Cryptography Reference
In-Depth Information
Adversary
Ciphertext
Y
Plaintext
X
Encryption
Decryption
Y
X
Key
K
K
CONFIDENTIAL
Generator
Figure 2.1. Symmetric encryption.
2.1
The Data Encryption Standard (DES)
DES is the Data Encryption Standard which was originally published by the NBS—
National Bureau of Standards—a branch of the Department of Commerce in the USA. 1
After a call for proposals, DES was originally proposed as a standard by IBM, based on a
previous cipher called LUCIFER developed by Horst Feistel. The US Government (and
particularly the NSA) contributed to the development. DES was adopted as a standard
and published in 1977 as a FIPS—Federal Information Processing Standard. 2 It was de-
veloped based on the need for security in electronic bank transactions. NIST did not re-
new the standard in 2004 and so the standard is now over. It is however still widely used.
In the seventies, the information technology business was mostly driven by hard-
ware industry (and not by software and service companies). DES was intended for
hardware implementations.
DES is a block cipher: it enables the encryption of 64-bit block plaintexts into
64-bit block ciphertexts by using a secret key. It is thus a family of permutations over
the set of 64-bit block strings. Encryption of messages of arbitrary length is done
through a mode of operation which is separately standardized (see Section 2.2).
The secret key is also a 64-bit string, but eight of these bits are not used at all.
Therefore, we usually say that DES uses secret keys of length 56 bits. 3
DES consists of a 16-round Feistel scheme. A Feistel scheme (named from the
author of the previous cipher LUCIFER which was based on a similar structure) is a
ladder structure which creates a permutation from a function. Actually, the input string
is split into two parts of equal length, and the image of one part through a round function
1
The NBS is now replaced by the NIST—National Institute of Standards and Technology.
2
The standard has been updated several times. The 1999 version is available as Ref. [5].
3
More precisely, the 64-bit key is represented as 8 bytes, and the most significant bit of every byte may be
used for parity check.
Search WWH ::




Custom Search