Assignment#03

Submitted To:
Khalid Mahmoud

Submitted By:
Faisal Qayyum
Reg#
Fa17-bse-073-b9-b
Date:
1/5/2020
………………………………………………………………………………………………………

Q#1:Determine the cipher text C of plaintext M = 0987654321FECDEF, you can use

Key K of your own choice or the one used at following link under the heading of
"How DES Works in Detail"?
Ans:

DES working
M be the plain text message M = 0987654321FECDEF, where M is in hexadecimal (base 16)
format. Rewriting M in binary format, we get the 64-bit block of text:

M = 0000 1001 1000 0111 0110 0101 0100 0011 0010 0001 1111 1110 1100 1101 1110 1111
L = 0000 1001 1000 0111 0110 0101 0100 0011
R = 0010 0001 1111 1110 1100 1101 1110 1111

The first bit of M is "0". The last bit is "1". We read from left to right.

The keys are actually stored as being 64 bits long, but every 8th bit in the key is not used (i.e.
bits numbered 8, 16, 24, 32, 40, 48, 56, and 64). But, as you will see, the eight bits just
mentioned get eliminated when we create sub keys.

Let K be the hexadecimal key K = 133457799BBCDFF1. This gives us as the binary key
(setting 1 = 0001, 3 = 0011, etc., and grouping together every eight bits, of which the last one in
each group will be unused):
K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001

The DES algorithm uses the following steps:

16 sub keys, one key has 48-bits

Since the first entry in the table is "57", this means that the 57th bit of the original key K
becomes the first bit of the permuted key K+. The 49th bit of the original key becomes the
second bit of the permuted key. The 4th bit of the original key is the last bit of the permuted key.
Note only 56 bits of the original key appear in the permuted key.

PC-1

57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4

K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001

We get the 56-bit permutation

K+ = 1111000 0110011 0010101 0101111 0101010 1011001 1001111 0001111

Split this key into left and right halves, C0 and D0, where each half has 28 bits.

From the permuted key K+, we get

C0 = 1111000 0110011 0010101 0101111

D0 = 0101010 1011001 1001111 0001111

C3 and D3 are obtained from C2 and D2, respectively, by two left shifts, and C16 and D16 are
obtained from C15 and D15, respectively, by one left shift. In all cases, by a single left shift is
meant a rotation of the bits one place to the left, so that after one left shift the bits in the 28
positions are the bits that were previously in positions 2, 3,..., 28, 1.

C0 = 1111000011001100101010101111
D0 = 0101010101100110011110001111

C1 = 1110000110011001010101011111
D1 = 1010101011001100111100011110
C2 = 1100001100110010101010111111
D2 = 0101010110011001111000111101

C3 = 0000110011001010101011111111
D3 = 0101011001100111100011110101

C4 = 0011001100101010101111111100
D4 = 0101100110011110001111010101

C5 = 1100110010101010111111110000
D5 = 0110011001111000111101010101

C6 = 0011001010101011111111000011
D6 = 1001100111100011110101010101

C7 = 1100101010101111111100001100
D7 = 0110011110001111010101010110

C8 = 0010101010111111110000110011
D8 = 1001111000111101010101011001

C9 = 0101010101111111100001100110
D9 = 0011110001111010101010110011

C10 = 0101010111111110000110011001
D10 = 1111000111101010101011001100
C11 = 0101011111111000011001100101
D11 = 1100011110101010101100110011

C12 = 0101111111100001100110010101
D12 = 0001111010101010110011001111

C13 = 0111111110000110011001010101
D13 = 0111101010101011001100111100

C14 = 1111111000011001100101010101
D14 = 1110101010101100110011110001

C15 = 1111100001100110010101010111
D15 = 1010101010110011001111000111
C16 = 1111000011001100101010101111
D16 = 0101010101100110011110001111

Iteration Number of
Number Left Shifts

1 1
2 1 3
2
4 2
5 2
6 2
7 2 8 2
9 1
10 2
11 2 12 2
13 2
14 2
15 2
16 1

Therefore, the first bit of Kn is the 14th bit of CnDn, the second bit the 17th, and so on, ending
with the 48th bit of Kn being the 32th bit of CnDn.

