RC4
What is RC4
A symmetric key encryption algorithm
1- stream ciphers
2- block ciphers
Stream Cipher
11001100 plaintext
01101100 key stream
10100000 Cipher text
RC4 Block Diagram
How does it work ?
Initialization of array
for i = 0 to 255
do
S[i] = i;
T[i] = K[i mod keylen];
Key Scheduling Algorithm
j = 0;
for i = 0 to 255
do
j = (j + S[i] + T[i]) mod 256;
Swap (S[i], S[j]);
Pseudo-Random Generation Algorithm
i, j = 0;
for (int x = 0; x < byteLen; x++)
do
i = (i + 1) mod 256;
j = (j + S[i]) mod 256;
Swap (S[i], S[j]);
t = (S[i] + S[j]) mod 256;
k = S[t];
Pseudo-Random Generation Algorithm
RC4
Security of RC4
Bit-flipping attack
Roos' Biases and Key Reconstruction from Permutation
Biased Outputs of the RC4
Fluhrer, Mantin and Shamir attack
Klein's Attack
Combinatorial problem
RC4-based cryptosystems
RC5
Outline
Introduction (Feistel Networks)
If you don’t know where to go all roads will get you there.
Feistel Network
Feistel Network
Feistel Network - Construction Details
Recap
What is RC5
What is RC5
Features
Features count.
Features count.
Features count.
Features - Highlight
Recap
Parameterization
Parameterization
Parameterization count.
Dropped parameters
Notations and Primitive operations
Recap
Algorithm
Algorithm
Key Expansion
Algorithm
Decryption
Algorithm
Encryption
Algorithm
Plaintext
Ciphertext
Plaintext
Ciphertext
Expanded Key S
Secret Key K
Encryption
Encryption
A = A + S[0];
B = B + S[1];
for i = 1 to r do
A = ((A ⊕ B) <<< B) + S[2*i];
B = ((B ⊕ A) <<< A) + S[2*i + 1];
A <<< B
Bits in A are rotated to left by the amount specified by lower log2(w) bits in B
Decryption
Decryption
for i = r downto 1 do
B = ((B - S[2*i +1]) >>> A) ⊕ A;
A = ((A - S[2*i]) >>> B) ⊕ B;
B = B - S[1];
A = A - S[0];
A >>> B
Bits in A are rotated to right by the amount specified by lower log2(w) bits in B
Encryption and Decryption
Key Expansion
RC5
Key Expansion
The magic constants
w 16 32 64
Pw B7E1 B7E15163 B7E151628AED2A6B
Qw 9E37 9E3779B9 9E3779B97F4A7C15
Step-1: Convert secret key bytes to words
Copy the Key into new array L of Words with size equal c
Any unfilled byte positions of L are zeroed
In case b = c = 0 we reset c =1 and set L[0] = 0
Step-2: Initialize sub key array S
S[0] = Pw;
for i = 1 to t - 1 do
S[i] = S[i - 1] + Qw;
Step-3: Mix the secret key into sub key array S
i = j = 0; A = B = 0;
do 3 * max(t, c) times:
A = S[i] = (S[i] + A + B) <<< 3;
B = L[j] = (L[j] + A + B) <<< (A + B);
i = (i + 1) mod(t);
j = (j + 1) mod(c);
Key Expansion Algorithm
Recap
The security of RC5
The security of RC5
Exhaustive Search
Differential cryptanalysis
Linear cryptanalysis
Differential and Linear attack
Timing Attacks
Conclusion
Thank you for your
attention