Implementation of Des Algorithm
Implementation of Des Algorithm
Implementation of Des Algorithm
BACHELOR OF TECHNOLOGY
Bachelor of Technology
under our guidance
Mrs. Subhasree M.
Seminar Co-ordinator Faculty Dept.of Computer Engineering
Acknowledgement
I am deeply indebted to Mrs. Subhasree M. Senior Lecturer Depertment of Computer Science and Engineering, for all help, guidence and encouragement given for the project. I would like to express my sincere gratitude to my friends who have been constant source of help and encouragement. Tuhin Ranjan Maity
Abstract
To encrypt a text le and to decrypt the encrypted form of the le to get the original input text le. This encryption and decryption is done using the most widely used private key encryption scheme based on data encryption standard (DES) adopted in 1977 by National Bureau of Standards.It was designed by IBM based on their own Lucier cipher and input from NSA.For DES, data are encrypted in 64-bit blocks using a 56-bit key. The algorithm transforms 64-bit input in series of steps into a 64-bit output of cipher text. The same steps, with the same key, are used to reverse the encryption ie. for decryption. Implementation of the algorithm is done using C language.
ii
Contents
1 Introduction 2 Design Space of DES 2.1 DES Encryption . . . . 2.2 Details of single round 2.3 Key generation . . . . 2.4 DES decryption . . . . 3 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1 1 2 3 4 6
iii
Introduction
To protect condential message from public the DES algorithm is used which is basicaly a private key encryption scheme.DES is quite understandable and has some very elegent scheme. Basically it takes a 64 bit input plain text and produces a 64 bit cypher text by encrypton using a private key and which can be decrypted again to get the message using the same key. Here basically we use a 64 bit key is given as input, but in fact 56 bit is used as eective key.The rest 8 bits are used as the parity bit.This 56 bit key was suciently reliable at the time of implementation of DES algorithm.It was able to withstand brute-force attacs and recent work on dirential cryptanalysis seem to indicate that DES has a very strong internal structure.
To imlement DES algorithm we design the general depiction of DES encryption algorithm which consists of initial permutation of the 64 bit plain text and then goes through 16 rounds,where each round consists permutation and substitution of the text bit and the inputed key bit,and at last goes through a inverse initial permutation to get the 64 bit cyphertext.Decryption works by essentially runnig DES backwords,rst goes through an initial permutation with the same key generation in the opposite order that is the key generated in the last round is used rst and then goes through an nal permutation to undo the initial permutation.
2.1
DES Encryption
The 64-bit input is subjected to an initial permutation to obtain 64-bit result(ie. just the input with the bits shued). The 64-bit key is passed throw a permutation function to get the 56-bit key which is used to generate sixteen 48-bit per round keys, by taking a dierent 48-bit subset of the 56-bits for each of the keys. Each round takes as input the 64-bit output of the previous round, and the 48-bit per-round key, and produces a 64-bit output. After the 16th round, the 64-bit output has its halves swapped and is then subjected to another permutation, which happens to be the inverse of the initial permutation.
Round 1
K1 K2
permuted choice 2
Round 2
permuted choice 2
Round 16
K16
permuted choice 2
2.2
The left and right halves of each 64-bit intermediate value are treated as separate 32-bit quantities, labeled L (left) and R (right). The overall processing formulas at each round is as follows: Li =Ri -1 Ri =Li -1 XOR F ( Ri -1 , Ki ) The round key Ki is 48-bits. The R input is 32-bits. This R input is rst expanded to 48-bits using permutation plus an expansion table. The resulting 48-bits are XORed with Ki . This 48-bit result passes through a substitution function that produces a 32-bit output in each halves to get 64-bit output. The substitution consists of a set of eight S-boxes, in the mangler function F, each of which accepts 6-bits as input and produces 4-bits as output.
32 bits Li1
48 F
XOR Ki
48
Substitution/choice (S box)
48
32
Permutatuon (P)
32
XOR
Li
Ri
The bits of the 64-bit input key are numbered from 1 through 64 and every eighth bit is ignored. The key is rst subjected to permutation choice one, the resulting 56-bit key is then treated as two 28-bit quantities, labeled C0 and D0 . At each round , Ci -1 and Di -1 are separately subjected to a circular left shift or rotation of 1 or 2 bits that serve as input to next round and also to permuted choice two, which produces a 48-bit output that serves as input to the manglar function F(Ri-1 ,Ki ).
S1
S2
S3
S4
S5
S6
S7
S8
P 32 bits
28 bits Ci1
28 bits Di1
Left shift(s)
Left shift(s)
Ki ( 48 bit)
Ci
Di
Decryption works by essentially running DES backwards. To decrypt a block we rst run it through the initial permutation to undo the nal permutation (the initial and nal permutations are the inverses of each other). We do the same key generation, though we use the keys in 4
opposite order (rst we use K16 , the key generated at last). Then we run 16 rounds just like for encryption. After 16 rounds of decryption, the output has its halves swapped and is then subjected to the nal permutation (to undo the initial permutation).
32 bits Li1
48 F
XOR Ki
48
Substitution/choice (S box)
48
32
Permutatuon (P)
32
XOR
Li
Ri
Conclusion
Internet attackers often mask their identity by launching attacks not from their own computer, but from an intermediary host that they previously compromised, i.e., a stepping stone. By leveraging the distinct properties of interactive network trac, we have devised a steppingstone detection algorithm based on correlating the timing of the ON/OFF periods of dierent connections. The algorithm runs on a sites internet access link. It provides highly accurate, and has the major advantage of ignoring the data contents of the connections, which means both that it works for encrypted trac such as SSH, and that the packet capture load is greatly diminished since the packet lter need only record packet headers.
References
[1] Charlie Kaufman,Radia Perlman,Mike Speciner,Network Security,Prentice Hall PTR Pulication,Upper Saddle River,Newjersy 07458. [2] William Stalings,Cryptography and Network Security,Prentice Hall of India Private Limited,New Delhi 110001.