← Back

DES (How Works?)


Welcome back.

This post will go on explaining the DES in greater detail; but be warned, it might seem mind boggling at first, while in truth it is not (on giving enough time and efforts you will realize that it is very intuitive. But yes, only after giving enough time and effort).

DES (Data Encryption Standard) is a block cipher which takes 64 bit long block of plaintext and encrypt it using 64 bit long key (actually on 56 bits of the key are used), to produce a 64 bit long ciphertext. The block diagram for the process is given below.

DES Overall Process

It can be understood shortly as this:
1- an initial permutation of 64 bits of plaintext
2- dividing the block of 64 bits into two halves
3- right half becomes new left half, and
4- left half XORed with a 'function' (of right half and a '48 bit key'?)
5- 16 such rounds.
That's it.
In the end, you've got the ciphertext bits.

Now, few things need to be elaborated further.
Firstly, what is the 'function' in each round;
Secondly, what is the 48 bit 'key' in each round.

The Function
The function in each round goes like the diagram below:

Function f

It can be understood as follows:
1- the 32 bit right half, using the E table (Expansion/Permutation Table), gives 48 bits.
2- 48 bits of 'key'(?) are also available.
3- These two are XORed.
4- The resultant 48 bits passed through Substitution Box (S-Box), to produce 32 bits.
5- These 32 bits passed through another P (Permutation).
That's it.
In the end, the result obtained is the output of the 'function'. (and is XORed with the left half in each round)

That was about the 'function', f, in each round.

The 48-bit Keys
Now, let's see how the 48-bit keys used in all the rounds are prepared (diagram below).

Sub Key Generation

Remember that the original key is 64 bits long. But not all of it is used.
The last bit of each byte are left (i.e. every eigth bit is ignored), and only the 64-8 = 56 bits are used.
What happens on these 56 bits that yields sixteen 48-bit keys?
Let's see now.

1- 56 bits are permuted.
2- This permutation divided into two equal halves, say C and D.
3- Both halves are separately 'left-shifted'. (circular shifts by 1 or 2 bits)
4- These two halves are passed to the 'Permuted Choice Table 2' to produce a 48-bit 'key'; and also...
5- ...These two halves serve as input to the next round.
The process from steps 2 to 5 are repeated 16 times, and in the end, 16 'keys' (48-bit Keys) are prepared.

This is how the sixteen 48-bit keys are prepared. (and then used in each round).

So, this is how DES works. The repeated permutation and substitution and complicated rounds of function - this all is a type of structure called 'Feistel Cipher'; named after its designer Horst Feistel, who was also in the original team at IBM who developed DES during 1970s. (actually, they came up with a first-of-its-kind block cipher called LUCIFER, which was later made into DES, after some 'suspicious' improvements of National Security Agency, USA; DES was adopted for the encryption of commercial and sensitive yet unclassified government computer data; ... actually the story is very interesting, so do read it out from somewhere.)

So, this was the block cipher DES or Data Encryption Standard.

An Excellent (also classic) article detailing DES can be read below: Excellent Article: "The DES Algorithm Illustrated" by J. Orlin Grabbe, 1992.


All the cipher techniques upto now depend on only one 'key' - one secret 'key' to both encrypt and decrypt.
One 'key' is the most crucial and confidential asset. But what if that key goes in the wrong hands! Every secret will be gone?! Yes. Terrible, isn't it!
Also, in such case, when we have one private 'key' i.e. one secret 'key'; and if we have to communicate among 100s of friends, then do we just keep sharing this 'secret' key to all of them (with large 'fear' of the 'key' being stolen!) It's really Dangerous!!

Is there any way, that we can share secret messages to friends, without ever needing to share the 'private'/'secret' key?!
This notion leads to Asymmetric key Cryptography!
Public key cryptography!
You have two keys - public and private. The public key is served to public, and anyone can use it to 'encrypt' a message that he/she wants to share with you. Once encrypted, that message can ONLY be decrypted by the 'private' key - the key that noone possesses except you. That is Public Key Cryptography.
And to be able to successfully implement it, we turn to math, to numbers, to number theory.
The next post will describe one of the most popular public key cryptography algorithm called RSA.

Bye till then.

Post-20 Ended.


Intermediate Steps

No result to show.