Multiple Encryption and Triple DES

Multiple Encryption and Triple DES

Multiple Encryption increase the security of confidential data. This technique increase the data security in such a manner that unauthorized user can not access any part of information over wireless network such as internet. 

A. Double DES

In this case two encryption as well as two decryption are performed (as shown in Fig. 1). 

Fig. 1: Double Encryption
For Encryption
                    C = E(k2,E(k1,P))
For Decryption
                    P = D(k1,D(k2,C))

Disadvantage 😔 : 

Meet In Middle Attack 

This attack involves encryption from one end and decryption from another end and then "Matching the result in the middle", and hence, the name called as meet in middle attack or MIM. 

This attack requires knowing some plaintext / ciphertext pairs. 

Fig. 2: Meet In Middle Attack. 

The middle text created by first encryption and first decryption should be same or written as-
M = Ek1(P)  and   M = Dk1(C)

  • Encrypt P using all possible values of k1 and records all values obtained for M.

  • Decrypt C using all possible values of k2 and records all values obtained for M.

  • Create two tables sorted by M values.

  • Now compares the values for M until we finds those pairs of k1& k2 for which the value of M is same in both tables. (as shown in Fig. 3).

Fig. 3: Table 
NOTE 1: Now more than 1 pair of keys may result in a match, but these number of pairs will be small. we should try each possible pair  of keys so it takes twice as long to break double DES using brute force. 
DES has 2^56 bit security. 
Double DES has 2 x 2^56 i.e. 2^57 bit security. 

B. Triple DES (3-DES) with Two Keys 
Since 3-DES overcome the drawback of 2 DES i.e., Meet in Middle attack but somehow it is unwieldy because it use the key length of 168 bits i.e. 3 x 56. 
Fig. 3: Triple DES

For Encryption
C = E(k1,D(k2,E(k1,P)

For Decryption
P = D(k1,E(k2,D(k1,C)))

Overcome the Limitation of MIM 😉

For every plaintext value that matches with P of shown fig. 4 create an entry in another table with the key value. Now sort the table according to the value of B.
For a given known (P,C) the probability of selecting the unique value of any text leads to success of 1/(2^64). 

prob(x) = Possible Outcomes / Total Outcomes
 = (2^64) / n 
So expected running time of attack is on the order of -
((2^56).(2^64)) / n 

Fig. 4: Known-Plaintext Attacks on Triple DES

C. Triple DES (3-DES) with Three Keys
In this case we just use total of 3 keys.
So,
        C = E(k3, D(k2, E(k1, P))

Note 2 : Many Researchers find attack with two keys are impractical so they use 3 keys instead of 2. 

NOTE 3 : Why 4DES is not used ??😑 You can use 4DES but should not be used. In case of 2DES there is an attack taking about 2^56 time and space complexity. In case of 4DES it will take 2^112.        so instead of using 4DES you can use AES because DES is slow as compared to AES. So if you repeat 4 times DES then this will kill you. 









Comments

Post a Comment

Popular posts from this blog

Homomorphic Encryption: A Basic Idea

Image
Homomorphic encryption has the same aim as other encryption-decryption mechanisms: maintaining confidentiality, security, privacy, etc.  In this blog, we will see homomorphic encryption and its type.  Homomorphic Encryption (HE):  It is an encryption that computes operations over encrypted data without decrypting it (or without the need for a secret key).  Mathematically speaking in a client-server architecture: client has message 'm' and function f. The task of client is to compute f(m). Due to computational expensiveness (maybe one of the reason) client sends encryption of message (say Enc(m)) and 'f' to the server. Server will compute function over encrypted message, that is, f(Enc(m)), and return the result to the client, that is, Enc(f(m)). Client will decrypt it Dec(Enc(f(m)), that is, f(m). Hence, client achieves f(m).  Let's understand HE with our daily life (Tea making process): Figure 1. Here m is message, Enc is encryption, f is function, and Eval in...
Read more

Elliptic Curve Cryptography (ECC) and ECDSA

Image
Elliptic Curve Cryptography (ECC) Elliptic curve (EC) was first introduced by Neal Kobiltz and Victor Miller in 1985. Elliptic curve is a non-singular curve that is operated on a finite field Zq (where q is the order of elliptic curve). EC consists of set of points that satisfies the following equation as follows.                                                                   Y 2 = X 3 + aX + b Where {X,Y,a,b} ∈ Zq, and 4a 3 + 27b 2 ≠ 0. Next, we discuss the encryption and decryption mechanism between two parties (Say α and γ ). Remark 1: Elements selected from party α is represented by capital letters whereas elements selected from party γ is represented by small letters. i) Key Generation: 1. Secret key: Each party α and γ selects secret keys S ∈ Zq and s ∈ Zq. 2. Public key: P ...
Read more

Fast Base Conversion and Its Application

Image
Fast Base Conversion (FBC) is a technique used to convert a number from one modulus space to another. For example, if we have 14 m o d     77 14 \mod 77  and want to convert it to x m o d     390 x \mod 390 , FBC is widely used. Mathematically, it can be represented as follows: Here, the above equation represents an integer x x  in modulus q q , and FBC converts this integer into the modulus space t t . The modulus q q  is the product of small coprime moduli (i.e., q = q 1 q 2 … q k q = q_1 q_2 \dots q_k ​ ), and x x  is an integer such that x ∈ [ 0 , q ) x \in [0, q) . We also note that q q  and t t  are coprime numbers. Here, we remark that it is not necessary for the above equation to produce the exact result for x x . Instead of x m o d     t x \mod t , it will provide x ′ m o d     t x' \mod t . Thus, the output of the above equation is as follows: FBC ( x , q , t )  =  x  +  A q  mod  t , where A ∈ [ 0 , k − 1 ] A \in [0,...
Read more