CIA Triad, Double & Triple DES, and S-Box in DES

CIA Triad

The CIA Triad is a model that represents the three fundamental goals of information security: Confidentiality, Integrity, and Availability.

• Confidentiality — Ensures that information is accessible only to authorized individuals. Prevents unauthorized disclosure of data.

• Integrity — Ensures that information is not altered or tampered with by unauthorized parties. Data remains accurate and complete.

• Availability — Ensures that information and resources are accessible to authorized users whenever needed.

These three principles form the foundation of any security policy or system design.

---

Encryption Process of Double DES

Double DES applies the DES algorithm twice with two different keys to increase security.

Process:

• Encryption: $C = E_{K2}(E_{K1}(P))$
• Decryption: $P = D_{K1}(D_{K2}(C))$

Where:

• $P$ = Plaintext
• $C$ = Ciphertext
• $K1$, $K2$ = Two different 56-bit keys
• $E$ = Encryption, $D$ = Decryption

Key Length: $56 + 56 = 112$ bits

Limitation: Vulnerable to Meet-in-the-Middle attack, which reduces effective security to $2^{57}$ operations instead of $2^{112}$.

---

Encryption Process of Triple DES (3DES)

Triple DES applies the DES algorithm three times using two or three keys to provide stronger encryption.

Process (EDE mode — Encrypt-Decrypt-Encrypt):

• Encryption: $C = E_{K3}(D_{K2}(E_{K1}(P)))$
• Decryption: $P = D_{K1}(E_{K2}(D_{K3}(C)))$

Two-key variant: $K1 = K3$ (effective key length = 112 bits)

Three-key variant: All keys different (effective key length = 168 bits)

Advantage: Much stronger than Double DES and resistant to Meet-in-the-Middle attack.

---

Task of S-Box in DES

The S-Box (Substitution Box) performs non-linear substitution in DES, providing confusion by making the relationship between the key and ciphertext complex.

Role of S-Box:

• Converts a 6-bit input into a 4-bit output
• DES uses 8 S-Boxes, each with a unique substitution table
• It is the only non-linear component in DES, providing the core cryptographic strength
• Without S-Boxes, DES would be a linear system and easily breakable

How it works:

• The 1st and 6th bits of the 6-bit input form the row number (0–3)
• The 2nd, 3rd, 4th, and 5th bits form the column number (0–15)
• The value at that row and column in the S-Box table gives the 4-bit output

---

Example of S-Box (S1)

Given 6-bit input: 101100

Step a: Row = 1st and 6th bit = 1 and 0 → Row = $10_2$ = 2

Step b: Column = middle 4 bits = 0110 → Column = $0110_2$ = 6

Step c: Look up S-Box 1, Row 2, Column 6:

Row\Col	0	1	2	3	4	5	6	7	...
0	14	4	13	1	2	15	11	8	...
1	0	15	7	4	14	2	13	1	...
2	4	1	14	8	13	6	2	11	...
3	15	12	8	2	4	9	1	7	...

Step d: Output = 2 → in 4 bits = 0010

So the 6-bit input 101100 is substituted by 4-bit output 0010.

---

Conclusion

The CIA Triad defines the core security objectives. Double DES and Triple DES enhance DES security by applying multiple encryption rounds. The S-Box is the heart of DES providing non-linearity and confusion, making the cipher resistant to linear and algebraic attacks.