For the first key we have C1D1 = 1110000 1100110 0101010 1011111 1010101 0110011
0011110 0011110

Every pair has 56 bits, but PC-2 only uses 48 .

PC-2

14 17 11 24 1 5
3 28 15 6 21 10 23 19
12 4 26 8
16 7 27 20 13 2
41 52 31 37 47 55
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

For the other keys we have

K2 = 011110 011010 111011 011001 110110 111100 100111 100101

K3 = 010101 011111 110010 001010 010000 101100 111110 011001
K4 = 011100 101010 110111 010110 110110 110011 010100 011101
K5 = 011111 001110 110000 000111 111010 110101 001110 101000
K6 = 011000 111010 010100 111110 010100 000111 101100 101111
K7 = 111011 001000 010010 110111 111101 100001 100010 111100
K8 = 111101 111000 101000 111010 110000 010011 101111 111011
K9 = 111000 001101 101111 101011 111011 011110 011110 000001
K10 = 101100 011111 001101 000111 101110 100100 011001 001111
K11 = 001000 010101 111111 010011 110111 101101 001110 000110
K12 = 011101 010111 000111 110101 100101 000110 011111 101001
K13 = 100101 111100 010111 010001 111110 101011 101001 000001
K14 = 010111 110100 001110 110111 111100 101110 011100 111010
K15 = 101111 111001 000110 001101 001111 010011 111100 001010
K16 = 110010 110011 110110 001011 000011 100001 011111 110101

Encoding of each 64-bit data.

The 58th bit of M becomes the first bit of IP. The 50th bit of M becomes the second bit of
IP. The 7th bit of M is the last bit of IP.

IP

58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7

Applying the initial permutation to the block of text M, given previously, we get
M = 0000 1001 1000 0111 0110 0101 0100 0011 0010 0001 1111 1110 1100 1101 1110 1111
IP = 1110 1100 0010 0000 1110 0110 1101 1111 1110 0010 1011 0100 1110 0001 1010 1010

Here the 58th bit of M is "1", which becomes the first bit of IP. The 50th bit of M is "1", which
becomes the second bit of IP. The 7th bit of M is "0", which becomes the last bit of IP.

Divide the permuted block IP into a left half L0 of 32 bits, and a right half R0 of 32 bits. From

IP, we get L0 and R0

L0 = 1110 1100 0010 0000 1110 0110 1101 1111
R0 = 1110 0010 1011 0100 1110 0001 1010 1010

Let E be such that the 48 bits of its output, written as 8 blocks of 6 bits each, are obtained by
selecting the bits in its inputs in order according to the following table:

E BIT-SELECTION TABLE

32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1 We

calculate E(R0) from R0 as follows:

L0 = 1110 1100 0010 0000 1110 0110 1101 1111

R0 = 1110 0010 1011 0100 1110 0001 1010 1010

E(R0) = 011100 000101 010110 101001 011100 000011 110101 010101

where each Bi is a group of six bits. We now calculate

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8)

where Si(Bi) referres to the output of the i-th S box.

To repeat, each of the functions S1, S2,..., S8, takes a 6-bit block as input and yields a 4-bit block
as output. The table to determine S1 is shown and explained below:

S1

Column Number
Row
No. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

1 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
2 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8 2 4
1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

The first and last bits of B represent in base 2 a number in the decimal range 0 to 3 (or binary 00
to 11). Let that number be i. The middle 4 bits of B represent in base 2 a number in the decimal
range 0 to 15 (binary 0000 to 1111). Let that number be j. Look up in the table the number in the
i-th row and j-th column. It is a number in the range 0 to 15 and is uniquely represented by a 4
bit block. That block is the output S1(B) of S1 for the input B.

