The Data Encryption Standard (DES) was introduced in 19xx and
is formally defined in
FIPS 46-3
Using a 56-bit key (usually entered as a 64-bit value with odd parity bits),
working on a 64-bit data block.
There are several modes for using DES to encrypt blocks of data
that may be more (or less) than 8 bytes in size. Click here
for more details on how DES works.
The 56-bit key used by DES is no longer sufficient for good security, but
many applications use triple-DES
(encrypt using key part A, decrypt using key part B, encrypt using key part A)
to acheive a 112-bit key while maintaining compatibility with
plain DES (using key part A = key part B).

## How DES works

Encryption starts with an initial permutation of the 64 input bits. These bits are then
divided into two 32-bit halves called L and R.
The encryption then proceeds through 16 rounds, each using the existing L and R parts,
and a subkey.
The R and subkeys are processed in a function *f*, and the
output of the *f* function are exclusive-or'ed with the existing L part to create
the new R part. The new L part is simply a copy of the incoming R part.
In the final round, the L and R parts are swapped once more before the final permutation
producing the output block.
Decryption is identical to encryption, except that the subkeys are used in the
opposite order. That is, subkey 16 is used in round 1, subkey 15 is used in round 2, etc.,
ending with subkey 1 being used in round 16.

Here is a diagram of the DES algorithm:

The *f* function mixes the bits of the R portion using the
subkey for the current round.
First the 32-bit R value is expanded to 48 bits using a permutation E.
That value is then exclusive-or'ed with the subkey. The 48 bits are then divided into
eight 6-bit chunks, each of which is fed into a S-Box that mixes the bits and produces
a 4-bit output. Those 4-bit outputs are combined into a 32-bit value, and permuted
once again to produce the *f*-function output.

To generate the subkeys, start with the 56-bit key (64 bits if you include the parity
bits). These are permuted and divided into two halves called C and D.
For each round, C and D are each shifted left circularly one or two bits (the number
of bits depending on the round). The 48-bit subkey is then selected from the current
C and D bits.

Return to my home page

Go to the EKU CS Department page