Cryptography Reference
In-Depth Information
(32)
1
234
5678
9101112
13 14 15 16
17 18 19
(48)
1
2345678
9 101112
13 14 15 16
17 18 19
20 21 22 23 24 25 26 27
28
Figure 4.8:
Expansion permutation in DES rounds.
the following). This is also a rigid transformation and, analogous to the above
transformation, is called
expansion permutation
.
The cryptological background of the expansion permutation is the avalanche
effect mentioned earlier: every changed key or plaintext bit should influence
all ciphertext bits after as few rounds as possible. For this reason, it is better to
reduce the key to 48 bits and expand half the block, rather than XORing half
the block right way with a key reduced to 32 bits.
The expansion permutation is shown in Figure 4.8. We will look at it again in
Section 4.4.2.
The S-Boxes
The result achieved from the last XOR operation is a 48-bit block. We take these
48 bits and divide them into eight groups of 6 bits each; then we transform each
group using another S-box (short for 'substitution box'). These eight S-boxes
represent the most critical part of DES. Each S-box is a table consisting of 4
rows and 16 columns, and it converts 6 input bits into 4 output bits. You can
see an example of such an S-box in Figure 4.9.
We use this table as follows: if the input consists of six bits,
b
1
,...,b
6
, then
the number determined from
b
1
and
b
6
(2 bits
=
4 values) denotes the table
row, while the number determined from the four remaining bits (
b
2
b
3
b
4
b
5
)
2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
4 2 1 1 0 3 7 8 5 9 2 5 63 0 4
1 8 2 7 1 4 2 3 6 5 0 9 04 5 3
Figure 4.9:
S-box number 5 of DES.
