Rochester Institute of Technology
RIT Scholar Works Theses
Thesis/Dissertation Collections
1981
Cryptography and its application to operating system security Michelle Painchaud
Follow this and additional works at: http://scholarworks.rit.edu/theses Recommended Citation Painchaud, Michelle, "Cryptography and its application to operating system security" (1981). Thesis. Rochester Institute of Technology. Accessed from
This Thesis is brought to you for free and open access by the Thesis/Dissertation Collections at RIT Scholar Works. It has been accepted for inclusion in Theses by an authorized administrator of RIT Scholar Works. For more information, please contact
[email protected].
CRYPTOGRAPHY AND ITS APPLICATION TO OPERATING SYSTEM SECURITY
by
Michelle Painchaud
Submitted
the
School
of
Computer
in of
to
partial
the
the
faculty
Science
the degree of
Technology
fulfullment
requirements
Master
&
of
Science
of
for
Mas te r of
Sc iE nc ~
in
C O ~ Dute r
Sc 1pnc e
Thes is Appro val Fo r m
Th i s i s t o t h e ~i s
c ~ r t i fy
t ha t
tl! ghel l e_Ea1ochaud_ ha s s ub mi t ted a
e~ ti tled :
~':~2~ c: ~P~~E ~~ n ~!! ~L !! ยง _ A2 2 Jj , Q~ t i QU _to _Qlle r:a t. ing _S}tS t.ec .-S6.G-a-F i-t-y
t o t he
fac u l ty
Teeh l.o lo fY
in
of
t he
par t ia l
Scho el
of
ful fi l lme~ t
C o ~pu ter
Sc ien ce
of t he requ i reme nts for
t he deg r ee of Mes ter of Seien ep- .
App r ove L :
JiJJ.V ..1lL __ {d a t
_ J~~~eY_ lt~K5~~j_~
a nd
e)
_
(eomn1i t tee nlembe r )
6.,11 218 L __ ( d at e)
Table
Contents
of
PART ONE
1.
Growing
2.
Security
4. Cryptography What
Security
Data
and
Cryptography in
Codes
Protection
is Cryptography? Past
Transition
8. Cryptography in the 9.
Privacy
Threats
6. Cryptography in the 7.
and
Privacy
versus
3. Environmental
5.
in
Interest
versus
Age
Automation
of
Ciphers
10. Basic Components
Cryptography
of
II.
Substitution
12.
Transposition Ciphers
Techniques
13. Applicability for Computer
use
14.
Message-Oriented
15.
Information-Oriented
16.
Product
17.
Principles
of
18.
Principles
Underlying Present-Day
Systems Systems
Ciphers
Confusion
18.1
stream
18.2
block ciphers
and
Diffusion
Ciphers
ciphers
*
18.3
stream
versus
block
19.
A Block Cipher Called DES
20.
Lucifer
21.
Introduction
-
A Model
to
encipherment
for the DES
the Data Enervation
Standard
22.
Specifics
22.1
the cipher
22.2
the
23.
is
24.
Summary
the
key
function
schedule
Encryption
Data
calculations
Standard
Secure?
One
Part
of
Algorithm
the
of
PART TWO
1.
Operating
2.
Network
3.
Encryption
4.
Implementation of
5.
Network
6.
7.
8.
System
Security Threats
Security and
Network
Security
Encryption
Applications
of
authentication
5.2
private
communication
5.3
network
mail
5.4
digital
signatures
of
6.1
processing
6.2
revocation
6.3
protection
6.4
key
in
plaintext
against
storage
and
conventional
7*. 2
public-key
modification
management
versus
encryption
encryption
Management
9. Conventional-Key Distribution centralized
]
'
7.1
9.1
Network
Encryption
Public-Key Cryptosystems
Key
the
Encryption
5.1
Limitations
within
key
control
Conventional
Cryptosystems
9. Conventional-Key 9.2
fully
9.3
hierarchical
Distribution
distributed
10. Public-Key
Based
11. Public-Key
versus
key
key
(continued)
control
control
Distribution
Algorithms Distribution
Conventional-Key
for Private
Communication
12.
Public-Key
Cryptosystems
13. Merkle-Hellman
Scheme
14.
Rivest-Shamir-Adleman
15.
User
Authentication
16.
File
Encryption
16.1
protection
of
16.2
encryption
for
16.3
data
Network
Mail
18.
Digital
Signatures
in the
main
store
approach
using
conventional-key based signatures
18.2
notary-public
based
18.3
notary-public
versus
a
Execution
20.
Conclusion
21.
The
Future
Time
of
media
internal processing
18.1
19.
Scheme
removable
encryption
17.
(RSA)
signatures
Requirements
Cryptography
network-registry-
network-registry-based
for
Encryption
signatures
Algorithms
Growing Interest in Security
Privacy
and
result,
these
as
a
of
computer
interest
decade,
these
tion which
issues
was
for
protection
The
advent
and
legal
ty (
Dinardo
a
means
of
mation,
computer
current
the
for,
a
al.
problem
Due
to
the and
of
deemed
amounts
the
became
need
computer
of
these
systems
for privacy
and
as
plus
infor and
and
secu
apparent
(Ko-
innovations
security
securi
computers
legislative
of
and
sensitive
of
increasingly
technological
in
of
vulnerability
private,
commercial,
use
1971).
,
communications
efficient
tremendous
relevant
al.
ensuring privacy
increasing
culmunation
with
the
last
informa
only
et.
This
the
until
up
was
security
1972).
,
and,
number
growing
and
concern
awakened
the
systems
interest
case
minimal
systems
the
Thus,
combined
et.
penetration,
computer
lata, 1977).
the
to
in
appearing
issues
vital
(Martin, 1970) (Feistel,
the
with
two
as
(Conway,
national
process
files
within
of
cheap
providing
coupled
pressures
to
1978).
,
data
their
for
purposes
sectors
are
always
were
vital
ability to
their
rity
of
topics
not
was
Privacy
emerging
discussions
related
current
are
security two
and
and
societal
resulted
privacy
in
(Burns,
1977)(Konheim, 1978). Security
versus
and
Security
involving to
these
distinguish
security
are
Privacy privacy
issues their
are
lump
the
two
differences.
frequently
Often
related.
confused
together
As
with
a
time
thereby failing
result,
one
discussions
privacy
another
and
(Davida,
1978).
Privacy
encompasses
not
only the
legal
and
ethical
issues
of
data collection,
the
individual's
and
use
means
of
the
to
right
is dealt
Environmental
is
misrouting,
et.
information
stored
disclosure
to
thus
the
insertion
of
spurious
misdirect
the
operation
of
the
which
the danger
by
unauthorized
such
media
threat
the of
as
network
of
result
purposes
is
packs
and/or
tect
the
or
to
used
the
If
to
confuse
1974). store
data
theft
or
is
tapes,
magnetic
removal
insidious
of
or
When
sensitive
information
this
communi
over
more
(Benedict, is
that
be
will
stored
the
the
on
ad
infor
1976). not
suitably can
in rendering the
1979).
network,
disc
and
data designed
disk
data
of
modification,
transferral
individuals.
these threats
(Popek & Kline, a
a
the physical
of
(Sykes,
any
as
is
network
1976).
(Sykes,
greater
system
always
may
cation
even
is
exists
tration
an
such
ditional
If
perhaps
device
removable
mation
But
storage
accessed
making the task
its
during
substitution
or
is
there
enforcement
computer
to monitoring,
susceptible
always
danger
data,
the
1972).
,
the
within
links.
a
al.
dissemination
and
ensures
technical
the
contrast,
which
cation
ever
In
safeguards
dissemination,
collection,
security extremely difficult
and
Data
(Conway,
It
well.
to, modification,
by security
with
vulnerable
privacy
the
as
Threats
Sensitive
highly
ones
control
access
privacy decisions
all
moral
information.
personal
all
controlling
data
of, of
of
but
the
storage
protected
lead
network
of
Consequently,
failures,
errors,
to
then
considerable
useless
order
for
damage
communi
information
sensitive
in
the perpe
to
omissions,
securely and
pro
vulnera-
bilities
that
of
network
particular
be
must
(Browne,
considered
1977).
Cryptography The
network
of
rity
use
is
of
one
which
by
means
information
communicated
or
misuse
or
illegal
be
is
supplement
techniques
transform
not
the
protected
disclosure
is
or
accidental.
not
sufficient
to
protect
data
other
theft
against
deliberate
a
legal
Although
system,
it
countermeasures
security
by
by
the
which
in
someone
1978).
It
is this
usually
on
a
originator
such
character
ciphertext
which
is
referred
Decryption
is
to be
reconverted
decryption
ferred
to
as
cipher
a
are
opposite
of
as
back into carried
is
key
into
the
out
by
means
pattern
receiver
text
or
form. of
an
of
with
can
if
(Dinardo(l
plaintext, jiimble
or
(Benedict, 1974). is
the
reversal
unintelligible
(Katzan, 1977). or
deals
unintelligible
meaningless
and
encryption
meaningful
system
a
original
encryption
process, enabling
cipher
system
of
is
it
which
information
the
of
intended
the
level, to
science
way that
transformation
or
transformation
a
than
other
bit
the
technical
highly
a
the message
intercepted
each
be
through
process
Clamons, 1974).
Cryptography is
and
can
(Popek & Kline,
is Cryptography?
What
the
or
the
and
the
integ
and
is
attempt
itself
by to
used
(Keys &
the
and
data
within
secuz-ity,
safeguarded
the method
whether
of
privacy, be
can
stored
and
information
protect
the
which
exchange
regardless
cryptography
the
to
cryptography
Cryptography is both
1979).
can
Protection
Data
and
Both
of
message
encryption
algorithm
re
Associated with
bits.
It
is
this key
4
is
which
for the
the
encryption/decryption
The
sources
value
factor"
enough
time
for
the
enables
intruder
the
Cryptography in
the
Cryptography, evolved
dependently in
later the
into
the
with
Arabs
a
being
far
out-dated
The
protected.
in the
The
cipher.
"time
secure
"cost
intruder paying worth
actually
him
to
by
long the
factor",
higher
a
re
the
exceeds
therefore useless
and
the
and
price
(Hellman,
as
Past
literally
which
an
art
various
Mesopotamia
and
by
time
of
com
1978).
1979)(Mellen,
dia,
amount
used
1977).
produce
information to be kept
information than it is
the
tially
is
which
results
the
ciphertext
finally breaks
hand,
other
that
the
sensitive
it may be
that
so
the
on
information
the
of
transformation
cryptography is to
such
to break
required
the
(walker & Blake,
process
of
objective
primary
data transformations
plex
determining
of
means
sole
ancient
civilizations
1979).
