This preview shows page 1. Sign up to view the full content.
Unformatted text preview: nded to 48 bits via an expansion permutation, combined with 48 bits of a shifted and permuted key via an XOR, sent through 8 Sboxes producing 32 new bits, and permuted again. These four operations make up Function f. The output of Function f is then combined with the left half via another XOR. The result of these operations becomes the new right half; the old right half becomes the new left half. These operations are repeated 16 times, making 16 rounds of DES. If Bi is the result of the ith iteration, Li and Ri are the left and right halves of Bi, Ki is the 48bit key for round i, and f is the function that does all the substituting and permuting and XORing with the key, then a round looks like: Figure 12.1 DES. Li = Ri1 Ri = Li1 • f (Ri1, Ki) The Initial Permutation
The initial permutation occurs before round 1; it transposes the input block as described in Table 12.1. This table, like all the other tables in this chapter, should be read left to right, top to bottom. For example, the initial permutation moves bit 58 of the plaintext to bit position 1, bit 50 to bit position 2, bit 42 to bit position 3, and so forth. The initial permutation and the corresponding final permutation do not affect DES’s security. (As near as anyone can tell, its primary purpose is to make it easier to load plaintext and ciphertext data into a DES chip in bytesized pieces. Remember that DES predates 16bit or 32bit microprocessor busses.) Since this bitwise permutation is difficult in software (although it is trivial in hardware), many software implementations of DES leave out both the initial and final permutations. While this new algorithm is no less secure than DES, it does not follow the DES standard and should not be called DES. Figure 12.2 One round of DES. The Key Transformation
Initially, the 64bit DES key is reduced to a 56bit key by ignoring every eighth bit. This is described in Table 12.2. These bits can be used as parity check to ensure the key is errorfree. After the 56bit...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details