Cryptography Reference
In-Depth Information
The 6-bit input
b
1
b
2
b
3
b
4
b
5
b
6
is split into two parts
b
1
b
6
and
b
2
b
3
b
4
b
5
. The first
part
b
1
b
6
indicates which line to read: 00 is the first line, 01 the second, 10 the third,
and 11 the fourth. The second part
b
2
b
3
b
4
b
5
indicates which column to read in binary.
For instance, 0101 is column 5. The entry is the 4-bit output in decimal, to be converted
in binary. Hence the image of 001011 by
S
3
is 0100 (4).
The DES key schedule is done by the following algorithm. We use two registers
C
and
D
of 28 bits. The 56 key bits from
K
are first split into
C
and
D
following a fixed
bit selection table PC1. Each round then rotates the bits in
C
and
D
by
r
i
positions
depending on the round number
i
. (The
r
i
's are also defined by a table.) Then another
bit selection table PC2 takes 24 bits from each of the two registers and concatenates
them in order to make a round key.
PC1
−→
1:
K
(
C
,
D
)
2:
for
i
=
1to16
do
3:
C
←
ROL
r
i
(
C
)
4:
D
←
ROL
r
i
(
D
)
5:
K
i
←
PC2(
C
,
D
)
6:
end for
Here ROL
r
is a circular rotation of
r
bits to the left. The
r
i
's are defined by
i
123456789 0 1 2 3 4 5 6
r
i
112222221 2222221
Note that the sum of all
r
i
's is 28 so that we can generate the round keys in the decryption
ordering by starting with the same
C
and
D
and by running the loop backwards.
2.2
DES Modes of Operation
DES enables the encryption of 64-bit blocks. In order to encrypt plaintexts of arbi-
trary length, we have to use DES in a mode of operation. Several modes have been
standardized for DES (ECB, CBC, OFB, CFB, CTR) in Ref. [6].
2.2.1 Electronic Code Book (ECB)
The plaintext
x
is split into 64-bit blocks
x
1
,...,
x
n
, and the ciphertext
y
is the con-
catenation of encrypted blocks.
=
x
1
||
x
2
||···||
x
x
n
y
=
C
(
x
1
)
||
C
(
x
2
)
||···||
C
(
x
n
)
(See Fig. 2.5.) There are a few security problems.
Search WWH ::
Custom Search