The Digital Encryption Standard CSCI 5857: Encoding and Encryption
Outline History and background Overall Feistel structure Mixer function –Permutation –Substitution boxes Round key generation –Key shifting –Compression box
History of DES Pre-1973: No standards for encryption 1973: National Institute of Standards requests proposals for national symmetric key cryptosystem 1975: NIST accepts proposal from IBM as national Digital Encryption Standard –56-bit key –Origin of some parts of structure classified –Input from NSA on S-Box structure
Overall DES Structure 64-bit block inputs and outputs 16 round Feistel cipher 56-bit key used to generate 48-bit round keys
Initial and Final Permutations Plaintext undergoes initial permutation Final permutation is inverse of initial permutation No known reason, since easy for adversary to simulate
Initial and Final P-Boxes
Feistel Structure Input at each round broken into 32-bit left and right halves Right half mixed with round key using “mixer” function f(R, K) Result XOR’d with left half Resulting left and right halves swapped before next round
Mixer Function 32-bit right half expanded to 48 bits Combined with round key using XOR Run through array of 6 x 4 S-Boxes Results combined and run through 32 x 32 P-Box
Expansion Permutation First and last bits of each four bits duplicated No real contribution to confusion, just matches size with round key
Array of S-Boxes 48-bit input broken into 8 “chunks” of 6 bits –Output of each compressed to 4 bits –Combined to form 32-bit output Each S-Box is different to maximize confusion
S-Box Structure 4 rows x 16 columns (2 bits x 4 bits) –Row determined by bits 1 and 6 of input –Column determined by bits 2 – 5 of input
S-Boxes 1 – 4
S-Boxes 5 – 8
DES S-Box Example Input: –First and last 2 bits: 10 = 2 in decimal –Middle four bits: 1001 = 9 in decimal Output: 12 = 1100
Mixer P-Box Goal: Output of each S-Box distributed across final round key value before use in XOR
Round Keys 16 round keys Applied in reverse order at decryption stage
Round Key Generation 64 bit input = 56 bits of key data + 8 parity bits 56-bit key split into 28- bit left and right halves Circular left shift applied to each half at each round Combined in compression P-Box to create 48-bit round key
Parity Bit Drop Every 8 th bit of key input used for parity check to detect transmission errors This stage removes the parity bits and shuffles key bits
Key Shift Schedule Key split into two subkeys (28 bits each) Circular left shift applied each round –One bit shift in rounds 1, 2, 9, 16 –Two bit shift in other rounds (adds up to 28) –Assures different key each round
Round Key Compression Reduces round key to 48 bits to match bits in mixer Combined with shifts, assures different bits used in each round key (different bits removed each round)