   keystream bytes, and updating index pointers.
5. XOR each byte of the input with the corresponding byte from the keystream to
   encrypt or decrypt.
6. Repeat the generation and XOR process for each byte in the message.

RC 5:

• RC5 (Rivest Cipher 5) is a symmetric block cipher algorithm.
• It supports variable-length keys (0-2040 bit).
• The block size can be 32, 64, or 128 bits.
• The algorithm consists of a specific number of rounds (12,16,20).

Steps:

1. Key Expansion: Generate round keys for each round based on the original key.
2. Initialization: Set up the block size, number of rounds, and other parameters.
3. Round Function: Perform a series of rounds using mixing and transformation
   operations.
4. Key Mixing: Combine each round key with a portion of the data block.
5. Data Mixing: Apply mixing operations to the data block, such as bit rotations and XOR
   operations.
6. Round Feistel Network: Further mix and transform the data block using the round
   function.
7. Final Round: Perform a final round using a modified version of the round function.
8. Output: Obtain the encrypted or decrypted data block as the final result.

Comparision between RC4 and RC5

Que 7. Explain AES algorithm in Cryptography.

Advanced Encryption Standard (AES) is a symmetric block cipher algorithm widely used for encryption and decryption of data. Here are some key points about the AES algorithm:

• Key Sizes: AES supports three different key sizes: 128 bits, 192 bits, and 256 bits. The
  key size determines the strength and security of the encryption.
• Block Size: AES operates on fixed-size data blocks of 128 bits. The data to be encrypted
  is divided into blocks, and each block is processed individually.
• Rounds: The number of rounds in AES depends on the key size. AES-128 uses 10 rounds,
  AES-192 uses 12 rounds, and AES-256 uses 14 rounds. Each round adds more
  complexity and security to the encryption process.

Steps of AES algorithm:

1. Key Expansion: The original encryption key is expanded using a key schedule algorithm to generate a set of round keys. The number of round keys generated depends on the key size and the number of rounds.
2. Initial Round: In the initial round, the input plaintext block is XORed with the first round key.
3. Rounds: The main encryption or decryption process consists of multiple rounds. The number of rounds depends on the AES key size. Each round consists of four main operations: SubBytes, ShiftRows, MixColumns, and AddRoundKey

a. SubBytes: Each byte of the block is substituted with a corresponding byte from the S-Box lookup table. This step provides confusion and non-linearity.
b. ShiftRows: The bytes in each row of the block are cyclically shifted to the left. This step provides diffusion and ensures that the bytes in different rows are spread out.
c. MixColumns: Each column of the block is transformed using a matrix multiplication operation. This step provides diffusion and spreads the influence of each byte to other columns.
d. AddRoundKey: The round key for the current round is XORed with the block. This step adds the unique properties of the round key to the block

4. Final Round: The final round is similar to the other rounds, but without the MixColumns operation. It consists of SubBytes, ShiftRows, and AddRoundKey.
5. Output: After the final round, the resulting block is the encrypted or decrypted data