Ministry of Education, Culture and Research of the

Republic of Moldova Technical University of Moldova

Faculty of Computers, Informatics and Microelectronics, Department of
Software Engineering and Automation

Raport
for laboratory work No. 4
at the
"Cryptographic methods of information protection" course

Did by:

Procopii Maria,

gr. FAF-212
Checked by:
Catalin MITU

Chișinău – 2023
Theme: Block ciphers. The DES algorithm
Task:

To develop a program in one of the programming languages preferred for implementing an element of the
DES algorithm. She is pregnant will choose according to the order number n of the student from the group
list, according to the formula: nr_task = n mode 11. For each task let the tables used and all intermediate steps
be displayed on the screen. Input data be user-enterable or randomly generated.

The Data Encryption Standard (DES) is a symmetric-key block cipher encryption algorithm that was widely
used for secure data transmission and storage in the past. It was adopted as a federal standard in the United
States in 1977 and served as the primary encryption standard for many years until it was eventually replaced
by more advanced algorithms like the Advanced Encryption Standard (AES). Despite its age and
vulnerabilities to modern attacks, DES is still a valuable algorithm for educational purposes and understanding
the fundamentals of encryption.

DES algorithm:
The Data Encryption Standard (DES) is a symmetric-key block cipher encryption algorithm that was widely
used for secure data transmission and storage in the past. It was adopted as a federal standard in the United
States in 1977 and served as the primary encryption standard for many years until it was eventually replaced
by more advanced algorithms like the Advanced Encryption Standard (AES). Despite its age and
vulnerabilities to modern attacks, DES is still a valuable algorithm for educational purposes and understanding
the fundamentals of encryption.

1. Key Generation:
- DES uses a 56-bit key, which is divided into 16 48-bit subkeys (one for each round).
- The key is typically derived from a user-provided passphrase or some other method.

2. Initial Permutation (IP):

- The 64-bit plaintext is permuted according to a fixed table to provide an initial arrangement of the bits.

3. Feistel Network:
- DES is based on a Feistel network structure, which repeatedly performs a series of operations on the data.
It consists of 16 rounds.

4. Round Function:
- Each round of the Feistel network uses a different 48-bit subkey derived from the original 56-bit key.

5. Expansion Permutation (E):

- The 32-bit right half of the data is expanded to 48 bits by duplicating certain bits.

6. XOR with Subkey:

- The expanded right half is XORed with the current round's subkey.

7. Substitution (S-boxes):
- The result of the XOR operation is then divided into 8 groups of 6 bits each.
- Each group is substituted with a 4-bit output using a predefined S-box (substitution box).
- S-boxes provide the non-linear component of DES and are a key part of its security.

8. Permutation (P):
- The 32-bit output from the S-boxes is permuted according to a fixed table.

9. XOR with Left Half:

- The output of the P permutation is XORed with the original 32-bit left half of the data.
10. Swap Left and Right:
- After each round, the left and right halves of the data are swapped.

11. Final Permutation (IP-1):

- After 16 rounds, a final permutation is applied to the data, essentially reversing the initial permutation.

12. Cipher Text:

- The final 64-bit output is the ciphertext.

To decrypt the ciphertext, the same algorithm is applied with the same 56-bit key, but the subkeys are used in
reverse order.

It's important to note that DES is no longer considered secure for most applications because its 56-bit key size
is vulnerable to brute-force attacks. Consequently, it's recommended to use more modern encryption
algorithms like AES, which offer significantly stronger security. DES has largely been replaced by AES in
most security-critical contexts.

Solution:
Further will be described the implementation of 2.1, 2.2 and 2.3 conditios.

The permutation tables used in the Data Encryption Standard (DES) algorithm, which were used in my code:

PC1 (Permutation Choice 1) :

This table is used to perform an initial permutation on the 64-bit key to generate the 56-bit key (K+).

public static final int[] PC1 = {

57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4
};

PC2 (Permutation Choice 2) :

This table is used to generate the 48-bit round keys (K1, K2, ..., K16) from the 56-bit key (K+).

public static final int[] PC2 = {

14, 17, 11, 24, 1, 5,
3, 28, 15, 6, 21, 10,
23, 19, 12, 4, 26, 8,
16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55,
30, 40, 51, 45, 33, 48,
44, 49, 39, 56, 34, 53,
46, 42, 50, 36, 29, 32
};

These permutation tables are crucial for transforming the key data and generating the subkeys used in the DES
algorithm. They define the order in which the bits are selected and rearranged.
Code implementation for each of the tasks:

Task 2.1: Find the K+ Key

In this task, the code applies the PC1 permutation to the user-provided key to obtain the K+ key. The key is
first converted from a string of letters to a bit format using the `fromLettersToBits` function. Then, the PC1
permutation is applied, and the result is stored in the `Kplus` variable.

Image 1: Code for fiding the K+ from the given String key

Task 2.2: Find Ci and Di for a Given i

For this task, the code calculates Ci and Di for each round (i from 1 to 16) using circular left shifts. It takes
the K+ key as input and derives Ci and Di values for each round based on the specified shift amounts.
Additionally, the code provides method to print specific Ci, Di, and round keys using `printSpecificCandD`

Image 2: Code for fiding the C and D from the given K+ key

Task 2.3: Find Ki for a Given i

In this task, the code generates the round keys Ki (i from 1 to 16) from the Ci and Di values obtained in the
previous task. It applies the PC2 permutation to the combined Ci and Di values for each round, producing the
round keys, which are stored in `collectionOfAll16Keys`.

Image 3: Code for fiding all Ki setst from the given K+

Additionally, the code provides method`printSpecificRoundKey` functions. Finally, the
`fromStringKeyGetRoundKeys` method performs all tasks and prints the round keys for all 16 rounds.

Example:

Image 4: Fiding the K+ from the 8 string key (with intermediate byte value of the key)

Image 5: Fiding the specific D and C from a provided K+

Image 6: Fiding the specific round key from provided K+ (with intermediate result of D and C)
Conclusion:
The Data Encryption Standard (DES) was a pioneering symmetric-key block cipher encryption algorithm
that significantly contributed to the field of cryptography. Although it played a crucial role in securing data
for many years, it is now considered outdated due to advances in computing power and cryptographic
techniques.

DES was a pivotal cryptographic milestone in the history of encryption but has become outdated and
insecure for modern security requirements. It paved the way for more robust and secure encryption
standards like AES, which are widely adopted today. Understanding DES's architecture and its limitations is
crucial for appreciating the evolution of cryptography and the importance of strong encryption standards in
the digital age.

GitHub:
https://github.com/MariaProcopii/cryptography/tree/main/src/main/java/LAB4