Scribd
Upload
12 views8 pages

Data Encryption Standard (DES) : Diffusion and Confusion P-Box and S-Box

The document provides an overview of the Data Encryption Standard (DES), a block cipher that encrypts data in 64-bit blocks using a 56-bit key. It explains the concepts of diffusion and confusion, the roles of P-Boxes and S-Boxes in the encryption process, and the structure of the Feistel cipher used in DES. The document also details the steps involved in the encryption and decryption processes, including initial and final permutations and the 16 rounds of processing.

Uploaded by

beastpanigale
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views8 pages

Data Encryption Standard (DES) : Diffusion and Confusion P-Box and S-Box

The document provides an overview of the Data Encryption Standard (DES), a block cipher that encrypts data in 64-bit blocks using a 56-bit key. It explains the concepts of diffusion and confusion, the roles of P-Boxes and S-Boxes in the encryption process, and the structure of the Feistel cipher used in DES. The document also details the steps involved in the encryption and decryption processes, including initial and final permutations and the 16 rounds of processing.

Uploaded by

beastpanigale
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Contents

Introduction
1. Diffusion and Confusion
2. P-Box and S-Box

Data Encryption Standard(DES)


1. Feistel Cipher/ Network
2. Initial and Final Permutation
3. Rounds

2
Data Encryption Standard(DES)
1. Introduction
DES is a block cipher (Figure-1). It encrypts data in blocks of 64 bits each. The same
algorithm and key are used for encryption and decryption. The key length is 56 bits. The
initial key consists of 64 bits. Every eighth bit of the key is discarded to produce a 56-bit
key. The discarded bits can be used for parity checking to ensure that the key does not
contain any errors.

Figure-1

DES is based on the two fundamental concepts: confusion (substitution) and


diffusion(transposition). The terms diffusion and confusion were introduced by Claude
Shannon.

1.1 Diffusion and Confusion

Diffusion: The idea of diffusion is to hide the relationship between the ciphertext and the
plaintext. In diffusion the influence of one plaintext symbol (character or bit) is spread
over many ciphertext symbols with the goal of hiding statistical properties of the
plaintext. This implies that each symbol (character or bit) in the ciphertext is dependent
on some or all symbols in the plaintext. A simple diffusion element is the bit permutation
in DES.

Confusion: The idea of confusion is to hide the relationship between the ciphertext and
the key. In confusion, if a single symbol (character or bit) in the key is changed, most or
all symbols in the ciphertext will also changed. A common element for achieving
confusion is substitution, which is found in both DES and AES.

3
1.2 P-Box and S-Box

P-Box: A P-Box (permutation box) parallels the traditional transposition cipher for
characters. It transposes bits as shown in the following Figure.

Figure-2

The above P- box is a permutation of n inputs and n outputs. So there can be n! possible
mappings. If a P-box is implemented in hardware, it is prewired. If it is implemented in
software, a permutation table shows the rule of mapping. The entries in the table are the
input and the positions of the entries are the outputs. The following Table shows an
example of a permutation table when n is 64.

58 50 42 34 26 18 10 02 60 52 44 36 28 20 12 04
62 54 46 38 30 22 14 06 64 56 48 40 32 24 16 08
57 49 41 33 25 17 09 01 59 51 43 35 27 19 11 03
61 53 45 37 29 21 13 05 63 55 47 39 31 23 15 07
Table-1

S-Box: An S-box (substitution box) parallels the traditional substitution cipher for
characters. The inputs to an S-box could be an n-bit word, but the output can be an m-bit
word. n and m are not necessarily the same. The mapping from the input to the output is
predetermined. The following figure shows an S-box.

Figure-3

4
We can conceptually think S-Box as a table whose row number and column number are
determined by the inputs. Let us assume that the inputs are binary string indicated by
b1b2b3b4 b5b6 . Then bit b1 and b6 are combined to form a binary number (b1b6) which
indicates the row number. Remaining b2,b3,b4 and b5 are combined to form a binary
number (b2b3 b4b5) which indicates the column number. Thus, the 6-bit input
automatically selects the row number and column number for the selection of the output.
Suppose the inputs contain a binary value 101101. Therefore, we have (b1 b6)=(11)2=(3)10.
and (b2b3b4 b5)=(0110)2=(6)10 . Thus the output of the S-Box at the intersection of row
number 3 and column number 6 will be selected.

2. Data Encryption Standard(DES)

2.1 Feistel Cipher/ Network


A Feistel cipher is a multi-round cipher that divides the current internal state of the cipher
into two parts and operates only on a single part in each round of encryption or
decryption. Between rounds, the left and right sides of the internal states switch sides.
The following figure shows a Feistel cipher with two rounds. The left side of the figure
shows the encryption of the plaintext to the ciphertext and the right side shows the
creation of round keys.

Figure-4

5
The following figure shows the elements of DES cipher.

Figure-5
DES has the following steps:

1. The Initial Permutation (IP) is performed on 64-bit plaintext block.


2. The permuted block is divided into two halves: Left and Right. Each of the half
goes through 16 rounds of encryption process, each with its own key.
3. Left and Right halves are rejoined, and a Final Permutation(FP) is performed on
it.

In the following sections the above steps are discussed in details.

2.2 Initial and Final Permutation


The initial and final permutations permute a input of 64 bit using predefined P-Box.
The permutation rules for these P-boxes are shown in the following Table.

Table-2

6
2. 3 Rounds
DES uses 16 rounds. Each round of DES is a Feistel cipher as shown below.

Figure-6
The main part of DES is the DES function. The function takes 48-bit key and 32-bit right
half from initial permutation (or previous round) to produce a 32-bit output. This function
consists of four elements: two P-boxes, a whitener (XOR) and a group of S-boxes. The
first P-box is used to expand the 32-bit right half of initial permutation into 48 bits. The
following figure shows the concepts of expansion and its corresponding permutation
Table. The XOR operation is performed on expended right half and round key.

Figure-7

Table-3

7
The 48-bit data from XOR operation is divided into eight blocks of size 6-bits and is fed into
S-boxes which produce 32-bit outputs. The input of each S-box is a block of size 6-bits and
output of size 4-bit; when these are combined the result is a 32-bit text. The substitution in each
box follows a pre-determined rule based on a 4-row by 16-column table. The combination of bits
1 and 6 of the input defines one of four rows; the combination of bits 2 through 5 defines one of
the sixteen columns as shown in Figure.

Figure-8
Each S-box has its own table as shown in the below. There are eight S-box tables to
produce a 32-bit output.

Table-4
The last operation of DES function is a permutation with 32-bit input and a 32-bit output
using a permutation table as below.

Table-5

8
The whole encryption and decryption process of DES can be shown in the following
Figure.

Figure-9
The left half and right half of the above figure shows the encryption and decryption
process respectively.

You might also like