Download presentation
Presentation is loading. Please wait.
Published byBenedict Manning Modified over 8 years ago
1
DES Algorithm Data Encryption Standard
2
DES Features Block cipher, 64 bits per block 64-bit key, with only 56 bits effective ECB mode and CBC mode
3
DES – Key Scheduling Specify a 64-bit key There are eight parity bits The key structure is in the next page
4
Bit 0 Bit 1 Bit 2 Bit 3 Bit 4 Bit 5 Bit 6 Bit 7 Bit 0~7 Effective Key Parity Bit Bit 8~15 Effective Key Parity Bit Bit 16~23 Effective Key Parity Bit Bit 24~31 Effective Key Parity Bit Bit 32~39 Effective Key Parity Bit Bit 40~47 Effective Key Parity Bit Bit 48~55 Effective Key Parity Bit Bit 56~63 Effective Key Parity Bit
5
DES – Key Scheduling Key permutation according to “Permuted Choice 1”(PC-1) After permutation, the key length will be only 56 bits 64 bits → 56 bits? Why? The explanation is in the next page
6
Permuted Choice 1 Bit0123456 15749413325179 81585042342618 151025951433527 221911360524436 2963554739312315 367625446383022 431466153453729 50211352820124 Note: The 8n-th bit is disappeared!!
7
DES – Key Scheduling We separate the 56-bit key to two 28-bit keys: L k and R k “Left rotate” the L k and R k according to SRT (Subkey Rotation Table) After rotation, merge L k and R k Permutation according to Permuted Choice 2 (PC-2) We get a 48-bit subkey now
8
DES – Key Scheduling Repeat the operation 16 times to get 16 subkeys Use rotated L k and R k Why each subkey has length of only 48 bits instead of 56 bits? The answer is similar to PC-1
9
Subkey Rotation Table Round Number 12345678910111213141516 Bits to Rotate 1122222212222221 Bit012345 11417112415 73281562110 132319124268 191672720132 25415231374755 31304051453348 37444939563453 43464250362932 Permuted Choice 2
10
DES – Key Scheduling Flow Chart “<<<” is the operation of SRT We will call the subkeys K[1], K[2], …, K[16] later
11
Plaintext Preparation Cut the plaintext into 64-bit blocks Each 64-bit block should be permuted according to Initial Permutation Table (IP Table) Besides, we make an Inverse Initial Permutation Table (IP -1 ), which has effect opposite to IP
12
IP: Initial Permutation Bit01234567 1585042342618102 9605244362820124 17625446383022146 25645648403224168 3357494133251791 41595143352719113 49615345372921135 57635547393123157 IP -1 : Inverse Initial Permutation Bit01234567 1408481656246432 9397471555236331 17386461454226230 25375451353216129 33364441252206028 41353431151195927 49342421050185826 5733141949175725
13
DES – Core Function L[0] to L[15], R[0] to R[15] Feistel (F) function Inverse Initial Permutation
14
Feistel Function Expansion: using E-bit Selection Table Key Mixing: XOR with subkeys Substitution: S-box Permutation: P-box
15
Feistel Function - Expansion Copy R[0] to a buffer R b R b : 32 bits → 48 bits E-Bit Selection Table Bit012345 13212345 7456789 138910111213 19121314151617 25161718192021 31202122232425 37242526272829 4328293031321
16
Feistel Function – Key Mixing After the expansion operation, just “XOR” with subkey K[1]
17
Feistel Function - Substitution 48-bit buffer becomes eight 6-bit blocks 8 S-boxes have output from 0 to 15 which can be represented with 4 bits How do S-boxes work? Wait and see… 8 4-bit outputs can be merged, and store it in a 32-bit buffer
18
How do S-boxes Work? Bit 0 Bit 1 Bit 2 Bit 3 Bit 4 Bit 5 Row Column Use the Row and Column number to find the corresponding output number from the S-box. Besides, the n-th block must use the n-th S-box.
19
S-Box 1: Substitution Box 1 Row / Column0123456789101112131415 01441312151183106125907 10157414213110612119538 24114813621115129731050 31512824917511314100613 S-Box 2: Substitution Box 2 Row / Column0123456789101112131415 0 18146113497213120510 13134715281412011069115 20147111041315812693215 31381013154211671205149
20
S-Box 3: Substitution Box 3 Row / Column0123456789101112131415 01009146315511312711428 11370934610285141211151 21364981530111212510147 31101306987415143115212 S-Box 4: Substitution Box 4 Row / Column0123456789101112131415 07131430691012851112415 11381156150347212110149 21069012117131513145284 33150610113894511127214
21
S-Box 5: Substitution Box 5 Row / Column0123456789101112131415 02124171011685315130149 1 11212471315015103986 24211110137815912563014 31181271142136150910453 S-Box 6: Substitution Box 6 Row / Column0123456789101112131415 01211015926801334147511 11015427129561131401138 29141552812370410113116 34321295151011141760813
22
S-Box 7: Substitution Box 7 Row / Column0123456789101112131415 04112141508133129751061 11301174911014351221586 21411131237141015680592 36111381410795015142312 S-Box 8: Substitution Box 8 Row / Column0123456789101112131415 01328461511110931450127 11151381037412561101492 27114191214206101315358 32114741081315129035611
23
Feistel Function - Permutation After the substitution, do permutation according to the P-box P Permutation Bit0123 11672021 529122817 91152326 135183110 17282414 21322739 251913306 292211425
24
DES – Core Function After one round of Feistel Function is completed, the buffer is “XORed” with L, becoming the next R Previous R becomes the next L Repeat the operations mentioned above 16 times
25
DES – Core Function When 16 rounds are finished, L and R are swapped and merged, then becomes a 64-bit “pre-output” Use IP -1 to become the final cipher output
26
DES - Decryption Almost all operations are the same as those of encryption Only one is different: use the subkeys in descending order
27
DES – Other Form Triple-DES: quite literally. A Triple-DES key has length of 192 bits. It can be considered three 64-bit DES key. DES40: a key is pre-processed to make it a 40-bit effective key
28
DES - Modes ECB (Electronic Code Book) CBC (Cipher Block Chaining)
29
DES – Cryptanalysis
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.