Data Encryption Standard (DES)
Data Encryption Standard (DES) is a symmetric block cipher. By ‘symmetric’, we mean that the size of input text and output text (ciphertext) is same (64-bits). The ‘block’ here means that it takes group of bits together as input instead of encrypting the text bit by bit. Data encryption standard (DES) has been found vulnerable to very powerful attacks and therefore, it was replaced by Advanced Encryption Standard (AES).
- It is a block cipher that encrypts data in 64 bit blocks.
- It takes a 64-bit plaintext input and generates a corresponding 64-bit ciphertext output.
- The main key length is 64-bit which is transformed into 56-bits by skipping every 8th bit in the key.
- It encrypts the text in 16 rounds where each round uses 48-bit subkey.
- This 48-bit subkey is generated from the 56-bit effective key.
- The same algorithm and key are used for both encryption and decryption with minor changes.
Steps in DES Encryption Process
1. Initial Permutation (IP)
·
The
64-bit plaintext undergoes an initial permutation that rearranges the bits
according to a predefined table.
2. Key Generation
·
A
64-bit key is reduced to 56 bits by removing parity bits.
·
The
key is divided into two 28-bit halves.
·
The
halves undergo left circular shifts and are used to generate 16 round keys
(48-bit each).
3. 16 Rounds of Encryption
(Feistel Structure) Each round consists of:
·
Splitting
the data into left (L) and right (R) halves.
·
Expanding
the right half (32 bits → 48 bits) using the Expansion (E) function.
·
XOR-ing
the expanded right half with the round key.
·
Passing
the result through S-boxes (Substitution boxes) to get a 32-bit output.
·
Applying
the P-box (Permutation function).
·
XOR-ing
the result with the left half.
·
Swapping
L and R for the next round.
4. Final Permutation (FP)
After 16 rounds, the left and right halves are combined and undergo the final
permutation, producing the 64-bit ciphertext.
Example:
Step 1: Convert Plaintext to Binary
Let's say our plaintext is "HELLO123" (8 characters, 64 bits). We convert
each character to 8-bit ASCII binary:
|
Character |
ASCII (Decimal) |
Binary (8 bits) |
|
H |
72 |
01001000 |
|
E |
69 |
01000101 |
|
L |
76 |
01001100 |
|
L |
76 |
01001100 |
|
O |
79 |
01001111 |
|
1 |
49 |
00110001 |
|
2 |
50 |
00110010 |
|
3 |
51 |
00110011 |
So, the 64-bit
binary plaintext is:
01001000 01000101 01001100 01001100 01001111 00110001 00110010 00110011
Step 2: Initial Permutation (IP)
The plaintext undergoes an
initial permutation (IP), which rearranges the bits according to a predefined
table. Assume IP transformation gives us:
11001010 10001101 01101100 11011001 00011110 10101010 11110001 01100011
Step 3: Key Generation
We start with a 64-bit
key, say:
133457799BBCDFF1 (in hex)Key
Processing:
·
Convert
the hex key into binary.
·
Remove
parity bits to get a 56-bit key.
·
Split
into two 28-bit halves.
·
Perform
left shifts and compression to generate 16 subkeys (each 48-bit).
Example: First
round key after processing:
00010011 00110100 01010111 00011010 00100100 00011100
Step 4: 16 Rounds of Encryption
Each round follows these
steps:
1. Divide the 64-bit block into Left (L)
and Right (R) halves.
2.L0 = 11001010 10001101 01101100 11011001
3.R0 = 00011110 10101010 11110001 01100011
4. Expand R0 from 32 bits → 48 bits using Expansion (E) table.
5. XOR the expanded R0 with the first
round key.
6. Pass the result through S-Boxes (Substitution step) to reduce it back
to 32 bits.
7. Apply a permutation (P-Box) on the
32-bit output.
8. XOR with L0 and swap halves:
9.L1 = R0
10.R1 = L0⊕F(R0, K1)
Repeat this 16
times with different subkeys.
Step 5: Final Permutation (FP)
After the 16th round, we combine
L16 and R16 and apply the Final Permutation (FP).
This gives us the encrypted ciphertext.
Example Ciphertext
(in Hex):
29C3 50F3 47D8 70CA
Step 6: Decryption
To decrypt, we perform the same
process in reverse, using the subkeys in reverse order
(K16 to K1). This restores the original plaintext.
Comments
Post a Comment