How to implement the
Data Encryption Standard (DES)
A step by step tutorial
Version 1.2
The Data Encryption Standard (DES) algorithm, adopted by the U.S.
government in 1977, is a block cipher that transforms 64-bit data blocks
under a 56-bit secret key, by means of permutation and substitution. It
is officially described in FIPS PUB 46. The DES algorithm is used for
many applications within the government and in the private sector.
This is a tutorial designed to be clear and compact, and to provide a
newcomer to the DES with all the necessary information to implement it
himself, without having to track down printed works or wade through C
source code. I welcome any comments.
Matthew Fischer <mfischer@heinous.isca.uiowa.edu>
;上面是介紹,我就不翻了。 ;)
Here's how to do it, step by step:
1 Process the key.
;產生密鑰
1.1 Get a 64-bit key from the user. (Every 8th bit is considered a
parity bit. For a key to have correct parity, each byte should contain
an odd number of "1" bits.)
;從使用者處得到一個64位的密鑰。(每8位一組,每組的第8位是校正位。如果校正
正確,每個位元組應該有一個為1的
1.2 Calculate the key schedule.
;計算密鑰表
1.2.1 Perform the following permutation on the 64-bit key. (The parity
bits are discarded, reducing the key to 56 bits. Bit 1 of the permuted
block is bit 57 of the original key, bit 2 is bit 49, and so on with bit
56 being bit 4 of the original key.)
;對64位的密鑰進行如下的置換。(去掉校正位,密鑰的實際長度是56位。置換後的
;第一位是原密鑰的第57位,第二位是原第49位,第五十六位就是原來密鑰的第4位。)
# 古怪的置換,哪位大哥能寫出算式?
# 好象是分成兩部
# for(j=57;j<64;j++)
# {
# for(i=j;i<0;i-=8)
# {
# if(k=28)
# break;
# c[k]=i;
# k++;
# }
# 這是前28位,不知道對不對?請指正。
1.2.2 Split the permuted key into two halves. The first 28 bits are
called C[0] and the last 28 bits are called D[0].
;把置換後的密鑰分為C[0] 和D[0]兩部分,各28位。
1.2.3 Calculate the 16 subkeys. Start with i = 1.
;計算16個子密鑰,從i=1開始。
1.2.3.1 Perform one or two circular left shifts on both C[i-1] and
D[i-1] to get C[i] and D[i], respectively. The number of shifts per
iteration are given in the table below.
;分別對C[i-1]和D[i-1]進行左移一到兩位的位移操作,得到C[i]和D[i]。每次
;位移數目如下:
# 共16次
1.2.3.2 Permute the concatenation C[i]D[i] as indicated below. This
will yield K[i], which is 48 bits long.
;如下表,改變C[i]和D[i]的排列,得到48位長的k[i]。
# 不懂 :(
# 是不是丟掉了某些位?
1.2.3.3 Loop back to 1.2.3.1 until K[16] has been calculated.
;重複 1.2.3.1 開始的過程,算出16個字密鑰。
2 Process a 64-bit data block.
;處理一個64位的資料區塊。
2.1 Get a 64-bit data block. If the block is shorter than 64 bits, it
should be padded as appropriate for the application.
;擷取一個64位的資料區塊。如果資料區塊不到64位,就補足64位。
# 可能是用0補吧。
2.2 Perform the following permutation on the data block.
;對資料區塊進行如下置換。
# 又是分成兩部分進行,先是偶數位。
# 比較簡單,算式就不寫了。