(Lempel,
cryptography
(Branstad,
science
writing",
is believed to have developed
and
systematization
that
"hidden
means
of
It
as
Egypt,
until
not
cryptographic
finally
was
was
such
in In
much
techniques
from
transformed
ini
an
by art
1977).
Cryptography in Transition Throughout
ly
changing
tem which earliest
of
the
as
was
history, a
result
of
the
impenetrable to
cryptographic
plaintext
homophones.
cryptographic
For
pursuit
techniques
for
crypt analytic
techniques devised
message
example,
with
if
a
one
of
were
perfect
attack.
replaced
several
the homophones
constant
cipher
sys
One
the
each
substitutes
for
the
of
letter called
letter
"e"
the
were
encryption
resulting 07
16
27
55
homophones
two
word
99
75
or
to
the
eventual
cracking
was
soon
It
modern
cryptographic
in
to
used
tution
ing
letters
bet.
For
cipher
ter
thus
sociated
fore,
the
of
to
thus
the
of
the
same
the
enabled
equivalent
as
the
for
substitutions
This
terms
and
to|
technique, therefore,
too
were
obvious
a
substitution
a
in
.
created
.XYZAB.
unique
be
"c"
alphabet
this
a
only
single
cipher
relation
the
to
a
cipher
alphabets
the
primary
with
the
alphabet
starting
this)
the were
start
alpha
then
third
had
letter.
as
There
the
cipher
signified
the
starting
(for further examples,
please
refer
to
a
let-|
for
the keyletter
letter
was
substi-|
ABC...XYZ
was
starting
or
encipher
by varying
alphabet
or
alphabet
alphabets
cipher
alphabet
Each
devised
Alberti
term raonoalphabetic,
These
by
for
polyalphabeticity.
the
keyletter
since
foundations
the
periodically to
used
if the primary be
as
different
in the preceding example,
point
while
Battista
systems,
alphabets
could
it
would
to
on
Leo
referred
several
yielding CDEF.
alphabet
that
message
in Italy that
single, primary
example,
with
Notice
same
Hellman, 1979).
the
alphabet
appeared
encryption
relied
message,
which
a
of
have
Thus
cipher.
laid.
cipher
the
employed
from
it
were
previous
(Diffie &
generated
the
might
the
homophones
the
1466
technique
alphabets
message
the
99.
varied,
within
of
until
encipher
technique
36
the
of
possibilities
1966).
(Kahn, not
55
"e"
two
"secret"
word
27
then
75,
or
constant.
since
cryptography
Whereas
20
reduce
discarded
was
07
times
cryptanalyst
technique
the
remained
more
or
of
letter
for the
letters
other
16, 20, 36,
values
figure
1).
the keyletters
By inserting
the
cryptogram,
bet
was
to be
Alberti
to
used
the
encipher
in
intervals
various
indicate
which
cipher
alpha-j
following
words
(Kahn,
1966)
to
able
was
at
(Simmons, 1979). Through
the
single
message,
varied
thus
the
far
by
was
alphabet
this
the
indicating
system.
keyword to be
to
of
an
encipher
the
to decipher
not
and
An
the cipher
Gio
means
written
alphabet
the
of
that
letter
plaintext
of
re
easily
letter
Each
to
made
that
secure
repeatedly
message.
corresponding
in
the
were
1553
until
in use.
was
which
1979).
efficient
to designate
Cryptanalysis
improvements
alphabet
cipher
the plaintext
used
this
300 years,
this
system
elaborate
cipher
invention was
was
more
(
was
see
2).
next
tiple
it
letters^
cryptanalysis
methods.
order
followed major
devised
the plaintext
(Lempel,
interchangeable keyword
Although
error,
in
1979)
However,
current
then
was
used
figure
the
letters
the
that
that
years
and
membered
letter
a
encipher
intruder had to know
the
since
each
Battista Belasco
vanni
the
for
used
for
monoalphabetic
difficult
to
alphabets
to withstand
method
(Diffie & Hellman,
cipher
over
previous
more
was
formation In
this
cipher
equivalents
cipher
enabling
easily than the
numerous
of
use
needed
of
system
it
took
which
was
not
some
were
electric
would
to
systems
used
prompt
Due
used.
employ which
instead.
telegraph,
permit
impregnable
essentially
widely
effort
homophonic
alphabets
the
remained
a
and
did
to was
not
subject
with
flexible cipher
error
fact
the
require
However,
over
correction.
to
mul
the
system
The
an
polyalphabetic
of
ability
In
1863,
repetition
in
of
with
the
this
ciper
(Kahn,
of
based
to
the
cryptanalyst
of
the
key
used
key
was
repeated
for
it
,
such
for
solving
"ing"
as
repeating
The
possible
was
the
and
or
key
"thej
pro
was
ciphertext
repeated
encryption
1966).
repeating keys.
the
enough
produced
need
method
upon
of
portion
If
a
trigram
plaintext
same
fulfill
published
was
ciphertext.
equivalent
length
the
frequent
a
available
made
that
ciphers
conjunction
duced
Kasiski
Friedrich
polyalphabetic
type
in this
increased interest
to
systems
to
determine of
number
i
times The
the
could
cryptanalyst
into
cryptogram
each
analyze
The
discovery
'the jlthe
3)(Diffie &
that
text
il jjsingle
of
a
the
word
to
fact
that
the
of
be
in
encipher
the
the
the
letter
of
fre
place
more
ingenious
of
this
period
nonrepeating
of
repeatedly
running key
prevented
en
was
key, using
(see figure 4).
plaintext
ci
of
i; iiof
subsequently,
polyalphabetic
outgrowths
continuous
used
the
of
Hellman, 1979).
vulnerability
of
and
principles
single,
a
book,
length
ciphertext.
letters
the
sort
in the development
One
schemes.
proposal
the
of
to
key
upon
of
repetitions
proceed
based
interest
spurred
ciphering
then
group according to
(see figure
quency
phers
groups
between
such
as
a
In
spite
the periodicity
ex-
ij
iploited by if or no
the
August e
more
Kasiski
Kerckhoff
than
secure
(Lempel,
1979).
solution,
this
proposal
demonstrated that
the previously
A technique
isolation
permitted
the
fragments
thereby, indicating
of
or
to
that
more
a
cipher
short
as
lived
system
polyalphabetic
used
referred
two
this
was
was
ciphers
superimposition
identical ciphertext
repeated
fragment
of
the
plaintext
running key. to
had been
message
obtain
Given
be
this
time
cipher
could
system
employed
and
without
totally
being
message
breakable, key
tively This
key.
The
system
use
led
period
to
of
the
from
and
the
This
technique. was
both
The
key
consisted
was
the
1973).
key
same
length
of
the The
to
used
cipher
meaningless
to
added
until
one
only
which
the
the
it
as
in this
by key
numerical
encipher
the
as
a
security the
message
\^as
called,
The
extremely
being
system
(Diffie &
management
preparation
"one-time
was
existed.
applications
advance
system"
was
long
prohibi
Hellman, 1976). which
problems
distribution
and
un
of
the
impractical
for
1979). "one-time
search
1917
system",
plagued
(Lempel,
failure
upon
resulted
most
also
Consequently,
universal
the
for
from the
that
(Feistel,
difficulties
required
was
was
which
method
devised up
cipher
1978).
5).
able
was
(Diffie &
cipher
made
of
1979).
"one-time
expensive
resulted
plaintext
nonreusable
practical
system
string
dependent
was
this
was
which
(see figure
the
of
(Diffie & Hellman, Although
key
cryptanalyst
(Mellen,
superimposition
numerical
system
discovery
nonrepeating
pattern
random
this
a
the
s
the
resist
representation
of
1900'
early
1979)
portion
superimposition
polyalphabetic
1966) ( Simmons,
(Kahn,
the
In
break any
to
used
same
the
solve
way, Kerckhoff's
this
In
the
the
ciphertext,
information to
sufficient
Hellman, 1979). could
enough
by
enciphered
for
system"
as
alternative
through World War
II
a
flexible
cipher
cipher
systems.
Thus
the
devel-
which
marked
witnessed
i opment
of
several
types
of
cryptographic
machines
the
beginning
a
of
(Diffie & Hellman,
trend
new
revolutionary
|
1976). The
rotor
1917,
was
tem.
This
first developed
machine,
best
the
of
one
probably
Edward
by
examples
this
of
in
Hebem
H.
sys-
modern
j of
consisted
machine
hard
a
rubber
disk
rotor
or
t
which
twenty-six
contained
the
wiring
contacts
the
on
which
rotors
vided
twenty-six
an
contacts
electrical
the
on
on
one
each
same
axis, to
the
use
of
up to
the
set
of
rotors
a
series
j
twenty-six
the
the machine's
on
By randomly
side.
to
side
through
comparable
path
By depressing keys
bets.
on
and
side
other
rotated
contacts
of
eight
pro
cipher
alpha-j
keyboard, !
typewriter
i| a
letter
plaintext
was
illuminated
one
or
more
lishing
a
Another
sisted
pher
of
much
a
the
in
that
letter
at
ciphering
of
a
of
a
two
machine, it
thus
gear
each
letter
was
a
was
which
not
was
which
enciphered,
thereby,
estab
a
substituting
1979). the Hagelin device
was
number
This used
places.
was
simpler
secure.
used
quite
con
drive
to
of
as
device
In
to
Despite
a
ci
compar
use
and
this
frequently during
1966).
discussed the term
more
space
new
Hagelin.
device
this
(Kahn,
systems
or
letter
called
W.
variable
followed
time,
cipher
consequently,
system
toothed
through
the
and
path
Hagelin device
the
to
rotated
a
(Kahn, 1966) ( Simmons,
however,
the
into
After
1934 by Boris C.
rotor
drawback,
All
rotors
variable
cheaper,
years
panel.
electrical
alphabet
ison to
the
polyalphabetic
invented
was
transformed
alphabet
cipher
new
the
of
new
on
was
letters
so
far
enciphered
monographic
systems.
simultaneously
was
only The also
one
en
pos-
10
through
sible
best known
the
One
systems.
the Playfair
was
system
polygraphic
cipher
polygraphic
of
use
of
the|
(Katzan,
Cipher
1977). The
which
Playfair Cipher
permitted
two
through
the
use
message
was
first
occurrence
the
insertion
or
"z"
thereby, to
following the
same
found the
rules:
if
plaintext
below the
plaintext
were
ciphertext
neither
intersection
row
letter
ure
6)
of
right
in the
the
of
the
of
first
each
was
plaintext
column,
was
the
row
letter
plaintext
e-
immediately
of
character
if
the
column,
same
corresponding
were
letters, 2)
the
row
in
were
letters
letters pair
"x"
as
characters
nor
same
such
letters
same
the
corrected
By
ciphertext
if the
3)
was
according to the
pair
plaintext
were
The
characters.
plaintext
in the
were
and
ones,
groups
the plaintext
of
characters
equivalent
the
of
corresponding
characters
ciphertext
of
plaintext
characters.
identical
of
simultaneously
character,
ciphertext
the pair
the
used
pair
1)
quivalent
acters
each
equivalent
immediate
the
pairs
an
then
row,
to
two
the matrix,
the
within
infrequently
an
two
of
substitution
The
matrix.
groups
letters
eliminating
into
transformed
into
divided
of
enciphered
substitution
any double
of
by
referring
5x5
digraphic
upon
be
to
characters
a
of
based
was
char
the
letter found
and
column,
being
first
at
the
with
(see fig
(Katzan, 1977) (Kahn, 1966).
