Computer Network | Data encryption standard (DES) | Set 1

Data encryption standard (DES) has been found vulnerable against very powerful attacks and therefore, the popularity of DES has been found slightly on decline.

DES is a block cipher, and encrypts data in blocks of size of 64 bit each, means 64 bits of plain text goes as the input to DES, which produces 64 bits of cipher text. The same algorithm and key are used for encryption and decryption, with minor differences. The key length is 56 bits. The basic idea is show in figure.

We have mention that DES uses a 56 bit key. Actually, the initial key consists of 64 bits. However, before the DES process even starts, every 8th bit of the key is discarded to produce a 56 bit key. That is bit position 8, 16, 24, 32, 40, 48, 56 and 64 are discarded.

Thus, the discarding of every 8th bit of the key produces a 56-bit key from the original 64-bit key.

DES is based on the two fundamental attributes of cryptography: substitution (also called as confusion) and transposition (also called as diffusion). DES consists of 16 steps, each of which is called as a round. Each round performs the steps of substitution and transposition. Let us now discuss the broad-level steps in DES.

  1. In the first step, the 64 bit plain text block is handed over to an initial Permutation (IP) function.
  2. The initial permutation performed on plain text.
  3. Next the initial permutation (IP) produces two halves of the permuted block; says Left Plain Text (LPT) and Right Plain Text (RPT).
  4. Now each LPT and RPT to go through 16 rounds of encryption process.
  5. In the end, LPT and RPT are rejoined and a Final Permutation (FP) is performed on the combined block
  6. The result of this process produces 64 bit cipher text.

Initial Permutation (IP) –
As we have noted, the Initial permutation (IP) happens only once and it happens before the first round. It suggests how the transposition in IP should proceed, as show in figure.

For example, it says that the IP replaces the first bit of the original plain text block with the 58th bit of the original plain text, the second bit with the 50th bit of the original plain text block and so on.

This is nothing but jugglery of bit positions of the original plain text block. the same rule applies for all the other bit positions which shows in the figure.

As we have noted after IP done, the resulting 64-bit permuted text block is divided into two half blocks. Each half block consists of 32 bits, and each of the 16 rounds, in turn, consists of the broad level steps outlined in figure.

Step-1: Key transformation –
We have noted initial 64-bit key is transformed into a 56-bit key by discarding every 8th bit of the initial key. Thus, for each a 56-bit key is available. From this 56-bit key, a different 48-bit Sub Key is generated during each round using a process called as key transformation. For this the 56 bit key is divided into two halves, each of 28 bits. These halves are circularly shifted left by one or two positions, depending on the round.

For example, if the round number 1, 2, 9 or 16 the shift is done by only position for other rounds, the circular shift is done by two positions. The number of key bits shifted per round is show in figure.

After an appropriate shift, 48 of the 56 bit are selected. for selecting 48 of the 56 bits the table show in figure given below. For instance, after the shift, bit number 14 moves on the first position, bit number 17 moves on the second position and so on. If we observe the table carefully, we will realize that it contains only 48 bit positions. Bit number 18 is discarded (we will not find it in the table), like 7 others, to reduce a 56-bit key to a 48-bit key. Since the key transformation process involves permutation as well as selection of a 48-bit sub set of the original 56-bit key it is called Compression Permutation.

Because of this compression permutation technique, a different subset of key bits is used in each round. That’s make DES not easy to crack.

Step-2: Expansion Permutation –
Recall that after initial permutation, we had two 32-bit plain text areas called as Left Plain Text(LPT) and Right Plain Text(RPT). During the expansion permutation, the RPT is expanded from 32 bits to 48 bits. Bits are permuted as well hence called as expansion permutation. This happens as the 32 bit RPT is divided into 8 blocks, with each block consisting of 4 bits. Then, each 4 bit block of the previous step is then expanded to a corresponding 6 bit block, i.e., per 4 bit block, 2 more bits are added.

