1

CHAP1ER 1 INTRODUCTION TO DATA ENCRYPTION

Data encryption is used pervasively in today`s connected society. The two most
basic Iacets oI modern day data encryption are data privacy and authentication. As
modern society becomes more connected, and more inIormation becomes available
there is a need Ior saIeguards which bring data integrity and data secrecy. In
addition, authenticating the source oI inIormation gives the recipient, with
complete certainty that the inIormation came Irom the original source and that it
has not been altered Irom its original state. Both, the needs Ior inIormation privacy
and data authentication have motivated cryptography.

Today`s connected society requires secure data encryption devices to preserve data
privacy and authentication in critical applications. OI the several data encryption
types, Data Encryption Standard (DES) and its variant have emerged to be the most
popular and is commonly used in varying applications.

1.1 Need for Security
Steps involved in secured communication:
1. Design an algorithm Ior perIorming the security related transIormation such that
the opponent cannot deIeat its purpose.
2. Generate the secret inIormation to be used with the algorithm.
3. SpeciIy the protocol to be used by the two principles that make use oI the security
algorithm.

Due to advance oI globalization, now days most oI the Iinancial transactions and
personal inIormation is transIerred on the internet. Because oI this process data
encryption is become a necessary part Ior eIIective computer security system. We
sent all sensitive inIormation via internet and because oI this we need to secure our
data and which in turn we need data encryption
2

There are a number oI reasons to need to encrypt data, most oI which rely on
shielding data Irom the eyes oI other people. Banks, Ior example, send encrypted
data about their clients back and Iorth, while governments rely on encryption to get
secure messages to overseas embassies. Most email programs oIIer data encryption
while sending and receiving so that emails cannot be read by third parties, as do
sites which handle personal inIormation like addresses and credit card numbers.
Some encryption protocols are standardized so that people can easily communicate
with each other, while in other cases, a key may be developed speciIically Ior use
by particular people, and the key is not standardized to make it harder to crack.
Personalized keys were once the only way to encrypt data, until shared key
encryption allowed people to exchange inIormation about a key across an open
network without disclosing the contents oI the key itselI.

1.2 Threats in Communication

1.2.1 Information access threat: ModiIication oI the data without the knowledge
oI sender and then transmit the data.
1.2.2 Service threat: Exploit these Ilaws in the services available in computer to
inhibit the use by legitimate users.

1.3 Types of intruders

1.3.1 Masquerader: An individual who isn`t authorized to use the computer and
who penetrates a system controls to exploit legitimate users account.
1.3.2 Misfeasor: A legitimate user who access data, programs or resources Ior
which access isn`t authorized Ior such access.


3

1.4 Speech Encryption
Encryption is a much stronger method oI protecting speech communications than
any Iorm oI scrambling. Voice encryptors work by digitizing the conversation at
the telephone and applying a cryptographic technique to the resulting bit-stream. In
order to decrypt the speech, the correct encryption method and key must be used.
1.5 The Encryption Process
1.5.1 Securing the message
A voice message is Iirst digitized and then encrypted (or locked). The process
requires the use oI an algorithm and a unique cryptographic key, which are
analogous to a door lock and its keyalthough many houses may use the same
brand oI lock, how the lock is keyed makes it unique. The Data Encryption
Standard (DES) and the Advanced Encryption Standard (AES) are two well-known
algorithms. Cryptographic keys are usually expressed in terms oI number oI bits.
Typical key sizes are 56 bits Ior the DES, and 128 to 256 bits Ior the AES
1.5.2 Encrypted Voice
Many early systems oIIered a cheap, easily deIeated analog method known as voice
inversion scrambling. In this scheme the band oI audio Irequencies used Ior human
speech is split into two parts, a lower block and an upper block. The blocks are
inverted beIore transmission and inverted once again (restoring the original
arrangement) at the receiver. Anyone overhearing the transmission just hears the
"Donald Duck" noises as the user speaks. Both hardware and computer soItware to
undo this type oI scrambling are available to hobbyists these days, and it is even
possible (with practice) to understand inverted speech with no mechanical aids at
all.
From the introduction oI voice encryption to today, encryption techniques have
evolved drastically. Digital technology has eIIectively replaced old analog methods


oI voice encryption and by using complex algorithms, voice encryption has become
much more secure and eIIicient. One relatively modern voice encryption method is
Sub-band coding. With Sub-band Coding, the voice signal is split into multiple
Irequency bands, using multiple bandpass Iilters that cover speciIic Irequency
ranges oI interest. The output signals Irom the bandpass Iilters are then lowpass
translated to reduce the bandwidth, which reduces the sampling rate. The lowpass
signals are then quantized and encoded using special techniques like, Pulse Code
Modulation (PCM). AIter the encoding stage, the signals are multiplexed and sent
out along the communication network. When the signal reaches the receiver, the
inverse operations are applied to the signal to get it back to its original state.
Motorola developed a voice encryption system called Digital Voice Protection
(DVP) as part oI their Iirst generation oI voice encryption techniques. DVP uses a
selI-synchronizing encryption technique known as cipher Ieedback (CFB). The
basic DVP algorithm is capable oI 2.36 x 10
21
diIIerent "keys" based on a key
length oI 32 bits." The extremely high amount oI possible keys associated with the
early DVP algorithm, makes the algorithm very robust and gives the user a high
level oI security. As with any voice encryption system, the encryption key is
required to decrypt the signal with a special decryption algorithm.
A digital secure voice usually includes two components, a digitizer to convert
between speech and digital signals and an encryption system to provide
conIidentiality. What makes ciphering diIIicult in practice is a need to send the
encrypted signal over the same voice band communication circuits used to transmit
unencrypted voice, e.g. analog telephone lines or mobile radios.
1.5.3 Digitizing Speech
Computers work with discrete digital values. For example, a digital watch is called
digital because it can display a Iinite number oI times. In contrast, watches with
hands are analog because the hands move continuously around the clock Iace. As
5

the minute hand travels around the circle, it touches the numbers 1 through 12 and
also the inIinite number oI points in between.
Human speech can be represented as an analog wave that varies over time and has a
smooth, continuous curve. The height oI the wave represents intensity (loudness),
and the shape oI the wave represents Irequency (pitch). The continuous curve oI the
wave accommodates inIinity oI possible values. A computer must convert these
values into a set oI discrete values, using a process called digitization. Once speech
is digitized, a computer can store speech on a hard drive and transmit speech across
digital networks, including corporate networks, the Internet, and telephone-
company networks, which are increasingly using digital components.
To digitize speech, an analog-digital converter samples the value oI the analog
signal repeatedly and encodes each result in a set oI bits. BeIore sampling, the
converter Iilters the signal so that most oI it lies between 300 and 300 Hz. While
humans can hear Irequencies as high as 20 kHz, most oI the inIormation conveyed
in speech does not exceed kHz. (A Hertz, or Hz, is a unit oI Irequency equal to
one cycle per second.)
Sampling uses a theorem developed by the American physicist Harry Nyquist in
the 1920s. Nyquist's Theorem states that the sampling Irequency must be at least
twice as high as the highest input Irequency Ior the result to closely resemble the
original signal. Thus, the voice signal is sampled at 8000 Hz so that Irequencies up
to 000 Hz can be recorded. Every 125 microseconds (1/8000
th
oI a second), the
value oI the analog voice signal is recorded in an 8-bit byte, the basic unit oI
storage on modern-day computers. By sampling this oIten, according to Nyquist,
the result will be a IaithIul representation oI the original signal, and the human ear
will not hear distortion.


6

CHAP1ER 2 CRYPTOGRAPHY

Cryptography reIers to the science oI transIorming messages to make them secure
and immune to attacks. Alternatively cryptology is the study oI mathematical
techniques Ior attempting to deIeat (99ack) cryptographic techniques and, more
generally inIormation security services so Ior the message to be secured and
immune to attack we need to encrypt our message at the sender site and decrypt at
receiver site. Now days the modern advanced concept oI this technology is used
which is known as public key cryp94raphy. This method has been devised suitably
that uses two keys: one public and another are private.

Encryption techniques are used to saIeguard inIormation while it is stored within a
network node or while it is in transit across communications media between nodes.
A cryptosystem is usually a whole collection oI algorithms. The algorithms are
labeled; and the labels are called keys. The people who are supposed to be able to
see through the disguise are called recipients. Other people are enemies, opponents,
interlopers, eavesdroppers, or third parties. As an example, Ior a plaintext message
being sent, iI every A is replaced with a D, every B is replaced with an E, and so on
through the alphabet, only someone who knows the "shiIt by 3" rule can decipher
the messages. Hence a "shiIt by n`` encryption technique can be perIormed Ior
several diIIerent values oI n. ThereIore, n is the key here.

2.1 Components in Cryptography
1. Sender
2. Receiver
3. Plain text
. Cipher text
5. Encryption Decryption algorithms
6. network


Fig. 2.1 Block Diagram oI standard encryption decryption network

The original message beIore being transIerred is called, plaintext. The message
aIter being transIerred is called, cipher text. This message contains all the
inIormation oI the plaintext message but is not in a Iormat readable by a human
or computer without the proper mechanism to decrypt it. A cipher is an
algorithm Ior perIorming encryption (and the reverse, decryption). The sender-
receiver pair in a network uses the cipher Ior a secure communication. A key is
a number or a piece oI inIormation as an algorithm upon which the cipher
operates. Hence Ior the encryption oI a message we need an encryption
algorithm, an encryption key, and plain text. Similarly to decrypt a message we
need a decryption algorithm, a decryption key, and cipher text The Algorithm
which transIers a plain text to cipher text is called Encryption algorithm and the
algorithm which transIers cipher text to plain text is called Decryption
algorithm. Encryption algorithm is used by sender and the decryption algorithm
is used by receiver.

2.2 A Basic Cryptosystem
Cryp94sys9em or cipher sys9em - A method oI disguising messages so that only
certain people can see through the disguise.
Cryp9analysis - The art oI breaking cryptosystems, and seeing through the
disguise even when you are not supposed to be able to.
8



Fig. 2.2 block diagram oI a basic cryptosystem

A source produces a message in plaintext, X|X1, X2, X3. . . , XM|.The M
elements oI X are letters in some Iinite alphabet. Traditionally, the alphabet usually
consisted oI the 26 capital letters. Nowadays, the binary alphabet 0, 1} is typically
used. For encryption, a key oI the Iorm K |K1, K2, K3..., KJ| is generated. II
the key is generated at the message source, then it must also be provided to the
destination by means oI some secure channel. Alternatively, a third party could
generate the key and securely deliver it to both source and destination. With the
message X and the encryption key K as input, the encryption algorithm Iorms the
ciphertext Y|Y1, Y2, Y3, . . . . . . . ., YN|. We can write this as This
notation indicates that Y is produced by using encryption algorithm E as a Iunction
oI the plain text X, with the speciIic Iunction determined by the value oI the key K.
The intended receiver, in possession oI the key, is able to invert the transIormation:

An opponent, observing Y but not having access to K or X, may attempt to recover
X or K or both X and K. It is assumed that the opponent knows the encryption (E)
and decryption (D) algorithms. II the opponent is interested in only this particular
message, then Iocus oI the eIIort is to recover X by generating a plain text estimate
9

X. OIten, however, the opponent is interested in being able to read Iuture messages
as well, in which case an attempt is made to recover K by generating an estimate K.

2.2.1 Classifying Cryptosystems
Cryptographic systems are generically classiIied along three independent
dimensions:
1. The type of operations used for transforming plaintext to cipher text. All
encryption algorithms are based on two general principles: substitution, in which
each element in the plaintext (bit, letter, group oI bits or letters) is mapped into
another element, and transposition, in which elements in the plaintext are
rearranged. The Iundamental requirement is that no inIormation be lost (that is, that
all operations be reversible). Most systems, reIerred to as product systems, involve
multiple stages oI substitutions and transpositions.
2. The number of keys used. II both sender and receiver use the same key, the
system is reIerred to as symmetric, single-key, secret-key, or conventional
encryption. II the sender and receiver each use a diIIerent key, the system is
reIerred to as asymmetric, two-key, or public-key encryption.
3. The way in which the plaintext is processed. A bl4ck cipher processes the
input one block oI elements at a time, producing an output block Ior each input
block. A s9ream cipher processes the input elements continuously, producing
output one element at a time, as it goes along. Although block ciphers are Iar more
common, there are certain applications in which a stream cipher is more
appropriate.

2.2.2 Block Ciphers
In general, a symmetric block cipher consists oI a sequence oI rounds, with each
round perIorming substitutions and permutations conditioned by a secret key value.
The exact realization oI a symmetric block cipher depends on the choice oI the
Iollowing parameters and design Ieatures:
10

O Block size: Larger block sizes mean greater security (all other things being
equal) but reduced encryption/decryption speed. A block size oI 128 bits is a
reasonable tradeoII and is nearly universal among recent block cipher
designs.
O Key size: Larger key size means greater security but may decrease
encryption/ decryption speed. The most common key length in modern
algorithms is 128 bits.
O Number oI rounds: The essence oI a symmetric block cipher is that a single
round oIIers inadequate security but that multiple rounds oIIer increasing
security. A typical size is 16 rounds.
O Sub-key generation algorithm: Greater complexity in this algorithm should
lead to greater diIIiculty oI cryptanalysis.
O Round Iunction: Again, greater complexity generally means greater
resistance to cryptanalysis.

There are two other considerations in the design oI a symmetric block cipher:
as9 s419are encryp9i4n/decryp9i4n: In many cases, encryption is embedded
in applications or utility Iunctions in such a way as to preclude a hardware
implementation. Accordingly, the speed oI execution oI the algorithm becomes a
concern.
ase 41 analysis: Although we would like to make our algorithm as diIIicult as
possible to cryptanalyze, there is great beneIit in making the algorithm easy to
analyze. That is, iI the algorithm can be concisely and clearly explained, it is
easier to analyze that algorithm Ior cryptanalytic vulnerabilities and thereIore
develop a higher level oI assurance as to its strength. DES, Ior example, does not
have an easily analyzed Iunctionality.

Decryption with a symmetric block cipher is essentially the same as the encryption
process. The rule is as Iollows: Use the cipher text as input to the algorithm, but use
the subkeys i in reverse order. That is, use n in the Iirst round, n-1 in the
11

second round, and so on until 1 is used in the last round. This is a nice Ieature,
because it means we need not implement two diIIerent algorithmsone Ior
encryption and one Ior decryption. Three oI the most important symmetric block
ciphers are data encryption standard (DES), triple DES, advanced encryption
standard (AES).

2.3 Symmetric Cipher Model

Fig. 2.3 Symmetric Ciphering

Symmetric encryption also reIerred to as conventional encryption or single-key
encryption was the only type oI encryption in use prior to the development oI
public-key encryption. The most widely used symmetric cipher is TDES.
Plaintext: This is the original intelligible message or data that is Ied into the
algorithm as input.
Encryption algorithm: The encryption algorithm perIorms various substitutions
and transIormations on the plaintext.
Secret key: The secret key is also input to the encryption algorithm. The key is a
value independent oI the plaintext. The algorithm will produce a diIIerent output
12

depending on the speciIic key being used at the time. The exact substitutions and
transIormations perIormed by the algorithm depend on the key.
Cipher-text: This is the scrambled message produced as output. It depends on the
plaintext and the secret key. For a given message, two diIIerent keys will produce
two diIIerent cipher-text. The cipher-text is an apparently random stream oI data
and, as it stands, is unintelligible.
Decryption algorithm: This is essentially the encryption algorithm run is reverse.
It takes the ciphertext and the secret keys and produces the original plaintext.

2.3.1 Two requirements for symmetric encryption:
1. e need a s9r4n encryp9i4n al4ri9hm. At a minimum, we would like the
algorithm to be such that an opponent who knows the algorithm and has access to
one or more ciphertexts would be unable to decipher the ciphertext or Iigure out the
key. This requirement is usually stated in a stronger Iorm: The opponent should be
unable to decrypt ciphertext or discover the key even iI he or she is in possession oI
a number oI ciphertexts together with the plaintext that produced each ciphertext.
2. $ender and receiver mus9 have 4b9ained c4pies 41 9he secre9 key in
a secure Iashion and must keep the key secure. II someone can discover
the key and knows the algorithm, all communication using this key is
readable.

It is important to note that the security oI symmetric encryption depends on
the secrecy oI the key, not the secrecy oI the algorithm. That is, it is assumed that it
is impractical to decrypt a message on the basis oI the ciphertext plus knowledge oI
the encryption/decryption algorithm. In other words, we do not need to keep the
algorithm secret; we need to keep only the key secret. This Ieature oI symmetric
encryption is what makes it Ieasible Ior widespread use. The Iact that the algorithm
need not be kept secret means that manuIacturers can and have developed low-cost
chip implementations oI data encryption algorithms. These chips are widely
13

available and incorporated into a number oI products. With the use oI symmetric
encryption, the principal security problem is maintaining the secrecy oI the key.




1

CHAP1ER 3 DATA ENCRYPTION STANDARD


3.1 Description of DES

DES (the Data Encryption Standard) is a symmetric block cipher developed by
IBM. The algorithm uses a 56-bit key to encipher/decipher a 6-bit block oI data.
The key is always presented as a 6-bit block, every 8th bit oI which is ignored.
However, it is usual to set each 8th bit so that each group oI 8 bits has an odd
number oI bits set to 1. The algorithm is best suited to implementation in hardware,
probably to discourage implementations in soItware, which tend to be slow by
comparison. However, modern computers are so Iast that satisIactory soItware
implementations are readily available. DES is the most widely used symmetric
algorithm in the world, despite claims that the key length is too short. Ever since
DES was Iirst announced, controversy has raged about whether 56 bits is long
enough to guarantee security. The key length argument goes like this. Assuming
that the only Ieasible attack on DES is to try each key in turn until the right one is
Iound, then 1,000,000 machines each capable oI testing 1,000,000 keys per second
would Iind (on average) one key every 12 hours. Most reasonable people might
Iind this rather comIorting and a good measure oI the strength oI the algorithm.
Those who consider the exhaustive key-search attack to be a real possibility (and to
be Iair the technology to do such a search is becoming a reality) can overcome the
problem by using double or triple length keys. In Iact, double length keys have
been recommended Ior the Iinancial industry Ior many years.
3.1.1 Encryption
Many people are not aware that the inIormation they send or the Iiles stored on
their computers needs to be protected, however when you consider what you have
on your computer and the many ways it can Iall into the wrong hands, it does start
to make sense to protect your privacy in some way.
Key technology : encryption. Store and transmit inIormation in an encoded Iorm
that does not make any sense. The basic mechanism: * Start with text to be
15

protected. Initial readable text is called clear text. * Encrypt the clear text so that it
does not make any sense at all. The nonsense text is called cipher text. The
encryption is controlled by a secret password or number; this is called the
encryption key. The encrypted text can be stored in a readable Iile, or transmitted
over unprotected channels.
3.1.2 Decryption To make sense oI the cipher text, it must be decrypted back into
clear text. This is done with some other algorithm that uses another secret password
or number, called the decryption key.


Fig. 3.1 Encryption Block


Fig 3.2 Decryption Block

3.1.3 Three conditions
O The encryption Iunction cannot easily be inverted (cannot get back to clear
text unless you know the decryption key).
O The encryption and decryption must be done in some saIe place so the clear
text cannot be stolen.
16

O The keys must be protected. In most systems, can compute one key Irom the
other (sometimes the encryption and decryption keys are identical), so
cannot aIIord to let either key leak out.

3.2 Strength of DES
Concerns about the strength oI DES Iall into two categories:
Concerns about the algorithm itselI and concerns about the use oI a 56-bit key. The
Iirst concern reIers to the possibility that cryptanalysis is possible by exploiting the
characteristics oI the DES algorithm. Over the years, there have been numerous
attempts to Iind and exploit weaknesses in the algorithm, making DES the most-
studied encryption algorithm in existence. Despite numerous approaches, no one
has so Iar succeeded in discovering a Iatal weakness in TDES
A more serious concern is key length. With a key length oI 56 bits, there are 256
possible keys, which is approximately .2 *10
16
keys. Thus, on the Iace oI it, a
brute Iorce attack appears impractical. Assuming that on average halI the key space
has to be searched, a single machine perIorming one DES encryption per
microsecond would take more than a thousand years to break the cipher.
However, the assumption oI one encryption per microsecond is overly
conservative. DES Iinally and deIinitively proved insecure in July 1998, when the
Electronic Frontier Foundation (EFF) announced that it had broken a DES
encryption using a special-purpose 'DES cracker machine that was built Ior less
than $250,000. The attack took less than three days. The EFF has published a
detailed description oI the machine, enabling others to build their own cracker
|EFF98|. And, oI course, hardware prices will continue to drop as speeds increase,
making DES virtually worthless. It is important to note that there is more to a key-
search attack than simply running through all possible keys. Unless known
plaintext is provided, the analyst must be able to recognize plaintext as plaintext. II
the message is just plain text in English, then the result pops out easily, although
the task oI recognizing English would have to be automated. II the text message
has been compressed beIore encryption, then recognition is more diIIicult. And iI
1

the message is some more general type oI data, such as a numerical Iile, and this
has been compressed, the problem becomes even more diIIicult to automate. Thus,
to supplement the brute-Iorce approach, some degree oI knowledge about the
expected plaintext is needed, and some means oI automatically distinguishing
plaintext Irom garble is also needed. The EFF approach addresses this issue as well
and introduces some automated techniques that would be eIIective in many
contexts.
A Iinal point: II the only Iorm oI attack that could be made on an encryption
algorithm is brute Iorce, then the way to counter such attacks is obvious: use longer
keys. To get some idea oI the size oI key required, let us use the EFF cracker as a
basis Ior our estimates. The EFF cracker was a prototype, and we can assume that
with today`s technology a Iaster machine is cost eIIective. II we assume that a
cracker can perIorm one million decryptions per s, then a DES code would take
about 10 hours to crack. This is a speed-up oI approximately a Iactor oI compared
to the EFF result. Using this rate, it would take to crack a DES-style algorithm as a
Iunction oI key size. For example, Ior a 128-bit key, which is common among
contemporary algorithms, it would take over 1018 years to break the code using the
EFF cracker. Even iI we managed to speed up the cracker by a Iactor oI 1 trillion
(1012), it would still take over 1 million years to break the code. So a 128-bit key is
guaranteed to result in an algorithm that is unbreakable by brute Iorce.

3.3 Working of DES
DES is a block cipher, which means that during the encryption process, the
plaintext is broken into Iixed length blocks and each block is encrypted at the same
time. One block is 6 bits and the key is 6 bits wide (but only 56 bits are used). So
we can in a more Iormally manner describe the algorithm like this: DES is a block
cipher, which means that during the encryption process, the plaintext is broken into
Iixed length blocks and each block is encrypted at the same time. One block is 6
bits and the key is 6 bits wide (but only 56 bits are used). So we can in a more
Iormally manner describe the algorithm like this:
18

P C 0,1,2,. ,2
6
-1}
K 0,1,2, . ,2
56
-1 }
each x
i
has 6 bits
each k
i
has 56 bits

This description is not complete without the encryption Iunction (ek) and
the decryption Iunction (dk).

3.3.1 Encryption Process
The principle oI DES encryption is made oI an initial permutation, Iollowed by 16
rounds and ended by a Iinal permutation, as we can see in the next Iigure:








Fig. 3.3 DES block schematic






19


Here is a more detailed version oI this illustration :


Fig. 3. DES encryption or Fiestel network

The above Iigure is called the Feistel network. We can see the key-scheduling part
at the right which is responsible to give a new 8 bits sub key Ior each round.
Inside each round, the right part oI the data is simply swapped while the leIt part is
xored with the result oI the I-Iunction applied to the leIt part.
20



Now take a closer look at the core oI the DES algorithm: the I-Iunction.

Fig. 3.5 The I-Iunction

As we can see, the data coming to the I-Iunction goes Iirst through an expansion
block and is then xored with the sub key. AIter that, the data arrives at the S-boxes,
which are look-up tables. The next step is a simple permutation and Iinally, the
resulting data is xored with the leIt part.


21

At this moment, we must Iind out how the key-scheduling achieves to build the sub
keys.


Fig. 3.6 Key Scheduling


We saw beIore that the key is initially 6 bits wide. But in the algorithm, only 56
bits are really used. So we can notice in the above Iigure that the component PC-1
removes these 8 bits to have the correct size. PC-1 also permutes the other bits.
22

Then, at each step the key is shiIted on the leIt one or two times. BeIore delivering
the sub key, the component PC-2 reduce and permutes the 56 bits shiIted key.

3.3.2 Decryption process

We can take look at the decryption Iunction (d

k
). The decryption process is very
similar as the encryption one, as we observe in the next schematic:

Fig. 3. DES decryption block

23

Obviously, the decryption is very similar to the encryption. Only the key-
scheduling is reversed.
Additionally, we must highlight that there are Iour standardized modes oI
operation oI DES: CB (Electronic Codebook mode), CBC (Cipher Block
Chaining mode), CB (Cipher Feedback mode) and OB (Output Feedback
mode). We won`t detail all the modes oI operation; we just need to know that in
our project, we will use the CB mode. In CB mode, each plaintext block is
encrypted independently with the block cipher.

3.4 Why use DES?
i) High level oI security.
ii) Same algorithm with the same key is used Ior encryption and decryption.
iii) The algorithm and the key could be shared by the sender and receiver.
iv) In the RSA algorithm we use two keys whereas in DES we use only one
key Ior both encryption and decryption.
v) There is only one round process in RSA whereas there are 16 rounds oI
process in DES.
vi) In substitution algorithm we replace a character by some other character
code whereas in DES we encryption the text and process it Ior 16 rounds.

3.5 Limitations of DES
DES has expired in 1998 and has thus been replaced by stronger encryption
algorithms, like AES, TDES. Generating the per-round keys that the key is
subjected to and an initial permutation to generate two 28 bit quantities, C0 and
D0. The sixteen suspect keys are ones Ior which, C0 and D0 are one oI the Iour
values: all ones, all zeroes, alternating ones and zeroes, alternating zeroes and
ones. Since there are Iour possible values Ior each halI, there are sixteen
possibilities in all. The Iour weak keys are the ones Ior which each oI, C0 and D0
are all ones or all zeroes. Weak keys are their own inverses. The remaining
twelve keys are the semi- weak keys. Each is the inverse oI one oI the others.
2

Despite the Iact that DES is considered un-secure, there is a way to enhance it.
By encrypting three times successively, we get an adequate level oI security,
even Ior sensitive data. This method is called Triple DES.
The major drawback oI Triple DES is the speed which is much lower than other
modern algorithm like AES.

3.6 Applications
Despite the Iact that DES is considered un-secure,is although still widely used iI
we don`t need a high level oI security.
Modern applications oI DES cover a wide variety oI applications, such as secure
internet (ssl), electronic Iinancial transactions, remote access servers, cable
modems, secure video surveillance and encrypted data storage.
The DES core can be utilized Ior a variety oI encryption applications including:
O Secure File/Data transIer
O Electronic Funds TransIer
O Encrypted Storage Data
O Secure communications



25

CHAP1ER 4 DES IMPLEMENTATION USING VHDL

4.1 Overview of VHDL structure
A digital system in VHDL consists oI a design entity that can contain other
entities that are then considered components oI the top-level entity. Each entity is
modeled by an en9i9y declara9i4n and an archi9ec9ure b4dy. One can consider the
entity declaration as the interIace to the outside world that deIines the input and
output signals, while the architecture body contains the description oI the entity
and is composed oI interconnected entities, processes and components, all
operating concurrently, as schematically shown in Figure 3 below. In a typical
design there will be many such entities connected together to perIorm the desired
Iunction. The Iigure .1 shows a VHDL entity consisting oI an interIace (entity
declaration) and a body (architectural description).
VHDL uses reserved keywords that cannot be used as signal names or identiIiers.
Keywords and user-deIined identiIiers are case insensitive.

Fig. .1 VHDL entity

Comments in VHDL start with two adjacent hyphens (--) and will be ignored by
the compiler. VHDL also ignores line breaks and extra spaces. VHDL is a
strongly typed language which implies that one has always to declare the type oI
every object that can have a value, such as signals, constants and variables.
26

n9i9y eclara9i4n: The entity declaration deIines the name oI the entity and lists
the input and output ports.
rchi9ec9ure b4dy : The architecture body speciIies how the circuit operates and
how it is implemented. As discussed earlier, an entity or circuit can be speciIied
in a variety oI ways, such as behavioral, structural (interconnected components),
or a combination oI the above.

4.2 Understanding the program code
BeIore going through the design Ilow, a veriIication on the supplied code is
required. There were 2 Iiles given Ior this project. The Iirst one, called
'pipelined-des.vhdl, contains the implementation oI the DES processor. The
other one, called 'testbench1.vhdl, contains a benchmark which will be used
in the simulation process.
As the name says, 'pipelined-des.vhdl is a 16 stages pipelined version oI a DES
processor. This is a structural code which uses 16 rounds.
By reading and analyzing the Iile, we can write a Iirst schematic about how the
code works.




Fig ..2 Structure
oI the code
2

This Iigure corresponds to what we learnt in the description oI the DES algorithm.
The components at the beginning and at the end are respectively, initial
permutation and Iinal permutation (as we saw in the overview oI DES). The Iirst
action is to split the supplied code in the diIIerent components.
Now we can more easily describe the Iunction oI each component.

4.3 Components
desenc
This is the top design. It comprises oI components:
1. keysched (key scheduling)
2. ip (initial permutation)
3. roundIunc (round Iunction)
. Ip (Iinal permutation)
We will know detail the Iunction oI these components (and their subcomponents).

4.3.1 keysched
This is the key scheduling part. It includes 2
components:
pc1 (permuted choice 1)
pc2 (permuted choice 2)

PC1 and PC2 both are permuting bits components. PC1 discards 8 bits Irom the
key (which is originally 6 bits wide). In practice, these 8 bits are used to check
iI the key has not been altered (with a parity check). PC2 also discards some bits
to reduce the number oI bits Irom 56 to 8.
The keysched component applies Iirst PC1 then shiIts one or two times one sub
key aIter one sub key. Then at the end PC2 is applied at the end. This leads to
this observation: all the sub keys are created in a row. The component keysched
(and his subcomponents) is using only wiring resources, because it is made oI
permuting and shiIting operations only.
28

So this part will be executed very Iast and no optimizations would have any
eIIect.

4.3.2 Ip
The initial permutation is only a matter oI swapping the bits oI the input
(the plaintext). So we can already aIIirm that this component will not require
logical resource.

4.3.3 roundfunc
This is the round Iunction, repeated 16 times as stated in the top design. It is in
Iact a structural design which connects the Iollowing components together:

xp (expansion)
desxor1 (xor 1)
s1, s2, s3, s, s5, s6, s, s8 (S-boxes)
pp (p-permutation)
desxor2 (xor 2)

p stands Ior expansion, since its behaviour is to expand the number oI bits Irom
32 to 8 bits (so this is implemented with only wiring resources).
des4r1 is a giant 8 bits xor gate which xor the sub key and the expanded input
oI the round Iunction.
Then we see the 8 $-b4es that are in Iact look-up tables. The registers necessary
Ior the pipeline are also integrated in the S-boxes.
pp is P permutation, so bits swapping.
Finally, another xor des4r2 is responsible to xor the result oI the P
permutation with the leIt part oI the preceding round.



29

4.3.4 Fp
The Iinal permutation is the inverse oI the initial permutation.
So we can conclude that a lot oI the components are made only oI wiring resources.
So there won`t be any eIIort in logic optimization on these components.
The only components that will use logical resources:
desxor1 ,desxor2 and the S-boxes.


30

CHAP1ER 5 RESULTS
The Following are the result snapshots Ior the successIul encryption oI data
generated by the .c code Ior transIormation oI voice to digital bit Iormat.
Fig 5.1 Simulated Output WaveIorm For First Sample

Fig 5.2 Simulated Output WaveIorm For Second Sample
Fig 5.3 Simulated Output WaveIorm For Third Sample

The simulation run time was Ior 308.595uSec and processed 3806 digitalized
samples oI voice.






31

CHAP1ER CONCLUSION

DES will run through 16 iterations to achieve its desired cipher text (Iinal
output).With DES, it will Encrypt-Decrypt-Encrypt the block and a completely
diIIerent output is generated with a Iinal combination which is the Iinal cipher text
to be send through the network securely. At the receiving end the suitable
decryption algorithm can be implemented to regenerate the signal. DES was one oI
the most used algorithm but now a days due greater need Ior security a new variant
called TDES is used but due to its ease oI use and less complexity it is still used
where less security is acceptable.


32

APPEADIX 1 C Code To Digitalize The Voice In Bit Format

#1nc1udc <s1d1o.h>
#1nc1udc <s11n.h>
vo1d dcc!b1n{1on dcc1ma1. cha *b1nay).

1n1 ma1n{1n1 ac. cha *av||)
{
1on dcc1ma1.
cha b1nay|84|.
p1n1!{"*************** Wav!b1n ******************\n").

1! {ac < !) { p1n1!{"Syn1ax. s <1npu1.Wav>\n". av|0|). c1un -1. )
cha bu!|10!4|. *s = bu!.
s1cpy{s. av|1|).
cha *p = s1s1{s. ".Wav").

1! {!p) { p1n1!{"P1casc spcc1!y a 8Kz. 8-b11 Wav !11c!\n"). c1un -1. )

F1L *!1 = !opcn{s. "b").
1! {!!1) { p1n1!{"Cou1d no1 opcn 1npu1 !11c!\n"). c1un -1. )
s1cpy{p. ".1x1").
F1L *!o = !opcn{s. "W1").
1! {!!o) { p1n1!{"Cou1d no1 opcn ou1pu1 !11c!\n"). c1un -1. )

!scck{!1. 0x!8. SK_S1).
p = s1ch{s. `\\`). 1! {p) s = p+1.
p = s1ch{s. `1`). 1! {p) s = p+1.
p = s1ch{s. `.`). 1! {p) *p = 0.
Wh11c {1)

{
111! {1++ 100 == 0) { !p1n1!{!o. "\n"). )
1n1 a= !c1c{!1). 1! {a == 0F) bcak.
dcc1ma1 =a.
dcc!b1n{dcc1ma1.b1nay).
!p1n1!{!o. "s\n". b1nay).
)

!c1osc{!1).
!c1osc{!o).
c1un 0.

)


vo1d dcc!b1n{1on dcc1ma1. cha *b1nay)


{


1n1 k = 0. n = 0.
1n1 nc_!1a = 0.
1n1 cma1n.
1n1 o1d_dcc1ma1. 11 !o 1cs1
cha 1cmp|84|.
cha 1cmp1|84|="0".

11 1akc cac o! nca11vc 1npu1
1! {dcc1ma1 < 0)
{
dcc1ma1 = -dcc1ma1.
nc_!1a = 1.
)
do
{
o1d_dcc1ma1 = dcc1ma1. 11 !o 1cs1
cma1n = dcc1ma1 !.
33



11 Wh1111c doWn 1hc dcc1ma1 numbc
dcc1ma1 = dcc1ma1 1 !.

11 convc1s d111 0 o 1 1o chaac1c `0` o `1`

1cmp|k++| = cma1n + `0`.
) Wh11c {dcc1ma1 > 0).
1! {nc_!1a)
1cmp|k++| = `-`. 11 add - s1n
Wh11c {k >= 0)
b1nay|n++| = 1cmp|--k|.
b1nay|n-1| = 0. 11 cnd W11h hLLL

1n1 1cn=s11cn{b1nay).
1n1 1=84-1cn.

s1ncpy{1cmp1."0000000000000000000000000000000000000000000000000000000000000000".1).
s1ca1{1cmp1.b1nay).
s1cpy{b1nay.1cmp1).

)
3

APPEADIX 2: Excer pt s of t he VHDL code

desenc.vhd



library ieee;

use ieee.std_logic_1164.all;

entity desenc is port
(
pt : in std_logic_vector(1 TJ 64);
key : in std_logic_vector(1 TJ 64);
ct : out std_logic_vector(1 TJ 64);
reset : in std_logic;
clk : in std_logic
);
end desenc;

architecture behavior of desenc is
signal k1x,k2x,k3x,k4x,k5x,k6x,k7x,k8x,k9x,k10x,k11x,k12x,k13x,k14x,k15x,k16x
: std_logic_vector(1 to 48);
signal
l0xa,l1x,l2x,l3x,l4x,l5x,l6x,l7x,l8x,l9x,l10x,l11x,l12x,l13x,l14x,l15x,l16x
: std_logic_vector(1 to 32); signal
r0xa,r1x,r2x,r3x,r4x,r5x,r6x,r7x,r8x,r9x,r10x,r11x,r12x,r13x,r14x,r15x,r16x
: std_logic_vector(1 to 32);

component keysched
port (
key : in std_logic_vector(1 to 64);
k1x,k2x,k3x,k4x,k5x,k6x,k7x,k8x,k9x,k10x,k11x,k12x,k13x,k14x,k15x,k16x
: out std_logic_vector(1 to 48)
);
end component;

component ip
port (
pt : in std_logic_vector(1 TJ 64);
l0x : out std_logic_vector(1 TJ 32);
r0x : out std_logic_vector(1 TJ 32)
);
end component;

component roundfunc
port (
clk : in std_logic;
reset : in std_logic;
li,ri : in std_logic_vector(1 to 32);
k : in std_logic_vector(1 to 48);
lo,ro : out std_logic_vector(1 to 32)
);
35


end component;

component fp
port (
l,r : in std_logic_vector(1 to 32);
ct : out std_logic_vector(1 to 64)
);

begin
end component;



keyscheduling: keysched port map ( key=key, k1x=k1x,
k2x=k2x, k3x=k3x, k4x=k4x, k5x=k5x, k6x=k6x, k7x=k7x,
k8x=k8x, k9x=k9x, k10x=k10x, k11x=k11x, k12x=k12x, k13x=k13x,
k14x=k14x, k15x=k15x, k16x=k16x );

iperm: ip port map ( pt=pt,
l0x=l0xa, r0x=r0xa );

round1: roundfunc port map ( clk=clk, reset=reset,
li=l0xa, ri=r0xa, k=k1x, lo=l1x, ro=r1x );
round2: roundfunc port map ( clk=clk, reset=reset,
li=l1x, ri=r1x, k=k2x, lo=l2x, ro=r2x );
round3: roundfunc port map ( clk=clk, reset=reset,
li=l2x, ri=r2x, k=k3x, lo=l3x, ro=r3x );
round4: roundfunc port map ( clk=clk, reset=reset,
li=l3x, ri=r3x, k=k4x, lo=l4x, ro=r4x );
round5: roundfunc port map ( clk=clk, reset=reset,
li=l4x, ri=r4x, k=k5x, lo=l5x, ro=r5x );
round6: roundfunc port map ( clk=clk, reset=reset,
li=l5x, ri=r5x, k=k6x, lo=l6x, ro=r6x );
round7: roundfunc port map ( clk=clk, reset=reset,
li=l6x, ri=r6x, k=k7x, lo=l7x, ro=r7x );
round8: roundfunc port map ( clk=clk, reset=reset,
li=l7x, ri=r7x, k=k8x, lo=l8x, ro=r8x );
round9: roundfunc port map ( clk=clk, reset=reset,
li=l8x, ri=r8x, k=k9x, lo=l9x, ro=r9x );
round10: roundfunc port map ( clk=clk, reset=reset,
li=l9x, ri=r9x, k=k10x, lo=l10x, ro=r10x );
round11: roundfunc port map ( clk=clk, reset=reset,
li=l10x, ri=r10x, k=k11x, lo=l11x, ro=r11x );
round12: roundfunc port map ( clk=clk, reset=reset,
li=l11x, ri=r11x, k=k12x, lo=l12x, ro=r12x );
round13: roundfunc port map ( clk=clk, reset=reset,
li=l12x, ri=r12x, k=k13x, lo=l13x, ro=r13x );
round14: roundfunc port map ( clk=clk, reset=reset,
li=l13x, ri=r13x, k=k14x, lo=l14x, ro=r14x );
round15: roundfunc port map ( clk=clk, reset=reset,
li=l14x, ri=r14x, k=k15x, lo=l15x, ro=r15x );
round16: roundfunc port map ( clk=clk, reset=reset,
li=l15x, ri=r15x, k=k16x, lo=l16x, ro=r16x );

fperm: fp port map ( l=r16x, r=l16x, ct=ct );

end behavior;


5.vhd

library ieee;

use ieee.std_logic_1164.all;

entity ip is port
(

36

pt : in std_logic_vector(1 TJ 64);
l0x : out std_logic_vector(1 TJ 32);
r0x : out std_logic_vector(1 TJ 32)
);
end ip;

architecture behavior of ip is
begin

l0x(1)<=pt(58); l0x(2)<=pt(50); l0x(3)<=pt(42);
l0x(4)<=pt(34);
l0x(5)<=pt(26); l0x(6)<=pt(18); l0x(7)<=pt(10);
l0x(8)<=pt(2);
l0x(9)<=pt(60); l0x(10)<=pt(52); l0x(11)<=pt(44); l0x(12)<=pt(36);
l0x(13)<=pt(28); l0x(14)<=pt(20); l0x(15)<=pt(12); l0x(16)<=pt(4);
l0x(17)<=pt(62); l0x(18)<=pt(54); l0x(19)<=pt(46); l0x(20)<=pt(38);
l0x(21)<=pt(30); l0x(22)<=pt(22); l0x(23)<=pt(14); l0x(24)<=pt(6);
l0x(25)<=pt(64); l0x(26)<=pt(56); l0x(27)<=pt(48); l0x(28)<=pt(40);
l0x(29)<=pt(32); l0x(30)<=pt(24); l0x(31)<=pt(16); l0x(32)<=pt(8);

r0x(1)<=pt(57); r0x(2)<=pt(49); r0x(3)<=pt(41);
r0x(4)<=pt(33);
r0x(5)<=pt(25); r0x(6)<=pt(17); r0x(7)<=pt(9);
r0x(8)<=pt(1);
r0x(9)<=pt(59); r0x(10)<=pt(51); r0x(11)<=pt(43); r0x(12)<=pt(35);
r0x(13)<=pt(27); r0x(14)<=pt(19); r0x(15)<=pt(11); r0x(16)<=pt(3);
r0x(17)<=pt(61); r0x(18)<=pt(53); r0x(19)<=pt(45); r0x(20)<=pt(37);
r0x(21)<=pt(29); r0x(22)<=pt(21); r0x(23)<=pt(13); r0x(24)<=pt(5);
r0x(25)<=pt(63); r0x(26)<=pt(55); r0x(27)<=pt(47); r0x(28)<=pt(39);
r0x(29)<=pt(31); r0x(30)<=pt(23); r0x(31)<=pt(15); r0x(32)<=pt(7);

end behavior;


15.vhd

library ieee;

use ieee.std_logic_1164.all;

entity fp is port
(
l,r : in std_logic_vector(1 to 32);
ct : out std_logic_vector(1 to 64)
);
end fp;

architecture behaviour of fp is
begin

ct(1)<=r(8); ct(2)<=l(8); ct(3)<=r(16);ct(4)<=l(16);ct(5)<=r(24);ct(6)<=l(24);
ct(7)<=r(32);ct(8)<=l(32);

ct(9)<=r(7); ct(10)<=l(7);ct(11)<=r(15); ct(12)<=l(15); ct(13)<=r(23);
ct(14)<=l(23); ct(15)<=r(31); ct(16)<=l(31);

ct(17)<=r(6);ct(18)<=l(6);ct(19)<=r(14); ct(20)<=l(14); ct(21)<=r(22);
ct(22)<=l(22); ct(23)<=r(30); ct(24)<=l(30);

ct(25)<=r(5);ct(26)<=l(5);ct(27)<=r(13); ct(28)<=l(13); ct(29)<=r(21);
ct(30)<=l(21); ct(31)<=r(29); ct(32)<=l(29);

ct(33)<=r(4);ct(34)<=l(4);ct(35)<=r(12); ct(36)<=l(12); ct(37)<=r(20);
ct(38)<=l(20); ct(39)<=r(28); ct(40)<=l(28);

ct(41)<=r(3);ct(42)<=l(3);ct(43)<=r(11); ct(44)<=l(11); ct(45)<=r(19);
ct(46)<=l(19); ct(47)<=r(27); ct(48)<=l(27);

ct(49)<=r(2);ct(50)<=l(2);ct(51)<=r(10); ct(52)<=l(10); ct(53)<=r(18);
ct(54)<=l(18); ct(55)<=r(26); ct(56)<=l(26);

ct(57)<=r(1);ct(58)<=l(1);ct(59)<=r(9);ct(60)<=l(9);ct(61)<=r(17);
ct(62)<=l(17); ct(63)<=r(25); ct(64)<=l(25);

3



end;


eysched.vhd


library ieee;

use ieee.std_logic_1164.all;

entity keysched is port
(
key : in std_logic_vector(1 to 64);
k1x,k2x,k3x,k4x,k5x,k6x,k7x,k8x,k9x,k10x,k11x,k12x,k13x,k14x,k15x,k16x
: out std_logic_vector(1 to 48)
);
end keysched;

architecture behaviour of keysched is
signal
c0x,c1x,c2x,c3x,c4x,c5x,c6x,c7x,c8x,c9x,c10x,c11x,c12x,c13x,c14x,c15x,c16x :
std_logic_vector(1 to 28);
signal
d0x,d1x,d2x,d3x,d4x,d5x,d6x,d7x,d8x,d9x,d10x,d11x,d12x,d13x,d14x,d15x,d16x :
std_logic_vector(1 to 28);

component pc1
port (
key : in std_logic_vector(1 TJ 64);
c0x,d0x : out std_logic_vector(1 TJ 28)
);
end component;

component pc2
port (
c,d : in std_logic_vector(1 TJ 28);
k : out std_logic_vector(1 TJ 48)
);
end component;

begin

pc_1: pc1 port map ( key=key, c0x=c0x, d0x=d0x );

c1x<=To_StdLogicVector(to_bitvector(c0x) rol 1);
d1x<=To_StdLogicVector(to_bitvector(d0x) rol 1);
c2x<=To_StdLogicVector(to_bitvector(c1x) rol 1);
d2x<=To_StdLogicVector(to_bitvector(d1x) rol 1);
c3x<=To_StdLogicVector(to_bitvector(c2x) rol 2);
d3x<=To_StdLogicVector(to_bitvector(d2x) rol 2);
c4x<=To_StdLogicVector(to_bitvector(c3x) rol 2);
d4x<=To_StdLogicVector(to_bitvector(d3x) rol 2);
c5x<=To_StdLogicVector(to_bitvector(c4x) rol 2);
d5x<=To_StdLogicVector(to_bitvector(d4x) rol 2);
c6x<=To_StdLogicVector(to_bitvector(c5x) rol 2);
d6x<=To_StdLogicVector(to_bitvector(d5x) rol 2);
c7x<=To_StdLogicVector(to_bitvector(c6x) rol 2);
d7x<=To_StdLogicVector(to_bitvector(d6x) rol 2);
c8x<=To_StdLogicVector(to_bitvector(c7x) rol 2);
d8x<=To_StdLogicVector(to_bitvector(d7x) rol 2);
c9x<=To_StdLogicVector(to_bitvector(c8x) rol 1);
d9x<=To_StdLogicVector(to_bitvector(d8x) rol 1);
c10x<=To_StdLogicVector(to_bitvector(c9x) rol 2);
d10x<=To_StdLogicVector(to_bitvector(d9x) rol 2);

38


c11x<=To_StdLogicVector(to_bitvector(c10x) rol 2);
d11x<=To_StdLogicVector(to_bitvector(d10x) rol 2);
c12x<=To_StdLogicVector(to_bitvector(c11x) rol 2);
d12x<=To_StdLogicVector(to_bitvector(d11x) rol 2);
c13x<=To_StdLogicVector(to_bitvector(c12x) rol 2);
d13x<=To_StdLogicVector(to_bitvector(d12x) rol 2);
c14x<=To_StdLogicVector(to_bitvector(c13x) rol 2);
d14x<=To_StdLogicVector(to_bitvector(d13x) rol 2);
c15x<=To_StdLogicVector(to_bitvector(c14x) rol 2);
d15x<=To_StdLogicVector(to_bitvector(d14x) rol 2);
c16x<=To_StdLogicVector(to_bitvector(c15x) rol 1);
d16x<=To_StdLogicVector(to_bitvector(d15x) rol 1);


pc2x1: pc2 port Map ( c=c1x, d=d1x, k=k1x );
pc2x2: pc2 port Map ( c=c2x, d=d2x, k=k2x );
pc2x3: pc2 port Map ( c=c3x, d=d3x, k=k3x );
pc2x4: pc2 port Map ( c=c4x, d=d4x, k=k4x );
pc2x5: pc2 port Map ( c=c5x, d=d5x, k=k5x );
pc2x6: pc2 port map ( c=c6x, d=d6x, k=k6x );
pc2x7: pc2 port map ( c=c7x, d=d7x, k=k7x );
pc2x8: pc2 port map ( c=c8x, d=d8x, k=k8x );
pc2x9: pc2 port map ( c=c9x, d=d9x, k=k9x );
pc2x10: pc2 port map ( c=c10x, d=d10x, k=k10x );
pc2x11: pc2 port map ( c=c11x, d=d11x, k=k11x );
pc2x12: pc2 port map ( c=c12x, d=d12x, k=k12x );
pc2x13: pc2 port map ( c=c13x, d=d13x, k=k13x );
pc2x14: pc2 port map ( c=c14x, d=d14x, k=k14x );
pc2x15: pc2 port map ( c=c15x, d=d15x, k=k15x );
pc2x16: pc2 port map ( c=c16x, d=d16x, k=k16x );
end behaviour;




74:nd1:nc.vhd

library ieee;

use ieee.std_logic_1164.all;

entity roundfunc is port
(
clk : in std_logic;
reset : in std_logic;
li,ri : in std_logic_vector(1 to 32);
k : in std_logic_vector(1 to 48);
lo,ro : out std_logic_vector(1 to 32)
);
end roundfunc;

architecture behaviour of roundfunc is
signal xp_to_xor : std_logic_vector(1 to 48);
signal b1x,b2x,b3x,b4x,b5x,b6x,b7x,b8x
: std_logic_vector(1 to 6);
signal so1x,so2x,so3x,so4x,so5x,so6x,so7x,so8x
: std_logic_vector(1 to 4);
signal ppo,r_toreg32,l_toreg32 : std_logic_vector(1 to 32);

component xp
port (
ri : in std_logic_vector(1 TJ 32);
e : out std_logic_vector(1 TJ 48)
);
end component;

39

b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)



component desxor1
port (
e : in std_logic_vector(1 TJ 48);
b1x,b2x,b3x,b4x,b5x,b6x,b7x,b8x
: out std_logic_vector (1 TJ 6);
k : in std_logic_vector (1 TJ 48)
);
end component;

component s1
port (
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end component;

component s2
port (
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end component;

component s3
port (
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end component;

component s4
port (
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end component;

component s5
port (
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end component;

component s6
port (


);
end component;

component s7
port (
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end component;

component s8
port (
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end component;

component pp

0


port (



);

so1x,so2x,so3x,so4x,so5x,so6x,so7x,so8x
: in std_logic_vector(1 to 4);
ppo : out std_logic_vector(1 to 32)
end component;

component desxor2
port (
d,l : in std_logic_vector(1 to 32);
q : out std_logic_vector(1 to 32)
);
end component;

component reg32
port (
a : in std_logic_vector (1 to 32);
q : out std_logic_vector (1 to 32);
reset : in std_logic;
clk : in std_logic
);

begin
end component;


xpension: xp port map ( ri=ri,
e=xp_to_xor );

des_xor1: desxor1 port map ( e=xp_to_xor,k=k,
b1x=b1x, b2x=b2x, b3x=b3x, b4x=b4x, b5x=b5x, b6x=b6x,
b7x=b7x, b8x=b8x );


s1a: s1 port map ( b=b1x, so=so1x
);

s2a: s2 port map ( b=b2x, so=so2x
);

s3a: s3 port map ( b=b3x, so=so3x
);

s4a: s4 port map ( b=b4x, so=so4x
);

s5a: s5 port map ( b=b5x, so=so5x
);

s6a: s6 port map ( b=b6x, so=so6x
);

s7a: s7 port map ( b=b7x, so=so7x
);

s8a: s8 port map ( b=b8x, so=so8x
);

pperm: pp port map ( so1x=so1x, so2x=so2x,
so3x=so3x, so4x=so4x, so5x=so5x, so6x=so6x, so7x=so7x, so8x=so8x,
ppo=ppo );

des_xor2: desxor2 port map ( d=ppo,
l=li, q=r_toreg32 );
l_toreg32<=ri;

register32_left: reg32 port map ( a=l_toreg32, q=lo,
reset=reset, clk=clk );
register32_right: reg32 port map ( a=r_toreg32, q=ro,
reset=reset, clk=clk );

end;

s1.vhd
library ieee;

1



use ieee.std_logic_1164.all;

entity s1 is port
(
b : in std_logic_vector(1 to 6);
so : out std_logic_vector(1 to 4)
);
end s1;

architecture behaviour of s1 is
begin

process(b)
begin
case b is
when "000000"= so<=To_StdLogicVector(Bit_Vector'(x"e"));
when "000010"= so<=To_StdLogicVector(Bit_Vector'(x"4"));
when "000100"= so<=To_StdLogicVector(Bit_Vector'(x"d"));
when "000110"= so<=To_StdLogicVector(Bit_Vector'(x"1"));
when "001000"= so<=To_StdLogicVector(Bit_Vector'(x"2"));
when "001010"= so<=To_StdLogicVector(Bit_Vector'(x"f"));
when "001100"= so<=To_StdLogicVector(Bit_Vector'(x"b"));
when "001110"= so<=To_StdLogicVector(Bit_Vector'(x"8"));
when "010000"= so<=To_StdLogicVector(Bit_Vector'(x"3"));
when "010010"= so<=To_StdLogicVector(Bit_Vector'(x"a"));
when "010100"= so<=To_StdLogicVector(Bit_Vector'(x"6"));
when "010110"= so<=To_StdLogicVector(Bit_Vector'(x"c"));
when "011000"= so<=To_StdLogicVector(Bit_Vector'(x"5"));
when "011010"= so<=To_StdLogicVector(Bit_Vector'(x"9"));
when "011100"= so<=To_StdLogicVector(Bit_Vector'(x"0"));
when "011110"= so<=To_StdLogicVector(Bit_Vector'(x"7"));
when "000001"= so<=To_StdLogicVector(Bit_Vector'(x"0"));
when "000011"= so<=To_StdLogicVector(Bit_Vector'(x"f"));
when "000101"= so<=To_StdLogicVector(Bit_Vector'(x"7"));
when "000111"= so<=To_StdLogicVector(Bit_Vector'(x"4"));
when "001001"= so<=To_StdLogicVector(Bit_Vector'(x"e"));
when "001011"= so<=To_StdLogicVector(Bit_Vector'(x"2"));
when "001101"= so<=To_StdLogicVector(Bit_Vector'(x"d"));
when "001111"= so<=To_StdLogicVector(Bit_Vector'(x"1"));
when "010001"= so<=To_StdLogicVector(Bit_Vector'(x"a"));
when "010011"= so<=To_StdLogicVector(Bit_Vector'(x"6"));
when "010101"= so<=To_StdLogicVector(Bit_Vector'(x"c"));
when "010111"= so<=To_StdLogicVector(Bit_Vector'(x"b"));
when "011001"= so<=To_StdLogicVector(Bit_Vector'(x"9"));
when "011011"= so<=To_StdLogicVector(Bit_Vector'(x"5"));
when "011101"= so<=To_StdLogicVector(Bit_Vector'(x"3"));
when "011111"= so<=To_StdLogicVector(Bit_Vector'(x"8"));
when "100000"= so<=To_StdLogicVector(Bit_Vector'(x"4"));
when "100010"= so<=To_StdLogicVector(Bit_Vector'(x"1"));
when "100100"= so<=To_StdLogicVector(Bit_Vector'(x"e"));
when "100110"= so<=To_StdLogicVector(Bit_Vector'(x"8"));
when "101000"= so<=To_StdLogicVector(Bit_Vector'(x"d"));
when "101010"= so<=To_StdLogicVector(Bit_Vector'(x"6"));
when "101100"= so<=To_StdLogicVector(Bit_Vector'(x"2"));
when "101110"= so<=To_StdLogicVector(Bit_Vector'(x"b"));
when "110000"= so<=To_StdLogicVector(Bit_Vector'(x"f"));
when "110010"= so<=To_StdLogicVector(Bit_Vector'(x"c"));
when "110100"= so<=To_StdLogicVector(Bit_Vector'(x"9"));
when "110110"= so<=To_StdLogicVector(Bit_Vector'(x"7"));
when "111000"= so<=To_StdLogicVector(Bit_Vector'(x"3"));
when "111010"= so<=To_StdLogicVector(Bit_Vector'(x"a"));
when "111100"= so<=To_StdLogicVector(Bit_Vector'(x"5"));
when "111110"= so<=To_StdLogicVector(Bit_Vector'(x"0"));
when "100001"= so<=To_StdLogicVector(Bit_Vector'(x"f"));
when "100011"= so<=To_StdLogicVector(Bit_Vector'(x"c"));
when "100101"= so<=To_StdLogicVector(Bit_Vector'(x"8"));

2


when "100111"= so<=To_StdLogicVector(Bit_Vector'(x"2"));
when "101001"= so<=To_StdLogicVector(Bit_Vector'(x"4"));
when "101011"= so<=To_StdLogicVector(Bit_Vector'(x"9"));
when "101101"= so<=To_StdLogicVector(Bit_Vector'(x"1"));
when "101111"= so<=To_StdLogicVector(Bit_Vector'(x"7"));
when "110001"= so<=To_StdLogicVector(Bit_Vector'(x"5"));
when "110011"= so<=To_StdLogicVector(Bit_Vector'(x"b"));
when "110101"= so<=To_StdLogicVector(Bit_Vector'(x"3"));
when "110111"= so<=To_StdLogicVector(Bit_Vector'(x"e"));
when "111001"= so<=To_StdLogicVector(Bit_Vector'(x"a"));
when "111011"= so<=To_StdLogicVector(Bit_Vector'(x"0"));
when "111101"= so<=To_StdLogicVector(Bit_Vector'(x"6"));
when others= so<=To_StdLogicVector(Bit_Vector'(x"d"));
end case;
end process;
end;

x5.vhd
library ieee;
use ieee.std_logic_1164.all;

entity xp is port
(
ri : in std_logic_vector(1 TJ 32);
e : out std_logic_vector(1 TJ 48));
end xp;

architecture behavior of xp is
begin
e(1)<=ri(32);e(2)<=ri(1); e(3)<=ri(2); e(4)<=ri(3); e(5)<=ri(4);
e(6)<=ri(5); e(7)<=ri(4); e(8)<=ri(5);
e(9)<=ri(6); e(10)<=ri(7);e(11)<=ri(8);e(12)<=ri(9);e(13)<=ri(8);
e(14)<=ri(9);e(15)<=ri(10); e(16)<=ri(11);
e(17)<=ri(12); e(18)<=ri(13); e(19)<=ri(12); e(20)<=ri(13);
e(21)<=ri(14); e(22)<=ri(15); e(23)<=ri(16); e(24)<=ri(17);
e(25)<=ri(16); e(26)<=ri(17); e(27)<=ri(18); e(28)<=ri(19);
e(29)<=ri(20); e(30)<=ri(21); e(31)<=ri(20); e(32)<=ri(21);
e(33)<=ri(22); e(34)<=ri(23); e(35)<=ri(24); e(36)<=ri(25);
e(37)<=ri(24); e(38)<=ri(25); e(39)<=ri(26); e(40)<=ri(27);
e(41)<=ri(28); e(42)<=ri(29); e(43)<=ri(28); e(44)<=ri(29);
e(45)<=ri(30); e(46)<=ri(31); e(47)<=ri(32); e(48)<=ri(1);
end behavior;


desx471.vhd

library ieee;

use ieee.std_logic_1164.all;

entity desxor1 is port
(
e : in std_logic_vector(1 TJ 48);
b1x,b2x,b3x,b4x,b5x,b6x,b7x,b8x
: out std_logic_vector (1 TJ 6);
k : in std_logic_vector (1 TJ 48)
);
end desxor1;

architecture behavior of desxor1 is
signal XX : std_logic_vector( 1 to 48);
begin
XX<=k xor e;
b1x<=XX(1 to 6);

3


b2x<=XX(7 to 12);
b3x<=XX(13 to 18);
b4x<=XX(19 to 24);
b5x<=XX(25 to 30);
b6x<=XX(31 to 36);
b7x<=XX(37 to 42);
b8x<=XX(43 to 48);
end behavior;


desx47.vhd

library ieee;

use ieee.std_logic_1164.all;

entity desxor2 is port
(
d,l : in std_logic_vector(1 to 32);
q : out std_logic_vector(1 to 32)
);
end desxor2;

architecture behaviour of desxor2 is
begin

end;
q<=d xor l;


5c1.vhd

library ieee;

use ieee.std_logic_1164.all;

entity pc1 is port
(
key : in std_logic_vector(1 TJ 64);
c0x,d0x : out std_logic_vector(1 TJ 28)
);
end pc1;

architecture behavior of pc1 is
signal XX : std_logic_vector(1 to 56);
begin
XX(1)<=key(57); XX(2)<=key(49); XX(3)<=key(41);
XX(4)<=key(33); XX(5)<=key(25); XX(6)<=key(17);
XX(7)<=key(9);
XX(8)<=key(1); XX(9)<=key(58); XX(10)<=key(50);
XX(11)<=key(42); XX(12)<=key(34); XX(13)<=key(26); XX(14)<=key(18);
XX(15)<=key(10); XX(16)<=key(2); XX(17)<=key (59);
XX(18)<=key(51); XX(19)<=key(43); XX(20)<=key(35); XX(21)<=key(27);
XX(22)<=key(19); XX(23)<=key(11); XX(24)<=key(3);

XX(25)<=key(60); XX(26)<=key(52); XX(27)<=key(44); XX(28)<=key(36);
XX(29)<=key(63); XX(30)<=key(55); XX(31)<=key(47); XX(32)<=key(39);
XX(33)<=key(31); XX(34)<=key(23); XX(35)<=key(15);

XX(36)<=key(7); XX(37)<=key(62); XX(38)<=key(54);
XX(39)<=key(46); XX(40)<=key(38); XX(41)<=key(30); XX(42)<=key(22);
XX(43)<=key(14); XX(44)<=key(6); XX(45)<=key(61);
XX(46)<=key(53); XX(47)<=key(45); XX(48)<=key(37); XX(49)<=key(29);
XX(50)<=key(21); XX(51)<=key(13); XX(52)<=key(5);
XX(53)<=key(28); XX(54)<=key(20); XX(55)<=key(12); XX(56)<=key(4);

c0x<=XX(1 to 28); d0x<=XX(29 to 56);
end behavior;





5c.vhd

library ieee;

use ieee.std_logic_1164.all;

entity pc2 is port
(
c,d : in std_logic_vector(1 TJ 28);
k : out std_logic_vector(1 TJ 48)
);
end pc2;

architecture behavior of pc2 is
signal YY : std_logic_vector(1 to 56);
begin
YY(1 to 28)<=c; YY(29 to 56)<=d;

k(1)<=YY(14);k(2)<=YY(17);k(3)<=YY(11);k(4)<=YY(24);k(5)<=YY(1);
k(6)<=YY(5);
k(7)<=YY(3); k(8)<=YY(28);k(9)<=YY(15);k(10)<=YY(6);k(11)<=YY(21);
k(12)<=YY(10);
k(13)<=YY(23);
k(17)<=YY(26);
k(14)<=YY(19);
k(18)<=YY(8);
k(15)<=YY(12); k(16)<=YY(4);
k(19)<=YY(16); k(20)<=YY(7);k(21)<=YY(27); k(22)<=YY(20);
k(23)<=YY(13); k(24)<=YY(2);

k(25)<=YY(41); k(26)<=YY(52); k(27)<=YY(31); k(28)<=YY(37);
k(29)<=YY(47); k(30)<=YY(55);

k(31)<=YY(30); k(32)<=YY(40); k(33)<=YY(51); k(34)<=YY(45);
k(35)<=YY(33); k(36)<=YY(48);

k(37)<=YY(44); k(38)<=YY(49); k(39)<=YY(39); k(40)<=YY(56);
k(41)<=YY(34); k(42)<=YY(53);

k(43)<=YY(46); k(44)<=YY(42); k(45)<=YY(50); k(46)<=YY(36);
k(47)<=YY(29); k(48)<=YY(32);

end behavior;



55.vhd


library ieee;

use ieee.std_logic_1164.all;

entity pp is port
(
so1x,so2x,so3x,so4x,so5x,so6x,so7x,so8x
: in std_logic_vector(1 to 4);
ppo : out std_logic_vector(1 to 32)
);
end pp;

architecture behaviour of pp is
signal XX : std_logic_vector(1 to 32);
begin
XX(1 to 4)<=so1x; XX(5 to 8)<=so2x; XX(9 to 12)<=so3x; XX(13 to
16)<=so4x;
XX(17 to 20)<=so5x; XX(21 to 24)<=so6x; XX(25 to 28)<=so7x; XX(29 to
32)<=so8x;

ppo(1)<=XX(16); ppo(2)<=XX(7); ppo(3)<=XX(20);
ppo(4)<=XX(21);

ppo(5)<=XX(29); ppo(6)<=XX(12); ppo(7)<=XX(28);
ppo(8)<=XX(17);


5


ppo(9)<=XX(1); ppo(10)<=XX(15); ppo(11)<=XX(23);
ppo(12)<=XX(26);

ppo(13)<=XX(5); ppo(14)<=XX(18); ppo(15)<=XX(31);
ppo(16)<=XX(10);








end;
ppo(17)<=XX(2); ppo(18)<=XX(8); ppo(19)<=XX(24);
ppo(20)<=XX(14);
ppo(21)<=XX(32); ppo(22)<=XX(27); ppo(23)<=XX(3);
ppo(24)<=XX(9);
ppo(25)<=XX(19); ppo(26)<=XX(13); ppo(27)<=XX(30); ppo(28)<=XX(6);
ppo(29)<=XX(22); ppo(30)<=XX(11); ppo(31)<=XX(4);
ppo(32)<=XX(25
6
7eg3.vhd

library ieee ;
use ieee.std_logic_1164.all;

entity reg32 is
port(
a : in std_logic_vector (1 to 32);
q : out std_logic_vector (1 to 32);
reset : in std_logic;
clk : in std_logic
);
end reg32;

architecture synth of reg32 is

signal memory : std_logic_vector (1 to 32) ;
begin
process(clk,reset)
begin
if(clk = '1' and clk'event) then

-- is assigned to the internal memory clock
pulse memory <= a;

end if;

if(reset = '1') then
memory <= (others = '0');
end if;

end process;
q <= memory;
end synth;


9es9-ench1.vhd

library IEEE;
use IEEE.STD_LJGIC_1164.ALL;
use ieee.numeric_std.all;
use IEEE.STD_LJGIC_ARITH.ALL;
use IEEE.STD_LJGIC_UNSIGNED.ALL;
use IEEE.std_logic_textio.all;

library STD;
use STD.textio.all;

entity test_desenc is end test_desenc;

architecture testbench of test_desenc is
component desenc port
(
pt : in std_logic_vector(1 TJ 64);
key : in std_logic_vector(1 TJ 64);
ct : out std_logic_vector(1 TJ 64);
reset : in std_logic;
clk : in std_logic
);
end component;

signal key : std_logic_vector(1 to 64);
signal pt : std_logic_vector(1 to 64);
signal ct : std_logic_vector(1 to 64);



signal clk : std_logic;
signal reset : std_logic;

begin
dut: desenc port map ( key=key, pt=pt, ct=ct, reset=reset,clk=clk );

process

variable rdline : line;
variable pt_tmp: std_logic_vector(64 downto 1);
file vector_file : text open read_mode is "input.txt";

begin
while not endfile(vector_file) loop
readline(vector_file, rdline);
read(rdline, pt_tmp);
pt <= pt_tmp;
key<=x"fedcba9876543210";
wait for 1 ns;
for j in 0 to 15 loop clk<='0'; wait for 250 ns;
clk<='1'; wait for 250 ns; end loop;
end loop;
wait;


end process;
end testbench;























REFEREACES




1. Beker H.J and Piper F.C 'Secure Speech Communications London, U.K.:
Academic, 1985.
2. Vanstone S.A, Menezes A.J, Oorschot P.C, 'Handbook oI Applied
Cryptography CRC Press, 199.
3. Arich, T. Eleuldj, M. Ecole Mohammadia d'Ingenieurs, Agdal-Rabat,
'Hardware implementations oI the data encryption standard, IEEE ConIerence
Morocco.
















8