DES (Data Encryption Standard)

• 1972: National Bureau of Standards begins search

• 1975: DES: Lucifer by IBM, modified by NSA (key reduced from 128 to 56 bits)

• Approved by NBS ‘76, ANSI ‘81

• renewed every 5 years by NIST

• now considered obsolete

• Authors: NSA & IBM, 1977

• Data block size: 64-bit (64-bit input, 64-bit output)

• Key size: 56-bit key

• Encryption is fast

– DES chips

– DES software: a 500-MIP CPU can encrypt at about 30K octets per second

• Security

– No longer considered secure: 56 bit keys are vulnerable to exhaustive search

Description:

64-bit plaintext 64-bit plaintext

DES Cipher DES Reverse

Encryption 56 bit key Cipher Decryption
 64-bit ciphertext 64-bit ciphertext

Fig: Encryption and Decryption of DES

• Block cipher: 64 bits at a time

• Initial permutation rearranges 64 bits (no cryptographic effect)

• Encoding is in 16 rounds

64-bit plaintext
Initial Permutation DES

Key1
Round 1 48-bit

Key2 Round –
Round 2
48-bit Key
Generator

Round 16 Key16
48-bit

Final Permutation

56-bit

Cipher key

64-bit ciphertext
 Fig: General Structure of DES

• 64 bits divided into left,

right halves

• Right half goes through

function f, mixed with key

• Right half added to left half

• Halves swapped (except in

last round)

How DES works

• Encryption starts with an initial permutation of the 64 input bits.

• These bits are then divided into two 32-bit halves called L and R.
• The encryption then proceeds through 16 rounds, each using the existing L and R parts,
and a sub-key.
• The R and sub-keys are processed in a function f, and the output of the f function is
exclusive-or'ed with the existing L part to create the new R part.
• The new L part is simply a copy of the incoming R part. In the final round, the L and R
parts are swapped once more before the final permutation producing the output block.
• Decryption is identical to encryption, except that the sub-keys are used in the opposite
order. That is, sub-key 16 is used in round 1, sub-key 15 is used in round 2, etc., ending
with sub-key 1 being used in round 16.
Here is a diagram of the DES algorithm:
The f function

• The f function mixes the bits of the R portion using the subkey for the current round.
• First the 32-bit R value is expanded to 48 bits using a permutation E. That value is then
exclusive-or'ed with the subkey.
• The 48 bits are then divided into eight 6-bit chunks, each of which is fed into a S-Box
that mixes the bits and produces a 4-bit output.
• Those 4-bit outputs are combined into a 32-bit value, and permuted once again to
produce the f-function output.
Sub-key Generation

• To generate the sub-keys, start with the 56-bit key (64 bits if you include the parity bits).

• These are permuted and divided into two halves called C and D.

• For each round, C and D are each shifted left circularly one or two bits (the number of
bits depending on the round).

• The 48-bit subkey is then selected from the current C and D bits.
• Expand right side from 32
to 48 bits (some get
reused)

• Add 48 bits of key (chosen

by schedule)

• S-boxes: each set of 6 bits

reduced to 4

• P-box permutes 32 bits

 Fig: One Round of DES

A simplified overview of the DES Encryption Algorithm .

Here are the steps to DES encryption.

1. Take the plain text input and break it into blocks of 64 bits. For this reason, DES is a block
based encryption method.

2. Derive - from the 56 bit encryption key - 16 sub keys of length 48 bits. This is again based on
bit shuffling. The process is fairly straightforward. For generating each sub key, the previous
sub key is halved and the bits of each half are moved one bit to the left. The first bits are
wrapped around to the end. The two new halves are rejoined to make a new key. The 56 bit key
that you provide to the encryption method is only used to generate the first sub key, and isn't
directly used to encrypt the data.

3. Once the plain text has been broken up into a series of 64 bit blocks, it is shuffled (a process
also called permutation) based on a known 'shuffle' table that specifies how the bit are shuffled.
That is, bit 1 is placed in bit 40, bit 2 is placed in bit 23 and so on. This doesn't actually help
making the encryption any more secure. In fact, it makes the process more difficult to achieve
using a software based algorithm.

4. Once this shuffle has been done, the bits then are passed through 16 steps, or rounds, using
one of the generated 16 sub keys.

5. The shuffled 64 bits created in step 3 are passed to a round, where it is split into two blocks of
32 bits each and processed against the corresponding key for that round. The process conducted
in the round is covered later.

6. Step 4 is repeated 16 times, once for each sub key. The output of each round is fed into the
following round.

7. Once the 16th round is complete, the resulting two 32 bit halves are switched and then
rejoined back into a 64 bit block.

8. Finally, the 64 bit block is then reshuffled (permutated) using the inverse shuffle that was
applied in step 3. Again, this doesn't make any great difference to the effectiveness of the
encryption method.

All the blocks of the plain text go through this process. Once all the blocks have been processed
they are combined; and that's the encrypted cipher text.
Figure 1: DES Symmetric Encryption
Triple-DES (3DES)

• C = DESk3(DESk2(DESk1(P))).

• Data block size: 64-bit

• Key size: 168-bit key; effective key size: 112 (due to man-in-the-middle attack)

• Encryption is slower than DES

• Securer than DES

Fig: Triple DES