The DES algorithm is called Data Encryption Standard, which was published by IBM in 1975. The DES algorithm has three entry parameters:Key, Data, Mode. Among them, the Key is 8 bytes in 64-bit, which is the Key of the DES algorithm; Data is also 8 bytes in 64-bit, which is the Data to be encrypted or decrypted; the Mode is DES, which can be encrypted or decrypted.
The DES algorithm converts a 64-bit plaintext input block to a 64-bit ciphertext output block, and uses a 64-bit key. The algorithm consists of two steps:
1. Initial replacement
The function is to recombine the 64-bit data blocks in bit mode, and divide the output into two parts: L0 and R0, each of which is 32-bit long, the replacement rule is to change the input 58th bits to 1st bits, and the 50th bits to 2nd bits ...... So far, the last one is the original 7th bits. L0 and R0 are the two parts after the transposition output, L0 is the left 32 bits of the output, and R0 is the right 32 bits,
For example, set the input value to D1D2D3 ...... D64, the result after initial replacement is: L0 = D58D50 ...... D8; R0 = D57D49 ...... D7.
2. Inverse replacement
After 16 iterations, we get L16 and R16. We use this as the input for Inverse replacement. The inverse replacement is the inverse operation of the initial replacement, and the ciphertext output is obtained.
Principle 2
Processing key:
Obtain a 64-bit key from the user. Each 8th-bit key has an odd number of "1" bits for correct parity. (If not specified in this document, it refers to binary digits)
Specific process:
The following table describes the relationship between the bit and the original key bit after the key is changed: (1) Ignore the check bit ).
57 49 41 33 25 17 9 1 58 50 42 34 26 18
10 2 59 51 43 35 27 19 11 3 60 52 44 36
63 55 47 39 31 23 15 7 62 54 38 30 22
14 6 61 53 45 37 29 21 13 5 28 20 12 4
Divide the transformed key into two parts: C [0] For the first 28 digits, and D [0] for the last 28 digits.
Calculate the sub-keys (16 in total), starting from I = 1.
C [I-1], D [I-1] were cyclically shifted to the left to generate C [I], D [I]. (16 times in total ).
The number of shifts to the left of each cycle is shown in the following table:
Round 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Number of digits 1 1 2 2 2 2 2 2 2 2 2 2 2 2 2 2 1
Concatenate C [I], D [I], and obtain a 56-digit number.
Perform the following Transformation to generate the 48-seat key K [I].
The conversion process is as follows:
14 17 11 24 1 5 3 28 15 6 21 10
23 19 12 4 26 8 16 7 27 20 13 2
41 52 31 37 47 55 30 40 51 45 33 48
44 49 39 56 34 53 46 42 50 36 29 32
1.2.3.3 calculate 16 sub-keys based on the preceding method.
Processing of 64-bit data blocks:
Divide the data into 64-bit data blocks, which are not 64-bit enough to be filled in an appropriate way.
Transform data blocks.
58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
Divide the transformed data block into the first and second parts. The first 32 digits are marked as L [0], and the last 32 digits are marked as R [0].
Use 16 sub-keys to encrypt data.
According to the following expansion function E, extend the 32-bit to 48-bit
32 1 2 3 4 5 5 6 7 8 9
8 9 10 11 12 13 12 13 14 15 16 17
16 17 18 19 20 21 20 21 22 23 24 25
24 25 26 27 28 29 29 30 31 32 1
Use E {R [I-1]} and K [I] for an exclusive or operation.
Divide the 48 digits into 8 6 digits. 1-6 bits are B [1], 7-12 bits are B [2], and 4-48 bits are B [8].
Replace B [j] With the value in the S Password box. Starting from j = 1. The value in the S Password box is 4 digits, a total of 8 S password boxes.
Take out the 1st and 6th bits of B [j] And concatenate them into a two-digit number. m. m is the number of columns used to replace the number of B [j] in the S Password box.
Take the 2nd to 5th bits of B [j] And concatenate them into a 4-digit number, which is recorded as n. N is the number of rows in the S Password box to replace the number of B [j.
