o4in4iz024 09.01 Data Encryption Standard Data Encryption Standard The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST). DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only). General Structure of DES is depicted in the following illustration — 64-bit plaintext Initial permutation 56-bit cipher key Round-key generator Round 16 sbi Final permutation 64-bit ciphertext Since DES is based on the Feistel Cipher, all that is required to specify DES is — @ Round function © Key scheduleo4in4iz024 09:01 Data Encryption Standard © Any additional processing — Initial and final permutation Initial and Final Permutation The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of each other. They have no cryptography significance in DES. The initial and final permutations are shown as follows — 1 2 g 25 40 58 64 Initial Permutation Final Permutation Round Function The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the rightmost 32 bits to produce a 32-bit output. 216o4in4iz024 09.01 Data Encryption Standard K, (48 bits) 32 bits Out © Expansion Permutation Box — Since right input is 32-bit and round key is a 48-bit, we first need to expand right input to 48 bits. Permutation logic is graphically depicted in the following illustration — p— From bit 32 sort Saas From bit! — -bit input > > || P< TT |] [| || | VV) [¥) TVIVIVIVIV) WIVIVIVIVIV) [VIVIVIVIVIY) DTVIVIVIVIV] [VIVIVIVIVI¥) [VIVIVIVIVIV) [WIVIVIVIVIV) © The graphically depicted permutation logic is generally described as table in DES specification illustrated as shown — 316o4in4iz024 09.01 Data Encryption Standard a2 Ol 02 03 04 05 04 05 06 07 08 09 08 09 10 i 12 13 12 13 14 15 16 17 16 1F 18 19 20 21 20 21 22 23 24 2 24 25 26 27 2 29: 28 29 31 31 32 Ol © XOR (Whitener). — After the expansion permutation, DES does XOR operation on the expanded right section and the round key. The round key is used only in this operation. © Substitution Boxes. — The S-boxes carry out the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output. Refer the following illustration — 48-bit input Array of S-Boxes y S-Box i oo Delile chided ttl wits lien all S-Box S-Box ‘S-Bex $-Box \| ‘S-Box. eee eg ee eee eee eee 32-bit output @ The S-box rule is illustrated below — 46o4in4iz024 09.01 Data Encryption Standard bit] bit2 bit3 bit4 bit 5 bit 6 bit 1 bit2 bit3 bit 4 @ There are a total of eight S-box tables. The output of all eight s-boxes is then combined in to 32 bit section. © Straight Permutation — The 32 bit output of S-boxes is then subjected to the straight permutation with rule shown in the following illustration: Key Generation The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of key generation is depicted in the following illustration — 56o4in4iz024 09.01 Data Encryption Standard Key with parity bits {64 bits) N Parity dop 7 Shining Cipher key (56 bits) [Rounds T shatt [2.9.16] Cotes] Peabo 48 bits Round Key 1 Shitt tert] Shift ten] Rin] Pee Compression obo 48 bits Round Key 2 Shite Shin elt ar UGnnpresian Ppa Rond Key 16 48 bits The logic for Parity drop, shifting, and Compression P-box is given in the DES description. DES Analysis The DES satisfies both the desired properties of block cipher. These two properties make cipher very strong © Avalanche effect — A small change in plaintext results in the very great change in the ciphertext. © Completeness — Each bit of ciphertext depends on many bits of plaintext. During the last few years, cryptanalysis have found some weaknesses in DES when key selected are weak keys. These keys shall be avoided. DES has proved to be a very well designed block cipher. There have been no significant cryptanalytic attacks on DES other than exhaustive key search 66