Cryptography Lab

DES Block Cipher Internals & Modes of Use

Objective

The objective of this lab is to explore the operation of the DES encryption algorithm by tracing its execution, computing one round by hand, and then exploring the various block cipher modes of use.

Resources - DES Calculator

To explore the operation of the DES block cipher, you will be using the DES Calculator Applet. This applet is used to encrypt or decrypt test data values using the DES block cipher. It can optionally provide a trace of the calculations performed, with varying degrees of detail.

For this lab, you will be assigned a Key Plain Cipher triple to use. The triple is written as three values in hexadecimal being the key (64 bits), plaintext (64 bits) and ciphertext (64 bits) values respectively; and should look something like the following:

    5B5A57676A56676E 675A69675E5A6B5A 974AFFBF86022D1F

If you encrypt the specified plaintext with the key, you should get the ciphertext value; if you decrypt the ciphertext value, you should get the plaintext value. Depending on the trace level specified, you will also be given details of the round calculations as they are computed.

You can run the DES Calculator Applet in the following ways:

install on your own system: the DES Calculator Applet page provides links for the files to download onto your system. Then just open the DEScalc.html page using either your favorite (Java enabled) web browser, or running "appletviewer DEScalc.html" from the Java SDK distribution, to run the applet.
direct web access: alternatively you can access the DES Calculator directly from this site to run the applet.

Please note that the applet has limited error handling, supplying an incorrect input value is liable to generate nonsense results!

Lab Task - Part a - Block Cipher Internals

For this lab, you have been allocated a specific DES triple from the list below (please make sure you use it). You will use the key and plaintext values from this triple in the DES Calculator. With this triple, you are asked to do the following tasks:

Encrypt the plaintext using the key given in your triple, with tracing of the round values. Note how the bits in X (the left and right halves of the data) change from round to round. What is the value of your X at the start of round 5?
Change DES bit 12 of the PLAINTEXT in your triple (ie change the 0 to 1, or 1 to 0 as appropriate), assuming DES bit numbering from left (MSB) bit 1 to right (LSB) bit 64. Encrypt this new plaintext value using the DES Calculator. Using the trace output, after each of the first four rounds list in a table how many bits of X differ from the corresponding values in part i (nb. you will have to convert between hexadecimal & binary and compare the relevant bits to do this).
Briefly describe how the subkeys used in each of the four rounds above were derived from the original 64 key bits specified.
Describe which characteristics of a good block cipher design have been illustrated by this exercise, and how they are demonstrated.

Assessment - Part a

As assessment for this part of the lab, you should create a file for this lab. At the top of this file you should include the name of this course, this lab, your name, and your student number. Then include the heading: Part a: Block Cipher Internals, and follow this with the trace logs of the round values for all the DES encryptions you ran for each of the above tasks, your working, your answers and discussions.

DES Triples:

The table below lists triples on the left with the login they are allocated to on the right (nb. you may need to scroll the window to see the logins). These were randomly generated using the GenDES program, which is also included in the JAR file, and which generates n random triples when run as:

    java -cp DEScalc.jar GenDES n


Triple (key plain cipher)in Hexadecimal                        		Login

5B5A57676A56676E 675A69675E5A6B5A 974AFFBF86022D1F	xxx

Lab Task - Part b - Block Cipher Round

For the second part of this lab, using your original plaintext and key values, you should calculate the value of round two by hand, (ie computing all steps in a DES round) using the value of X and the sub-keys as given by the DES Calculator, and verify that you obtain the same value of X as the trace shows at the start of round three.

You will find this relatively simple if you use a scientific calculator with the ability to enter and display numbers in various bases and to perform logical operations (eg. the Windows Calculator in Scientific Mode, or kcalc on Linux).

Assessment - Part b

As assessment for this part of the lab, edit your lab file to include the heading: Part b: Block Cipher Round, and follow this with the full details of how you computed each of the steps (including values before and after modulo reduction), and your comments on the validity of the result.

Lab Task - Part c - Block Cipher Modes of Use

For this part of this lab, you will be encrypting by hand, the same message using the same key, twice, once in CBC mode, then in CFB-64 mode. Note - you are not asked to compute the DES internal values by hand, you may use the DES Calculator for this. Rather you are showing how each of the above modes is implemented, treating DES now as a "black box" en/decryption algorithm (ie something that takes input & key and gives you some output).

Setup

To start with you need to create the key and message you'll use, and represent them in hex (binary) as follows:

key: create a 8-byte (64-bit) key based on your name and other letters (if necessary) to make it 8 chars long, eg my key might be: "LawrieBr". Then translate this from ASCII into hexadecimal (see below).
message: create a short message of between 17 and 23 bytes in length by concatenating your first name with "test message" or "message" as necessary to ensure it is 17 or more characters long.
eg I could use a message of "Lawrie's test message!"
Please ensure it is at least 17 and no more than 23 characters, that is it should incompletely span 3 input blocks of the cipher.

To convert from the ASCII text of your key/message to hexadecimal (and hence binary), you can:

either look up each character in an ASCII Table and write out the translation,
or enter each into a small text file, and use the Linux/Unix od -x command to translate it.
eg I put my key above into the file l2-key, and then ran the following command:
```
%od -x l2-key
0000000 4c 61 77 72 69 65 42 72 
```
Note this gives the offset into the file of each 16 byte group, and then on successive lines lists the bytes in hexadecimal.

To show how you'd use these, I could for example implement the ECB mode (which is not what you are asked to do) as follows: given my key above, and the first 8 bytes of my message "Lawrie's", I'd create the following key and plaintext hex values:

    4c617772696542726f776e58595a5051 4c61777269652773

and then encrypt this using the DES Calculator which tells me (using trace level 1):

    setKey(4c617772696542726f776e58595a5051)
    encryptDES(4c61777269652773)  = a10e8bf6faf0f6bd

hence my first block of ciphertext in ECB mode would be:

    a10e8bf6faf0f6bd

Illustrate Implementation of CBC Mode

Demonstrate how the CBC Mode can be used to first encrypt, and then decrypt the above message, divided into blocks. You should use an IV of all 0's. CBC mode is:

    C_i = DES_K1(P_i XOR C_i-1)
    C_-1 = IV

You should explicitly discuss how you handle the final, undersize block, and how the receiver determines which decrypted bytes are valid. This is part of the assessment for this item.

Illustrate Implementation of CFB-64 Mode

Demonstrate how the CFB-64 Mode can be used to first encrypt, and then decrypt the above message, handling each character (byte) separately this time in a stream. Again use an IV of all 0's. CFB mode is:

    C_i = P_i XOR DES_K1 (C_i-1)
    C_-1 = IV

and you will be using 64-bit feedback (ie all 8 bytes of ciphertext), which can be done only after you have processed eight distinct bytes of the message.

Discussion

You should conclude this section with a few sentences on how easy or not each mode was to implement, and each's applicability to different applications.

Assessment - Part c

As assessment for this part of the lab, edit your lab file to include the heading: Part c: Block Cipher Modes of Use, and follow this with full details of all your calculations showing how you implemented the above modes. You should include all your DES Calculator traces of key, data and resulting output values, but not internal round values; as well as all your calculations and discussions.