Replace B [j] With the value S [j] [m] [n] in the S Password box. The eight S password boxes are as follows:
S-BOXE: S1
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 14 0 4 15
0001 1 4 15 1 12
0010 2 13 7 14 8
0011 3 1 4 8 2
0100 4 2 14 13 4
0101 5 15 2 6 9
0110 6 11 13 2 1
0111 7 8 1 11 7
1000 8 3 10 15 5
1001 9 10 6 12 11
1010 10 6 12 9 3
1011 11 12 11 7 14
1100 12 5 9 3 10
1101 13 9 5 10 0
1110 14 0 3 5 6
1111 15 7 8 0 13
S-BOXE: S2
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 15 3 0 13
0001 1 1 13 14 8
0010 2 8 4 7 10
0011 3 14 7 11 1
0100 4 6 15 10 3
0101 5 11 2 4 15
0110 6 3 8 13 4
0111 7 4 14 1 2
1000 8 9 12 5 11
1001 9 7 0 8 6
1010 10 2 1 12 7
1011 11 13 10 6 12
1100 12 12 6 9 0
1101 13 0 9 3 5
1110 14 5 11 2 14
1111 15 10 5 15 9
S-BOXE: S3
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 10 13 13 1
0001 1 0 7 6 10
0010 2 9 0 4 13
0011 3 14 9 9 0
0100 4 6 3 8 6
0101 5 3 4 15 9
0110 6 15 6 3 8
0111 7 5 10 0 7
1000 8 1 2 11 4
1001 9 13 8 1 15
1010 10 12 5 2 14
1011 11 7 14 12 3
1100 12 11 12 5 11
1101 13 4 11 10 5
1110 14 2 15 14 2
1111 15 8 1 7 12
S-BOXE: S4.
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 7 13 10 3
0001 1 13 8 6 15
0010 2 14 11 9 0
0011 3 3 5 0 6
0100 4 0 6 12 10
0101 5 6 15 11 1
0110 6 9 0 7 13
0111 7 10 3 13 8
1000 8 1 4 15 9
1001 9 2 7 1 4
1010 10 8 2 3 5
1011 11 5 12 14 11
1100 12 11 1 5 12
1101 13 12 10 2 7
1110 14 4 14 8 2
1111 15 15 9 4 14
S-BOXE: S5
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 2 14 4 11
0001 1 12 11 2 8
0010 2 4 2 1 12
0011 3 1 12 11 7
0100 4 7 4 10 1
0101 5 10 7 13 14
0110 6 11 13 7 2
0111 7 6 1 8 13
1000 8 8 5 15 6
1001 9 5 0 9 15
1010 10 3 15 12 0
1011 11 15 10 5 9
1100 12 13 3 6 10
1101 13 0 9 3 4
1110 14 14 8 0 5
1111 15 9 6 14 3
S-BOXE: S6.
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 12 10 9 4
0001 1 1 15 14 3
0010 2 10 4 15 2
0011 3 15 2 5 12
0100 4 9 7 2 9
0101 5 2 12 8 5
0110 6 6 9 12 15
0111 7 8 5 3 10
1000 8 0 6 7 11
1001 9 13 1 0 14
1010 10 3 13 4 1
1011 11 4 14 10 7
1100 12 14 0 1 6
1101 13 7 11 13 0
1110 14 5 3 11 8
1111 15 11 8 6 13
S-BOXE: S7
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 4 13 1 6
0001 1 11 0 4 11
0010 2 2 11 11 13
0011 3 14 7 13 8
0100 4 15 4 12 1
0101 5 0 9 3 4
0110 6 8 1 7 10
0111 7 13 10 14 7
1000 8 3 14 10 9
1001 9 12 3 15 5
1010 10 9 5 6 0
1011 11 7 12 8 15
1100 12 5 2 0 14
1101 13 10 15 5 2
1110 14 6 8 9 3
1111 15 1 6 2 12
S-BOXE: S8
Binary d1d6 =>; 00 01 10 11
\/D2.. d5 \/Dec 0 1 2 3
0000 0 13 1 7 2
0001 1 2 15 11 1
0010 2 8 13 4 14
0011 3 4 8 1 7
0100 4 6 10 9 4
0101 5 15 3 12 10
0110 6 11 7 14 8
0111 7 1 4 2 13
1000 8 10 12 0 15
1001 9 9 5 6 12
1010 10 3 6 10 9
1011 11 14 11 13 0
1100 12 5 0 15 3
1101 13 0 14 3 5
1110 14 12 9 5 6
1111 15 7 2 8 11
Return the first step until the eight data blocks are replaced.
Concatenates B [1] to B [8] to obtain a 32-digit number. Perform the following transformation on the number:
Bit goes to bit
16 1 2 17
7 2 8 18
20 3 24 19
21 4 14 20
29 5 32 21
12 6 27 22
28 7 3 23
17 8 9 24
1 9 19 25
15 10 13 26
23 11 30 27
26 12 6 28
5 13 22 29
18 14 11 30
31 15 4 31
10 16 25 32
The obtained result is an exclusive or operation with L [I-1. Returns the result to R [I].
Returns the value of R [I-1] to L [I].
From a loop execution until K [16] is also used.
Concatenates R [16] and L [16] to obtain a 64-digit number. Implement the inverse transformation of the II transformation for this number.
The preceding figure shows how the DES algorithm encrypts a 64-bit data block. The same process is used for decryption. You only need to reverse the 16 sub-keys. The application order is K [16], K [15], K [14],... K [1].
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
