Data encryption standard is one of the widely used algorithm to encrypt and decrypt the messages.
- DES is a secret key encryption algorithm that was designed by IBM and adopted by the U.S government
- DES encrypt-bit block of plain-text using-bit key
- The key is actually contains 56 bits as the last bit of the 8 bytes in the key is a parity bit for those bytes i.e 8 out of 64 are parity bits.
- DES can also encrypt the message larger than 64 bits
- DES has three distinct phases :
- The 64-bits in the block are permuted and shuffled.
- Sixteen rounds of an identical operations are applied to the resulting data and the key.
- The inverse of the original permutation of step 1 is applied to the resulting data to get the ultimate cipher-text.
- In the initial permutation the various bits are shuffled with each other and is not dependent on key.
- During each round the 64-bit block is broken into two halves the left half and the right half and each is of 32-bits.
- The key used in each round is of 48 bits and is derived from 56-bits key by rotating the bits.
- If we denote the left and right half of the block of the block at round i as Li and Ri respectively, and key at round i as Ki then these pieces are combined using round i according to the following rules
Li = Ri-1
Ri = Li-1 ⊕ F(Ri-1, Ki)
Where F is a combine function and ⊕ is he exclusive – OR(XOR) operation.
- The function F contains the following 4 steps :
- A 48- bit number, E, is constructed by expanding the 32-bit Ri-1, according to fixed permutation and duplication rule.
- E and Ki are XORed together.
- The output is then partitioned into eight groups of 6 bits each, each is of fed into a different S-box. S-box stands for substitution box which reduces each 6 bit chunk into bits. There are eight different which reduces S-boxed one for each of the 6 bits chunks. S-box perform many to one mapping.
- Finally 8×4 bits are passed through P-box. P-box stands for permutation box used to effect a permutation on 8-bit input.
- Each round takes two 32 bits inputs and produces two 32 bit outputs. The left output is simply a copy of the right input.
- The right output is the bit-wise XOR of the left input and a function of the right and the key for this stage.
- The last stage is exact inverse of initial permutation. For the message having length more than 64 bits are made and a technique called cipher block chaining (CBC) is used.