The
polygraphic
security than the equipped
greater
to
resist
number
of
system
was
monographic
frequency letter
by
far
system. analysis
pairs
as
well
superior
This
system
by making as
with
respect
was
better
available
disguising
the
a
to
11
characteristics
cryptanalyst
mons,
1979)
was
tems
greater
an
With
his
were
laid
then performed
([were
letters
of
seeds
in
key
consisted
Although
ters
the
that
1979)
this
of
the
of
could
Hill's of
set
be
the at
the
of
(Kahn, 1966)
(Sim
Hill
system
provided
assumption
was
that
sys
that
eveii
responsible
for
was
of
capable
1979]
(Simmons,
simultaneously modern
greater
time would offer
a
algebraic
In
of
Hill's
cryptography
enciphered
decryption
and
means
were
mathematical
the
after
these
numbers
letters
were
The
equations.
used
as
cipher's
formed the equations.
which
limits
by
numbers
system,
values,
constants
to
conventional
simultaneous
no
letters
Encryption
use
numerical
theoretically
strictions
mons,
a
of
operation.
li variables
to
S.
transformed
1977).
to
converted
task
Hellman, 1979).
through
(Katzan,
methods
Lester
polygraphic
the
ciphers
look-up
the
result,
substitution
letters
several
number
(Diffie &
table
digraphic
measures.
discovery,
Algebraic
a
Automation
of
naturally led
algebraic
enciphering any
a
that
enciphered
security
inventing
of
the Age
enhancements
which
As
1977).
(Katzan,
discovery
security
letters.
exceedingly difficult
made
Cryptography in The
the
of
were
set
the
on
simultaneously,
limited the encipherment to only
a
number
of
practical
re
few letters
let
(Sim
(Katzan, 1977). system
system's
spite
the
failure
uable
and
led
to
was
never
seriously
vulnerability to of
the
this
system,
search
for
used
primarily because
cryptanalytic
the
more
theory behind it complex
De
attack.
families
was
of
val
trans-
12
formations lowed
systems
with
of
the development
saw
and
ingenious
invention
the
to play
use
a
the
the
of
Prior
the
to
was
consequence,
tially
and
for the
cipher
the
an
on
ci
the
with
cryptography
rely
upon
first
a
could
the
upon
use
through
the
restricting the
be performed.
of
search
cryptographic
The
its
for
gears
these
power
computing
time,
the
of
more
the
were
digital
com
As
restrictions.
increased
for better criteria
often
systems. of
number
the
means
16th
was
substan
encryption
was
made
pos.f
of
and
the
testing 17th
These
possible
keys
but
methods
existed
to
for
of
relied
show
a
of
mathema
strength
in order
also
strength
centuries,
mathematical
methods
responsible
power
computing
invoked to verify the
counting of
computer
available
adequate
During
the use
astronomical
which
computers, only
Hellman, 1976).
cryptographic
heavily
available
thus
existed
systems
available
system.
arguments
electronic
to break
increasing
for permitting
tical
not
introduction
only for
of
operation
able
the
(Diffie & The
the
impact
significant
according to purely
methods
not
did
which
puting power,
sible
a
development
cryptographic
of
computer,
a
had
began
technical
highly
of
to
related
increasingly
computer
that became
power
computational
implementation
This
directly
was
in the design
role
vital
computer
The
computer.
electromechanical
simple
schemes
cipher
1979).
(Lempel,
type
the
in
in complexity
growth
equations.
simultaneous
enciphering
of
more
and
phers
the
to
fol
that
years
sophistication
greater
of
the
Thus,
the corresponding
witnessed
regard
more
1979).
(Diffie & Hellman,
that
particu-
13
lar
repeatedly the
systems
the
broken, the
of
security
this
assault
withstand
1976).
This
the
by
attack
to
thus
was
employ the
permitted
enced
able
cryptography
modern
age
of
underlying
(Mellen,
1978).
computer
and
self
may
well
need
for
security
themselves Codes
in
versus
of
electronic
was
of
by
this
the
The
mathematical
of
the
theory
of
dif
cryptog and
models
models
use
has
profoundly
was
the
of
apparent
a
of
cryp
remained
unchanged
valuable
ally in the
that
the
With
alliance.
privacy, digital
practice
computers, for the
have
gained
influ
in the
for ushering
only the
science
increasingly
of
availability
computational
system.
computers
However,
benefit from this
need
the
of
to
Hellman,
mathematical
which
responsible
Cryptography
and
cryptan-
the
computers
cryptography (Girsdansky,
computer
may
it
evergrowing well
find
1971).
Ciphers
Encryption
use
of
affected
it is
in
Hellman, 1979) (Mellen, 1978).
and
principles
a
cipher
to determine
cryptography.
tography has been
of
various
the
until
estimate
to design
computer
introduction
The
an
cracking the
(Diffie &
secure
most
dominant
resulted
(Diffie &
cryptanalyst
remained
for
the cryptosystem
of
ability
were
proofs
through
certification
led to the formation
which
This
abandoned.
the
argued
so
mathematical
giving
by
skilled
a
ficulty involved in rapher
was
tested
approach
computer
algorithms
of
notion
replaced
which
had been
strength
whose
systems
technique being
alytic
of
As
system.
ciphers
described thus
can
or
be achieved through the
far in this
in use
paper
one
of
two
of
codes.
have
used
ways
All
-
of
ciphers.
through the the
systems
Although
14
practice
ciphers
Ciphers
are
and
usually
are
assign
ters,
substitute
(Davida,
pher
be
can
et.
al.
a
of
group
to
some
or
characters.
by
a
1966). length
group
character,
of
in
two,
constant
of
set
the
(Kahn,
character
given
enciphered
1978).
,
or
mapping
or
symbols
message
any
by
character
a
letters
oriented
character
distinct
quite
plaintext
of
performed
acters, into
are
codes
and
composed
is
Encryption
little difference between
is
there
theoretically,
oriented.
of
group Since
ciphers
let
alphabetic
properly designed a
Consequently,
cipher
char^
ci
be
can
i used
to
before
encrypt
nor
was
any information
or
message
anticipated
as
needing to be
ever
that
was
never
stated
said
(Feistel
1973).
Codes, of
variable
ciphers
the
on
hand,
other
length
and
are
are
composed
of
plaintext
letters
as
flexible
as
ciphers.
Unlike
not
ignore linguistic
which
structure,
i
;in
They
nature.
are
collections
of
codes
prearranged
are
semantic
substitutions
I
jfor
and
words
| encryption
(Feistel,
phrases
is
accomplished
by
al.
et.
,
referring
19 71). to
a
The
process
preordained
of
table,
i called
jusually
jwords,
and/or
jgroups
of
a
code
phrases
numbers
or
book,
which
together
letters
consists
the
with
called
of
list
a
of
corresponding
codegroups
letters,
random
(Diffie &
Hell-
i
iman, 1979).
tions,
only
composed
type
of
As
result
meanings
of
thought
from prearranged
message
et.
al.
Codes
are
vida,
a
,
which
being
codes
of
in
messages
may be
prearranged
advance
can
encoded
is
and
which
be used.
severely
substitu
can
be
Therefore
limited
the
(Da
1978). generally
not
well
suited
for computer use.
Their
15
failure
to be
automated
easily
culty in changing the has
mised
key,
in
resulted
or
codes
Basic
book,
being
not
Components
of
if the key is
(Diffie & Hell
used
widely
compro
Cryptography
Essentially cryptography ations:
substitution
various
enciphering
in the complexity
volves
the
text
or
message
In
results
their
of
iSubstitution
Cipher more
are
of
1979).
(Simmons,
today
types
merely
variations
operations.
the most
elementary
of
plaintext
characters
with
symbols
as
the
in
two,
other
char
illustrated below.
XMAXLE
PLAQLGBYR
ciphertext
the
to
various
characters
their position but
(Diffie &
(Katzan,
comprising the
lose
their
plain
identity
upon
Hellman, 1979).
transposition
substitution,
the characters
oper
The
plaintext
in the characters
position
two
arbitrary
(Katzan, 1977)
contrast
use
two
only
RENDEVOUS
retain
rearrange
ally
is
in
of
CANCEL
technique,
encryption
these
replacement
acters, numbers,
this
schemes
which
consists
transposition
and
of
Substitution,
much
code
the diffi
importantly,
more
1979).
man,
In
and
in the
plaintext
retaining their
techniques
This
message.
identity
but
actu
losing
1977).
TOMORROW
plaintext
WMTOOROR
ciphertext
Techniques
systems
diverse
which
and
depend
more
upon
widely
employ transposition techniques.
substitution
used
than
Perhaps
those
the
methods
are
systems
which
primary
reason
16
for
their
tation,
they
since
The
of
are
the various
need
(trigrams).
ters
which
Careful
finally, frequently
and
flect
the
of
pairing
frequency analysis, letters
text
Although
an
with
too
table
the
permits
long size
alphabet
size
which
alphabet
while
a
vowel
the
becomes
hibitive both
of
is a
frequency
one
to
(for
"e"
and
"t"),
"q"
and
Thus
through
identify
to
able
I
"z"),
consonant.
is
j
let
those
reveals
usually
re
plain
equivalents
ciphertext
task
tedious
with
respect
key
neither
introduce
further
must
too
be
short
on
this
a
If
to
vulnerable
substitution
too pro-t
be
nor
crypt
relative-t
-
so
one
long
Hellman, 1979)
ciphers
|
the
the
size
reasonable
(Diffie &
out
frequency
for
techniques
a
short
technique
expense
the
carried
easily
of
in
Too
difficulties.
therefore
problems
cryptanalyt-j
role
vital
to be
and
to
to
is broken.
making
time
limited and
a
compilation
substitution
compilation
information
other
thus
to
plays
analysis
the
increased,
vulnerable
cipher
introduces
the
as
table
tri-
which
are
alphabet
substitution
ly
is
a
with
ciphers
the
of
Therefore, for
that
letter
pairs
corresponding
analyst.
secure
and
letter
cryptanalyst
substitution
the
attack,
ease
(digrams),
Hellman, 1979).
(Diffie &
ic
frequencies
this
of
occurring
their
and
study
the
infrequently (the letters
rather
occur
pairs
analysis.
listing
table
a
implemen
enhancements
security
frequency
of
means
applica
in
ease
frequently (the letters
quite
occur
by
letter
their
minimal
offer
of
ease
relative
Despite
make
only
letters,
pies
which
solved
easily
cryptanalyst
those
ciphers
substitution
their
1979).
(Diffie & Hellman,
tion
is
appeal
universal
see
figure
7).
17
Transposition Ciphers As
with
substitution
decipher, however, they
relatively easy to
(see figure 8).
nerable
and
triples
"i"
and
to be
text which
the
of
breakup
of
the
letter
"believe"), thereby
word
for
the
This
permits
the recovery
them.
into
the
plaintext
itself from the
As
a
plaintext
result
in
invariant
of
search
ciphertext
letter
the
the plain
the
key
(Diffie &
used
to
the
Hellman,
in the
plaintext
techniques
transposition
form,
cipher
;
permutations
of
frequencies
vul-j
pairs
subsequently,
alone
cryptogram
the
and
as
(i.e.
pairs
allowing
through
transform
being
quite
letter
common
are
not
reconstructed
rejoin
1979).
of
also1
ciphers
are
analysis
Frequency
the
reveals
"e"
transposition
ciphers,
are
\ i
seldom
used
analytic
due
themselves
by
crypt-
Applicability for Computer Use Both
suited
transposition
for
techniques
number
cryptographic
processing
be easily
can
The
system.
substitution
and
use
"n"
by
binary
techniques
the
by
implemented of
nary digits adequate
bet. size
More
the
of
In
can
in
decimal
generate
encode
digit to
block the
electronic
numbers
binary
These
the
binary
results
in the
of
means
digits
32 distinct
are
letters
which
with
they
block
the
of
-
5
of
bi
than
more
standard
by increasing
two
alpha
the
1966).
circuitry,
in that
a
combinations
possible
made
(Katzan, ease
Thus
codes.
the twenty-six
combinations
addition
resented
of
to
distinct
of
ideally
are
computer.
2n
generation
j
!
1966).
(Katzan,
attack
their vulnerability to
to
binary
they have
can
be
digits
all
added,
the
can
be rep
advantages
subtracted,
18
a
vital
puter
role
in
Systems
j
and
Substitution
transmitted,
which
only
short
since
this
type
systems,
for this
system
of
Information-Oriented
Situations
sages
used
to
ways
adequate.
produce
errors
bits
provide
use
with
high
two
for
which
sensitive
message
whose
to
well
of
adapted
needs
and
are
therefore, inadequate.
which
are
better
must
are
ciphers
be
solution
sought
is
of
a
of
is
in
rich
single
digit
characteristics
detection.
error
out
mes
easy detection
these
a
by
al
unable
As
mes
not
ciphertext
plus
long
keys have been
short
the
fulfill
which
and
required
are
change
any
transposition
(Diffie & Hellman,
are
this
require
confidentiality
suited
than
key,
compounded
transformation
a
being
are
1978).
multiple
and
to
result,
Sub
fulfill
these
other
ciphers
(Hsiao & Kerr,
1978)
1979).
Ciphers
Transposition
themselves
attack.
applicable
characteristic
ciphers
stitution
Product
com
messages
large databases
Although
Situations
need
are
is
message
longer keys
of
long
a
of
(Hsiao & Kerr,
Transformations
position.
for the
designed
transient
and
these
deal
therefore,
and,
which
Systems
systems.
sage-oriented
any
which
the
require
techniques
transposition ciphers
inessage-oriented
type
manipulation
1973).
[Message-Oriented
in
arithmetic
cryptographic
(Feistel,
situations
plays!'
is this
It
etc.
.multiplied,
and
primarily
However,
the
substitution
due to
ciphers
are
their vulnerability
combination
of
these
two
seldom
used
by
to cryptanalytic techniques with
19
other
methods
complex
cipher
Product tion
techniques.
a
high degree
of
by
Product
ciphers
simple,
individually
schemes
of
themselves
weak
Confusion
of
Diffusion
and
cipher
confusion
systems
is
purpose
capable
the
throughout
some
among the
variables
and
The
on
though
the
amounts
portion
of
of
principle
nonlinear
large
Thus
provide
otherwise
Hellman, 1979). system
strong the
from
elementary
which
combined
act
low
as
form
to
techniques
other
systems
cost
complex
ci
They
which
of
of
the
of
substitution.
amounts
of
relationship between
This
on
in
flexible
the
and
sta
at
dependencies
intercept
to decipher
even
1979).
hand,
other
material
original
local
Diffusion
order
principle
enciphered
the
a
intruder has to
an
(Lempel,
confusion,
spread
or
correlations
material
the message
which
especially
require
the message.
in this way
enciphered
are
by
detection.
error
length
eliminate
small
a
of
diffusion is to diffuse
of
to
a
(Diffie &
be generated.
can
of
two
are
that
larger
would
are
Diffusion
and
cipher
tempts
they
transposition,
in information-oriented
tistics
ciphers
times, they
of
than
more
components.
useful
The
number
be efficiently
can
more
substitu
and
substitution
construction
and
in
1979).
(Lempel,
complex
the
substitution
Principles
and
(Feistel, 1971)
enable
building blocks,
a
much
security,
provide
phers
iterated
and
components
both transposition
of
transposition
If
combined
properly
consist
important
1966).
(Katzan,
systems
ciphers
to become
them
allows
is based up
dictates that may be
message
and
even
intercepted, the
enciphered
20
is
[Version
so
that
complex
(extremely
difficult to
(Confusion
relies
the
related
the
time
Jsult,
variables
the work
ciple
offers
Shannon,
i
the
during
the
principles
jthe
alternate
development
of
among
maximize
As
a
this
re-
prin
1979).
contributions
has
cryptography,
simple
of
diffusion,
and
to
consequently,
important
sandwiching
confusion
of
cipher.
(Difffie & Hellman,
for
responsible
as
so
1979).
(Lempel, and
the
dependencies
possible,
measures
early theoretical
that
j argued
is very high
security
was
as
cryptanalysis
factor
who
in cracking
headway
any
complex
as
for
good
make
it
find
still
would
making the functional
upon
required
cryptanalyst
a
ciphers
produces
a
with
cipher
i
jthat
is
jail.,
1977).
of
highly
the
Thus
producing
a
to
resistant
use
cryptanalytic
both
of
very flexible
and
of
attack
these
secure
(Walker, is
principles
cipher
system
et.
capable
(Diffie &
Hellman, 1979). Principles
Underlying Present-Day
Cryptograhic
stream
The
|of use
ciphers
use
the as
stream
of
systems
block
and
either
algorithm
can
type
but
of
also
cipher
has
into two broad types:
classified
ciphers
(Popek & Kline,
well
be
Ciphers
(Diffie & Hellman, affects
not
1976).
only the
strong implications
strength
for computer
1979).
ciphers
Stream
character
Imessage,
ciphers
by as
process
The
character.
well
determine how to
as
the
the plaintext message
key
encipher
entire
and
the
Kline, 1979) (Lempel, 1979).
preceding
bit by bit
portion
the current bits
next
bits
of
Consequently,
are
the
the
of
used
the message
incoming
or
to
(Popek
&
charac-
21
ters
are
In many
independently (Diffie
treated
not
a
cases,
elements
lows
the
This
vulnerability, however,
taken of
to
stream
to be
cipher
their predecessors
the
of
be
can
offset
the
of
key
to
vulnerable
key string bits
the
that
ensure
long substring
sufficiently
determines the succeeding
Hellman, 1979).
&
key
uniquely This
string.
cryptanalytic
if
are
special
a
attack.
is
care
complex
al
function
1979).
(Lempel,
t
block
ciphers
In
typical
to
contrast
stream
day block
present
product
substitution
as
its
components
pel,
1979).
ciphers
from
32
128 bits
to
ij enciphering !| of
i!
Therefore,
that
each
block
|j ii
fixed
of
or
stream
unlike
and
stream
as
block
block
ciphers,
key (Popek
(Diffie &
one
is
compared
to
strong block ciphers,
stream
error
in any
ciphers
undecipherable, This
is
directly
plaintext
characters
easier
given
is
by
performed
on
basis
the
Kline, 1979).
&
is
operated
in-
on
19 79).
Hellman,
encipherment
it
of
block
each
(Lem
into
message
the message
of
cipher,
length ranging
Encryption
Whereas
tic
the
the block
with
the given
the previous
of
versus
size
main
the plaintext
characters.
i|
j| dependent ly
divide
successive
alone
a
iterated
and
usually
of
an
transposition
blocks,
structure
is
cipher
with
Block
basic
the
ciphers,
deals
block
and
to
with
to
is dependent
in
in
an
all
error
the fact upon
strong
error
results
therefore,
related
(Diffie &
construct
all
Hellman, 1979).
unfortunate
propagation. subsequent
ciphers
characteris
A
the
single
blocks
(Popek & Kline
that of
stream
being
1979).
encipherment
the preceding bits
of
or
22
In
use
than
lengthy ciphertext, but
ed
not
all
subsequent
ciphers,
on
the
other
required
is to decrypt
to
and
reencrypt
ciphers
facilitate
hand,
that
the
of
relevant
are
computer
be
All
a
of
portion
reencrypt
Block
well.
updating.
block
is
that
of
ciphertext,
No
other
update
blocks
need
in application,
ease
(popek &
preferred
usually
as
stream
block.
particular
any bits
relevant
Primarily due to their
be changed.
block
bits
the
the
for
acceptable
to update
order
must
only
also
it,
In
block ciphers.
are
less
are
ciphers
stream
general,
Kline, 1970).
A Block Cipher Called DES A
Standard
to
be
the
operations,
'enciphering
recirculating
a
fixed
length data
is
is
composed
After
that the
of
and
substitution
into
is
transpo
information
the
reentered
cipher
the
produced
same
is
called
DES
operates
only
it may be precisely
referred
to
Since
cipher.
block,
block
recirculating
the
Thus
product
DES
transposition
the
cipher
resulting
process.
a
the
operations.
undergoes
enciphered
is the Data Encryption
cipher
Essentially,
substitution
and
sition
DES.
or
block
a
of
example
prime
product
cipher
(Branstad, 1977)
on
as
a
(Bright &
Enison, 1978). In
Data
1976,
November
Standard
Encryption
Standard
(FIPS).
it mandatory for algorithm
Only
those
empted
as
to
The
all
ensure
Federal
well
the
as
Department as
a
Federal
adoption
Federal
of
which
nongovernmental
Commerce
approved
Information
the DES
Government
cryptographic
agencies
of
as
a
protection
of
Processing
standard
agencies
makes
to use
this
computer
have been specifically
institutions
the
are
not
data. ex
required
23
to
the Data Encryption Standard
use
adoption
this
of
standard,
cantly increase the
tion
which
64 bits
are
long,
the
Since
cess.
data
the
for
from
block
algorithmic
to
encryption
the
plaintext
on
a
encrypt
the
of
must
of
be
of
the
used
The
used
not
of
(National Bureau
Data
Encryption
Standard
LSI
decrypt
cryptographic
chip
and
can
be
transmitted data
transformations
are
be
of
computer
systems
(Hsiao &
pro
used
is
which
the
was
re
ciphertext
reversal
used
of
the
the
of
original
for
Therefore,
unau
ciphertext
and
the
unique
original
key
which
was
Standards, 1977).
with
software
any computer to
(Hellman,
made
prime
security
implemented in
possible
terminals, devices, etc., thereby allowing diverse
a
the
the
encryption
single
of
recover
for
can
key
of
Decryption
that
key
intercepted
knowledge
the
transform
to
can
blocks,
is
key
block
for decryption.
algorithm
without
64 bit
through
same
into
which
1977).
