the S-box is retrieved and stored away. This is repeated with B[2] and S[2], B[3] and S[3], andthe others up to B[8] and S[8]. At this point, you now have 8 4-bit numbers, which when strungtogether one after the other in the order of retrieval, give a 32-bit result. 5. The result from the previous stage is now passed into the P Permutation. 6. This number is now XORed with L[I-1], and moved into R[I]. R[I-1] is moved into L[I]. 7. At this point we have a new L[I] and R[I]. Here, we increment I and repeat the core functionuntil I = 17, which means that 16 rounds have been executed and keys K[1]-K[16] have all beenused. When L[16] and R[16] have been obtained, they are joined back together in the same fashion theywere split apart (L[16] is the left-hand half, R[16] is the right-hand half), then the two halves areswapped, R[16] becomes the left-most 32 bits and L[16] becomes the right-most 32 bits of thepre-output block and the resultant 64-bit number is called the pre-output.The method described above will encrypt a block of plaintext and return a block of ciphertext. Inorder to decrypt the ciphertext and get the original plaintext again, the procedure is simplyrepeated but the subkeys are applied in reverse order, from K[16]-K[1]. That is, stage 2 of theCore Function as outlined above changes from R[I-1] XOR K[I] to R[I-1] XOR K[17-I]. Otherthan that, decryption is performed exactly the same as encryption. Modes of Operation ECB (Electronic Code Book) This is the regular DES algorithm, exactly as described above. Data is divided into 64-bitblocks and each block is encrypted one at a time. Separate encryptions with differentblocks are totally independent of each other. This means that if data is transmitted over anetwork or phone line, transmission errors will only affect the block containing the error.It also means, however, that the blocks can be rearranged, thus scrambling a file beyondrecognition, and this action would go undetected. ECB is the weakest of the variousmodes because no additional security measures are implemented besides the basic DESalgorithm. However, ECB is the fastest and easiest to implement, making it the mostcommon mode of DES seen in commercial applications. This is the mode of operationused by Private Encryptor. CBC (Cipher Block Chaining)
In this mode of operation, each block of ECB encrypted ciphertext is XORed with thenext plaintext block to be encrypted, thus making all the blocks dependent on all theprevious blocks. This means that in order to find the plaintext of a particular block, youneed to know the ciphertext, the key, and the ciphertext for the previous block. The firstblock to be encrypted has no previous ciphertext, so the plaintext is XORed with a 64-bitnumber called the Initialization Vector, or IV for short. So if data is transmitted over anetwork or phone line and there is a transmission error (adding or deleting bits), the errorwill be carried forward to all subsequent blocks since each block is dependent upon thelast. If the bits are just modified in transit (as is the more common case) the error will
You've reached the end of your free preview.
Want to read all 27 pages?
- Spring '16
- ScottBradner
- Cryptography, Cryptographic hash function, Block cipher