This process results into expansion as well as permutation of the input bit while creating output. Key transformation process compresses the 56-bit key to 48 bits. Then the expansion permutation process expands the 32-bit RPT to 48-bits. Now the 48-bit key is XOR with 48-bit RPT and resulting output is given to the next step, which is the S-Box substitution.

using namespace std;
string hex2bin(string s){
        // hexadecimal to binary conversion
    unordered_map<char, string> mp;
    mp['0']= "0000";
    mp['1']= "0001";
    mp['2']= "0010";
    mp['3']= "0011";
    mp['4']= "0100";
    mp['5']= "0101";
    mp['6']= "0110";
    mp['7']= "0111";
    mp['8']= "1000";
    mp['9']= "1001";
    mp['A']= "1010";
    mp['B']= "1011";
    mp['C']= "1100";
    mp['D']= "1101";
    mp['E']= "1110";
    mp['F']= "1111";
    string bin="";
    for(int i=0; i<s.size(); i++){
        bin+= mp[s[i]];
    return bin;
string bin2hex(string s){
        // binary to hexadecimal conversion
    unordered_map<string, string> mp;
    mp["0000"]= "0";
    mp["0001"]= "1";
    mp["0010"]= "2";
    mp["0011"]= "3";
    mp["0100"]= "4";
    mp["0101"]= "5";
    mp["0110"]= "6";
    mp["0111"]= "7";
    mp["1000"]= "8";
    mp["1001"]= "9";
    mp["1010"]= "A";
    mp["1011"]= "B";
    mp["1100"]= "C";
    mp["1101"]= "D";
    mp["1110"]= "E";
    mp["1111"]= "F";
    string hex="";
    for(int i=0; i<s.length(); i+=4){
        string ch="";
        ch+= s[i];
        ch+= s[i+1];
        ch+= s[i+2];
        ch+= s[i+3];
        hex+= mp[ch];
    return hex;
string permute(string k, int* arr, int n){
    string per="";
    for(int i=0; i<n ; i++){
        per+= k[arr[i]-1];
    return per;
string shift_left(string k, int shifts){
    string s="";
    for(int i=0; i<shifts; i++){
        for(int j=1; j<28; j++){
            s+= k[j];
        s+= k[0];
        k= s;
    return k;
string xor_(string a, string b){
    string ans= "";
    for(int i=0; i<a.size(); i++){
            ans+= "0";
            ans+= "1";
    return ans;
string encrypt(string pt, vector<string> rkb, vector<string> rk){
    //Hexadecimal to binary 
    pt= hex2bin(pt);
    //Initial Permutation Table
    int initial_perm[64]= 
    {   58,50,42,34,26,18,10,2,
    //Initial Permutation
    pt= permute(pt, initial_perm, 64);
    cout<<"After initial permutation: "<<bin2hex(pt)<<endl;
    string left= pt.substr(0, 32);
    string right= pt.substr(32, 32);
    cout<<"After splitting: L0="<<bin2hex(left)
            <<" R0="<<bin2hex(right)<<endl;
    //Expansion D-box Table
    int exp_d[48]= 
    {   32,1,2,3,4,5,4,5,
    //S-box Table
    int s[8][4][16]=
    //Straight Permutation Table
    int per[32]=
    {   16,7,20,21,
    for(int i=0; i<16; i++){
        //Expansion D-box
        string right_expanded= permute(right, exp_d, 48);
        //XOR RoundKey[i] and right_expanded
        string x= xor_(rkb[i], right_expanded);
        string op="";
        for(int i=0;i<8; i++){
            int row= 2*int(x[i*6]-'0')+ int(x[i*6 +5]-'0');
            int col= 8*int(x[i*6 +1 ]-'0')+ 4*int(x[i*6 +2]-'0')+ 
                                 2*int(x[i*6 +3]-'0')+ int(x[i*6 +4]-'0');
            int val= s[i][row][col];
            op+= char(val/8+ '0');
            val= val%8;
            op+= char(val/4+ '0');
            val= val%4;
            op+= char(val/2+ '0');
            val= val%2;
            op+= char(val+ '0');
        //Straight D-box
        op= permute(op, per, 32);
        //XOR left and op
        x= xor_(op, left);
        left= x;
        if(i!= 15){
            swap(left, right);
        cout<<"Round "<<i+1<<" "<<bin2hex(left)<<" "
                              <<bin2hex(right)<<" "<<rk[i]<<endl;
    string combine= left+right;
    //Final Permutation Table
    int final_perm[64]= 
    {   40,8,48,16,56,24,64,32,
    //Final Permutation
    string cipher= bin2hex(permute(combine, final_perm, 64));
    return cipher;
int main(){
        // pt is plain text
    string pt, key;
    /*cout<<"Enter plain text(in hexadecimal): ";
    cout<<"Enter key(in hexadecimal): ";
    pt= "123456ABCD132536";
    key= "AABB09182736CCDD";
    //Key Generation
    //Hex to binary
    key= hex2bin(key);
    //Parity bit drop table
    int keyp[56]= 
    {   57,49,41,33,25,17,9,
    //getting 56 bit key from 64 bit using the parity bits
    key= permute(key, keyp, 56);// key without parity
    //Number of bit shifts 
    int shift_table[16]=
    {   1, 1, 2, 2,
        2, 2, 2, 2, 
        1, 2, 2, 2, 
        2, 2, 2, 1
    //Key- Compression Table
    int key_comp[48]=
    {   14,17,11,24,1,5,
    string left= key.substr(0, 28);
    string right= key.substr(28, 28);
    vector<string> rkb;//rkb for RoundKeys in binary
    vector<string> rk;//rk for RoundKeys in hexadecimal
    for(int i=0; i<16; i++){
        left= shift_left(left, shift_table[i]);
        right= shift_left(right, shift_table[i]);
        string combine= left + right;
        //Key Compression
        string RoundKey= permute(combine, key_comp, 48);
    cout<<" Encryption: ";
    string cipher= encrypt(pt, rkb, rk);
    cout<<" Cipher Text: "<<cipher<<endl;
    cout<<" Decryption ";
    reverse(rkb.begin(), rkb.end());
    reverse(rk.begin(), rk.end());
    string text= encrypt(cipher, rkb, rk);
    cout<<" Plain Text: "<<text<<endl;