(Katzan,
was
by
unique
conducted
which
the
public,
this
a
deci
and
encryption/decryption
means
is
It
plaintext
also
message
and
com
informa
and
encipher
partitioned
the
made
to
key
is
sole
generation
process
have knowledge
The
is
individuals who have
thorized
employed
it
is
into ciphertext.
l| plaintext
or
prior
information is
enciphered
j:i
data
is maintained.
sponsible
each
signifi
to protect
communications
64 bit
a
The
algorithm
importance because of
of
the
With
this will
devices
encryption
areas
employs
algorithm
binary-coded data.
pher
is hoped that
1978).
(Branstad, 1977).
storage
This
of
in both the
systems
puter
use
it
(Dinardo,
1979).
Thus
among different
communications
Kerr, 1978).
among
24
Lucifer
Motivated
the
by
IBM
nonlinear
block
1979).
developed Data
1972,
Encryption The
cessed
independently
magnetic
module
128
a
random
strip-card
message
8
The
encipherment
of
two
formed message
unique
a
8
a
This
key
plug-in
consists
can
block
is
pro
the
con
under
be furnished from
16 byte
of
first
the
the bottom half
bits
are
copy
of
This
bytes,
each
a
0
or
nonlinear
of
a
store
read-only
a
vital
to
prior
8 bytes
consists
are
from
1)
of
role
is known
to
as
the key. used
of
en
the
latter
the
in the
to
The
will
in the top half as
value
of
to determine which
transformations
subjected
referred
is
8 bytes
the
operation
which
are
selected
(be it
one-to-one,
transformations,
is
and
length
is divided into t\io halves
while
8 bits
group.
resulting
blocks
Each
fixed
the data.
of
these
on
from
was
for the
prototype
128 bits.
other
Hellman,
which
Lucifer,
deciphers
or
following functions play
Eight
confusion:
of
or
top half
The
plaintext
bytes.
all
bit key.
16 byte block
cryption.
each
of
(Diffie &
al
1971).
(Girdansky,
Each
enciphers
or
and
1978).
(Dinardo,
16 bytes
of
signifi
work
cryptography
cryptosystems
named
around
centering
This
on
later become the
to
algorithm
consisting
research
literature
in their
protection
late 1960's.
the
cryptosystem
Standard
Lucifer
of
a
was
blocks
trol
in
important
these,
of
in
for data
need
unclassified
several
One
DES
growing
ciphers
cantly increased produced
the
initiated cryptographic
products,
so
for
A Model
-
"confusion"
the keyed
be
per
of
the
and
the
nonlinear
"confused bytes".
25
key interruption:
The
the
bytes
eight
purpose
selected
this
of
analyst's
to
decipher
to
key by
modulo-2
encrypted
to
added
The
addition.
interrupt
effectively the
then
are
the
crypt-
the
message,
thus
modulo-2
addition
key interruption.
name
diffusion: |are
is
operation
attempts
the
of
bytes"
"confused
eight
then
The
in
permuted
a
bytes
eight
resulting
fashion.
random
the
of
The
this
of
result
per-
i
biutation which
comprise
convolution
pairwise
undergoes
the bottom half
the
of
the
with
by
message
bytes
eight
addi
modulo-2
tion.
interchange:
et.
al.
the
with
changed
1971)
,
The
the
Finally,
entire
bytes
eight
(Smith,
topmost
ferent
set
jresult
of
^hich
jet,
of
the
eight
process
al.
key bits is is
used
nonlinear
key
the
In
is
a
unique
sixteen
each
sixteen
message
with
round,
byte
bytes
a
dif
final
The
the key.
of
rounds
alternated
For
from
selected
original
such
nine
these that
sixteen
each
times
-
transformations
interruption bit
tions
is
sixteen
of
operations,
two halves.
the
bits
consists
ciphertext
(Feistel,
1971)(Girsdansky, 1971) (Smith, 1971).
,
In performing
key,
of
encipherment
represents
(Feistel,
1971).
encryption
interchanges
inter
then
are
form the bottom half
which
[confusion-interruption-diffusion
fifteen
bytes
eight
in
of
each
selection
the
128
bits,
as
the
control
once
for
the
rounds,
confusion
of
the
and
eight
which
make
bit to
eight
of
the
up the the
govern
times
different bit
as
a
posi
(Smith, 1971). order
for the
entire
encryption
process
to be
reversed
26
for
be
the
deciphering, retained
sion
that
unaltered
In
operation.
encryption
the
eight
process
order
the
first
for
the
the
encipherment
be
must
same
The
retained.
be
operations
process
(see
chart
be
must
half
top
key bits
must
This
below) ( Smith,
means
is
one
that
executed
operation
last
the
requirement
reversed.
the
for
used
only
confusion-interruption-diffusion
decryption
the
confusion-interruption-diffu
the
addition,
form
which
during any
the
of
bytes
for
performed
1971). plaintext
plaintext
1
Round
-
confusion-interruption-diffusion-
interchange 2
Round
-
confusion-interruption-diffusion-
interchange
u
3
Round
-
u
a,
confusion-interruption-diffusion-
H
-H
interchange
O
U
G 0)
Round
16
-
confusion-interruption-diffusion
ciphertext
ciphertext
to
Introduction
Data
The
the
of
data
(Lempel,
same
secret
that
the
schedule
of
Standard,
Like
for both
used
for
is
process
1977).
is
the
Thus,
the
a
with
DES
the
key bits of
is
the
reduced
modifica
64 bit blocks
on
requires
encryption
inverse
the
is
which
and
accomplished
encryption,
addressing the
Standard
operates
Lucifer,
Decryption
used
as
Encryption
algorithm,
1979).
key be
key
(Branstad,
Encryption
1978).
deciphering
Data
Lucifer
tion
(Everton,
the
of
that
the
decryption
using
exception
reversed
the
same
being so
enciphering
invertible transformation
that
that
the
process
can
be
~T~
27
described
by
the
C In
a
P
Sk(P)
=
bit block
of
ciphertext;
phering
transformation
phering
process
As
where
and
the
is used;
k
is
of
key; and
C,
plaintext;
Sk,
Sk^
,
the
enci
the
deci
1977). Standard
Encryption
composed
block
a
of
the
of
relies
also
enciphering
the
In
process
block!
the
of
permutation
function.
complicated
some
of
operation
Data
iterations
or
rounds
iteration
each
the
bit
64
the
k,
key
when
Sk-l(C)
=
64 bit block
a
(Diffie & Hellman,
Lucifer,
with
sixteen
upon
equations:
equations, P denotes
these
64
following
DES, thejj
i!
tion
which
the
actuality,
only
56
bits
the
are
seven
last
used
bits
64
The
steps
the
of
bit
during
signified
process
by IP,
which
process
.
the
and
the
are
64
byte
each
is
bit
into
used
are
to
used
the
by
controlled
bits
eight
process
operations,
(Davida,
for parity
divided
al.
et.
make
process.
The
bit
bytes,
the
maintain
up
odd
the
key
remaining
detection.
error
by
key
1978).
,
which
8
a
permuta-
Conse
where
algorithm
parity
the
while
(Lempel,
1977).
1979) (Diffie & Hellman, Specifics
these
round
of
solely
of
eighth
or
of
encryption/decryption
key is
the
quently, first
the
for
substitution
a
function,
complicated
upon
used
eight
Both
dependent
is In
are
the
and
data.
the
of
sub-blocks
involves
function
complicated
small
on
Algorithm
to be
block
encryption
to
then
consists
finally
to
a
of
a
enciphered
process:
undergoes
an
initial permutation,
recirculating block sixteen
rounds
permutation
three major
of
which
a
is
product
cipher
block enciphering the
inverse
of
ij
j
28
initial permutation,
the
IP*"1
as
1977) (Kat
(Branstad,
1977).
zan,
first
The
then
formed
step
in the
into blocks
plaintext
is
denoted
subjected
to
encryption
initial
an
in
64 bits
of
(IP)
the
64 bit block
Each
length.
permutation
to divide
is
process
which
is
per
according to the following table. IP
58 60 62 64 57 59 61 63 This
the
input the
third;
bit
of
is
first bit
block,
the
then
product
the
and
so
as
48
of
41
43
45 47 in
26
18
10
2
28 30
10 22
12
4
14
32 25 27 29 31
24
16
6 8
17 19
9 11
1
21
13 15
5 7
23
58th bit
the
the
permuted
second
bit
of
until
on,
block.
transformation
The
a
a
series
are
of
The
resulting
performed
transpositions
while
the
mined
sequence
64 bit block The
(Katzan,
of
are
plaintext
first
the
Prior
is divided
32 bits
of
the
block;
64 bit
sixteen
the
42th
bit|
last
the
block
permuted
computation
iterations
process
transpositions. control
of
a
according to to
the
of
or
(re^
(Branstad, 1977).
enciphering
and
executed
1977).
of
process)
under
50th bit
the
key-dependent
consists
substitutions
input block be
input bit becomes
7th
cipher
3
the
permuted
the
complex
which
product
the
of
block;
recirculating block product
substitutions
vectors.
46
input to
circulating block
sists
54
56 49 51 53 55
34 36 38 40 33 35 37 39
44
of
permuted
used
42
results
operation
coming
50 52
each
a
key
predeter
iteration,
make
The
cipher
into two halves
input block
con
or
the
data
up the
left
29
half and
In
the
while
denoted
are
the
next
32 bits
remaining L-
by
right-hand
most
32 bits
of
the
output
most
32 bits
of
the
input
cess
which
selection
process
A 48 thus
the
bit
there
64 bit
key
tion.
and
represents
titioned
that
This
a
selection
is
further
is
a
output
32 bit
in
a
32
bit
then
permuted
R.
is
,
which
block
of
The
thus
gck
unique
that
pro
this
a
to
a
the
righthand
2
is
which
addi-l
parn,s
30
is
operation
interchange
the
from the last
output
ferred to
the
as
Since
the
iteration.
deciphering
cipherment, decryption to
rithm
that
at
used
for
the
iteration
decipherment
decryption
=
Ri.X (Katzan, 1977) the
block
product
32
j
the
was
be
the
the
The
computation,
during
expressed
re
of
en
very
the
algo
same
is
requirement
only
same
is
subkey
encryption.
