Saturday, June 13, 2026

Unit 4 — Advanced Encryption Standard (AES), Triple DES, RC4, Hash Functions & MAC

 


From MCA553 (Principles of Cryptography and Cyber Security).

Advanced Encryption Standard (AES)

AES is the modern replacement for DES.

Developed by:

  • NIST (National Institute of Standards and Technology)

Features:

  • Symmetric Key Algorithm
  • Faster than DES
  • More Secure

AES Key Sizes

  • 128-bit
  • 192-bit
  • 256-bit

AES Block Size

  • 128 bits

Why AES Replaced DES?

DES AES
56-bit key 128/192/256-bit key
Less secure Highly secure
Slower Faster
Vulnerable to brute force Resistant to brute force

AES Working

AES performs multiple rounds:

  • SubBytes
  • ShiftRows
  • MixColumns
  • AddRoundKey

Rounds:

  • AES-128 → 10 rounds
  • AES-192 → 12 rounds
  • AES-256 → 14 rounds

Evaluation Criteria for AES

While selecting AES, the following were considered:

  1. Security
  2. Performance
  3. Flexibility
  4. Simplicity
  5. Implementation efficiency

Multiple Encryption

Applying encryption more than once.

Purpose:

  • Increase security
  • Reduce vulnerability

Example:

Plain Text
   ↓
DES
   ↓
Cipher Text
   ↓
DES Again
   ↓
More Secure Cipher Text

Triple DES (3DES)

Uses DES three times.

Process:

Encrypt
 ↓
Decrypt
 ↓
Encrypt

(EDE Method)

Key Length

  • 168 bits

Advantages

  • More secure than DES

Disadvantages

  • Slower than AES

Block Cipher Modes of Operation

When data is larger than one block, special modes are used.

ECB (Electronic Code Book)

Each block encrypted separately.

Advantages:

  • Simple

Disadvantages:

  • Pattern leakage
  • Less secure

CBC (Cipher Block Chaining)

Each block depends on previous block.

Advantages:

  • Better security

Disadvantages:

  • Error propagation

CFB (Cipher Feedback)

Converts block cipher into stream cipher.

Used in:

  • Real-time communication

OFB (Output Feedback)

Generates key stream independently.

Advantages:

  • Errors do not propagate

Stream Cipher

Encrypts data one bit or byte at a time.

Advantages:

  • Fast
  • Suitable for communication systems

Examples:

  • RC4

RC4

A famous stream cipher.

Features:

  • Variable key length
  • Fast execution
  • Simple implementation

Applications:

  • SSL/TLS (older versions)
  • Wireless security

Disadvantage:

  • Several security weaknesses discovered
  • Not recommended today

Message Authentication

Ensures:

  1. Sender is genuine
  2. Message is not modified

Authentication Requirements

A secure system should provide:

  • Integrity
  • Authentication
  • Non-repudiation

Authentication Functions

Used to verify authenticity.

Methods:

  • Hash Functions
  • Digital Signatures
  • MAC

Hash Function

Converts data of any size into fixed-size output.

Properties:

  • One-way function
  • Fast computation
  • Difficult to reverse

Example:

HELLO
↓
Hash Function
↓
8b1a9953...

Characteristics of Good Hash Function

  1. Fixed length output
  2. Fast computation
  3. Collision resistant
  4. One-way operation

Popular Hash Algorithms

  • MD5
  • SHA-1
  • SHA-256
  • SHA-512

Message Authentication Code (MAC)

Used to verify:

  • Message Integrity
  • Sender Authenticity

Structure:

Message + Secret Key
         ↓
       MAC

Receiver recalculates MAC and compares.

If same:

  • Message is authentic.

Difference Between Hash and MAC

Hash MAC
No secret key Uses secret key
Integrity only Integrity + Authentication
SHA-256 HMAC-SHA256

Security of Hash Functions

A secure hash function must resist:

1. Preimage Attack

Finding original message from hash.

2. Second Preimage Attack

Finding another message with same hash.

3. Collision Attack

Finding two different messages with same hash.

Digital Signature

Provides:

  • Authentication
  • Integrity
  • Non-repudiation

Process:

Message
 ↓
Hash
 ↓
Encrypt with Private Key
 ↓
Digital Signature

Verification:

Public Key
 ↓
Verify Signature

Importance of Digital Signature

Used in:

  • E-commerce
  • E-governance
  • Online banking
  • Digital documents

Important Exam Questions

Short Questions

  1. What is AES?
  2. Why is AES better than DES?
  3. What is Triple DES?
  4. Define RC4.
  5. What is MAC?
  6. Define Hash Function.
  7. What is Digital Signature?
  8. Explain Collision Attack.

Long Questions

  1. Explain AES architecture and working.
  2. Compare AES, DES, and Triple DES.
  3. Explain Hash Functions and their security requirements.
  4. Discuss Message Authentication Code (MAC).
  5. Explain Digital Signature with diagram.
  6. Describe different block cipher modes.

Quick Revision

  • AES = Modern symmetric encryption standard.
  • DES = Old encryption standard.
  • Triple DES = DES applied three times.
  • RC4 = Stream cipher.
  • Hash Function = Fixed-size fingerprint of data.
  • MAC = Authentication + Integrity.
  • Digital Signature = Authentication + Non-repudiation.
  • SHA-256 = Popular secure hash algorithm.

Next Unit 5:

Malware, Virus, Worm, Trojan, Rootkit, Ransomware, Firewalls, OS Hardening, Antivirus, Digital Signature Standard (DSS), Authentication Protocols — usually asked directly in exams and viva.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)