Here are some of the important features that impact the working of the Data Encryption Standard. Block cipher This means that the entire Data Encryption Standard is a cryptographic key, which is applied to a block of data and not on a single bit. For instance, to encrypt a plain text message, DES will put the message into blocks of 64 bits and then encrypt it.
Multiple rounds of encryption The DES methodology is a process of encryption that is done 16 times. This is done in four different modes, by encrypting blocks individually or creating a relationship of each cipher block with all previous blocks. Decryption is just the opposite of encryption, where you must follow the same steps but in reverse order. The algorithm for encryption products 16 different subkeys of 48 bits each.
Each of these subkeys is used for 16 encryption rounds. The following diagram explains how encryption converts a plain text message into an encrypted message. To implement DES the fundamental requirement is a security provider. Though there are a plethora of service providers available to select from, it is important to select the right one.
Once a service provider is selected, then the next step is to choose a random secret key. This will be executed by the Key Generator, or one can create on their own. Subsequently, it is important to test the encryption that is created. This is to check for any vulnerability and ensuring that it is properly implemented.
For any encrypted cipher, the fundamental method of attack is force. This involves trying each key until you hit the one that is the right one. Length of the key determines the possibilities, and thus the possibility of easy attack. DES encryption comes with a key length of 56 bits. If you make a probability, then the possibility of breaking the encryption and finding the key is 72 quadrillion times. This is not enough considering the power of modern computers and the technology used today.
It was always suspected that constant interference by National Security Agency caused significant interruptions in the original algorithm rendering it weaker. We know that strength of encryption is directly proportional to the length of the encryption key. Considering the processing power of modern computers, bit key lengths are very small.
As a result, in , the National Institute of Standards and Technology NIST decided to select a successor to DES and started an evaluation period that lasted for 5 years, comprising 15 different algorithm programs. After undergoing some modifications and tweaks, it became the modern-day AES. Even though both DES and 3DES algorithms are completely obsolete purely due to their key length, we can still find some utility of these algorithms.
This is row 1. The middle four bits are "". This is the binary equivalent of decimal 13, so the column is column number In row 1, column 13 appears 5. This determines the output; 5 is binary , so that the output is The tables defining the functions S 1 , The final stage in the calculation of f is to do a permutation P of the S -box output to obtain the final value of f :.
At the end of the sixteenth round we have the blocks L 16 and R We then reverse the order of the two blocks into the bit block. That is, the output of the algorithm has bit 40 of the preoutput block as its first bit, bit 8 as its second bit, and so on, until bit 25 of the preoutput block is the last bit of the output.
Example: If we process all 16 blocks using the method defined previously, we get, on the 16th round,. And that's it. If we apply the same steps to every bit chunk of our message we obtain the final cipher:. Decryption is simply the inverse of encryption, follwing the same steps as above, but reversing the order in which the subkeys are applied. Home Algorithms About Contacts. How DES works? How does DES work? DES takes as input a secret message that will be encrypted: And a 64bit Key, that will be used to both encrypt and decrypt: Resulting in a Ciphertext: First Step: Compute 16 subkeys, bits long each In general, a bit key is used as input for DES, of which only bits are used.
PC-1 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4 For example, our input key: Would become: Next we divide the key in two parts, left C 0 and right D 0.
C 0 : D 0 : With C 0 and D 0 defined, we now create sixteen blocks. However, we will nevertheless number the bits from 1 to 64, going left to right, in the following calculations.
But, as you will see, the eight bits just mentioned get eliminated when we create subkeys. The bit key is permuted according to the following table, PC The 49th bit of the original key becomes the second bit of the permuted key.
The 4th bit of the original key is the last bit of the permuted key. Note only 56 bits of the original key appear in the permuted key. To do a left shift, move each bit one place to the left, except for the first bit, which is cycled to the end of the block. Iteration Number of Number Left Shifts 1 1 2 1 3 2 4 2 5 2 6 2 7 2 8 2 9 1 10 2 11 2 12 2 13 2 14 2 15 2 16 1 This means, for example, C 3 and D 3 are obtained from C 2 and D 2 , respectively, by two left shifts, and C 16 and D 16 are obtained from C 15 and D 15 , respectively, by one left shift.
In all cases, by a single left shift is meant a rotation of the bits one place to the left, so that after one left shift the bits in the 28 positions are the bits that were previously in positions 2, 3, Each pair has 56 bits, but PC-2 only uses 48 of these.
Now we look at the message itself. Step 2: Encode each bit block of data. There is an initial permutation IP of the 64 bits of the message data M. This rearranges the bits according to the following table, where the entries in the table show the new arrangement of the bits from their initial order. The 58th bit of M becomes the first bit of IP. The 50th bit of M becomes the second bit of IP. The 7th bit of M is the last bit of IP. The 50th bit of M is "1", which becomes the second bit of IP.
The 7th bit of M is "0", which becomes the last bit of IP. Next divide the permuted block IP into a left half L 0 of 32 bits, and a right half R 0 of 32 bits. That is, in each iteration, we take the right 32 bits of the previous result and make them the left 32 bits of the current step. For the right 32 bits in the current step, we XOR the left 32 bits of the previous step with the calculation f.
To calculate f , we first expand each block R n-1 from 32 bits to 48 bits. This is done by using a selection table that repeats some of the bits in R n We'll call the use of this selection table the function E. Thus E R n-1 has a 32 bit input block, and a 48 bit output block. Let E be such that the 48 bits of its output, written as 8 blocks of 6 bits each, are obtained by selecting the bits in its inputs in order according to the following table: E BIT-SELECTION TABLE 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 15 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1 Thus the first three bits of E R n-1 are the bits in positions 32, 1 and 2 of R n-1 while the last 2 bits of E R n-1 are the bits in positions 32 and 1.
We have not yet finished calculating the function f. To this point we have expanded R n-1 from 32 bits to 48 bits, using the selection table, and XORed the result with the key K n.
We now have 48 bits, or eight groups of six bits. We now do something strange with each group of six bits: we use them as addresses in tables called " S boxes ". Each group of six bits will give us an address in a different S box. Located at that address will be a 4 bit number. This 4 bit number will replace the original 6 bits. The net result is that the eight groups of 6 bits are transformed into eight groups of 4 bits the 4-bit outputs from the S boxes for 32 bits total.
To repeat, each of the functions S1, S2, Let that number be i. The middle 4 bits of B represent in base 2 a number in the decimal range 0 to 15 binary to Let that number be j. Look up in the table the number in the i -th row and j -th column. It is a number in the range 0 to 15 and is uniquely represented by a 4 bit block.
0コメント