Cryptography Lab
IDEA Block Cipher Internals & Modes of Use
Objective
The objective of this lab is to explore the operation of the IDEA
encryption algorithm by tracing its execution, computing one round
by hand, and then exploring the various block cipher modes of use.
Resources - IDEA Calculator
To explore the operation of the IDEA block cipher, you will be using
the IDEA Calculator Applet. This applet is used to
encrypt or decrypt test data values using the IDEA block cipher. It can
optionally provide a trace of the calculations performed, with varying
degrees of detail.
For this lab, you will be assigned a Key Plain Cipher triple to use.
The triple is written as three values in hexadecimal being the key (128 bits),
plaintext (64 bits) and ciphertext (64 bits) values respectively;
and should look something like the following:
7ca110454a1a6e5701a1d6d039776742 690f5b0d9a26939b 1bddb24214237ec7
If you encrypt the specified plaintext with the key, you should get
the ciphertext value; if you decrypt the ciphertext value, you should
get the plaintext value. Depending on the trace level specified, you will
also be given details of the round calculations as they are computed.
You can run the IDEA Calculator
Applet in the following ways:
- install on your own system
- the IDEA Calculator Applet page
provides links for the files to download onto your system. Then just
open the IDEAcalc.html
page using either your favorite (Java enabled) web browser, or running
"
appletviewer IDEAcalc.html
" from the Java SDK distribution,
to run the applet.
- direct web access
- alternatively you can access the
IDEA Calculator
directly from this site to run the applet.
Please note that the applet has limited error handling, supplying an
incorrect input value is liable to generate nonsense results!
Lab Task - Part a - Block Cipher Internals
For this lab, you have been allocated a specific IDEA triple
from the list below (please make sure you use it). You will use the
key and plaintext values from this triple in the
IDEA Calculator.
With this triple, you are asked to do the following tasks:
- Encrypt the plaintext using the key given in your triple, with
tracing of the round values. Note how the bits in X (the left
and right halves of the data) change from round to round. What is the
value of your X at the start of round 5?
- Change IDEA bit 12 of the PLAINTEXT in your triple (ie change the
0 to 1, or 1 to 0 as appropriate), assuming IDEA bit numbering from left
(MSB) bit 63 to right (LSB) bit 0. Encrypt this new plaintext value using
the IDEA Calculator. Using the trace output,
after each of the first four rounds list in a table how many bits
of X differ from the corresponding values in part i (nb. you will
have to convert between hexadecimal & binary and compare the relevant
bits to do this).
- Detail how the subkeys used in each of the four rounds above were
derived from the original 128 key bits specified.
- Describe which characteristics of a good block cipher design have been
illustrated by this exercise, and how they are demonstrated.
Assessment - Part a
As assessment for this part of the lab, you should create a file for this lab.
At the top of this file you should include
the name of this course, this lab, your name, and your student number.
Then include the heading: Part a: Block Cipher Internals, and
follow this with the trace logs of the round values for all the IDEA
encryptions you ran for each of the above tasks, your working, your
answers and discussions.
IDEA Triples:
The table below lists triples on the left with the login they are
allocated to on the right (nb. you may need to scroll the window to see
the logins). These were randomly generated using the GenIDEA program, which is
also included in the JAR file, and which generates n random triples
when run as:
java -cp IDEAcalc.jar GenIDEA n
Triple (key plain cipher)in Hexadecimal Login
df81388a49f06710af9e01d590d03666 be382124b1c6deed d350ed15b9d890fc xxx
Lab Task - Part b - Block Cipher Round
For the second part of this lab, using your original plaintext
and key values, you should calculate the value of round two
by hand, (ie computing all 14 steps in an IDEA round) using the
value of X and the sub-keys as given by the
IDEA Calculator,
and verify that you obtain the same value of X as the
trace shows at the start of round three.
You will find this relatively simple if you use a scientific calculator
with the ability to enter and display numbers in various bases and to
perform logical operations (eg. the Windows Calculator in Scientific Mode,
or kcalc on Linux).
Assessment - Part b
As assessment for this part of the lab, edit your lab file to
include the heading: Part b: Block Cipher Round, and follow this
with the full details of how you computed each of the 14 steps
(including values before and after modulo reduction), and your comments
on the validity of the result.
Lab Task - Part c - Block Cipher Modes of Use
For this part of this lab, you will be encrypting by hand, the
same message using the same key, twice, once in CBC mode,
then in CFB-64 mode. Note - you are not asked to compute the IDEA
internal values by hand, you may use the
IDEA Calculator for this.
Rather you are showing how each of the above modes is implemented,
treating IDEA now as a "black box" en/decryption algorithm (ie something
that takes input & key and gives you some output).
Setup
To start with you need to create the key and message you'll use, and represent
them in hex (binary) as follows:
- key
- create a 16-byte (128-bit) key based on your full name
and other letters (if necessary) to make it 16 chars long,
eg my key might be: "
LawrieBrownXYZPQ
".
Then translate this from ASCII into hexadecimal (see below).
- message
- create a short message of between 17 and 23 bytes in length by
concatenating your first name with "test message" or "message"
as necessary to ensure it is 17 or more characters long.
eg I could use a message of "Lawrie's test message!
"
Please ensure it is at least 17 and no more than 23 characters,
that is it should incompletely span 3 input blocks of the cipher.
To convert from the ASCII text of your key/message to hexadecimal (and hence
binary), you can:
To show how you'd use these, I could for example implement the ECB mode
(which is not what you are asked to do) as follows:
given my key above, and the first 8 bytes of my message "Lawrie's",
I'd create the following key and plaintext hex values:
4c617772696542726f776e58595a5051 4c61777269652773
and then encrypt this using the IDEA Calculator
which tells me (using trace level 1):
setKey(4c617772696542726f776e58595a5051)
encryptIDEA(4c61777269652773) = a10e8bf6faf0f6bd
hence my first block of ciphertext in ECB mode would be:
a10e8bf6faf0f6bd
Illustrate Implementation of CBC Mode
Demonstrate how the CBC Mode can be used to first encrypt, and then
decrypt the above message, divided into blocks. You should use an
IV of all 0's. CBC mode is:
Ci = IDEAK1(Pi XOR Ci-1)
C-1 = IV
You should explicitly discuss how you handle the final, undersize block,
and how the receiver determines which decrypted bytes are valid. This
is part of the assessment for this item.
Illustrate Implementation of CFB-64 Mode
Demonstrate how the CFB-64 Mode can be used to first encrypt, and then
decrypt the above message, handling each character (byte) separately this
time in a stream. Again use an IV of all 0's. CFB mode is:
Ci = Pi XOR IDEAK1 (Ci-1)
C-1 = IV
and you will be using 64-bit feedback (ie all 8 bytes of ciphertext),
which can be done only after you have processed eight distinct bytes
of the message.
Discussion
You should conclude this section with a few sentences on how easy or
not each mode was to implement, and each's applicability to different
applications.
Assessment - Part c
As assessment for this part of the lab, edit your lab file to
include the heading: Part c: Block Cipher Modes of Use, and follow
this with full details of all your calculations showing how you
implemented the above modes. You should include all your IDEA Calculator
traces of key, data and resulting output values, but not internal
round values; as well as all your calculations and discussions.
Copyright ©
Dr Lawrie Brown /
6 Jun 2005