Slide 1

The Digital Encryption Standard CSCI 5857: Encoding and Encryption

Slide 2

Outline History and background Overall Feistel structure Mixer function Permutation Substitution boxes Round key generation Key shifting Compression box

Slide 3

History of DES Pre-1973: No standards for encryption 1973: National Institute of Standards requests proposals for national symmetric key cryptosystem 1975: NIST accepts proposal from IBM as national Digital Encryption Standard 56-bit key Origin of some parts of structure classified Input from NSA on S-Box structure

Slide 4

Overall DES Structure 64-bit block inputs and outputs 16 round Feistel cipher 56-bit key used to generate 48-bit round keys

Slide 5

Initial and Final Permutations Plaintext undergoes initial permutation Final permutation is inverse of initial permutation No known reason, since easy for adversary to simulate

Slide 6

Initial and Final P-Boxes

Slide 7

Feistel Structure Input at each round broken into 32-bit left and right halves Right half mixed with round key using mixer function f(R, K) Result XORd with left half Resulting left and right halves swapped before next round

Slide 8

Mixer Function 32-bit right half expanded to 48 bits Combined with round key using XOR Run through array of 6 x 4 S-Boxes Results combined and run through 32 x 32 P-Box

Slide 9

Expansion Permutation First and last bits of each four bits duplicated No real contribution to confusion, just matches size with round key

Slide 10

Array of S-Boxes 48-bit input broken into 8 chunks of 6 bits Output of each compressed to 4 bits Combined to form 32-bit output Each S-Box is different to maximize confusion

Slide 11

S-Box Structure 4 rows x 16 columns (2 bits x 4 bits) Row determined by bits 1 and 6 of input Column determined by bits 2 5 of input

Slide 12

S-Boxes 1 4

Slide 13

S-Boxes 5 8

Slide 14

DES S-Box Example Input: 110010 First and last 2 bits: 10 = 2 in decimal Middle four bits: 1001 = 9 in decimal Output: 12 = 1100

Slide 15

Mixer P-Box Goal: Output of each S-Box distributed across final round key value before use in XOR

Slide 16

Round Keys 16 round keys Applied in reverse order at decryption stage

Slide 17

Round Key Generation 64 bit input = 56 bits of key data + 8 parity bits 56-bit key split into 28- bit left and right halves Circular left shift applied to each half at each round Combined in compression P-Box to create 48-bit round key

Slide 18

Parity Bit Drop Every 8 th bit of key input used for parity check to detect transmission errors This stage removes the parity bits and shuffles key bits

Slide 19

Key Shift Schedule Key split into two subkeys (28 bits each) Circular left shift applied each round One bit shift in rounds 1, 2, 9, 16 Two bit shift in other rounds (adds up to 28) Assures different key each round

Slide 20

Round Key Compression Reduces round key to 48 bits to match bits in mixer Combined with shifts, assures different bits used in each round key (different bits removed each round)