22-02-2011, 11:47 AM
crypto6.ppt (Size: 54 KB / Downloads: 141)
Data Encryption Standard (DES)
• Financial companies found the need for a cryptographic algorithm that would have the blessing of the US government (=NSA)
• First call for candidates in May 73, followed by a new call in August 74
• Not very many submissions (Why?)
– IBM submitted Lucifer
• NSA worked with IBM in redesigning the algorithm
DES
• DES became a federal standard in November 76
– NBS (NIST) hardware standard in January 77
– ANSI X3.92-1981 (hardware + software)
– ANSI X3.106-1983 (modes of operation)
– Australia AS2805.5-1985
• Used in most EFT and EFTPOS from banking industry
– It was reconfirmed as a standard for 5 years twice
– Currently 3DES is recommended
• The standard is public, the design criteria is classified
• One of the biggest controversies is the key size (56 bits)
– W Diffie, M Hellman "Exhaustive Cryptanalysis of the NBS Data Encryption Standard" IEEE Computer 10(6), June 1977, pp74-84
– M Hellman "DES will be totally insecure within ten years" IEEE Spectrum 16(7), Jul 1979, pp 31-41
• Another controversy: is there a back door?
• DES has proven a well designed code
• 56 bits has been proven inadequate
– EFF built a cracker for around $200,000
– Increase the key to 112 bits?
• The best way known to cryptanalyze DES is (after brute force) the differential analysis
– NSA new this from the design?
• Uses Feistel principle
• Many similarities with Lucifer
• Improves on the S-Boxes
Simple DES
• 8 bits block with a 10 bits key
• The encryption process is :
– Initial Permutation
– Function fk1
– Switch of the key halves
– Function fk2
– Final Permutation (inverse of initial permutation)
• Key generation
– Initial permutation P10
– Divide in left and right parts
– Left shift and Merge
– An 8 bits permutation, resulting in a 8 bits K1
– Divide in left and right parts
– Double left shift and Merge
– An 8 bits permutation, resulting in a 8 bits K2
• Structure of S-P boxes
– S-Boxes