For the first round, we obtain as the output of the eight S boxes:

K1 + E(R0) = 011010 110101 011101 000110 100011 000100 110100 100111

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 1001 0111 1111 0011 1000 1010 0110 0111

S1

14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

S2

15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10
3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9

S3

10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8
13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1
13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7
1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12

S4

7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15
13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9
10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4
3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14
S5

2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14
11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3

S6

12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11
10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8
9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13

S7

4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12

S8

13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11

The final stage in the calculation of f is to do a permutation P of the S-box output to obtain the
final value of f:

f = P(S1(B1)S2(B2)...S8(B8))

IP yields a 32-bit output from a 32-bit input by permuting the bits of the input block.

16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
R1:
K1 = 000110 110000 001011 101111 111111 000111 000001 110010

⊕ E(R0) = 011100 000101 010110 101001 011100 000011 110101 010101

K1 E(R0)= 011010 110101 011101 000110 100011 000100 110100 100111

1001 0111 1111 0011 1000 1010 0110 0111

After the permutation

R1 = L0 ⊕ f(R0 , K1 )

f = 1101 0101 1111 0011 0100 1101 0011 0110

⊕ L0 = 1110 1100 0010 0000 1110 0110 1101 1111

R1 = 0011 1001 1101 0011 1010 1011 1110 1001

L1 = 1110 0010 1011 0100 1110 0001 1010 1010 R2:

E(R1) = 100111 110011 100111 110101 110101 010111 111101 010010

K2 = 011110 011010 111011 011001 110110 111100 100111 100101

K2 ⊕ E(R1) = 111001 101001 000001 111110 000011 101011 011010 110111

= 1010 0011 1101 0100 1011 0101 1010 0000 After

the Permutation f = 0110 0101 1000 0001 0111

0111 1000 1001

⊕ L1 = 1110 0010 1011 0100 1110 0001 1010 1010

R2 = L1 ⊕ f(R1 , K2 ) = 1000 0111 0011 0101 1001 0110 0010 0011

L2 = 0011 1001 1101 0011 1010 1011 1110 1001 R3:

