Cys505 Lecture03
Cys505 Lecture03
Li+1 = Ri
Ri+1 = Li⊕F(Ri, Ki)
“F” is the round function
K0,K1,…. ,Kn the sub-keys
rounds 0,1,… ,n.
Decryption:
Ri = Li+i
Li = Ri+1⊕F(Li+1, Ki)
block size
◦ increasing size improves security, but slows cipher
key size
◦ increasing size improves security, makes exhaustive key
searching harder, but may slow cipher
number of rounds
◦ increasing number improves security, but slows cipher
subkey generation
◦ greater complexity can make analysis harder, but slows
cipher
round function
◦ greater complexity can make analysis harder, but slows
cipher
fast software en/decryption & ease of analysis
◦ are more recent concerns for practical use and testing
most widely used block cipher in world
encrypts 64-bit data using 56-bit key
has widespread use
Adopted in 1977 by the National Institute of
Standards and Technology (NIST), as Federal
Information Processing Standard 46 (FIPS PUB
46).
although DES standard is public
was considerable controversy over design
◦ in choice of 56-bit key (vs Lucifer 128-bit)
subsequent events and public analysis show
in fact design was appropriate
DES has become widely used, especially in
financial applications
Permutation (16 bit to 16 bit)
Permutation (16 bit to 14 bit)
1 Process the key.
2 Process a 64-bit data block.
1.1 Get a 64-bit key from the user. (Every 8th
bit (the least significant bit of each byte) is
considered a parity bit. For a key to have
correct parity, each byte should contain an
odd number of "1" bits.) This key can be
entered directly, or it can be the result of
hashing something else. There is no standard
hashing algorithm for this purpose.
1.2 Calculate the key schedule.
1.2.1 Perform the following permutation on
the 64-bit key. (The parity bits are discarded,
reducing the key to 56 bits. Bit 1 (the most
significant bit) of the permuted block is bit
57 of the original key, bit 2 is bit 49, and so
on with bit 56 being bit 4 of the original key.)
1.2.2 Split the permuted key into two halves.
The first 28 bits are called C0 and the last 28
bits are called D0.
1.2.3 Calculate the 16 sub keys. Start with i=1
1- Perform one or two circular left shifts on both
Ci-1 and Di-1 to get Ci and Di, respectively. The
number of shifts per iteration are given in the
table below.
1.2.3 Calculate the 16 sub keys. Start with i=1
2-Permute the concatenation CiDi as indicated
below. This will yield the key Ki, which is 48 bits
long.
56-bit permutation
K+ =1111 0000 1100 1100 1010 1010 1111
0101 0101 0110 0110 0111 1000 1111
1)Process the key.
B2 = 010001
S2(B2) = 1100
2) Process a 64-bit data block.
S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) =
0101 1100 1000 0010 1011 0101 1001 0111
f=
0010 0011 0100 1010 1010 1001 1011 1011
2) Process a 64-bit data block.
R1 = L0 + f(R0 , K1 )
R1 =
1100 1100 0000 0000 1100 1100 1111 1111+
0010 0011 0100 1010 1010 1001 1011 1011