Study Public key and symmetric key encryption with the help of

diagram and write steps of performing. Also study DES standard?

 Encryption:
It is the process of locking up information using cryptography.
Information that has been locked this way is encrypted.
 Decryption:
The process of unlocking the encrypted information using
cryptographic techniques.
 Key:
A secret like a password used to encrypt and decrypt information.
There are a few different types of keys used in cryptography.

Public-key :
It refers to a cryptographic mechanism. Public-key introduces a
concept involving key pairs: one for encrypting, the other for
decrypting.
Characteristics:
• Simplified key distribution • Digital Signature • Long-term
encryption.

Public key encryption, in which a message is encrypted with a

recipient's public key. The message cannot be decrypted by anyone
who does not possess the matching private key, who is thus
presumed to be the owner of that key and the person associated
with the public key. This is used in an attempt to
ensure confidentiality.
Symmetric-key:
this cryptography is a mechanism by which the same key is used for
both encrypting and decrypting; it is more intuitive because of its
similarity with what you expect to use for locking and unlocking a
door: the same key.
This characteristic requires sophisticated mechanisms to securely
distribute the secret-key to both parties However, it is important to
note that symmetric-key still plays a major role in the
implementation of a Public-key Infrastructure.

Steps for signing and encrypting a message:

Figure below shows the set of operations required when Alice
wants to send a signed and encrypted message to Bob .
How do they work?
1.Message signature:
Digital signature includes two steps:
a) Message digest evaluation.
The main purpose for evaluating a digest is to ensure that the
message is kept unaltered; this is called message integrity.
b) Digest signature.
A signature is in fact an encryption using the issuer’s (Alice in this
case) private-key. Included in the signature is also the hashing
algorithm name used by the issuer. The issuer’s public-key is also
appended to the signature. Doing so let’s anyone decrypt and verify
the signature using the issuer’s public-key and hashing algorithm.
Given the properties of public-key encryption and hashing
algorithms, the recipient has proof that: i) The issuer’s private-key
has encrypted the digest; ii) The message is protected against any
alteration.

2. ) Message encryption.
Encryption includes the following 3 steps:
a) Creation of a one time symmetric encryption/decryption key.
b) Message encryption. The whole message (the message itself and
the signature) is encrypted using SymK, the symmetric-key
evaluated above.
c) Symmetric-key encryption. SymK is also used by the recipient to
decrypt the message. SymK must therefore be available to the
recipient (Bob) only. The way to hide the Symk from everybody
except the recipient is to encrypt it using the recipient’s public-key.
Since SymK is a small piece of information compared to a message
(that could be very long), the performance penalty associated with
the relative inefficiency of asymmetric-key algorithms is acceptable.

Steps for Decrypting and verifying the signature of a message.

1.Message decryption.
The decryption includes the following steps:
a)Symmetric-key decryption.
The one time symmetric-key has been used to encrypt the message.
This key (SymK) has been encrypted using the recipient’s (Bob)
public-key. Only Bob can decrypt SymK and use it to decrypt the
message9.
b) Message decryption. The message (which includes the message
itself and the signature) is decrypted using SymK.

2. Signature verification.
The signature verification includes the following 3 steps:
a) Message digest decryption. The digest has been encrypted using
the issuer’s (Alice) private-key. The digest is now decrypted using
the issuer’s public-key included in the message.
b) Digest evaluation. Since hashing is a one-way process i.e. the
message cannot be derived from the digest itself, the recipient must
re-evaluate the digest using the exact same hashing algorithm the
issuer used.
c) Digests comparison. The digest decrypted in a) and the digest
evaluated in b) are compared. If there is a match, the signature has
been verified, and the recipient can accept the message as coming
unaltered from the issuer. If there is a mismatch this could mean
that: i) The message has not been signed by the issuer or ii) The
message has been altered. iii) In both cases, the message should be
rejected.
Diagram:
Private key encryption
Des standards:

The Data Encryption Standard (DES) is a symmetric-key block

cipher published by the National Institute of Standards and
Technology (NIST).

DES is an implementation of a Feistel Cipher. It uses 16 round

Feistel structure. The block size is 64-bit. Though, key length is 64-
bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of
the key are not used by the encryption algorithm (function as check
bits only). General Structure of DES is depicted in the following
illustration −
Since DES is based on the Feistel Cipher, all that is required to
specify DES is −

 Round function
 Key schedule
 Any additional processing − Initial and final permutation
 How DES Works in Detail

DES is a block cipher meaning it operates on plaintext blocks of a

given size (64-bits) and returns cipher text blocks of the same size.
Thus DES results in a permutation among the 2^64 (read this as: "2
to the 64th power") possible arrangements of 64 bits, each of which
may be either 0 or 1. Each block of 64 bits is divided into two blocks
of 32 bits each, a left half block L and a right half R. (This division is
only used in certain operations.)

Example: Let M be the plain text message M = 0123456789ABCDEF,

where M is in hexadecimal (base 16) format. Rewriting M in binary
format, we get the 64-bit block of text:

M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010
1011 1100 1101 1110 1111
L = 0000 0001 0010 0011 0100 0101 0110 0111
R = 1000 1001 1010 1011 1100 1101 1110 1111

The first bit of M is "0". The last bit is "1". We read from left to right.

DES operates on the 64-bit blocks using key sizes of 56- bits. The
keys are actually stored as being 64 bits long, but every 8th bit in the
key is not used (i.e. bits numbered 8, 16, 24, 32, 40, 48, 56, and 64).
However, we will nevertheless number the bits from 1 to 64, going
left to right, in the following calculations. But, as you will see, the
eight bits just mentioned get eliminated when we create subkeys.

Example: Let K be the hexadecimal key K = 133457799BBCDFF1.

This gives us as the binary key (setting 1 = 0001, 3 = 0011, etc., and
grouping together every eight bits, of which the last one in each
group will be unused):
K = 00010011 00110100 01010111 01111001 10011011
10111100 11011111 11110001