The Digital Encryption Standard CSCI 5857: Encoding and
Encryption
Slide 2
Outline History and background Overall Feistel structure Mixer
function Permutation Substitution boxes Round key generation Key
shifting Compression box
Slide 3
History of DES Pre-1973: No standards for encryption 1973:
National Institute of Standards requests proposals for national
symmetric key cryptosystem 1975: NIST accepts proposal from IBM as
national Digital Encryption Standard 56-bit key Origin of some
parts of structure classified Input from NSA on S-Box
structure
Slide 4
Overall DES Structure 64-bit block inputs and outputs 16 round
Feistel cipher 56-bit key used to generate 48-bit round keys
Slide 5
Initial and Final Permutations Plaintext undergoes initial
permutation Final permutation is inverse of initial permutation No
known reason, since easy for adversary to simulate
Slide 6
Initial and Final P-Boxes
Slide 7
Feistel Structure Input at each round broken into 32-bit left
and right halves Right half mixed with round key using mixer
function f(R, K) Result XORd with left half Resulting left and
right halves swapped before next round
Slide 8
Mixer Function 32-bit right half expanded to 48 bits Combined
with round key using XOR Run through array of 6 x 4 S-Boxes Results
combined and run through 32 x 32 P-Box
Slide 9
Expansion Permutation First and last bits of each four bits
duplicated No real contribution to confusion, just matches size
with round key
Slide 10
Array of S-Boxes 48-bit input broken into 8 chunks of 6 bits
Output of each compressed to 4 bits Combined to form 32-bit output
Each S-Box is different to maximize confusion
Slide 11
S-Box Structure 4 rows x 16 columns (2 bits x 4 bits) Row
determined by bits 1 and 6 of input Column determined by bits 2 5
of input
Slide 12
S-Boxes 1 4
Slide 13
S-Boxes 5 8
Slide 14
DES S-Box Example Input: 110010 First and last 2 bits: 10 = 2
in decimal Middle four bits: 1001 = 9 in decimal Output: 12 =
1100
Slide 15
Mixer P-Box Goal: Output of each S-Box distributed across final
round key value before use in XOR
Slide 16
Round Keys 16 round keys Applied in reverse order at decryption
stage
Slide 17
Round Key Generation 64 bit input = 56 bits of key data + 8
parity bits 56-bit key split into 28- bit left and right halves
Circular left shift applied to each half at each round Combined in
compression P-Box to create 48-bit round key
Slide 18
Parity Bit Drop Every 8 th bit of key input used for parity
check to detect transmission errors This stage removes the parity
bits and shuffles key bits
Slide 19
Key Shift Schedule Key split into two subkeys (28 bits each)
Circular left shift applied each round One bit shift in rounds 1,
2, 9, 16 Two bit shift in other rounds (adds up to 28) Assures
different key each round
Slide 20
Round Key Compression Reduces round key to 48 bits to match
bits in mixer Combined with shifts, assures different bits used in
each round key (different bits removed each round)