Cryptography – Double DES


Cryptography – Double DES


”;


In the previous chapter we saw what is data encrytption standard in this chapter we will see detailed information about Double DES.

Double DES is a type of encryption where the same plaintext is encrypted using a pair of DES. Different keys are provided in both cases to encrypt the plaintext. Learning double DES is easy.

Double DES uses two keys, k1 and k2. For it to obtain the encrypted text, it can apply DES to the original plaintext using k1. With a different key, k2, it can apply DES to the encrypted text this time. The encrypted text that is displayed is the final output.

How does Double DES Work?

To create the singly encrypted ciphertext, first use the key K2 to decrypt the double encrypted cipher-text block. The original plaintext block can be retrieved by decrypting this ciphertext block with key K1.

Double DES Encryption

If it is capable of using a single-bit key, then 0 and 1 are the two available keys. There are four possible key values, like (00, 01, 10 and 11), if it can use a two-bit key.

In most cases, the cryptanalyst must implement 2n operations in order to try out every possible key if it can use an n-bit key. The cryptanalyst will have to make 22nn attempts to crack the key if it is possible to use two distinct keys, each with n bits.

Double DES Decryption

Think about a message”s P (plain-text block) and C (corresponding final cipher-text block) as the two basic elements of information that the cryptanalyst is aware of. Double DES stated numerically, as seen in the figure.

The result of the first encryption is known as T and is indicated as T = Ek1(P) [i.e., encrypt the block P with key K1]. After this encrypted block is encrypted with another key K2, it indicate the result as −


C = Ek2(Ek1(P))

[i.e., encrypt the already encrypted block T, with a different key K2, and call the final ciphertext as C].

Mathematical Expression

Meet in Middle Attack

In the double DES can be destroyed by known plaintext attack known as meet-in-themiddle attack.

Given a plaintext P and two encryption keys K1 and K2, ciphertext C is produced as C = Ek2(Ek1, (m)) decryption needed that the keys be used in reverse order −


P = Dk1(Dk2, (C))

Meet in Middle Attack

A Meet-in-the-Middle (MitM) Attack is a type of cryptanalytic attack where the attacker need some type of space or time tradeoff to support the attack. MITM attempt can decrease the amount of difficulty needed to perform the assault in its original state.

Merkle and Hellman introduced the terms of meet-in-the-middle attack. This attack contains encryption from one end and decryption from another and connecting the result in the middle, therefore is the name meet-in-the-middle.

MITM can create the form of dividing the target connection into two so that each element can be addressed independently. It can mean changing an attack requiring X amount of time into one requiring Y time and Z space. The goal is to significantly decrease the effort required to implement a brute-force attack.

Meet-in-the-Middle attackers try to reconcile the difficulty contained in a high cryptanalytic attack by meeting in the middle, or halving the area of what they are analyzing to create the effort applicable or reasonable in their view.

The main aim of an attack is to steal personal information, including login credentials, account details and credit card numbers. Targets are frequently the users of monetary applications, SaaS businesses, e-commerce sites and other websites where logging in is needed.

Data acquired at the time of an attack can be used for several goals, such as identity theft, unapproved fund transfers or an illicit password change.

There are two keys including K1 and K2 are used for encrypt plaintext P into ciphertext C and the similar K1 and K2 are used for decryption. The intermediate text produced by first encryption and of first decryption, M should be the similar i.e., the two relationship must hold.

Let us say a cryptanalyst have a previous pair of P and C then it can use all possible values (256) of K1 and record all values of M. Similarly for all values of K2 access all M and thus compare these M”s of K1 and K2 and discover a pair of K1 and K2 for which M is same.

If only one such pair occur then K1 and K2 are the desired keys. If more than one pair exists for which K1 and K2 are equal, another intercepted plaintext/ciphertext pair is utilized.

Advantages

The Double DES (Data Encryption Standard) method of data encryption involves quickly performing the DES algorithm twice. The following are Double DES”s advantages −

  • Enhanced Security − By doubling the length of the key, Double DES improves the security of DES and makes it more difficult for attackers to decrypt encrypted data via brute-force attacks.
  • Compatibility with Current Systems − Double DES can be implemented with current DES hardware and software, making it a simple option for businesses who currently use DES.
  • Widely Studied − Due to the in-depth study and analysis that DES has received over the years, double DES can be applied and understood with the help of a variety of information and resources.

Disadvantages

  • Vulnerable to Meet-in-the-Middle Attack − Double DES is vulnerable to a meet-in-the-middle attack, which involves an attacker intercepting the ciphertext and trying every key for the first encryption and decryption phases while storing the intermediate results. They then try each key for the second encryption stage until they find one that corresponds with the previously saved results. Therefore, the effective key length decreases to 112 bits, significantly weakening the theoretical 168-bit key length.
  • Performance Overhead − Because double DES encryption takes more time and computing power than single DES encryption, it may have a performance overhead.
  • Limited Key Length − While double DES has doubled the key length compared to single DES, it has a relatively limited key length (112 effective bits after calculating for the meet-in-the-middle attack). This may not be enough for handling sophisticated attacks, especially with the development of more powerful computing technologies.

Advertisements

”;

Leave a Reply

Your email address will not be published. Required fields are marked *