Data Encryption Standard (DES) encrypts data in 64-bit blocks using a 56-bit key. The DES algorithm takes the input through a series of transformations: initial permutation; a complex function, which involves both the operations of permutation and substitution and depends on a key input; a simple permutation function that switches the two halves of the data; the function is applied again; and a permutation function that is the inverse of the initial permutation occurs. There are five "modes of operation" which have been defined to apply DES to a variety of applications. Are Electronic Codebook, Cipher Block Chaining, Cipher Feedback, Output Feedback counter and counter (encryption Concepts, 05).
Triple DES or 3DES involves repeating the DES algorithm three times on the plaintext, using two or three different keys to produce the ciphertext. As indicated in the article DES died. Hooray ... Well, um, thing, "First it figure, then decrypts and then encrypts it again" (Moskowitz, 1999). Three DES is now used because it is very resistant to cryptanalysis, which serves as an alternative to add security against the potential vulnerability of DES brute force attack. Triple DES has been adopted for use in the standards of the keys ANSI X 9.17 and ISO 8732 management, along with a number of Internet-based applications, such as PGP and S / MIME (AES ciphers and confidentiality, 05). The image below shows the triple encryption process, as well as show the central portion of 3DES encryption as decryption rather than making it more secure.
a nonce and key distribution center (KDC) shares a secret key or the "master" key between each of the parts of a network. The KDC is responsible for the nonce generation and keys to be used for a short time on a connection between two parts, known as session keys and the distribution of those keys using master keys to protect the distribution. The following steps will occur:
1. issues a request to the KDC for a session key with B. The message includes the identity of A and B, as well as a unique identifier for the transaction, a nonce, which may include a random number or a counter.
2. The KDC responds with a message encrypted using Ka. Thus, only A can read the message and knows the message originated from the KDC. The message includes:
• of once the session key, Ks, to be used for the session.
• The original request message, including the nonce, to allow to match this response with the appropriate request.
In addition, the message includes two elements for B:
• The one-time session key, Ks.
• An identifier of A, IDA.
These are encrypted with the master key that the KDC shares with B. They are sent to B to establish a connection and demonstrate the identity of A.
3. A stores the key session for use in the next session and forwards to B the information that gave rise to the KDC to B. This information shall be protected from eavesdropping, because it is encrypted with the master key, Kb. B knows the session key, the identity of A, and that the source information to the KDC.
4. B then sends a nonce, N2, to A, with a key of new-fangled session for encryption.
5. Using the session key, A responds with f (N2), where f is a function that performs some transformation in N2 (for example, by adding one) (Stallings, 03 pp 214- 15).
In conclusion, the above explained how DES, 3DES because it is now used, because the central part of 3DES is an encryption and decryption rather than explain a nonce and a key distribution center.
Works Cited
Moskowitz, Robert. (1999). DES died. Long Live ... well, um, what? Network Computing, vol. 10 Problem 6. Retrieved October 22, 05, by, EBSCO Host Research Database at [http://web10.epnet.com]
Stallings, William. (03). Cryptography and Network Security: Principles and Practice. New Jersey: Pearson Education, Inc.
0 Komentar