des attacks and triple des cryptography and network security reference: sec 4.1 of stallings text
TRANSCRIPT
DES Attacks and Triple DES
Cryptography andNetwork Security
Reference: Sec 4.1 of Stallings Text
DES and Brute Force Attack Known plaintext attack
Plaintext-ciphertext pairs are available Brute force attack involves going through
all 256 keys, encrypting the plaintext and matching with the ciphertext
SDESCrack1.java and SDESCrack2.java are programs that attack Simplified DES Brute-force search on all 210 keys Note the necessity of two plaintext-
ciphertext pairs
Multiple DES Brute-force attack on DES will
eventually become possible and practical
Multiple applications (multiple keys) of DES increases the key search space for brute-force attacks e.g., Double DES means two keys and
therefore 2112 possible key-pairs to consider
Double DES Encryption: C = Ek2[Ek1[P]] Decryption: P = Dk1[Dk2[C]] Check out SDES2.java for a simplified version The following fact is essential:
For any two keys k1 and k2, it does not follow that a key k3 exists where Ek2[Ek1[P]] = Ek3[P]
A single-key brute-force attack will not work Brute-force attack has two go through all key-pairs
(see SDES2Crack1.java & SDES2Crack2.java)
Meet-in-the-Middle Attack C = Ek2[Ek1[P]] implies
X = Ek1[P] = Dk2[C] Algorithm: (assume p1,c1 and p2,c2 are known pairs)
Try all 256 possibilities for k1 and tabulate all Ek1[p1]
Try all 256 possibilities for k2, compute for Dk2[c1], and compare against the table
When values match, check ifc2 = Ek2[Ek1[p2]]
Analysis of Revised Attackon Double DES Takes only twice the amount of
time (approx) as brute-force on Regular DES
Requires a table of size 256
See SDES2MM.java for an attack on Simplified Double DES
Triple DES Meet-in-the-Middle attack does not apply if
three DES applications are used Using three keys possible but aggregate
length of keys might be undesirable Use two keys instead
Reuse a key for first and third application Make second application a decryption
operation (for backward compatibility with Regular DES)
See SDES3.java
Programming Homework #2 Write an attack program for
simplified triple DES (SDES3.java) Use a combination of the brute-
force method and the meet-in-the-middle method (use a table of size 210) to come up with an algorithm that runs in roughly the same amount of time as DES2Crack1.java