Thus
the
follows:
as
^fU., Kn)
=
L1m1 of
the
of
frequently
reversal
exact
block.
halves
1977).
applying
used
is
result
L
each
Standards, 1977).
the
heart
enciphering process.
This
iteration
(data)
bits
is
function, f,
symbolically denoted of
the
(National Bureau
cipher
in
used
is
right
function
cipher
The
as
can
process
by
message
of
and
(Katzan,
process
occurs
enciphered
each
This
block
preoutput
left
the
of
by
and
f(R.
is
K
,
K
the
key (Katzan, 1977).
64 bit
I
)
recirculating
function,
R.
where
48 bit The
the
is
which
transformation, may be
the product
of
of
generated
subkey
output
a
represents
this
of
string from
function
is
j
! a
32 bit block
data vector,
[ in the E(R.
i
block
obtained
R.
,
as
bit block obtained
process.
as
briefly
described
This
48 bit block
is
denoted
by
produces
a
48 bit block
and
written
selecting
32 bit
into 48 bits
function
input
The
expanded
a
E
by
following
represents
where
is
is
section.
previous
-.),
,
the
by
as
eight
the
groups
of
which
takes
as
a
output.
6 bits
following input bits:
and
32 bit The
the bits
48 are
31
E Bit-Selection
1
32
2
3
6 8 9 10 12 13 14 16 17 18 20 21 22 24 25 26 28 29 30 4
o
32nd bit
the
Thus
on,
until
(for
E(R.
figure 10) Each
figure i
a
6
11,
is
bit block
primitive
a
first bit
the
becomes
i
E(R.
of
yields
functions
S,
S2, S3,
,
...
function
4 bit block
a
So,
,
has
which
as
as
as
1
2
3
0 1
14 0
4 15
13
1
7
4
2 3
4 15
1 12
14 8
8 2
4
5
2 14 13 4
15
11
2
13
6 9
2 1
6
Number
8
7
8 3 1 10 11 15 7 5
9
10 11
12
13
14
15
0 3 5 6
7 8
10
6 12
12 11
5 9
9
6 12 11
9 3
7 14
3 10
10 0
5
0 13
2 0 1 2 3
15
3 0 13
1 13 14 8
8 4
14 7
7 11 1 10
6 15 10
3
11 3 2 8 4 13 15
4
4 14 1
9 12 5
7 0 8
2 1 12
13 10 6
12 6 9
0 9
2
11
6
7
12
0
13 8 1
12 5 2 14
10
3
5 11 2
5
14
9
2 4 11 15 10 14 5 2
8 1
5
15
S3 0 1 2 3
10 13
0 7
13 1
10
6
9 14 0 9 4 9 13 0
6 3 8 6
3 4
15 9
15 6 3 8
5 10
1
2 0 11 7 4
15
7 11 14 12 12
3
5 11
in
its
These
output.
described below.
are
Column
0
see
shown
i
#
of
function,
fl
iRow
and
,), 1 J.
48th bit
the
the cipher
of
selection
unique
and
5
1977).
functions
the
Rj
of
diagram
schematic
a
becomes
,
first bit
the
4
7 8 9 11 12 13 15 16 17 19 20 21 23 24 25 27 28 29 31 32 1
5
1x
(Katzan, of
R.
of
Table
7 12
input
eight
32
Column
0
Row #
0 1 2 3
12
7
13
13 10
8
6
15
3
4
3 3 5 0 6
14
11 9 0
6
7
9 0 7 13
10 3
5
6 0 6 15 12 11 1
10
Number
8
14
15
4
15 9
11
12
13
8
5
11
1
4
2 3 5
12
14 11
5 12
12 10 2 7
5 0 9 15
3 15 12 0
15 10 5 9
13 3 6 10
4
13 1
3 13
4 14
11 8
4
10
7 11 13
5 3
0 14
14 0 1
11
1
7
6
0
8
6 13
12 3 15 5
9
7
5 6 0
12 8
5 2 0 14
10 15 5 2
6 8 9 3
12
0 14 3 5
12
7
9 5 6
8
9
1
10
2
4
7
13 15 8 9
1
14 8
4
2
14
14 8 0 5
9 6
S,
0 1
2
12 11 2 8
14 4
2 3
11
4 2 1 12
1
7 10
12 11
4 10 1
7
7
11 13
6 1
8 5
7 2
8 13
15
13 14
6
0 9 3
14
3
S6 0 1
12 10
2 3
9 4
0 1
4 13
1 15 14
3
11 0
10 4
15 2
9 7
2 12
6 9
15 2
5 12
2
8
12
3
0 6 7
9
5
15
10
11
2
14
7 13 8
15 4 12
0 9 3
8 1
13 10 14 7
14 10
2
1
4
11 11
3
6
11
13
7 4 10
1
8 5
3
9
15
1 6 2
fs 0 1 2 3
13
2
1 7 2
15 11 1
Each
and
ll
noted
4 14
4
7
a
4-bit
functions
as
6 15 3 10 9 12 4 10
8 1
serves
so
on.
as
The
input
1
10
7
4 2
12
13
15
14 8
S1
to
through
resulting
the
4
0
S.
,
9 5 6 12
3
14
5
6
11 13
0 15 3
10 9
Sg
where
0
takes
Thus, input
result.
B1B2B3B4B5B6B7Bg
^
11
function,
selection
yields
ection
8 13
is
a
each
selection
to
the unique
48 bit is
block, composed
function
bit block from
a
11
6-bit block
a
Bi
2
S-,; B?
single
input
as
set
of
se
which
is de
of
6
bits.
to
S-;
selection
and
functi
1
33
may be denoted B.
is
its
S.(B.)
represent
a
is
S.
where
the
(Katzan, 1977).
argument
bit block B.
by S.(B.)
occurs
follows:
as
2
in base
value
The
selection
first
a
and
0
from
range
and
4
this
of
calculation
The
with
function
last bits
3.
to
of
This
|j !i
binary
represent
a
binary
the
0
through
15.
B..
the
to
range
the
argument ^
column
4 bit block. for
Bureau
of
As
bit
of
table
to
the
bits
B,
is
S-,
B.
is
the
.
th
represented
input B.
the
from
range
four-bit block
the
2.
is
which
of
representation
is the fifth
one.
intersection
of
mal
value
the
output
6. for
the
as
which
row
and
also
in
is
corresponds
the
and
0
through
.th
a
binary
15.
Thi^
value
or
the
represents
19 77) (National
(Branstad,
next
the
101010.
the
is
step
to
5, therefore,
j=5
variable
This
Referring to table S-,
the
This
the
second
row
represents
selection
and
the
the
binary
the
six
last
and
is
equivalent
four
middle
is
row
the
binary
designated
column
the
fifth
the
function
,
i
value
the
and
that
the designated
extract
0101.
value
first
The
2, therefore, and
row
suppose
operation
value
value
second
The
this
of
binary
represent
value
of
in the
value
illustration
an
B,
of
the
of
by j
which
S.,
B.
of
Standards, 1977).
input
bits
intersection
be uniquely
for
S.(B.)
is denoted
value
Using the table,
is this
It
four bits
middle
13
can
number
output
i'
The
This
value.
decimal
yields
decimal
by i.
is denoted
number
value
column
value
0110
found
at
the
is the deci and
S-^B^ (Katzan,
is thus
1977)
(see figure 12). The
next
operation
h_S8-is
a
to
occur
after
the
selection
functions
permutatJ-oxL^functioirL^. J-r,Aich_uss_,a
32^
.Jhi_
|
34
block
input to
as
tation
occurs
produce
according
32
bit block
as
the
following
table:
a
to
The
output.
permu
P
7 12 15 18
16 29 1 5 2 32 19 22 32 bit
This
32
the
of
bit
first
bit
cipher
This
32
schedule
The the
key
16
to
schedule
are
employed
Not
all
make
up the
into
eight
error
bits
the
key
so
on
seventh
16th bit
the
functions
bit
and
the
second
Stand
of
for
output
the
1977).
(Katzan,
K
the
as
the
as
(National Bureau
represents
calculations
K
as
calculate
64 bits
In
actually
bytes,
one
used
to
bit
and
bits
not
in the
key
the
byte
is
8th, 16th, the
odd
K
key
used
64 bits
and
...,
parity
of
calculations
that
partitioned
for
utilized
Standards, 1977).
schedule
.
are
key is
the
opera
shifting
the
of
generat
encryption/
subkey,
56
only
each
the
of
bit
Since
in
assure
48
the
during
comprise
used.
1977) (National Bureau used
the
for
responsible
used
,
fact,
Consequently, are
are
which
(Katzan, are
the
Permutation, selection, to
are
8-bit
the
and
selection
of
inputs R.
subkeys.
detection. of
set
denoted
the
of
key
by taking
calculations
subkeys,
calculate
21
17 26 10 14 9 6 25
obtained
bit block
for
decryption process. tions
11
block,
block,
function, f,
the key
the
permuted
permuted
1977).
of
result
the
of
the
of
ards,
ing
bit
8
27 13
is
block
permuted
20 28 23 31 24 3 30 4
64th
each
These
byte eight
(Branstad
35
1977). initial
The
I
jtations
is
tation
by 0
to
step
subject
following
and
DQ
table
permutation
and
49
41
33
25
17
58
10 19
2
50 59 3
42 51
34 43
60
52
26 35 44
11
yields
The
fooint ::).
for
left
=
the
generation
are
formed
key
K,
j},
is
Blocks
.
Cx
j
iyield
C2
and
jto
form
K3
through
ing
to
the of
47
39
31
23
15
54 61
46 53
38 45
30 37
22
36
21
13
5
28
20
12
4
of
are
and
CQ
and
D2.
D.^
and
CQ
K16
by
are
DQ,
with
This
bits
entire
blocks
following table:
C^1
again
are
a
and
DQ
specified
one
and
D,
from
and
one
chosen
from
these
being
of
Sub-
left
^
and
-,
place.
bits
continues
,
Following
shift
D.
C.
schedule
1977).
left
...
starting
28-bit blocks C,
process
and
to
(Katzan,
the
CQ
the
and
1977).
(Katzan,
the blocks
according
selecting
once
Selected
1977)
Hereafter,
generated
60, 52, 44,
,
represent
DQ
29
DQ
63, 55, 47, 39,
DQ (Branstad,
individual blocks
generated
...
bits
while
CQ
blocks
blocks
subkey K2.
the
(PC-1)
62 6
by circularly shifting then
respectively).