K3 = 010101 011111 110010 001010 010000 101100 111110 011001

E(R2) = 110000 001110 100110 101011 110010 110010 101100 000100 000111

K3 ⊕ E(R2) = 100101 010001 010100 100001 100010 000000 111010 011110

= 1000 1100 1100 0011 0010 1100 0101 01111

After the permutation f = 1001 0010 1101 1011

0000 1001 1011 1000

⊕ L2 = 0011 1001 1101 0011 1010 1011 1110 1001

R3= L2⊕ f(R2 , K3 ) = 1010 1011 0000 1000 1010 0010 0101 0001
 L3 = 1000 0111 0011 0101 1001 0110 0010 0011

R4:
K4 = 011100 101010 110111 010110 110110 110011 010100 011101

E(R3) = 110101 010110 100001 010001 010100 000100 001010 100011

K4 ⊕ E(R3) = 101001 111100 010110 000111 100010 110111 011110 111110

= 0100 0010 0111 0010 0111 0001 1000 After

the permutation

f = 1100 1110 0010 0001 1011 0000 1000 1100

L3 = 1000 0111 0011 0101 1001 0110 0010 0011

R4= L3⊕ f(R3 , K4 ) = 0100 1001 0001 0100 0010 0110 1010 1111

L4 = 1010 1011 0000 1000 1010 0010 0101 0001

R5:
E(R4) = 101101 010010 100010 101000 000100 001101 010101 011110

K5 = 011111 001110 110000 000111 111010 110101 001110 101000

K5 ⊕ E(R4) = 110110 011100 010010 101111 111110 111000 011011 110110

= 0111 0101 1101 1000 1110 0001 1111 0011 After

the permutation
 f = 0000 0111 0001 0111 1111 1101 0011

L4 = 1010 1011 0000 1000 1010 0010 0101 0001

R5= L4⊕ f(R4 , K5 ) = 1010 1100 0001 1111 0100 1101 1000 0010

L5 = 0100 1001 0001 0100 0010 0110 1010 1111

R6:
K6 = 011000 111010 010100 111110 010100 000111 101100 101111

E(R5) = 010101 011000 000011 111110 101001 011011 110000 000101

K6 E(R5) = 001101 100010 010111 000000 111101 011100 011100 101010

= 1101 1110 1110 0111 0101 0101 0110 1100 After

the permutation

f = 1110 1000 1101 1101 1011 0101 0011 1110

⊕ L5 = 0100 1001 0001 0100 0010 0110 1010 1111

R6= L5⊕ f(R5 , K6 ) = 1010 0001 1100 1001 0011 1001 0001

L6 = 1010 1100 0001 1111 0100 1101 1000 0010

R7:
K7 = 111011 001000 010010 110111 111101 100001 100010 111100

E(R6) = 110100 000011 111001 010011 110010 100111 110010 100011

K7 E(R6)= 001111 001011 101011 100100 001111 000110 010000 011111

= 0001 0010 0110 1001 0001 1111 0011 0010 After

the permutation

f = 1111 0010 0010 0011 0010 0100 0100 1110

⊕ L6 = 1010 1100 0001 1111 0100 1101 1000 0010

R7= L6⊕ f(R6 , K7 ) = 0101 1110 0011 0010 0100 0100 1110

L7 = 1010 0001 1100 1001 1001 0011 1001 0001

R8:
K8 = 111101 111000 101000 111010 110000 010011 101111 111011

E(R7) = 001011 111100 000111 111000 001101 010011 111001 011000

K8 E(R7)= 110110 000100 101111 000010 001101 000000 010110 100011

After the substitution

= 0111 1000 0111 1101 1101 1100 0111 0001 After

the permutation

f = 1011 0111 0001 1101 1001 1110 0100 1110

⊕ L7 = 1010 0001 1100 1001 1001 0011 1001 0001

R8= L7⊕ f(R7 , K8 ) = 0001 0110 1101 0100 0000 1101 1101 1111

L8 = 0101 1110 0011 1100 0110 1001 1100 1100

R9:
K9 = 111000 001101 101111 101011 111011 011110 011110 000001

E(R8) = 100010 101101 011010 101000 000001 011011 111011 111110

K9 E(R8)= 011010 100000 110101 000011 111010 000101 100101 000001

= 1001 0000 1110 1000 0011 0100 1101 1011

After the permutation

f = 0010 1010 1001 0011 0000 1001 1100 1111

⊕ L8 = 0101 1110 0011 1100 0110 1001 1100 1100

R9= L8⊕ f(R8 , K9 ) = 0111 0100 1010 1111 0110 0000 0000 0011

L9 = 0001 0110 1101 0100 0000 1101 1101 1111 R10:

K10 = 101100 011111 001101 000111 101110 100100 011001 001111

E(R9) = 101110 101001 010101 011110 101100 000000 000000 000110

K10 E(R9)= 000010 110110 011000 011001 000010 100100 011001 001001

= 0100 0110 1011 0001 1100 1111 0010 1010 After

the permutation
 f = 1101 1101 0010 0110 1010 0101 0001 1100

⊕ L9 = 0001 0110 1101 0100 0000 1101 1101 1111

R10= L9⊕ f(R9 , K10 ) = 1100 1011 1111 0010 1010 1000 1100 0011

L10 = 0111 0100 1010 1111 0110 0000 0000 0011

R11:
K11 = 001000 010101 111111 010011 110111 101101 001110 000110

E(R10) = 111001 010111 111110 100101 010101 010001 011000 000111

K11 E(R10)= 110001 000010 000001 110110 100010 111100 010110 000001

= 0101 0001 1101 1110 0010 1011 0111 0001

After the permutation

f = 0001 0110 0111 0001 1111 1101 1100 0010

⊕ L10 = 0111 0100 1010 1111 0110 0000 0000 0011

R11= L10⊕ f(R10 , K11 ) = 0110 0010 1101 1110 1001 1101 1100 0001

L11 = 1100 1011 1111 0010 1010 1000 1100 0011

R12:
K12 = 011101 010111 000111 110101 100101 000110 011111 101001
 E(R11) = 101100 000101 011011 111101 010011 111011 111000 000010

