Cryptography Reference
In-Depth Information
Note that every round key is a selection of 48 permuted bits of the input key k .
The key schedule is merely a method of realizing the 16 permutations systemati-
cally. Especially in hardware, the key schedule is very easy to implement. The key
schedule is also designed so that each of the 56 key bits is used in different round
keys; each bit is used in approximately 14 of the 16 round keys.
3.4 Decryption
One advantage of DES is that decryption is essentially the same function as en-
cryption. This is because DES is based on a Feistel network. Figure 3.15 shows a
block diagram for DES decryption. Compared to encryption, only the key schedule
is reversed, i.e., in decryption round 1, subkey 16 is needed; in round 2, subkey 15;
etc. Thus, when in decryption mode, the key schedule algorithm has to generate the
round keys as the sequence k 16 , k 15 ,..., k 1 .
Reversed Key Schedule
The first question that we have to clarify is how, given the initial DES key k , can we
easily generate k 16 ? Note that we saw above that C 0 = C 16 and D 0 = D 16 . Hence k 16
can be directly derived after PC
1.
k 16 = PC
2( C 16 , D 16 )
= PC
2( C 0 , D 0 )
= PC
2( PC
1( k ))
To compute k 15 we need the intermediate variables C 15 and D 15 , which can be de-
rived from C 16 , D 16 through cyclic right shifts (RS) :
k 15 = PC
2( C 15 , D 15 )
= PC
2( RS 2 ( C 16 ) , RS 2 ( D 16 ))
= PC
2( RS 2 ( C 0 ) , RS 2 ( D 0 ))
The subsequent round keys k 14 , k 13 ,..., k 1 are derived via right shifts in a similar
fashion. The number of bits shifted right for each round key in decryption mode
In decryption round 1, the key is not rotated.
In decryption rounds 2, 9, and 16 the two halves are rotated right by one bit.
In the other rounds 3, 4, 5, 6, 7, 8, 10, 11, 12, 13, 14 and 15 the two halves are
rotated right by two bits.
Figure 3.16 shows the reversed key schedule for decryption.
Search WWH ::




Custom Search