Computer Security MT24, DES cryptosystem

• DES is symmetric key cipher
• 64-bit plaintext
• 56-bit key
• Undergoes an initial fixed permutation $IP : \lbrace 0, 1 \rbrace^{64} \to \lbrace 0, 1 \rbrace^{64}$
• Consists of 16 round Feistel network:
  • $L _ {n+1} = R _ n$
  • $R _ {n+1} = F(K _ {n+1}, R _ n) \oplus L _ n$
• Each subkey $K _ n$ is a different selection of 48 bits from the key
• $F(K, R) = P(S(K \oplus E(R)))$ (funky kangaroos rap, publicly squawking karaoke every rave)
  • $E : \lbrace 0, 1\rbrace ^{32} \to \lbrace 0, 1\rbrace ^{48}$ is fixed “expansion permutation”, which permutes and duplicates some bits
  • $S : \lbrace 0, 1 \rbrace^{48} \to \lbrace 0, 1 \rbrace^{32}$ is a function which applies “$S$-boxes” $S _ 1, S _ 2, \ldots, S _ 8 : \lbrace 0, 1\rbrace ^6 \to \lbrace 0, 1\rbrace ^4$ and concatenates outputs $S(x) = S _ 1(x _ {[1:6]}) \parallel S _ 2(x _ {[7:12]}) \parallel \cdots \parallel S _ n(x _ {[43:48]})$ into one 32-bit block. Responsible for confusion.
• $P : \lbrace 0, 1\rbrace ^{32} \to \lbrace 0, 1\rbrace ^{32}$ is a fixed permutation of the 32 bits. Responsible for diffusion.
• Undergoes an final fixed permutation $FP : \lbrace 0, 1 \rbrace^{64} \to \lbrace 0, 1 \rbrace^{64}$

16