K12 E(R11)= 110001 010010 011100 001000 110110 111101 100111 101011

= 0101 0111 0010 0000 0101 1000 1000 1010 After

the permutation

f = 0111 1000 0000 0110 1100 0000 0001 0111

⊕ L11 = 1100 1011 1111 0010 1010 1000 1100 0011

R12= L11⊕ f(R11 , K12 ) = 1011 0011 1111 0100 0110 1000 1101 0100

L12 = 0110 0010 1101 1110 1001 1101 1100 0001

R13:
K13 = 100101 111100 010111 010001 111110 101011 101001 000001

E(R12) = 010110 100111 111110 101000 001101 010001 011010 101001

K13 E(R12)= 110011 011011 101001 110011 111010 111010 110011 101000
= 1011 1001 0110 0100 0011 1101 0101 1001 After

the permutation

f = 0011 0000 0000 1001 1011 0001 1010 0110

⊕ L12 = 0110 0010 1101 1110 1001 1101 1100 0001

R13= L12⊕ f(R12 , K13 ) = 0101 1000 0100 0111 1110 0111 0100 1111
L13 = 1011 0011 1111 0100 0110 1000 1101 0100

R14:
K14 = 010111 110100 001110 110111 111100 101110 011100 111010

E(R13) = 101011 110000 001000 001111 111100 001110 101001 011110

K14 E(R13)= 111100 000100 000110 111000 000000 100000 110101 100100

= 0101 1000 1110 0101 0010 1001 0000 0100 After

the permutation

f = 1001 0000 0000 1001 1011 0001 1010 0110

⊕ L13 = 1011 0011 1111 0100 0110 1000 1101 0100

R14= L13⊕ f(R13 , K14 ) = 0010 0011 1111 1101 1101 1001 0111 0010

L14 = 0101 1000 0100 0111 1110 0111 0100 1111 R15:

K15 = 101111 111001 000110 001101 001111 010011 111100 001010

E(R14) = 000100 000111 111111 111011 111011 110010 101110 100100

K15 E(R14)= 101011 111110 111001 110110 110100 100001 010010 101110
= 1001 1111 1100 1110 1100 0100 1100 0010 After

the permutation

f = 0100 0001 1101 1111 0101 0001 0101 1011

 ⊕ L14 = 0101 1000 0100 0111 1110 0111 0100 1111

R15= L14⊕ f(R14 , K15 ) = 0001 1001 1001 1000 1011 0110 0001 01001

L15 = 0010 0011 1111 1101 1101 1001 0111 0010

R16:
K16 = 110010 110011 110110 001011 000011 100001 011111 110101

E(R15) = 000011 110011 110011 110001 010110 101100 000010 101000

K16 E(R15)= 110001 000000 000001 111010 010101 001101 011101 011101

= 0101 1111 1101 0010 1111 1001 1000 1001 After

the permutation

f = 0111 1101 0100 1101 1001 1110 1001 0011

⊕ L15 = 0010 0011 1111 1101 1101 1001 0111 0010

R16= L15⊕ f(R15 , K16 ) = 0101 1110 1011 0000 0011 0000 1110 0001

L16 = 0001 1001 1001 1000 1011 0110 0001 0100

Now reverse the order of the both blocks and after that we apply the final permutation.

That is, the output of the algorithm has bit 40 of the pre-output block as its first bit, bit 8 as its
second bit, and so on, until bit 25 of the pre-output block is the last bit of the output.

R16L16 = 01011110 10110000 00110000 11100001 00011001 10011000 10110110 0001010

 IP-1

40 8 48 16 56 24 64 32
39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30
37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28
35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26
33 1 41 9 49 17 57 25

IP-1 = 10000001 01001000 01001010 11100000 11111110 00011101 01000001 00111001

The cipher is in in hexadecimal format that is below

81484AE0FE1D4139.

This is the encrypted form of M = 0987654321FECDEF: namely, C = 81484AE0FE1D4139.

Decryption is inverse of encryption, follow same steps as we done above, but in the reversing
order as the sub keys are applied.