Des 1
Des 1
Des 1
(DES)
Product Ciphers
Apply confusion and diffusion operations to thwart
cryptanalysis based on statistical analysis
Diffusion
dissolve statistical structure of the plaintext into long-range
• Li = Ri-1
• Ri = Li-1 F(Ki, Ri-1)
Substitution followed by
permutation
Multiple rounds
Block size
Increasing size improves security, but slows cipher
Key size
Increasing size improves security, makes exhaustive key
cipher
Round function
Greater complexity can make analysis harder, but slows
cipher
Fast software encryption/decryption
Ease of analysis
In 1973, NBS (NIST) issues a public request for proposals
for a national cipher standard, which must be
Secure
Public
Completely specified
Easy to understand
Able to be validated
Exportable
The Data Encryption Standard (DES) is a symmetric-key
block cipher published by the National Institute of
Standards and Technology (NIST).
IP IP-1
Note: The initial and final permutations are straight
P-boxes that are inverses of each other.
They have no cryptography significance in DES.
Rounds
DES uses 16 rounds. Each round of DES is a Feistel
cipher. One single round process architecture shown
below
DES Round Function DES Key Generation
DES Function
D-Box
Expansion P-box
Since RI−1 is a 32-bit input and KI is a 48-bit key, we first
need to expand RI−1 to 48 bits.
Expansion permutation
Although the relationship between the input and output
can be defined mathematically, DES uses below table to
define the P-box.
Expansion P-box table
Whitener (XOR)
After the expansion permutation, DES uses the XOR
operation on the expanded right section and the round
key. Note that both the right section and the key are 48-
bits in length. Also note that the round key is used only in
this operation.
S-Boxes
The S-boxes do the real mixing (confusion). DES uses 8
S-boxes, each with a 6-bit input and a 4-bit output.
S-boxes
S-box rule
shows the permutation for S-box 1. For the rest of the
boxes see the textbook.
S-box 1
Example
Solution
If we write the first and the sixth bits together, we get 00 in
binary, which is 0 in decimal. The remaining bits are 0000 in
binary, which is 0 in decimal. We look for the value in row 0,
column 0, in Table S-box 8. The result is 13 in decimal, which
is 1101 in binary. So the input 000000 yields the output 1101.
Straight D-Box: A straight permutation table is used
57 49 41 33 25 17 9
1 58 50 42 34 26 18 C0
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15 D0
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4
Iteration # 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Left Shifts 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Permute the concatenation C[i]D[i] as indicated
below. This will yield K[i], which is 48 bits long.
C[0]
0111010
1000110
0110001
0001000
D[0]
0100000
1011001
0100011
1011111
Calculate the 16 sub keys. Start with i = 1
Perform one or two circular left shifts on both C[i-1] and
D[i-1] to get C[i] and D[i], respectively. The number of
shifts per iteration are given in the table below.
Iteration # 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Left Shifts 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
0111010 0100000
1000110 1011001
0110001 0100011
0001000 1011111
C[0]
0111010100011001100010001000
D[0]
0100000101100101000111011111
Find C[1] & D[1] and so on
C[1]
1110101000110011000100010000
D[1]
1000001011001010001110111110
C[2]
1101010001100110001000100001
D[2]
0000010110010100011101111101
C[3]
0101000110011000100010000111
D[3]
0001011001010001110111110100
C[0]
C[0]D[0]
0111010 0 1 1 1 0 1 0 bits 1-7
1000110 1 0 0 0 1 1 0 bits 8-14
0110001 0 1 1 0 0 0 1 bits 15-21
0001000 0 0 0 1 0 0 0 bits 22-28
0 1 0 0 0 0 0 bits 29-35
D[0] 1 0 1 1 0 0 1 bits 36-42
0 1 0 0 0 1 1 bits 43-49
0100000 1 0 1 1 1 1 1 bits 50-56
1011001
0100011
1011111
Permute the concatenation C[i]D[i] as indicated
below. This will yield K[i], which is 48 bits long.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: