Data Encryption Standard (DES)

Network Security

1
Data Encryption Standard (DES)
Objectives of the
Topic
• After completing this
topic, a student will
be able to
– describe data
encryption
standard.

2
Data Encryption Standard (DES)
Figures and material
in this topic have
been
• adapted from
“Network Security
Essentials:
Applications and
Standards”, 2014, by
William Stallings.

3
Data Encryption Standard (DES)
• A block cipher
processes plaintext
input in fixed-sized
blocks and produces a
block of ciphertext of
equal size for each
plaintext block.
• The two users share a
common encryption
key.
• DES is an example.
4
 Data Encryption Standard (DES)
Block Ciphers

5
Data Encryption Standard (DES)
• Data Encryption
Standard (DES) was
issued in 1977 as
Federal Information
Processing Standard
46 (FIPS 46) by the
National Institute of
Standards and
Technology (NIST).

6
Data Encryption Standard (DES)
DES Encryption
• Data are encrypted in
64-bit blocks using a
56-bit key.
• The algorithm
transforms 64-bit
input in a series of
steps into a 64-bit
output.

7
Data Encryption Standard (DES)
• There are two inputs
to the encryption
function: the plaintext
to be encrypted and
the key.
• The function expects a
64-bit key out of
which only 56 are
used; other 8 bits can
be set arbitrarily.

8
Data Encryption Standard (DES)
• Plaintext proceeds in
three phases.
• First, the 64-bit
plaintext passes
through an initial
permutation (IP) that
rearranges the bits to
produce the
permuted input.

9
Data Encryption Standard (DES)
• The 2nd phase consists
of 16 rounds of the
same function, which
involves both
permutation and
substitution functions.
• The output of the last
round consists of 64
bits that are a
function of the input
plaintext and the key.
10
Data Encryption Standard (DES)
• The left and right
halves of the output
are swapped to
produce preoutput.
• Finally, the preoutput
is passed through a
permutation that is
the inverse of the
initial permutation
function, to produce
the 64-bit ciphertext.
11
Data Encryption Standard (DES)
Subkey Generation
• Initially, the key is
passed through a
permutation function.
• Then, for each of the
16 rounds, a subkey
(Ki) is produced by the
combination of a left
circular shift and a
permutation.

12
Data Encryption Standard (DES)
• The permutation
function is the same
for each round, but a
different subkey is
produced because of
the repeated shifts of
the key bits.

13
 Data Encryption Standard (DES)
Working of DES

14
 Data Encryption Standard (DES)
Working of DES

15
Data Encryption Standard (DES)
DES Decryption
• It uses the same
algorithm as
encryption, except
that the application of
the subkeys is
reversed.
• Also, the initial and
final permutations are
reversed.

16
Data Encryption Standard (DES)
Concerns about DES
• 1.The algorithm itself
• Refers to the
possibility that
cryptanalysis is
possible by exploiting
the characteristics of
the algorithm

17
Data Encryption Standard (DES)
• 2.The use of a 56-bit
key
• 256 = 7.2 × 1016 keys
• Time required if PC
works at 109
decryptions/s, then
255 ns = 1.125 years.
• Time required if PC
works at 1013
decryptions/s, then 1
hour.
18
Data Encryption Standard (DES)
• DES finally proved
insecure in July 1998.
• Electronic Frontier
Foundation (EFF)
have broken it using a
machine that took less
End than three days.

19