55
2,..., 16 for
shifts
by
7 14
computing the subkeys.
i
for
,
denoted
blocks
63
represent
generation
permu
a
9 18 27
28 bit block 4
to
key
may be described
blocks,
Thus, bits 57, 49, 41,
and
compu-
schedule
yields
specify the
28, 20, 12,
1
Choice
key the
CQ
(see figure 13) 36
in
28-bit
rightmost
Permuted
1
the
of
operation
two
yields
and
(the leftmost
57
execution
non-parity bits
the
This
operation.
the
in the
place
C-, to
two blocks
for subkeys
generated
accord
36
Iteration
Number
Number
Left
1 2 3
1 1 2
2 2 2 2 2 1
4
5 6 7 8 9 10 11 12 13 14 15 16 The
done by muted
is
computation
means
choice
selected
permutation
of
2
a
from
2
2 2
2 2 2 1 of
second
PC-2
or
the
operation
of
Shifts
each
of
the
1977).
concatenation
described
of
by
through
operation, denoted
permutation
(Katzan,
K,
subkeys
C
the
Thus
a
and
D
is
K-,6 as
per
key
particular
K
according to the
following
table:
PC-2
14 3 23 16 41 30 44
17 11 24 1 5 28 15 6 21 10 19 12 4 26 8 7 27 20 13 2 52 31 37 47 55 40 51 45 33 48 49 39 56 34 53 42 50 36 29 32
46 i
for
schematic
a
tion,
please
(Calculations
This
ard,
,3o,
Note
and
P
representation
refer
is
to
given
completes
that
is
the
figure
-
a
second
summary
of
permutation
the
key
opera-
schedule
in figure 15). a
description
choice
critical
14
this
of
to
of
the
I the Data Encryption
of
primitive
strength
of
functions K the
,
S,
Stand
through
encryption/decrypticjifi
37
(Morris, Is
the
.
to
as
the
this of
question
Standard
Encryption
Data
standard,
of
security
the
a
Secure?
the
of
as
adoption
over
raging
Standard
the development
subsequent
Standards, 1977)
of
1977).
,
Data Encryption
raised
is
al
et.
Since
its
1977) (National Bureau
(Branstad,
process
A
algorithm.
whether
battle
current
the
not
or
has been
criticism
much
and
is
standard
a
algorithm.
strong
were'
The
first
alledged
brought to the forefront
Martin
Hellman
inadequacy
is
lman
secure
Whitfield
1976)
the
et.
The
criticism
belief
mary
determinant
Critics
such
key (64
bits
against
a
puter
esign
as
-
brute
al.
the
that
of
Dr.
,
in
years
the
too
ease
Hellman
the
computer,
not
data
standard
a-
adequate
Both
standard
Dr.
Hel
have
will
it
to permit
order
attack
which
Data
to
to
technology (Yasaki,
which
believe that is
too
using
a
Encryption
Since
short.
with
8 parity bits) force
the
against
key is
(Branstad, 1977). a
is
the
over
sensitive
encryption
1979).
(Sugarman,
concern
1977).
(Morris, main
the
when
ago
years
protect
from newly developed higher
attacks
withstand
their
consequently,
few
next
that
that
five
over
effectively
believe
Diffie
in the
redesigned
and
Standard
Encryption
voiced
argues
data thefts
commercial
and
Diffie
Hellman
Dr.
little
a
to
standard
only marginally
gainst
be
this
of
1977).
(Kolata,
Whitfield
and
the Data
of
weaknesses
a
key
cipher
the
short
technology
employs
a
special
size
can
is be
standard's
is
the pri
broken, 56 bit
to provide protection
special
Current
standard
large makes
search
purpose
com
it possible
chip,
that
to
is
38
capable
of
mentation
of
a
101'
2*
Although
these
of
million
the
chine's
per
search
chips
the
Thus,
second.
in
hardware
the
over
of
such
due
a
machine
drop
breaking
even
five years,
more
machine
in the
et.
.
the
daily As
near
1977). approxi
in the may cost
operating
computation
and
the cost
future,
its
with
,
be
would
imple-*
would
parallel
the depreciation
to
only ten thousand dollars.
costs
code
next
day (Morris,
one
dollars,
million
to
drop
would
cost
estimated
cost
in
keys,
possible
mately twenty
this
keys
million
one
it feasible to break the Data Encryption Standard,
make
2
testing
of
drop substantially (Kolata,
would
1977). Hellman
Standard
cryption
the
key
sion
of
claim
be
can
length from the the
$2
to
would
x
1025
that
the
security
substantially improved
to
128
increase the
or
even
estimated
added
benefit that
would
allow
the
no
inclu
the
with
The
for
cost
En
by increasing
256 bits.
the
with
the Data
of
(64 bits
56 bits
current
8 parity bits)
!a 128 bit key search
Diffie
and
use
brute
a
of
force
foreseeable
i
technological reasonable
Those
Ruth
range
who
current
Davis
size
and
life-span
of
the
National of
the
that
a
the
of
is
DES
and
of
Standards, more
than
into
is
more
such
and
that
the
adequate
are
for
(Kolata
today'
1977),
different from
the predicted than
Dr.
as
Sciences
argue
needs
objectives
consequently,
algorithm
Standard,
Computer
present-day
standard's
objectives
of
Bureau
be brought
to
1977).
Institute
meets
cost
Encryption
standard
therefore,
states
technological
the Data
support
the
at
key
technology
year
(Diffie & Hellman,
Davis, director
Technology
Dr.
advances
five
adequate.
After
39
all,
there
bits
will
the
in
chips
future
the
required
Despite
by
provided
that
this
i {business
ij
use
jthe
the
are
factors
major
of
fact
the DES
larger
a
far
are
is
If
cost
implemented used
a
the
well
in the
semiconductor
the
as
number
against
argument
key (Yasaki, 1976). arguments
in its
higher
encryption
128
to
size
from cracking
of
as
of
form for
to
normal
is
security
employed
level
security
generally felt
is
it
simplest
level be
can
the
over
from resolved,
adequate
applications. multiple
the
that
key
advances
added
is
standard
of
the
plus
algorithm
implementation
the
enlarging the
technological
This
system.
which
that
guarantee
no
prevent
cipher
chip of
is
needed.
for
compensate
i
jthe
small
Summary
Up the
to
key
vious
from
a
art
(algorithms, !
in
design
such
as
these,
operations, these
of
are
the
cipher
Two
et.
al.
1976).
,
and
enhancing operating
with
a
the use
system
The
pre
cryptography of
cryptographic
Standard, what
most
is
pre-
were
involved
cipher
systems
elementary cryptographic
transposition, fairly
of
Two
observe
Although
two
needed
transformations
history.
to
provide
cryptography.
Encryption
reader
of
information
subsequent
system.
produces
deals
the
of
to
attempted
development
the
Data
composed
substitution
operations
Part
a
and
the
and
enable
with
throughout
practices
to
as
so
understanding
science
Lucifer
sented
the
a
has
paper
necessary background
have dealt
to
| cryptographic
this
point,
thorough
more
sections
an
the
with
reader
gain
this
until
(Branstad,
One
Part
of
1976)
(Yasaki,
size
complex
of
security.
the
of
algorithm.
encryption
The
combination
use
as
of
a
means
of
encipherment
40
within
the
purposes. oe
and
stored
covered
that
operating This
means
only
within
in the
the
is
used
primarily
ensuring
that
the
system
authorized
system.
subsequent
user
individuals have This
and
sections.
other
for
authentication
who
he
claims
access
to
data
is
related
topics
will
to
be
PART TITO
41
Operating
System
Operating
Security
multi-programming primary
goals
tion
of
any
tem,
the
security ultimately involves
system
of
safeguarding
gered
by their
own
grams
will
interfere
different operate
As
with
a
each
result
the management
operating
are
Network
A
tem
computer
which
the
As
a
rights
et.
all
of
and
another,
al.
and
various
the
pro
user
of
to
co-
for
responsible
j
i
hardware resources,
importance.
vital
'
trig-
ability
abilities
being
computer
with
results
sys
1978).
,
system
this
For
operating
system
(Hsiao & Kerr,
1978).
the
identification users
of
are
and
security
set
data must
from
of
individual
numerous
single
and
systems
thus
processing,
in
is
subject
problems
to
access
which
to
plague
stored
a
addition
these
of
high degree
ensuring
a
data
com
user
by legit
multi-user
Consequently,
now
decentralize
Forged
exposure.
sys
computer
be transmitted between the various
unauthorized
the problem
large,
rather
distinct
storage
network
also
a
the data processing functions must
a
environment.
complicate
is usually
created
result,
which
within
resource
network
among
control
information
imate
deal
which
has been
be distributed
puters
of
that
i
preven-
the
within
undesirable
the
Thus
Security Threats
systems.
ing
control
far reaching
and
one
operating
security is
issues
critical
the
of
system
the
reason,
with
stored
assurance
(Davida,
other
and
the
have different
to
users
from
users
actions,
data
to
access
unauthorized
1978).
multi-user,
security include the
operating system
of
not
(Hsiao & Kerr,
environment
a
multi-
factors combine to of
security
42
the
within
and
network
formidable
present
may
(Bright
pitfalls
&j I
|
Enison, 1978). Encryption
and
Security user
Network
problems
tion.
In
the past,
lines
munication
lines. sive
This
and,
tive
to
against
by
guaranteed
data
(Bright & Enison,
lines
of
encryp-j
the monitoring
of
com
use
of
physically
to
be
extremely
that
Since
may be
encryption
use
proved
times, impractical.
that
secure
the
the
!
and
communications
through
alleviated
protection
was
of
monitoring
technique, however,
often
discovered
as
such
may be
authentication
j
Security
used
time,
as
a
expen
it
has
viable
1978) (Davida,
secure
beer
alterna
et.
al.
,
1978). With
tion
by the
of
the
of
encipherment
proven
number
Presently,
user.
be
to
problem
a
is
identification
a
secret
and
x-rhich
relies
in verifying of
secrecy
the
authentica
performed
known only
password
being tested.
useful
extremely the
and
method
passwords
maintaining
of
identification has usually been
user
users,
identification
an
while
to
regard
upon
the
This
method
user
password
to
one-way has
beer.
identification
(Bright & Enison,
1978). be
Thus
it
can
solution
to
computer
a
valuable
1978).
and
highly
protected
that
network
in operating
Cryptographic
expensive
may be
tool
seen
encryption
employed
problems
security systems
may be
security
and
effective
against
process
disclosure
by
which
a
a
consequently
(Davida,
technology is, therefore,
as
et.
al.
relatively in
sensitive
(Bright & Enison
data
19 78).