After initial permutation: 14A7D67818CA18AD
After splitting: L0=14A7D678 R0=18CA18AD

Round 1 18CA18AD 5A78E394 194CD072DE8C
Round 2 5A78E394 4A1210F6 4568581ABCCE
Round 3 4A1210F6 B8089591 06EDA4ACF5B5
Round 4 B8089591 236779C2 DA2D032B6EE3
Round 5 236779C2 A15A4B87 69A629FEC913
Round 6 A15A4B87 2E8F9C65 C1948E87475E
Round 7 2E8F9C65 A9FC20A3 708AD2DDB3C0
Round 8 A9FC20A3 308BEE97 34F822F0C66D
Round 9 308BEE97 10AF9D37 84BB4473DCCC
Round 10 10AF9D37 6CA6CB20 02765708B5BF
Round 11 6CA6CB20 FF3C485F 6D5560AF7CA5
Round 12 FF3C485F 22A5963B C2C1E96A4BF3
Round 13 22A5963B 387CCDAA 99C31397C91F
Round 14 387CCDAA BD2DD2AB 251B8BC717D0
Round 15 BD2DD2AB CF26B472 3330C5D9A36D
Round 16 19BA9212 CF26B472 181C5D75C66D

Cipher Text: C0B7A8D05F3A829C


After initial permutation: 19BA9212CF26B472
After splitting: L0=19BA9212 R0=CF26B472

Round 1 CF26B472 BD2DD2AB 181C5D75C66D
Round 2 BD2DD2AB 387CCDAA 3330C5D9A36D
Round 3 387CCDAA 22A5963B 251B8BC717D0
Round 4 22A5963B FF3C485F 99C31397C91F
Round 5 FF3C485F 6CA6CB20 C2C1E96A4BF3
Round 6 6CA6CB20 10AF9D37 6D5560AF7CA5
Round 7 10AF9D37 308BEE97 02765708B5BF
Round 8 308BEE97 A9FC20A3 84BB4473DCCC
Round 9 A9FC20A3 2E8F9C65 34F822F0C66D
Round 10 2E8F9C65 A15A4B87 708AD2DDB3C0
Round 11 A15A4B87 236779C2 C1948E87475E
Round 12 236779C2 B8089591 69A629FEC913
Round 13 B8089591 4A1210F6 DA2D032B6EE3
Round 14 4A1210F6 5A78E394 06EDA4ACF5B5
Round 15 5A78E394 18CA18AD 4568581ABCCE
Round 16 14A7D678 18CA18AD 194CD072DE8C

Plain Text: 123456ABCD132536

Refer for – difference between AES and DES ciphers

This article is attributed to GeeksforGeeks.org

leave a comment



load comments

Subscribe to Our Newsletter