[ j
43
Implementation Link which
encryption
cryptography
cision
to
as
pendent
bility
which
upon
End-to-end
level
of
or
is
a
the
cryption
occurring
destination.
the
on
after
only
link
(Diffie &
Hellman, 1979) (Sykes, 1976). level
The
significantly ated
and
must
be
the
the
and
influences
pairs
of
level
greater
as
well
integration
of
key
the
as
the
which
must
a
this
the
amount
in
process, with
its
at
significant
de
final the
journey
computer
network
must
software
general,
greater
secure
even
entire
which
of
the
which
technique has
its
pri-j-
higher
a
source
arrived
keys
1979).
of
the
channels.
entails
reduction
be
need
gener
which
the
be separately distributed
arranged
used
1979).
is
In
its
at
of
integration frequently
complexity,
is
through
sent
hand,
this
the
1979).
including
within
number
required,
previously of
used
(Popek & Kline,
employed
number
higher
integration
distributed
level
matched
of
responsi
data
protecting the data throughout
of
de
all
once
advantage
is
through
other
encryption,
de
node
data has
the
The
each
encryption.
only
by
a
as
which
(Popek & Kline,
encrypted
encrypted
Unlike
information
Consequently,
is
regarded
encryption
at
means
implemented
(Popek & Kline,
users
All
integration than link
of
is
two
are
networks.
be
will
encryption
decrypted
and
computer
methods
low-level
encryption,
information is
the
not
passes.
information,
address
two
Network
encryption
to
applied
switching.
encrypted
information
the
or
network
packet
is
network
of
the
within
end-to-end
be
can
encryption
marily for
and
whether
the
of
Link
the
Encryption
of
higher for
and/or
Although
additional
a
cost
in the amount
44
of
functioning
properly
software
(Diffie &
results
Hellman, 1979).
j
i
fretwork
Applications
Within
the
Encrvotion
of
computer
may be
encryption
netxrork,
used
for
both; ,'l
message
and
user
digital
and/or
mail,
private
authentication,
Hellman, 1976).
signatures
Each
these
of
network
communications,
(Popek & Kline,
1979) (Diffie &
is discussed in further
areas
detail below. authentication
One
foremost
the
of
both
functions
authentication
of
permits
communications
secure
ensuring that
the
Hellman, 1976). of
&
another
and
among
individuals
are
Consequently,
network
is
security
users.
User
various
participants
who
this
individual masquerading
they
claim
a
valid
authentication
(Diffie &
be
to
by
the possibility
eliminates
as
the
system
(Popek
user
Kline, 1979). Message
that
authentication
Encryption
message.
to
messages
of
the
possession
participation
proper
password
in
verifies
ensures
the
of
correct
message
ensures
message
legitimacy
authentication
key is
exchanges
user
the
a
while
authentication
the
of
by assuming
primary prerequisite knowledge
the
of
(Diffie & Hellman
1976). private
communication
Encryption
cations
to
employed.
occur
As
communication
Two
a
plays
a
where
result,
purposes
prerequisites
vital
an
role
insecure transmission
encryption
in the for
in permitting
past
private
secure
medium
has been
used
(Bartek,
1974).
communication
communi
is
being
solely for
are
a
secure
45
channel
the
the
and
initial
presence
stages
of
sages
This
key distribution
and
of
all
secure
takes
overhead
algorithm
interaction
the
a
which
During
parties.
participating
establishing
frequently incurred. complex
all
of
form
the
requires
is
overhead
channel, of
a
fairly
several
mes
(Popek & Kline,
participants
1979). network
mail
The
overhead
practical
short
like
for
private
receiver
of
which
digital
a
from
the
such
natures
&
this
be
to
it may be
signature
that a
of
author
a
manner
of
electronic
does
situation
present
possible
a
a
to
at
get
the
not
time
lower
of
Un
mail. require
the
overhead
(Popek & Kline,
means
that
of
the
trans the
at
1979).
sender
represented
(Rivest, forgery
authentication
as
exactly
(Needham & Schroeder,
"signature"
the
is
and
at
a
message
al.
,
1978).
repudiation
of
relatively low
a
re
1978). "sign
it
similar
to
may
has properties
et.
to
evidence
providing
communication
digitally
against
protect
is
specified
signature
providing
Kline',
a
particular
hand-written
while
of
communications
signatures
third party
in
primarily due to the transmission
characteristic
the message
A digital
Thus
is
im
private
increased queuing delays
of
ceived
mail
may be
communications,
Thus
mission. cost
network
messages
for
required
Digital
sig-
j
authorship cost
(Popek
1979).
Limitations
of
Although
Encryption in
curity measures,
most
there
cases
are
encryption
practical
can
be
used
to
enhance
sej-
limitations to encryption's
46
viability.
processing in Most
in
crypted
form,
measures
for
for
made
employs
to
crypted
this
algorithm
desired
properties
that
strong
structed.
are
not
algorithms
Therefore,
other
means
while
the
data
is
operations
these
with
data
since
(Popek & Kline,
the
one
such
be
to
can
data
protect
from
the
is
in
being
neces
con
plaintext
system
1979).
revocation
The
are
methods
used
very complex.
access
to
key
are
action,
however,
invalidated.
individuals
and
for
piece
This
data
of
can
is
not
is
only be
new
access
very keys is
of
only known to
still
means
render
under
selective
must
access
of
the
accomplished
re-enciphering it
Hence
whom
revocation
the
Currently,
void.
crypting the data This
selective
particular
a
responding
for
a
by
to
revoking cor
de
all
old
be redistributed to permitted
data
different key.
since
,
compromised
the operating
of
en
feared
be
not
processed
respect
the
on
It
which
technique
fulfill
which
be
with
performed
properties
control
solution
algorithms.
must
have been
this
Although
en
security
suggestions
is horaomorphic
schemes
secure
very
under
Various
in
internal
the
adequate
maintain
be
to
be
not
upon
placed
operations.
necessary to
are
is
which
values, known encoding
sary
data may
the
including
problem
arithmetic
the
permit
data.
the data
require
to
system
plaintext
encoding
desired
the
would
the
Since
emphasis
operating
solving an
form.
additional
the
of
operations
arithmetic
plaintext
controls
discussed below.
are
plaintext
the
of
supplied
limitations
These
keys all
(Popek & Kline
47
1979). protection
Despite advertent
means
detecting
of
bits
check
Df
these bits
The
not
use
of
a
in
not
provide
where
data item
modification
may
carried
adequate
key
management
The
a
which
problem
other
all
to
encrypt
data
the
and
items
Public-Key The
upon
the
is
&
occur
unnoticed
problem
for
arises
If
number
a
match
in
In
cases
requires
long
until
of
those
the
This
use
situations such
as
elapsed
such
as
the ;
after
modification
information
situations
in
independently of
problem
protect
is
however,
time has
sensitive
becomes formidable
a
becomes
key quite
long-lived
numerous
this
unique
the
key storag^
(Diffie & Hellman
Kline, 1979).
Cryptosystems
security secrecy
of
of
versus
cipher
the
Conventional Cryptosystems
systems
entire
a
comparison
of
to be protected
data item.
In
a
of
values.
Thus, detection
needs
This
period
referenced.
necessary to
separately.
management
1976) (Popek
item
items.
it
is
storage
particular
troublesome when
data
data
specific
of
key
of
expected
long
protection
1979).
and
the
permits
as
serve
can
inclusion
The
in
against
invalid due to modification.
a
out.
(Popek & Kline, storage
is
it
detect data modification,
to
situations
particular
with
guard
not
data,
of
data
encrypted
the data
then
can
modification.
(upon decryption)
incident has been may
encryption
modification
the
encryption
data
this,
that
that
within
occur,
troublesome
before
fact
the
intentional
or
of
does
modification
against
in the past,
encryption
process.
relied
solely
Modern
48
cipher
thus
enabling the
mising the ciphers
a
key
put
have dispersed this
systems, however,
the
-
to
the
supplied
cryptosystems
enciphering algorithm.
in maintaining the secrecy
resides
have
conventional
cryptosystems
in the past,
the development
cedure
This
provides
new
class
mathematical
an
of
a
tion as
not
only the
(Diffie &
well
E D
=
are
of
can
even
is
and
(Hellman,
was
but
this
system
the
first
pro
security. on
by
in
as
encryption
based
of
data protectio^
added
a
of
group
computational
proposed
by is
Martin
Hellman,
1979).
Unlike
any
previous
permit
the
revela
cryptosystems
algorithm
consist
message
adequate
for
These
Although
newer
promise
-
of
the key.
characterized
Diffie,
the
key
used
for
and
calle^
encipherment
Hellman, 1976) (Hellman, 1979).
be described
F(D,K)
signifies
security
system
encryption/decryption
tosystems
The
of
compro
encryption
conventional
The
type
plaintext
procedures
the public-key
system,
of
This
which
the
provided
an
greater
cryptosystem
public-key
of
encryption
Whitfield
Merkle,
cipher
even
problems
intractability. Ralph
with
along
secrecy
1976).
today
of
of
without
(Diffie & Hellman,
security
conventional
is
which
to be made public
algorithm
system's
shroud
the
-
by
process
the
within
following
to
resulting ciphertext, the
equation
permits
from the
ciphertext
and
F
thus
is the
K
represents
recovery and
D
be encoded,
of
the
a
=
key,
function.
original
signifies
cryp^
equations:
data encryption
data
conventional
F*(E,K) E
is The
plaintext
decryption.
In
the
second
data this
49
F'
case,
represents
security
conventional
the
taining F'
of
secrecy
it
from
message
tem,
gain
having
a
&
resettable
is dependent
upon
the
of
this
of
cryptosystem
combination
main
functions F the
recover
knowledge
without
the
and
original
of
the
cipher
sys
19 79).
Kline,
conventional
Since
impractical to
better understanding
a
the
equate
is
function F.
the use
key,
the ciphertext
corresponding key (Popek To
the
of
cryptosystems
the
of
is valuable only if
plaintext
inverse
the
lock.
type
with
a
to
Prior
of
strongbox
ex-
message
any
j
and
the
key
a
changes,
must
be mutually
by both
upon
which
is
actually
combination
of
the
This
receiver.
agreed
key,
a
the
sender
sequence
of
i serves
numbers, been
the
sender
set
the
combination,
will
be
this
way,
the box
able
data
within
Despite
capable
this
of
type
system
the
drawback
this
of
th e-jfac-t
upon
are
system.
t ha t. the
key
to
its
the
and
Assuming
that:
party
who
in
of
Since
prior
to
data,
key has
cipher
several
systems
are
;
disadvantages
proved
to
both the receiver
any
entire-security
message
of
j
modification
of
i
particularly troublesome to users. the
ji
1979).
conventional
of
|
destination
extraction
the
j
has